Report - edukacija.centarznr.hr/Account/Login

Report Overview

Submitted URL
edukacija.centarznr.hr/Account/Login
IP
95.138.193.57
ASN
#29278 Deninet KFT
Submitted
2024-04-18 09:22:43
Access
public
Website Title
Prijava - CentarZNR
Final URL
edukacija.centarznr.hr/Account/Login
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-18	3.2 kB	88 kB	142.250.74.163
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-18	455 B	12 kB	142.250.74.106
edukacija.centarznr.hr	unknown	unknown	No data	No data	3.4 kB	793 kB	95.138.193.57

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	centarznr.hr	Sinkholed
2024-04-18	medium	centarznr.hr	Sinkholed
2024-04-18	medium	centarznr.hr	Sinkholed
2024-04-18	medium	centarznr.hr	Sinkholed
2024-04-18	medium	centarznr.hr	Sinkholed
2024-04-18	medium	centarznr.hr	Sinkholed
2024-04-18	medium	centarznr.hr	Sinkholed

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	edukacija.centarznr.hr/Content/SmartAdminTheme/js/app.bundle.js	56 kB	2023-06-14	2024-04-18
Pretty URL edukacija.centarznr.hr/Content/SmartAdminTheme/js/app.bundle.js IP 95.138.193.57 ASN #29278 Deninet KFT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-14 14:31:14 Last Seen2024-04-18 11:22:50 Times Seen4 Hash 3f8d8a40384c82853833f8d1cfbd5fe4 1a215bb1a40b7cd1a477e16e27b669324149d810 2b9f1da2e94980b6ed279e3c492c2e01e2024021d8645d561af493cb5735b69c Loading...

	edukacija.centarznr.hr/Account/Login	0 B	2023-03-07	2024-05-01
Pretty URL edukacija.centarznr.hr/Account/Login IP 95.138.193.57 ASN #29278 Deninet KFT Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-01 01:05:17 Times Seen37233747 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	edukacija.centarznr.hr/Content/SmartAdminTheme/js/vendors.bundle.js	791 kB	2023-06-14	2024-04-18
Pretty URL edukacija.centarznr.hr/Content/SmartAdminTheme/js/vendors.bundle.js IP 95.138.193.57 ASN #29278 Deninet KFT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-14 14:31:14 Last Seen2024-04-18 11:22:50 Times Seen4 Hash ae74d1370cebcb1ca69d5366e0fffef4 b83bed2cf1eb33e3f62bf96bff5668c29663eee7 f8823bf652f84a712c626081d3dde12dcd6ae0577cb641e24ded43a41d7dc738 Loading...

HTTP Transactions (14)

URL IP Response Size

edukacija.centarznr.hr/Account/Login

95.138.193.57

200 OK

7.6 kB

URL User Request GET HTTP/2
edukacija.centarznr.hr/Account/Login
IP
95.138.193.57:443
ASN
#29278 Deninet KFT

Certificate
IssuerLet's Encrypt
Subjectedukacija.centarznr.hr
Fingerprint39:DD:82:6E:6C:F6:A1:AA:0D:83:91:BB:E4:F2:A7:F4:27:E9:AC:D4
ValidityThu, 18 Apr 2024 07:47:43 GMT - Wed, 17 Jul 2024 07:47:42 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
7.6 kB (7635 bytes)
Hash
355f148766cb56780bedf91df263b5b4
bd8a866a30494346d3e53226a4c2a65833a3dc39
4cb642538b9032f696147c8e15e96319dac4b0c9eaf21269e6f4b9d7eb9ce255

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Account/Login HTTP/1.1
Host: edukacija.centarznr.hr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
server: Microsoft-IIS/10.0
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Thu, 18 Apr 2024 09:22:18 GMT
content-length: 7635
X-Firefox-Spdy: h2

edukacija.centarznr.hr/Content/site.css?=15

95.138.193.57

200 OK

1.5 kB

URL GET HTTP/2
edukacija.centarznr.hr/Content/site.css?=15
IP
95.138.193.57:443
ASN
#29278 Deninet KFT

Requested by
https://edukacija.centarznr.hr/Account/Login
Certificate
IssuerLet's Encrypt
Subjectedukacija.centarznr.hr
Fingerprint39:DD:82:6E:6C:F6:A1:AA:0D:83:91:BB:E4:F2:A7:F4:27:E9:AC:D4
ValidityThu, 18 Apr 2024 07:47:43 GMT - Wed, 17 Jul 2024 07:47:42 GMT

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.5 kB (1486 bytes)
Hash
bc6a56467f818af0a48b4682797a0c85
ad53b838fc37672a92e2583d986cf68abbdde033
70deaf6330fd7d8dfba7fff5b12c079bcb38c0a23cc503a8d3ddb062aafea6c9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Content/site.css?=15 HTTP/1.1
Host: edukacija.centarznr.hr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://edukacija.centarznr.hr/Account/Login
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Wed, 17 Jun 2020 14:12:36 GMT
accept-ranges: bytes
etag: "022c559b144d61:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Thu, 18 Apr 2024 09:22:18 GMT
content-length: 1486
X-Firefox-Spdy: h2

edukacija.centarznr.hr/Content/CZNR_Logo.svg

95.138.193.57

200 OK

2.4 kB

URL GET HTTP/2
edukacija.centarznr.hr/Content/CZNR_Logo.svg
IP
95.138.193.57:443
ASN
#29278 Deninet KFT

Requested by
https://edukacija.centarznr.hr/Account/Login
Certificate
IssuerLet's Encrypt
Subjectedukacija.centarznr.hr
Fingerprint39:DD:82:6E:6C:F6:A1:AA:0D:83:91:BB:E4:F2:A7:F4:27:E9:AC:D4
ValidityThu, 18 Apr 2024 07:47:43 GMT - Wed, 17 Jul 2024 07:47:42 GMT

File type
SVG Scalable Vector Graphics image
Size
2.4 kB (2431 bytes)
Hash
8cb46c1b4cefc17657ae6bd47143ca88
92e7a83c41c2c2e8831d28a4dfd7bb59534c0dc8
aeae35085a967059e66b387059ed73a0fc35b8449b1aea83f53772d410184cf9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Content/CZNR_Logo.svg HTTP/1.1
Host: edukacija.centarznr.hr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://edukacija.centarznr.hr/Account/Login
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 13:32:14 GMT
accept-ranges: bytes
etag: "083f8e80c6d71:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Thu, 18 Apr 2024 09:22:18 GMT
content-length: 2431
X-Firefox-Spdy: h2

edukacija.centarznr.hr/Content/SmartAdminTheme/js/app.bundle.js

95.138.193.57

200 OK

15 kB

URL GET HTTP/2
edukacija.centarznr.hr/Content/SmartAdminTheme/js/app.bundle.js
IP
95.138.193.57:443
ASN
#29278 Deninet KFT

Requested by
https://edukacija.centarznr.hr/Account/Login
Certificate
IssuerLet's Encrypt
Subjectedukacija.centarznr.hr
Fingerprint39:DD:82:6E:6C:F6:A1:AA:0D:83:91:BB:E4:F2:A7:F4:27:E9:AC:D4
ValidityThu, 18 Apr 2024 07:47:43 GMT - Wed, 17 Jul 2024 07:47:42 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size
15 kB (15331 bytes)
Hash
3f8d8a40384c82853833f8d1cfbd5fe4
1a215bb1a40b7cd1a477e16e27b669324149d810
2b9f1da2e94980b6ed279e3c492c2e01e2024021d8645d561af493cb5735b69c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Content/SmartAdminTheme/js/app.bundle.js HTTP/1.1
Host: edukacija.centarznr.hr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://edukacija.centarznr.hr/Account/Login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Sat, 16 Nov 2019 20:22:36 GMT
accept-ranges: bytes
etag: "0ce9995bb9cd51:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Thu, 18 Apr 2024 09:22:18 GMT
content-length: 15331
X-Firefox-Spdy: h2

edukacija.centarznr.hr/Content/SmartAdminTheme/js/vendors.bundle.js

95.138.193.57

200 OK

200 kB

URL GET HTTP/2
edukacija.centarznr.hr/Content/SmartAdminTheme/js/vendors.bundle.js
IP
95.138.193.57:443
ASN
#29278 Deninet KFT

Requested by
https://edukacija.centarznr.hr/Account/Login
Certificate
IssuerLet's Encrypt
Subjectedukacija.centarznr.hr
Fingerprint39:DD:82:6E:6C:F6:A1:AA:0D:83:91:BB:E4:F2:A7:F4:27:E9:AC:D4
ValidityThu, 18 Apr 2024 07:47:43 GMT - Wed, 17 Jul 2024 07:47:42 GMT

File type
JavaScript source, ASCII text, with very long lines (610)
Size
200 kB (200027 bytes)
Hash
ae74d1370cebcb1ca69d5366e0fffef4
b83bed2cf1eb33e3f62bf96bff5668c29663eee7
f8823bf652f84a712c626081d3dde12dcd6ae0577cb641e24ded43a41d7dc738

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Content/SmartAdminTheme/js/vendors.bundle.js HTTP/1.1
Host: edukacija.centarznr.hr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://edukacija.centarznr.hr/Account/Login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Sat, 16 Nov 2019 20:22:38 GMT
accept-ranges: bytes
etag: "0fbca96bb9cd51:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Thu, 18 Apr 2024 09:22:18 GMT
content-length: 200027
X-Firefox-Spdy: h2

edukacija.centarznr.hr/Content/Smartadmin?v=wj2jKcNDWs96rblXyDrZjry0Vjor3Pq4-8WIAX0FooM1

95.138.193.57

200 OK

563 kB

URL GET HTTP/2
edukacija.centarznr.hr/Content/Smartadmin?v=wj2jKcNDWs96rblXyDrZjry0Vjor3Pq4-8WIAX0FooM1
IP
95.138.193.57:443
ASN
#29278 Deninet KFT

Requested by
https://edukacija.centarznr.hr/Account/Login
Certificate
IssuerLet's Encrypt
Subjectedukacija.centarznr.hr
Fingerprint39:DD:82:6E:6C:F6:A1:AA:0D:83:91:BB:E4:F2:A7:F4:27:E9:AC:D4
ValidityThu, 18 Apr 2024 07:47:43 GMT - Wed, 17 Jul 2024 07:47:42 GMT

File type
ASCII text, with very long lines (572), with CRLF, LF line terminators
Size
563 kB (562942 bytes)
Hash
4207cce7599afb6ee8bcb9009bd472e2
9cd7545c9bf6bdc65c51fe2aa78b9373f9084d0a
9d0c9d4dce97a6231c91e9acfdbda796ff5808b4aa9709b7790b4edc7b4f80d0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Content/Smartadmin?v=wj2jKcNDWs96rblXyDrZjry0Vjor3Pq4-8WIAX0FooM1 HTTP/1.1
Host: edukacija.centarznr.hr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://edukacija.centarznr.hr/Account/Login
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public
content-type: text/css; charset=utf-8
expires: Fri, 18 Apr 2025 09:22:18 GMT
last-modified: Thu, 18 Apr 2024 09:22:18 GMT
vary: User-Agent
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Thu, 18 Apr 2024 09:22:18 GMT
content-length: 562942
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.163

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://edukacija.centarznr.hr/Account/Login
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://edukacija.centarznr.hr
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:32:53 GMT
expires: Fri, 18 Apr 2025 02:32:53 GMT
cache-control: public, max-age=31536000
age: 24566
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

142.250.74.163

200 OK

12 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://edukacija.centarznr.hr/Account/Login
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11872, version 1.0
Size
12 kB (11872 bytes)
Hash
87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://edukacija.centarznr.hr
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:19:30 GMT
expires: Wed, 16 Apr 2025 01:19:30 GMT
cache-control: public, max-age=31536000
age: 201769
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

142.250.74.163

200 OK

12 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://edukacija.centarznr.hr/Account/Login
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11800, version 1.0
Size
12 kB (11800 bytes)
Hash
e36fccd06262bef92e7a9841e2202225
b907dd02819497b3942220e0aa160c167195506b
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://edukacija.centarznr.hr
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11800
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:54:42 GMT
expires: Fri, 18 Apr 2025 02:54:42 GMT
cache-control: public, max-age=31536000
age: 23257
last-modified: Wed, 11 May 2022 19:25:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

142.250.74.163

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://edukacija.centarznr.hr/Account/Login
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://edukacija.centarznr.hr
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:45:33 GMT
expires: Fri, 18 Apr 2025 02:45:33 GMT
cache-control: public, max-age=31536000
age: 23806
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://edukacija.centarznr.hr/Account/Login
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://edukacija.centarznr.hr
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:37:01 GMT
expires: Fri, 18 Apr 2025 02:37:01 GMT
cache-control: public, max-age=31536000
age: 24318
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2

142.250.74.163

200 OK

12 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://edukacija.centarznr.hr/Account/Login
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11796, version 1.0
Size
12 kB (11796 bytes)
Hash
716871ec15f054ec158445180fe280e1
d7d746e03e49f7e10ca0b11e598f3d6db5e34a2b
b076e86301cbee8c5c9aef51863a9c0a88e6f6d2aabdffca93e031113c6caa74

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://edukacija.centarznr.hr
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:14 GMT
expires: Fri, 18 Apr 2025 02:35:14 GMT
cache-control: public, max-age=31536000
age: 24425
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

edukacija.centarznr.hr/favicon.ico

95.138.193.57

200 OK

1.2 kB

URL GET HTTP/2
edukacija.centarznr.hr/favicon.ico
IP
95.138.193.57:443
ASN
#29278 Deninet KFT

Requested by
https://edukacija.centarznr.hr/Account/Login
Certificate
IssuerLet's Encrypt
Subjectedukacija.centarznr.hr
Fingerprint39:DD:82:6E:6C:F6:A1:AA:0D:83:91:BB:E4:F2:A7:F4:27:E9:AC:D4
ValidityThu, 18 Apr 2024 07:47:43 GMT - Wed, 17 Jul 2024 07:47:42 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
b982cd6d0edc5eb16ecb2dffec426bf3
4c94b113d9b43bb73759cb733c7b62be3e76cb84
129bf81e1dca41226ce16579cc146c74bf37b5fea2733789d58d051533ee4629

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: edukacija.centarznr.hr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://edukacija.centarznr.hr/Account/Login
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/x-icon
last-modified: Wed, 20 Nov 2019 19:04:44 GMT
accept-ranges: bytes
etag: "02e865ed59fd51:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Thu, 18 Apr 2024 09:22:19 GMT
content-length: 1150
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,500,700,900

142.250.74.106

200 OK

11 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://edukacija.centarznr.hr/Account/Login
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text
Size
11 kB (10922 bytes)
Hash
7e0ccef3dc4aec88ac427335f2659b66
6fc009831be3b3830f032662360cbb9f72f59d4c
14fa9e2dcf11020036faa3a26e24de0fc5c0edc4b34867b7c38b503158bac52c

HTTP Headers

GET /css?family=Roboto:300,400,500,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://edukacija.centarznr.hr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 09:22:18 GMT
date: Thu, 18 Apr 2024 09:22:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (14)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN