Report - xcockpit.cycraft.ai

Report Overview

Submitted URL
xcockpit.cycraft.ai
IP
143.204.55.10
ASN
#16509 AMAZON-02
Submitted
2024-04-26 08:27:25
Access
public
Website Title
XCockpit
Final URL
xcockpit.cycraft.ai/login?next=/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
xcockpit.cycraft.ai	unknown	unknown	No data	No data	4.8 kB	22 MB	143.204.55.56
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-26	1.7 kB	106 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-25	2.3 kB	19 MB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	fonts.googleapis.com/css2?family=Orbitron:wght@500&display=swap	meth_get_eip

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	xcockpit.cycraft.ai/static/main.ea0a00ad.js	3.8 MB	2024-04-24	2024-04-26
Pretty URL xcockpit.cycraft.ai/static/main.ea0a00ad.js IP 143.204.55.56 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 05:33:58 Last Seen2024-04-26 11:42:12 Times Seen7 Hash 4a35f5e32c6bbfd0ddc4d6537a093a4d 784bac2bffb4fa9699c365d868785ae99c6fc562 955de3b04352f7fae1ca97306745bba0ada4c7f63d00a4c596b92e31f24b632c Loading...

	xcockpit.cycraft.ai/static/Login.c720b81b.chunk.js	7.5 kB	2024-04-24	2024-04-26
Pretty URL xcockpit.cycraft.ai/static/Login.c720b81b.chunk.js IP 143.204.55.56 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 05:33:59 Last Seen2024-04-26 11:42:12 Times Seen4 Hash 793ff70071a8d5285e356bb516f66e6d e4858276c89fa3cc133dca1b6ed4d5c82358f3d5 0a7eedd07991449851a75c48e58bf0898fa3738706d92234745dd0d2a3881ae0 Loading...

HTTP Transactions (17)

URL IP Response Size

xcockpit.cycraft.ai/

143.204.55.56

200 OK

376 B

URL User Request GET HTTP/2
xcockpit.cycraft.ai/
IP
143.204.55.56:443
ASN
#16509 AMAZON-02

Certificate
IssuerSectigo Limited
Subject*.cycraft.ai
Fingerprint58:13:CF:B4:B8:8C:39:79:4F:CF:07:C3:3E:6A:BB:F9:B1:95:05:CF
ValidityFri, 26 May 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (376), with no line terminators
Size
376 B (376 bytes)
Hash
a05d73fbab3cde57290d787bc57a919f
27a11ce22e7f31b6ecba8600a0ed5e52e1552a4d
df05c4abd68baec510262c382506c9a58cc276d134491ae857da52026b66182a

HTTP Headers

GET / HTTP/1.1
Host: xcockpit.cycraft.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 376
server: nginx/1.25.0
date: Fri, 26 Apr 2024 08:26:17 GMT
last-modified: Tue, 23 Apr 2024 09:32:26 GMT
etag: "6627802a-178"
expires: Fri, 26 Apr 2024 08:26:17 GMT
cache-control: max-age=0, no-cache
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4wNXGjvAT3a6V-3h45VS9ifZjd8pJIQ7LhUecK90zCdoekx3r-Q-VQ==
X-Firefox-Spdy: h2

xcockpit.cycraft.ai/favicon.ico

143.204.55.56

200 OK

15 kB

URL GET HTTP/2
xcockpit.cycraft.ai/favicon.ico
IP
143.204.55.56:443
ASN
#16509 AMAZON-02

Requested by
https://xcockpit.cycraft.ai/
Certificate
IssuerSectigo Limited
Subject*.cycraft.ai
Fingerprint58:13:CF:B4:B8:8C:39:79:4F:CF:07:C3:3E:6A:BB:F9:B1:95:05:CF
ValidityFri, 26 May 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
15 kB (15406 bytes)
Hash
cffdd018d87176efe25d885d4f2f8234
f00910a8ebf06c21d5e070c4ed6ff5d140d20473
b7136fdf42e4f656974ee3cb38c4e6b3e248a0cc61365bf4b7be15b3635e7136

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: xcockpit.cycraft.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xcockpit.cycraft.ai/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/x-icon
content-length: 15406
server: nginx/1.25.0
date: Fri, 26 Apr 2024 08:26:18 GMT
last-modified: Tue, 23 Apr 2024 09:32:26 GMT
etag: "6627802a-3c2e"
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7rpXcFEfzpa6em9KhuWALAoB-HiaGMgyvwGBEkaWjvRRYPLWl_iVOg==
X-Firefox-Spdy: h2

xcockpit.cycraft.ai/_api/myaccount

143.204.55.56

302 Found

0 B

URL GET HTTP/2
xcockpit.cycraft.ai/_api/myaccount
IP
143.204.55.56:443
ASN
#16509 AMAZON-02

Requested by
https://xcockpit.cycraft.ai/
Certificate
IssuerSectigo Limited
Subject*.cycraft.ai
Fingerprint58:13:CF:B4:B8:8C:39:79:4F:CF:07:C3:3E:6A:BB:F9:B1:95:05:CF
ValidityFri, 26 May 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /_api/myaccount HTTP/1.1
Host: xcockpit.cycraft.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
sentry-trace: c1fdf42aed8c4e6987708b4a6f66865e-82c2d9fbceb04345-1
baggage: sentry-environment=production,sentry-public_key=9eb1bc42ad774139a34e41e3a0ca3794,sentry-trace_id=c1fdf42aed8c4e6987708b4a6f66865e,sentry-sample_rate=1,sentry-sampled=true
DNT: 1
Connection: keep-alive
Referer: https://xcockpit.cycraft.ai/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=utf-8
content-length: 0
server: nginx/1.25.0
date: Fri, 26 Apr 2024 08:26:23 GMT
location: /?next=/_api/myaccount
x-frame-options: DENY
vary: Accept-Language, Cookie
content-language: en
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: W5W8O6vpvFdVn0Z7WGij-Rw0imV5icNoTePOW5Reg4XONRQRvZYPBg==
X-Firefox-Spdy: h2

xcockpit.cycraft.ai/?next=/_api/myaccount

143.204.55.56

200 OK

376 B

URL GET HTTP/2
xcockpit.cycraft.ai/?next=/_api/myaccount
IP
143.204.55.56:443
ASN
#16509 AMAZON-02

Requested by
https://xcockpit.cycraft.ai/
Certificate
IssuerSectigo Limited
Subject*.cycraft.ai
Fingerprint58:13:CF:B4:B8:8C:39:79:4F:CF:07:C3:3E:6A:BB:F9:B1:95:05:CF
ValidityFri, 26 May 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (376), with no line terminators
Size
376 B (376 bytes)
Hash
a05d73fbab3cde57290d787bc57a919f
27a11ce22e7f31b6ecba8600a0ed5e52e1552a4d
df05c4abd68baec510262c382506c9a58cc276d134491ae857da52026b66182a

HTTP Headers

GET /?next=/_api/myaccount HTTP/1.1
Host: xcockpit.cycraft.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
sentry-trace: c1fdf42aed8c4e6987708b4a6f66865e-82c2d9fbceb04345-1
baggage: sentry-environment=production,sentry-public_key=9eb1bc42ad774139a34e41e3a0ca3794,sentry-trace_id=c1fdf42aed8c4e6987708b4a6f66865e,sentry-sample_rate=1,sentry-sampled=true
Referer: https://xcockpit.cycraft.ai/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html
content-length: 376
server: nginx/1.25.0
date: Fri, 26 Apr 2024 08:26:23 GMT
last-modified: Tue, 23 Apr 2024 09:32:26 GMT
etag: "6627802a-178"
expires: Fri, 26 Apr 2024 08:26:23 GMT
cache-control: max-age=0, no-cache
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uAzYi-XjmCzbmzYddYNYT7WYYvV8_HI_O0_X6c6NbOEF40VVWkclcg==
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.227

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://xcockpit.cycraft.ai/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xcockpit.cycraft.ai
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:00:52 GMT
expires: Sat, 26 Apr 2025 06:00:52 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 8731
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto+Mono:wght@500;700&display=swap

142.250.74.106

200 OK

696 B

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto+Mono:wght@500;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://xcockpit.cycraft.ai/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
gzip compressed data, max compression
Size
696 B (696 bytes)
Hash
a693484f9209e65b81b553c8ed819ac2
22f99026b94cff22caaa471a35eefb6316e69561
04a5bad54fa62c49d6dd47dd38135937576fa974c6da47dd6566e0c58de038ba

HTTP Headers

GET /css2?family=Roboto+Mono:wght@500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xcockpit.cycraft.ai/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 08:26:21 GMT
date: Fri, 26 Apr 2024 08:26:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.227

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://xcockpit.cycraft.ai/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xcockpit.cycraft.ai
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:00:52 GMT
expires: Sat, 26 Apr 2025 06:00:52 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 8732
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosanstc/v35/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.89.woff2

216.58.207.227

200 OK

10 kB

URL GET HTTP/2
fonts.gstatic.com/s/notosanstc/v35/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.89.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://xcockpit.cycraft.ai/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 10372, version 1.0
Size
10 kB (10372 bytes)
Hash
c30f89c45d6227f083d239e81b50ed84
e3730f156d816f182c4c7b7144b10c990a48a7d9
309107cf4a0c284a84aa82888d7afe0738ed7d81faa1d493302f2b7df91987ef

HTTP Headers

GET /s/notosanstc/v35/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.89.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xcockpit.cycraft.ai
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff2
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10372
date: Fri, 26 Apr 2024 08:26:24 GMT
expires: Sat, 26 Apr 2025 08:26:24 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 15 Aug 2023 18:44:42 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

xcockpit.cycraft.ai/sentry/api/20/envelope/?sentry_key=9eb1bc42ad774139a34e41e3a0ca3794&sentry_version=7&sentry_client=sentry.javascript.react%2F7.93.0

143.204.55.56

200 OK

41 B

URL POST HTTP/2
xcockpit.cycraft.ai/sentry/api/20/envelope/?sentry_key=9eb1bc42ad774139a34e41e3a0ca3794&sentry_version=7&sentry_client=sentry.javascript.react%2F7.93.0
IP
143.204.55.56:443
ASN
#16509 AMAZON-02

Requested by
https://xcockpit.cycraft.ai/
Certificate
IssuerSectigo Limited
Subject*.cycraft.ai
Fingerprint58:13:CF:B4:B8:8C:39:79:4F:CF:07:C3:3E:6A:BB:F9:B1:95:05:CF
ValidityFri, 26 May 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type
JSON text data
Size
41 B (41 bytes)
Hash
fbe0dc4a5894019c81d6df37c78a1144
6668f2c57280b3645c0507f730e5b3c95cdf8f35
81ae10365d1bb5b056a7a629429b2bf78f7fbcd4950984d82cd5e90f9fda67a0

HTTP Headers

POST /sentry/api/20/envelope/?sentry_key=9eb1bc42ad774139a34e41e3a0ca3794&sentry_version=7&sentry_client=sentry.javascript.react%2F7.93.0 HTTP/1.1
Host: xcockpit.cycraft.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xcockpit.cycraft.ai/
Content-Type: text/plain;charset=UTF-8
Content-Length: 4243
Origin: https://xcockpit.cycraft.ai
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 41
server: nginx/1.25.0
date: Fri, 26 Apr 2024 08:26:25 GMT
access-control-allow-origin: https://xcockpit.cycraft.ai
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
vary: Origin
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _LGK1J-_ooR3oq-m0yoj5dkGOnGf4ZzVVNDes8-E1n4SbFLAhkNCNg==
X-Firefox-Spdy: h2

xcockpit.cycraft.ai/img/bg.jpg

143.204.55.56

244 kB

URL GET
xcockpit.cycraft.ai/img/bg.jpg
IP
143.204.55.56:0
ASN
#16509 AMAZON-02

Requested by
https://xcockpit.cycraft.ai/
Certificate
IssuerSectigo Limited
Subject*.cycraft.ai
Fingerprint58:13:CF:B4:B8:8C:39:79:4F:CF:07:C3:3E:6A:BB:F9:B1:95:05:CF
ValidityFri, 26 May 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, copyright=Copyright (c) 2021 FlashMovie/Shutterstock. No use without permission.], progressive, precision 8, 1920x1080, components 3
Size
244 kB (244084 bytes)
Hash
a2afa7803a67b91b3497bda126507df4
b30175cdb455b8a9c388b369f2a18f6994c4fe91
ffcecfe5399f26e1c201cf9431407784e4b9aeca4188f1eb41242c28abbd0138

HTTP Headers

GET /img/bg.jpg HTTP/1.1
Host: xcockpit.cycraft.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xcockpit.cycraft.ai/login?next=/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 244084
server: nginx/1.25.0
date: Fri, 26 Apr 2024 08:26:25 GMT
last-modified: Tue, 23 Apr 2024 09:32:26 GMT
etag: "6627802a-3b974"
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: m8Q_XtIvyhBi915rW_s9z0129TRVVHh93ZGJko-lYJ8K_P-zuUV1Ig==
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@500;700&display=swap

142.250.74.106

200 OK

68 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@500;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://xcockpit.cycraft.ai/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
gzip compressed data, max compression
Size
68 kB (68351 bytes)
Hash
a90085aaa800d81e5ae06c5f5d984bbb
700c744c61d3b456fed2b43c78b8ef864350f035
eb9157a221635d30d6bbf50d63a50a471ef9814ae4c3a2741cbfdfbdd20bdaa9

HTTP Headers

GET /css2?family=Noto+Sans+JP:wght@500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xcockpit.cycraft.ai/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 08:26:21 GMT
date: Fri, 26 Apr 2024 08:26:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Orbitron:wght@500&display=swap

142.250.74.106

200 OK

18 MB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Orbitron:wght@500&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://xcockpit.cycraft.ai/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
gzip compressed data, max compression
Size
18 MB (18296329 bytes)
Hash
5db5395d72c6f0e6c4d642974ec233c0
9e4ac5cf5203df13dccaa35a591f24ff4d4dfd10
e0beb7e389832945e3b3b493e16ceee6dee6e5a3140adb3d77c9da96fc5cfbac

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip

HTTP Headers

GET /css2?family=Orbitron:wght@500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xcockpit.cycraft.ai/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 08:26:21 GMT
date: Fri, 26 Apr 2024 08:26:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

xcockpit.cycraft.ai/static/Login.c720b81b.chunk.js

143.204.55.56

200 OK

7.5 kB

URL GET HTTP/2
xcockpit.cycraft.ai/static/Login.c720b81b.chunk.js
IP
143.204.55.56:443
ASN
#16509 AMAZON-02

Requested by
https://xcockpit.cycraft.ai/
Certificate
IssuerSectigo Limited
Subject*.cycraft.ai
Fingerprint58:13:CF:B4:B8:8C:39:79:4F:CF:07:C3:3E:6A:BB:F9:B1:95:05:CF
ValidityFri, 26 May 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (7493), with no line terminators
Size
7.5 kB (7473 bytes)
Hash
006136d7ebf17978ed8e557d806be0ac
623e64887da0259c78750203fa051bc59955f4fa
e45ff21296cdbb9fcb49fc452fb9684b74751757ce89cf4945d5e2ee4c8c05ab

HTTP Headers

GET /static/Login.c720b81b.chunk.js HTTP/1.1
Host: xcockpit.cycraft.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xcockpit.cycraft.ai/login?next=/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.25.0
date: Fri, 26 Apr 2024 08:26:23 GMT
last-modified: Tue, 23 Apr 2024 09:32:26 GMT
etag: W/"6627802a-1d31"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QhIAjbWX-hU8a7Bb0ol2IpmFJfV0GEy0nGmzLu948sTNTp-MgRFTAw==
X-Firefox-Spdy: h2

xcockpit.cycraft.ai/static/main.ea0a00ad.js

143.204.55.56

200 OK

3.8 MB

URL GET HTTP/2
xcockpit.cycraft.ai/static/main.ea0a00ad.js
IP
143.204.55.56:443
ASN
#16509 AMAZON-02

Requested by
https://xcockpit.cycraft.ai/
Certificate
IssuerSectigo Limited
Subject*.cycraft.ai
Fingerprint58:13:CF:B4:B8:8C:39:79:4F:CF:07:C3:3E:6A:BB:F9:B1:95:05:CF
ValidityFri, 26 May 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type

Size
3.8 MB (3803350 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/main.ea0a00ad.js HTTP/1.1
Host: xcockpit.cycraft.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xcockpit.cycraft.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.25.0
date: Fri, 26 Apr 2024 08:26:18 GMT
last-modified: Tue, 23 Apr 2024 09:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
etag: W/"6627802a-3a08d6"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: busPMmLfI84SPsycQ6UN4Mq8ZEhZ74V0eQXea0giwYuz2rnIOFf5Cw==
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Inter:wght@500;700&display=swap

142.250.74.106

200 OK

4.8 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@500;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://xcockpit.cycraft.ai/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
ASCII text, with very long lines (4954), with no line terminators
Size
4.8 kB (4828 bytes)
Hash
0c90e9b44b5bbd90293cb1b1b55ed050
26ec92281c8c22f678edf4e3c049ab3294e4dfd5
7b0eac18c79c671a2ea2f4cffe907a5c43566a935b6e1289194c7e8b037297b8

HTTP Headers

GET /css2?family=Inter:wght@500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xcockpit.cycraft.ai/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 08:26:21 GMT
date: Fri, 26 Apr 2024 08:26:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@500;700&display=swap

142.250.74.106

200 OK

243 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@500;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://xcockpit.cycraft.ai/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
ASCII text, with very long lines (919)
Size
243 kB (242618 bytes)
Hash
f50239622754b722c9a3b134d8d041c6
f617ee941762673cc8cf638a311bfa635652c3d2
e422d8b4c8ad7e9b646e19c9e54d7e3ff72fa73fafc418f5fe2d84e397259168

HTTP Headers

GET /css2?family=Noto+Sans+TC:wght@500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xcockpit.cycraft.ai/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 08:26:21 GMT
date: Fri, 26 Apr 2024 08:26:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

xcockpit.cycraft.ai/img/UIlogin4K.webm

143.204.55.56

206 Partial Content

18 MB

URL GET HTTP/2
xcockpit.cycraft.ai/img/UIlogin4K.webm
IP
143.204.55.56:443
ASN
#16509 AMAZON-02

Requested by
https://xcockpit.cycraft.ai/
Certificate
IssuerSectigo Limited
Subject*.cycraft.ai
Fingerprint58:13:CF:B4:B8:8C:39:79:4F:CF:07:C3:3E:6A:BB:F9:B1:95:05:CF
ValidityFri, 26 May 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type

Size
18 MB (18296024 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /img/UIlogin4K.webm HTTP/1.1
Host: xcockpit.cycraft.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://xcockpit.cycraft.ai/login?next=/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
content-type: video/webm
content-length: 18296024
server: nginx/1.25.0
date: Fri, 26 Apr 2024 08:26:25 GMT
last-modified: Tue, 23 Apr 2024 09:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "6627802a-1172cd8"
content-range: bytes 0-18296023/18296024
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FYPyE464S9itGJdPSC_5OJ7qVxNupgu-mi_9l8u0ZT9-DYRWDGQC-w==
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (17)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by