Report - 213.249.70.16/

Report Overview

Visited public
2023-10-23 20:09:12
Tags
URL
213.249.70.16/
Finishing URL
213.249.70.16/
IP / ASN
213.249.70.16
#42585 Metaregistrar B.V.
Title
Web Server's Default Page

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
213.249.70.16	unknown	unknown	2019-12-11 06:25:26	2023-08-15 19:35:17	5.0 kB	214 kB	213.249.70.16
assets.plesk.com	120376	1999-06-13	2016-07-25 15:41:51	2023-10-23 11:52:23	3.9 kB	593 kB	121.127.45.82
ocsp.r2m01.amazontrust.com	unknown	2007-05-11	2022-10-12 22:43:53	2023-10-23 01:55:40	680 B	1.9 kB	54.230.218.11
firehose.us-west-2.amazonaws.com	5730	2005-08-18	2017-01-30 11:07:36	2023-10-23 01:09:27	1.6 kB	1.2 kB	35.89.72.48

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-10-23	medium	213.249.70.16	Sinkholed
2023-10-23	medium	213.249.70.16	Sinkholed
2023-10-23	medium	213.249.70.16	Sinkholed
2023-10-23	medium	213.249.70.16	Sinkholed
2023-10-23	medium	213.249.70.16	Sinkholed
2023-10-23	medium	213.249.70.16	Sinkholed
2023-10-23	medium	213.249.70.16	Sinkholed
2023-10-23	medium	213.249.70.16	Sinkholed
2023-10-23	medium	213.249.70.16	Sinkholed
2023-10-23	medium	213.249.70.16	Sinkholed
2023-10-23	medium	213.249.70.16	Sinkholed
2023-10-23	medium	213.249.70.16	Sinkholed
2023-10-23	medium	213.249.70.16	Sinkholed
2023-10-23	medium	213.249.70.16	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	assets.plesk.com/static/default-website-content/public/default-server-index.js	ScriptElement	28 kB	2023-08-03	2023-11-13
Pretty URL assets.plesk.com/static/default-website-content/public/default-server-index.js IP 121.127.45.82 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-03 16:42 Last Seen2023-11-13 09:33 Times Seen538 Hash 7c9a893bea30bd09c2c016089792500f 21667ff22d56be1667e03980743395232caf2eaf 1ab248995d6d189a05942bd1809faece642f7a4103ada8ebf4e08801062b57cf Loading...

	213.249.70.16/	ScriptElement	156 B	2023-04-11	2025-01-16
Pretty URL 213.249.70.16/ IP 213.249.70.16 ASN #42585 Metaregistrar B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-11 05:57 Last Seen2025-01-16 01:19 Times Seen28 Hash fc2ccc5cba2328a29dbb11ee33f175b6 139cca5971d935806eb41390a82a8b01705796ee ef4a6ed0649cecc87ebb1cc2ec0f8b06d693e693b70bb54951b85aed41aa48cd Loading...

	assets.plesk.com/static/default-website-content/public/bundle.js	ScriptElement	295 kB	2023-03-26	2023-11-13
Pretty URL assets.plesk.com/static/default-website-content/public/bundle.js IP 121.127.45.82 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 08:06 Last Seen2023-11-13 09:33 Times Seen712 Hash 26c98df9bcdad657b5165c13f7bf206e 4447bc2d08af637b3b74bea3cc74ce036616f81e f98c1f60e8868b1864ea53f7065ce6c0844bb1d0f069e0fb3cb5c86796264463 Loading...

		Size	First Seen	Last Seen
	#1 Write - b622a99bc2dd0132aba2680a797b56d2	71 B	2024-08-21 03:42	2024-08-21 03:42
Pretty Observations First Seen2024-08-21 03:42 Last Seen2024-08-21 03:42 Times Seen1 Hash b622a99bc2dd0132aba2680a797b56d2 1e2b9853729204ee9a51e7a9b32a56533bfe562e 0954531b8d4faaf3cdccd412e3d6b4f0b82b8ed30698e62b0b115d84da01720f Loading...

	#2 Write - c0f6e957628a4c88de1b2a13b2c952ac	18 kB	2024-08-21 03:42	2024-08-21 03:42
Pretty Observations First Seen2024-08-21 03:42 Last Seen2024-08-21 03:42 Times Seen1 Hash c0f6e957628a4c88de1b2a13b2c952ac fcb88846c8ef2f641c37a392fbe6d2e4450b908a efa7c781ac6bac9530f34dd884cdb2e01acb5b970dca40f5cac2c56833cbc75a Loading...

HTTP Transactions (26)

URL IP Response Size

213.249.70.16/

213.249.70.16

200 OK

1.5 kB

URL User Request GET HTTP/1.1
213.249.70.16/
IP
213.249.70.16:80
ASN
#42585 Metaregistrar B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.5 kB (1473 bytes)
Hash
2b62b66b57cc9977d0da2e81fe65e444
4a75a7970577009ebd6553a09039acabfd60e0a6
9aa6368aeaa616a8768ad6640a0c470909a32144542586d61e7fae9c6f8f809c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 213.249.70.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Oct 2023 20:08:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Feb 2020 10:11:52 GMT
ETag: W/"12e7-59f8bf3267ec3"
Content-Encoding: gzip

213.249.70.16/fonts/lato-v16-latin-regular.woff2

213.249.70.16

200 OK

24 kB

URL GET HTTP/1.1
213.249.70.16/fonts/lato-v16-latin-regular.woff2
IP
213.249.70.16:80
ASN
#42585 Metaregistrar B.V.

Requested by
http://213.249.70.16/

File type
Web Open Font Format (Version 2), TrueType, length 23484, version 1.0\012- data
Size
24 kB (23484 bytes)
Hash
b4d2c4c39853ee244272c04999b230ba
c82e22dde9716c40ba20e6c7ed03a1b66556de15
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/lato-v16-latin-regular.woff2 HTTP/1.1
Host: 213.249.70.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://213.249.70.16/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Oct 2023 20:08:54 GMT
Content-Length: 23484
Connection: keep-alive
Last-Modified: Thu, 28 Nov 2019 22:34:19 GMT
ETag: "5bbc-5986fb6c970c0"
Accept-Ranges: bytes

213.249.70.16/style.css

213.249.70.16

200 OK

1.3 kB

URL GET HTTP/1.1
213.249.70.16/style.css
IP
213.249.70.16:80
ASN
#42585 Metaregistrar B.V.

Requested by
http://213.249.70.16/

File type
ASCII text
Size
1.3 kB (1305 bytes)
Hash
640388bda70e470886b33bfc5f25474c
e69a70788dbaae599089bf3ddea54f318dc45a74
d18e0bab5e89b45cdb44449fc1b1e9a1a6c77ab45797ef0e316873f8cfe3b893

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style.css HTTP/1.1
Host: 213.249.70.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://213.249.70.16/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Oct 2023 20:08:54 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 28 Nov 2019 22:34:19 GMT
ETag: W/"117d-5986fb6c970c0"
Content-Encoding: gzip

213.249.70.16/img/video-guides.svg

213.249.70.16

200 OK

531 B

URL GET HTTP/1.1
213.249.70.16/img/video-guides.svg
IP
213.249.70.16:80
ASN
#42585 Metaregistrar B.V.

Requested by
http://213.249.70.16/

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
531 B (531 bytes)
Hash
b94afca20a1c0b6f0a05646a2b1145c6
9018694ef4fe615915e5edbcbb5e021e485b4164
f68c7a1753c9aaa4531c96d13db0aa691a298f6a9b9f361a08fc199fa86ba898

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/video-guides.svg HTTP/1.1
Host: 213.249.70.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://213.249.70.16/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Oct 2023 20:08:54 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 28 Nov 2019 22:34:19 GMT
ETag: W/"509-5986fb6c970c0"
Content-Encoding: gzip

213.249.70.16/img/knowlede-base.svg

213.249.70.16

200 OK

373 B

URL GET HTTP/1.1
213.249.70.16/img/knowlede-base.svg
IP
213.249.70.16:80
ASN
#42585 Metaregistrar B.V.

Requested by
http://213.249.70.16/

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
373 B (373 bytes)
Hash
d84150b9737e8f6722fe7ec172b96444
e37d6cd6df822f29e6fbe355c9d61c3a75db0749
b51c55292932da2922e68ea3a1eca8366f3e851aea9641817c92d4ca6421c94f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/knowlede-base.svg HTTP/1.1
Host: 213.249.70.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://213.249.70.16/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Oct 2023 20:08:54 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 28 Nov 2019 22:34:19 GMT
ETag: W/"332-5986fb6c970c0"
Content-Encoding: gzip

213.249.70.16/img/forum.svg

213.249.70.16

200 OK

1.1 kB

URL GET HTTP/1.1
213.249.70.16/img/forum.svg
IP
213.249.70.16:80
ASN
#42585 Metaregistrar B.V.

Requested by
http://213.249.70.16/

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
1.1 kB (1147 bytes)
Hash
4b225cf4e219999e6bdec5b02155fd81
e216b1f18b73883f0eb4b96c7327e6c0e0268d85
e5890bdf7d870df5c530622e4410c0e00e790b19e50910751b8c58dce2f1927c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/forum.svg HTTP/1.1
Host: 213.249.70.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://213.249.70.16/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Oct 2023 20:08:54 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 28 Nov 2019 22:34:19 GMT
ETag: W/"1569-5986fb6c970c0"
Content-Encoding: gzip

213.249.70.16/img/developers-blog.svg

213.249.70.16

200 OK

502 B

URL GET HTTP/1.1
213.249.70.16/img/developers-blog.svg
IP
213.249.70.16:80
ASN
#42585 Metaregistrar B.V.

Requested by
http://213.249.70.16/

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
502 B (502 bytes)
Hash
22dfe62ed3d35d8b627aa493771a55d4
62f329075241be5ef4e3e23b1fb58c9eb2ca0a75
54f559f02845abce23cad16c95b632d0f2325bd1e36cf5e5877d9fdac56758e9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/developers-blog.svg HTTP/1.1
Host: 213.249.70.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://213.249.70.16/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Oct 2023 20:08:54 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 28 Nov 2019 22:34:19 GMT
ETag: W/"51f-5986fb6c970c0"
Content-Encoding: gzip

213.249.70.16/img/facebook.svg

213.249.70.16

200 OK

328 B

URL GET HTTP/1.1
213.249.70.16/img/facebook.svg
IP
213.249.70.16:80
ASN
#42585 Metaregistrar B.V.

Requested by
http://213.249.70.16/

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
328 B (328 bytes)
Hash
c06b9c3b3d524469d8bd4315bfe60eb5
08abdb0123f21db2dcf471211662e132ce7e42e1
9a6724797d651a2d036399b21dd42164c0f8b939730778f4b84c25e81dd3e93f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/facebook.svg HTTP/1.1
Host: 213.249.70.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://213.249.70.16/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Oct 2023 20:08:54 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 28 Nov 2019 22:34:19 GMT
ETag: W/"318-5986fb6c970c0"
Content-Encoding: gzip

213.249.70.16/img/logo.svg

213.249.70.16

200 OK

1.1 kB

URL GET HTTP/1.1
213.249.70.16/img/logo.svg
IP
213.249.70.16:80
ASN
#42585 Metaregistrar B.V.

Requested by
http://213.249.70.16/

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1988)
Size
1.1 kB (1073 bytes)
Hash
77531653d94250506c81b9654f18ddf1
58886f308c95eb8f15ebe948247bcfc7976d2547
1877a87f1dbda5c8ba1987343c64962b350f2f801efba53d7492af2e5ff8777b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/logo.svg HTTP/1.1
Host: 213.249.70.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://213.249.70.16/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Oct 2023 20:08:54 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 28 Nov 2019 22:34:19 GMT
ETag: W/"86f-5986fb6c970c0"
Content-Encoding: gzip

213.249.70.16/img/plesk-guides.svg

213.249.70.16

200 OK

748 B

URL GET HTTP/1.1
213.249.70.16/img/plesk-guides.svg
IP
213.249.70.16:80
ASN
#42585 Metaregistrar B.V.

Requested by
http://213.249.70.16/

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (318)
Size
748 B (748 bytes)
Hash
3aaef8ff29a729c336cb07604461e096
8332e9a53a7820e4d46389da83394bdec99e5681
7c518c55d0055c7cf8d9dcfdddfb76f6cdc67119841378290ee89147a0c9c774

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/plesk-guides.svg HTTP/1.1
Host: 213.249.70.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://213.249.70.16/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Oct 2023 20:08:54 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 28 Nov 2019 22:34:19 GMT
ETag: W/"8e6-5986fb6c970c0"
Content-Encoding: gzip

213.249.70.16/img/header-bg.svg

213.249.70.16

200 OK

220 B

URL GET HTTP/1.1
213.249.70.16/img/header-bg.svg
IP
213.249.70.16:80
ASN
#42585 Metaregistrar B.V.

Requested by
http://213.249.70.16/

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
220 B (220 bytes)
Hash
1d0da8412831afd8c2d5ae19788b878e
2d07bb248ea376229a5e7c99890ac65a2fea5a34
7fe96aeee4190dbae6cbc80388559ba3dfece20ff53e2423141e29435a8f7001

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/header-bg.svg HTTP/1.1
Host: 213.249.70.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://213.249.70.16/style.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Oct 2023 20:08:54 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 28 Nov 2019 22:34:19 GMT
ETag: W/"132-5986fb6c970c0"
Content-Encoding: gzip

213.249.70.16/img/guy.png

213.249.70.16

200 OK

10 kB

URL GET HTTP/1.1
213.249.70.16/img/guy.png
IP
213.249.70.16:80
ASN
#42585 Metaregistrar B.V.

Requested by
http://213.249.70.16/

File type
PNG image data, 144 x 286, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (9999 bytes)
Hash
508c30a08de6e9a033e045a6979f76d7
8bbde0114d14ef4e0687fab5cc70e3bd4d96c233
40d72d259fff82a177cd2c2f2a1bd0024ec04a2cd5a19d5596187755cc2ae5f2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/guy.png HTTP/1.1
Host: 213.249.70.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://213.249.70.16/style.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Oct 2023 20:08:54 GMT
Content-Type: image/png
Content-Length: 9999
Connection: keep-alive
Last-Modified: Thu, 28 Nov 2019 22:34:19 GMT
ETag: "270f-5986fb6c970c0"
Accept-Ranges: bytes

213.249.70.16/img/header-server-page.png

213.249.70.16

200 OK

169 kB

URL GET HTTP/1.1
213.249.70.16/img/header-server-page.png
IP
213.249.70.16:80
ASN
#42585 Metaregistrar B.V.

Requested by
http://213.249.70.16/

File type
PNG image data, 970 x 620, 8-bit/color RGBA, non-interlaced\012- data
Size
169 kB (169303 bytes)
Hash
3bcbf72252f1ec7d239f10ef2048da5b
bc9cd609ff7d338a6bcc9fd6e69e07ca0b081277
291df56b4065effca1f8533e2119b7d5d7dc02fa4ef7a40f74e2fe22940f0afa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/header-server-page.png HTTP/1.1
Host: 213.249.70.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://213.249.70.16/style.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Oct 2023 20:08:54 GMT
Content-Type: image/png
Content-Length: 169303
Connection: keep-alive
Last-Modified: Thu, 28 Nov 2019 22:34:19 GMT
ETag: "29557-5986fb6c970c0"
Accept-Ranges: bytes

assets.plesk.com/static/default-website-content/public/fonts/inter-v12-latin-700-54321e.woff2

121.127.45.82

200 OK

18 kB

URL GET HTTP/2
assets.plesk.com/static/default-website-content/public/fonts/inter-v12-latin-700-54321e.woff2
IP
121.127.45.82:443
ASN
#0

Requested by
http://213.249.70.16/
Certificate
IssuerLet's Encrypt
Subject1226552209.rsc.cdn77.org
Fingerprint6D:2F:F9:19:86:C9:4F:C8:2A:4A:4F:49:5D:3A:4C:7F:DD:C4:21:87
ValidityFri, 29 Sep 2023 14:57:38 GMT - Thu, 28 Dec 2023 14:57:37 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17784, version 1.0\012- data
Size
18 kB (17784 bytes)
Hash
8d7a3f034881d1712b3325cc71425c10
9594f24367800a20297a96c2d4f957e62c63e207
ced2d8e02e2fbf08d2edec9b5f13648ed8348588a05f7181632f3c1dd6e1f5c3

HTTP Headers

GET /static/default-website-content/public/fonts/inter-v12-latin-700-54321e.woff2 HTTP/1.1
Host: assets.plesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://213.249.70.16
DNT: 1
Connection: keep-alive
Referer: http://213.249.70.16/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 23 Oct 2023 20:08:54 GMT
content-type: font/woff2
content-length: 17784
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 03 Aug 2023 13:17:57 GMT
access-control-allow-origin: *
etag: "64cba905-4578"
expires: Tue, 10 Oct 2023 04:24:19 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 9EF0:9574:F77910:FB10BF:6524CF9B
via: 1.1 varnish
age: 1
x-served-by: cache-fra-eddf8230106-FRA
x-cache-hits: 1
x-timer: S1697462020.117683,VS0,VE2
vary: Accept-Encoding
x-fastly-request-id: 2e4a8a64fee0e2658e25ff2b4ddd81275ce6823e
x-77-nzt: Anl/LVA3Nzf/IgAAANRmOAk3Nzf/iQEAAA
x-77-nzt-ray: c1fb9819db17d826d6d23665b5874325
x-accel-expires: @1698091936
x-accel-date: 1698091700
x-77-cache: HIT
x-77-age: 427
server: CDN77-Turbo
x-cache-lb: HIT
x-age-lb: 34
x-77-pop: copenhagenDK
accept-ranges: bytes
X-Firefox-Spdy: h2

assets.plesk.com/static/default-website-content/public/fonts/inter-v12-latin-regular-be7cb1.woff2

121.127.45.82

200 OK

17 kB

URL GET HTTP/2
assets.plesk.com/static/default-website-content/public/fonts/inter-v12-latin-regular-be7cb1.woff2
IP
121.127.45.82:443
ASN
#0

Requested by
http://213.249.70.16/
Certificate
IssuerLet's Encrypt
Subject1226552209.rsc.cdn77.org
Fingerprint6D:2F:F9:19:86:C9:4F:C8:2A:4A:4F:49:5D:3A:4C:7F:DD:C4:21:87
ValidityFri, 29 Sep 2023 14:57:38 GMT - Thu, 28 Dec 2023 14:57:37 GMT

File type
Web Open Font Format (Version 2), TrueType, length 16708, version 1.0\012- data
Size
17 kB (16708 bytes)
Hash
68c477c4c76baab3a8d1ef6a55aa986f
4af50379e13514558dd53d123db8ea101ec5e24c
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac

HTTP Headers

GET /static/default-website-content/public/fonts/inter-v12-latin-regular-be7cb1.woff2 HTTP/1.1
Host: assets.plesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://213.249.70.16/
Origin: http://213.249.70.16
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 23 Oct 2023 20:08:54 GMT
content-type: font/woff2
content-length: 16708
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 03 Aug 2023 13:17:57 GMT
access-control-allow-origin: *
etag: "64cba905-4144"
expires: Tue, 17 Oct 2023 09:13:51 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 237C:E278:AABE74:AD17B8:652E4DF7
via: 1.1 varnish
age: 0
x-served-by: cache-cph2320021-CPH
x-cache-hits: 0
x-timer: S1697533431.423967,VS0,VE110
vary: Accept-Encoding
x-fastly-request-id: d8c2581183716303af1809dc1451a136ddce6501
server: CDN77-Turbo
x-77-nzt: AXl/LVA3Nzf/2wEAAA
x-77-nzt-ray: c1fb981932277d28d6d23665d177cf26
x-accel-expires: @1698091825
x-accel-date: 1698091259
x-cache-lb: HIT
x-age-lb: 475
x-77-pop: copenhagenDK
x-77-cache: HIT
x-77-age: 475
accept-ranges: bytes
X-Firefox-Spdy: h2

assets.plesk.com/static/default-website-content/public/favicon-2d0e10.ico

121.127.45.82

200 OK

114 kB

URL GET HTTP/2
assets.plesk.com/static/default-website-content/public/favicon-2d0e10.ico
IP
121.127.45.82:443
ASN
#0

Requested by
http://213.249.70.16/
Certificate
IssuerLet's Encrypt
Subject1226552209.rsc.cdn77.org
Fingerprint6D:2F:F9:19:86:C9:4F:C8:2A:4A:4F:49:5D:3A:4C:7F:DD:C4:21:87
ValidityFri, 29 Sep 2023 14:57:38 GMT - Thu, 28 Dec 2023 14:57:37 GMT

File type
MS Windows icon resource - 7 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel\012- data
Size
114 kB (113459 bytes)
Hash
1db747255c64a30f9236e9d929e986ca
384023452346aa087d40c93c23ca2f5e32ff1b1f
88baf40feb43463a8f6aa6543e88bdbe33f0db9a317486e786eee1e5c76a9544

HTTP Headers

GET /static/default-website-content/public/favicon-2d0e10.ico HTTP/1.1
Host: assets.plesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://213.249.70.16/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 23 Oct 2023 20:08:54 GMT
content-type: image/vnd.microsoft.icon
content-length: 113459
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 03 Aug 2023 13:17:57 GMT
access-control-allow-origin: *
etag: "64cba905-1bb33"
expires: Tue, 17 Oct 2023 09:13:51 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: F0B6:D447:AF5E13:B1AE2A:652E4DF7
via: 1.1 varnish
age: 8
x-served-by: cache-cph2320024-CPH
x-cache-hits: 1
x-timer: S1697533440.719079,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 5cb39604a72ff2e9743d65b2e9af90b744b3b41c
server: CDN77-Turbo
x-77-nzt: AXl/LVA3Nzf/QAEAAA
x-77-nzt-ray: c1fb9819db17d826d6d2366575d6a728
x-accel-expires: @1698091926
x-accel-date: 1698091414
x-cache-lb: HIT
x-age-lb: 320
x-77-pop: copenhagenDK
x-77-cache: HIT
x-77-age: 320
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.r2m01.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
39f1b741f19283e082d0f94db0285857
b544d1558389c2dbc19a5806d708be12be3b9f35
6b79b6dd12cafb455c02145db8dcb83333880de13ef206837f75e03e1cc0fd20

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Mon, 23 Oct 2023 20:08:55 GMT
Last-Modified: Mon, 23 Oct 2023 19:20:40 GMT
Server: ECAcc (amb/6B48)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gY4KB2j6o_PSNJn2FssB5vxituNNtuHUT-7FPPWKxR4j70YzBOdDhw==
Age: 2895

ocsp.r2m01.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
39f1b741f19283e082d0f94db0285857
b544d1558389c2dbc19a5806d708be12be3b9f35
6b79b6dd12cafb455c02145db8dcb83333880de13ef206837f75e03e1cc0fd20

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Mon, 23 Oct 2023 20:08:55 GMT
Last-Modified: Mon, 23 Oct 2023 19:00:37 GMT
Server: ECAcc (amb/6B17)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7xS6zfp103S2G2gOeqqGLJ5eoK8Abpc2jK5LEl5E8avB_EXUBgAGpQ==
Age: 4099

firehose.us-west-2.amazonaws.com/

35.89.72.48

200 OK

20 B

URL OPTIONS HTTP/1.1
firehose.us-west-2.amazonaws.com/
IP
35.89.72.48:443
ASN
#16509 AMAZON-02

Requested by
http://213.249.70.16/
Certificate
IssuerAmazon
Subjectfirehose.us-west-2.amazonaws.com
Fingerprint33:FD:78:B1:20:8F:6F:DC:AD:63:CA:90:DB:65:81:6C:6B:52:01:BB
ValidityWed, 01 Mar 2023 00:00:00 GMT - Thu, 29 Feb 2024 23:59:59 GMT

File type
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Size
20 B (20 bytes)
Hash
3970e82605c7d109bb348fc94e9eecc0
e03849ea786b9f7b28a35c17949e85a93eb1cff1
f5d031af01f137ae07fa71720fab94d16cc8a2a59868766002918b7c240f3967

HTTP Headers

OPTIONS / HTTP/1.1
Host: firehose.us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Referer: http://213.249.70.16/
Origin: http://213.249.70.16
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amzn-RequestId: d22e661c-9f46-861b-8f9e-b30b365fe214
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Access-Control-Allow-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 20
Date: Mon, 23 Oct 2023 20:08:55 GMT

firehose.us-west-2.amazonaws.com/

35.89.72.48

200 OK

245 B

URL OPTIONS HTTP/1.1
firehose.us-west-2.amazonaws.com/
IP
35.89.72.48:443
ASN
#16509 AMAZON-02

Requested by
http://213.249.70.16/
Certificate
IssuerAmazon
Subjectfirehose.us-west-2.amazonaws.com
Fingerprint33:FD:78:B1:20:8F:6F:DC:AD:63:CA:90:DB:65:81:6C:6B:52:01:BB
ValidityWed, 01 Mar 2023 00:00:00 GMT - Thu, 29 Feb 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
245 B (245 bytes)
Hash
5cda37b82afa7b7814b4b0a9607b2e5f
38cecb49acac041084762b0e4c8a8576220c7995
af4e221c309562f169859d50416d80fbcdf78fd823019b06dab215f8d31a2016

HTTP Headers

POST / HTTP/1.1
Host: firehose.us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Amz-User-Agent: aws-sdk-js/2.1335.0 callback
Content-Type: application/x-amz-json-1.1
X-Amz-Target: Firehose_20150804.PutRecord
X-Amz-Content-Sha256: a0d574dfff56da9f22d64b9806d536a4ffcb9a762d5392ac5cf26e7a8ad4f656
X-Amz-Date: 20231023T200855Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIAR4YEYRJL6JKBNRGP/20231023/us-west-2/firehose/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=1ed7029736f99fe3c2de64d69f470818e170f30f7b926a2b411825167485761d
Content-Length: 108
Origin: http://213.249.70.16
DNT: 1
Connection: keep-alive
Referer: http://213.249.70.16/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amzn-RequestId: d174b369-291f-0b16-8cc4-667e80066f19
Access-Control-Allow-Origin: *
Content-Encoding: gzip
x-amz-id-2: /7sCN5pkOy/3/VPRVjodabJTBUxw/p9UP+mQhEtYKUvWqiXkANQfawsVxwZ76hvsf+VanahKE7aqnJs457aXix8GJldG2IZV
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Content-Type: application/x-amz-json-1.1
Content-Length: 245
Date: Mon, 23 Oct 2023 20:08:55 GMT

assets.plesk.com/static/default-website-content/public/img/logo-81ca7a.svg

121.127.45.82

200 OK

2.1 kB

URL GET HTTP/2
assets.plesk.com/static/default-website-content/public/img/logo-81ca7a.svg
IP
121.127.45.82:443
ASN
#0

Requested by
http://213.249.70.16/
Certificate
IssuerLet's Encrypt
Subject1226552209.rsc.cdn77.org
Fingerprint6D:2F:F9:19:86:C9:4F:C8:2A:4A:4F:49:5D:3A:4C:7F:DD:C4:21:87
ValidityFri, 29 Sep 2023 14:57:38 GMT - Thu, 28 Dec 2023 14:57:37 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2118), with no line terminators
Size
2.1 kB (2099 bytes)
Hash
f9feb5d64f4aa6ef9441952f93004e90
94b804495ac52b65261f53f1dd97c0d0691a7ac5
024d3703031d890a8de7c855c2fdbe295daf1b803f828f4e7f225f75d0897941

HTTP Headers

GET /static/default-website-content/public/img/logo-81ca7a.svg HTTP/1.1
Host: assets.plesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://213.249.70.16/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 23 Oct 2023 20:08:54 GMT
content-type: image/svg+xml
permissions-policy: interest-cohort=()
last-modified: Thu, 03 Aug 2023 13:17:57 GMT
access-control-allow-origin: *
etag: W/"64cba905-833"
expires: Tue, 17 Oct 2023 09:13:51 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 4FB8:E42E:ACB940:AEFE81:652E4DF3
via: 1.1 varnish
age: 0
x-served-by: cache-cph2320026-CPH
x-cache-hits: 0
x-timer: S1697533431.354660,VS0,VE105
vary: Accept-Encoding, Accept-Encoding
x-fastly-request-id: 891c085fe2c99a37a4f9e70cdffafe271892d33c
server: CDN77-Turbo
x-77-nzt: AXl/LVA3Nzf/VgAAAA
x-77-nzt-ray: c1fb9819db17d826d6d236659a273b24
x-accel-expires: @1698092131
x-accel-date: 1698091648
x-cache-lb: HIT
x-age-lb: 86
x-77-pop: copenhagenDK
x-77-cache: HIT
x-77-age: 86
content-encoding: gzip
X-Firefox-Spdy: h2

assets.plesk.com/static/default-website-content/public/default-server-index.js

121.127.45.82

200 OK

28 kB

URL GET HTTP/2
assets.plesk.com/static/default-website-content/public/default-server-index.js
IP
121.127.45.82:443
ASN
#0

Requested by
http://213.249.70.16/
Certificate
IssuerLet's Encrypt
Subject1226552209.rsc.cdn77.org
Fingerprint6D:2F:F9:19:86:C9:4F:C8:2A:4A:4F:49:5D:3A:4C:7F:DD:C4:21:87
ValidityFri, 29 Sep 2023 14:57:38 GMT - Thu, 28 Dec 2023 14:57:37 GMT

File type
ASCII text, with very long lines (27343)
Size
28 kB (27524 bytes)
Hash
7c9a893bea30bd09c2c016089792500f
21667ff22d56be1667e03980743395232caf2eaf
1ab248995d6d189a05942bd1809faece642f7a4103ada8ebf4e08801062b57cf

HTTP Headers

GET /static/default-website-content/public/default-server-index.js HTTP/1.1
Host: assets.plesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://213.249.70.16/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 23 Oct 2023 20:08:54 GMT
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Thu, 03 Aug 2023 13:17:57 GMT
access-control-allow-origin: *
etag: W/"64cba905-6b84"
expires: Tue, 17 Oct 2023 09:13:51 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: DD56:90A7:AC3667:AE9027:652E4DF5
via: 1.1 varnish
age: 0
x-served-by: cache-cph2320026-CPH
x-cache-hits: 0
x-timer: S1697533431.965617,VS0,VE114
vary: Accept-Encoding, Accept-Encoding
x-fastly-request-id: a555cbc5ac29e5e54e37028c70eee7dbb47d4d8b
server: CDN77-Turbo
x-77-nzt: AXl/LVA3Nzf/WwEAAA
x-77-nzt-ray: c1fb9819db17d826d6d2366576b35014
x-accel-expires: @1698091981
x-accel-date: 1698091387
x-cache-lb: HIT
x-age-lb: 347
x-77-pop: copenhagenDK
x-77-cache: HIT
x-77-age: 347
content-encoding: gzip
X-Firefox-Spdy: h2

213.249.70.16/fonts/lato-v16-latin-700.woff2

213.249.70.16

200 OK

0 B

URL GET HTTP/1.1
213.249.70.16/fonts/lato-v16-latin-700.woff2
IP
213.249.70.16:80
ASN
#42585 Metaregistrar B.V.

Requested by
http://213.249.70.16/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/lato-v16-latin-700.woff2 HTTP/1.1
Host: 213.249.70.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://213.249.70.16/style.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Oct 2023 20:08:54 GMT
Content-Length: 22992
Connection: keep-alive
Last-Modified: Thu, 28 Nov 2019 22:34:19 GMT
ETag: "59d0-5986fb6c970c0"
Accept-Ranges: bytes

assets.plesk.com/static/default-website-content/public/img/robot-4b152c.svg

121.127.45.82

200 OK

89 kB

URL GET HTTP/2
assets.plesk.com/static/default-website-content/public/img/robot-4b152c.svg
IP
121.127.45.82:443
ASN
#0

Requested by
http://213.249.70.16/
Certificate
IssuerLet's Encrypt
Subject1226552209.rsc.cdn77.org
Fingerprint6D:2F:F9:19:86:C9:4F:C8:2A:4A:4F:49:5D:3A:4C:7F:DD:C4:21:87
ValidityFri, 29 Sep 2023 14:57:38 GMT - Thu, 28 Dec 2023 14:57:37 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
89 kB (89014 bytes)
Hash
a11790af7b8e734f7391d2695e96bfc8
af73e0993f9a486721d75bc21d6eb6e17104ece9
01084e18312cb2af2d6b89b7348a7f1e5ae8faf10c0bd9ce478dd38adb2955a3

HTTP Headers

GET /static/default-website-content/public/img/robot-4b152c.svg HTTP/1.1
Host: assets.plesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://213.249.70.16/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 23 Oct 2023 20:08:54 GMT
content-type: image/svg+xml
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 03 Aug 2023 13:17:57 GMT
access-control-allow-origin: *
etag: W/"64cba905-15bb6"
expires: Tue, 17 Oct 2023 09:13:51 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 857A:E72B:AC83B3:AED40B:652E4DF5
via: 1.1 varnish
age: 0
x-served-by: cache-cph2320042-CPH
x-cache-hits: 0
x-timer: S1697533431.358602,VS0,VE121
vary: Accept-Encoding, Accept-Encoding
x-fastly-request-id: 931a9a59cd7a603f8b3ede7deb5158f00354cd18
server: CDN77-Turbo
x-77-nzt: AXl/LVA3Nzf/HgEAAA
x-77-nzt-ray: c1fb9819db17d826d6d23665c25b1c25
x-accel-expires: @1698092005
x-accel-date: 1698091448
x-cache-lb: HIT
x-age-lb: 286
x-77-pop: copenhagenDK
x-77-cache: HIT
x-77-age: 286
content-encoding: gzip
X-Firefox-Spdy: h2

assets.plesk.com/static/default-website-content/public/bundle.js

121.127.45.82

200 OK

295 kB

URL GET HTTP/2
assets.plesk.com/static/default-website-content/public/bundle.js
IP
121.127.45.82:443
ASN
#0

Requested by
http://213.249.70.16/
Certificate
IssuerLet's Encrypt
Subject1226552209.rsc.cdn77.org
Fingerprint6D:2F:F9:19:86:C9:4F:C8:2A:4A:4F:49:5D:3A:4C:7F:DD:C4:21:87
ValidityFri, 29 Sep 2023 14:57:38 GMT - Thu, 28 Dec 2023 14:57:37 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
295 kB (295320 bytes)
Hash
26c98df9bcdad657b5165c13f7bf206e
4447bc2d08af637b3b74bea3cc74ce036616f81e
f98c1f60e8868b1864ea53f7065ce6c0844bb1d0f069e0fb3cb5c86796264463

HTTP Headers

GET /static/default-website-content/public/bundle.js HTTP/1.1
Host: assets.plesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://213.249.70.16/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 23 Oct 2023 20:08:54 GMT
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 03 Aug 2023 13:17:57 GMT
access-control-allow-origin: *
etag: W/"64cba905-48198"
expires: Tue, 17 Oct 2023 09:13:51 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: BF78:11957:ADB319:B001B1:652E4DF6
via: 1.1 varnish
age: 0
x-served-by: cache-cph2320043-CPH
x-cache-hits: 0
x-timer: S1697533431.356938,VS0,VE216
vary: Accept-Encoding, Accept-Encoding
x-fastly-request-id: 7b1a31be971ed1eaf66c23817beb5cd90f57b5ac
server: CDN77-Turbo
x-77-nzt: AXl/LVA3Nzf/2wEAAA
x-77-nzt-ray: c1fb9819db17d826d6d23665bef93f24
x-accel-expires: @1698091742
x-accel-date: 1698091259
x-cache-lb: HIT
x-age-lb: 475
x-77-pop: copenhagenDK
x-77-cache: HIT
x-77-age: 475
content-encoding: gzip
X-Firefox-Spdy: h2

assets.plesk.com/static/default-website-content/public/img/stars-fb15b6.svg

121.127.45.82

200 OK

24 kB

URL GET HTTP/2
assets.plesk.com/static/default-website-content/public/img/stars-fb15b6.svg
IP
121.127.45.82:443
ASN
#0

Requested by
http://213.249.70.16/
Certificate
IssuerLet's Encrypt
Subject1226552209.rsc.cdn77.org
Fingerprint6D:2F:F9:19:86:C9:4F:C8:2A:4A:4F:49:5D:3A:4C:7F:DD:C4:21:87
ValidityFri, 29 Sep 2023 14:57:38 GMT - Thu, 28 Dec 2023 14:57:37 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (23586)
Size
24 kB (23587 bytes)
Hash
18aa9407cb97208391f24bcef249457f
c76eef71591d7d92fb30f51b49dadf16ae600a05
30628c4c5254e81ed7f953bd449c6976ce87210089c4b221f00c3a7a5d597736

HTTP Headers

GET /static/default-website-content/public/img/stars-fb15b6.svg HTTP/1.1
Host: assets.plesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://213.249.70.16/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 23 Oct 2023 20:08:54 GMT
content-type: image/svg+xml
permissions-policy: interest-cohort=()
last-modified: Thu, 03 Aug 2023 13:17:57 GMT
access-control-allow-origin: *
etag: W/"64cba905-5c23"
expires: Tue, 17 Oct 2023 09:13:51 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 6832:B593:AFA9A2:B1EEA9:652E4DF5
via: 1.1 varnish
age: 0
x-served-by: cache-cph2320023-CPH
x-cache-hits: 0
x-timer: S1697533431.358040,VS0,VE129
vary: Accept-Encoding, Accept-Encoding
x-fastly-request-id: 16ce86cbbcfb265e309e91b98f5b9649f7dd7cbc
server: CDN77-Turbo
x-77-nzt: AXl/LVA3Nzf/VgAAAA
x-77-nzt-ray: c1fb9819db17d826d6d23665d9568224
x-accel-expires: @1698092137
x-accel-date: 1698091648
x-cache-lb: HIT
x-age-lb: 86
x-77-pop: copenhagenDK
x-77-cache: HIT
x-77-age: 86
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (26)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size