Report - cdn.show-sb.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html

Report Overview

Visited public
2024-09-02 01:34:59
Tags
URL
cdn.show-sb.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html
Finishing URL
cdn.show-sb.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html
IP / ASN
104.21.95.140
#13335 CLOUDFLARENET
Title
cdn.show-sb.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-08-31 18:12:11	1.3 kB	3.6 kB	23.36.76.226
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-08-31 18:27:47	975 B	2.1 kB	142.250.74.131
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-08-31 18:12:11	981 B	2.7 kB	23.36.76.226
cdn.show-sb.com	unknown	unknown	No data	No data	1.6 kB	6.3 kB	172.67.170.115
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-09-01 11:06:06	906 B	15 kB	142.250.74.106
src_domain	unknown	unknown	No data	No data	2.1 kB	0 B	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-09-01	medium	src_domain	Sinkholed
2024-09-01	medium	src_domain	Sinkholed
2024-09-01	medium	src_domain	Sinkholed
2024-09-01	medium	src_domain	Sinkholed
2024-09-01	medium	src_domain	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (20)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
9af7a8cd532ef5aaf31ca93238520c04
f072b79c778c47733bbd3377e03f716ecdfc14ea
36e32e96e96ff13975dfb765119ad431a8a3bedc9cdd8f16bbe7460664ee177c

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "36E32E96E96FF13975DFB765119AD431A8A3BEDC9CDD8F16BBE7460664EE177C"
Last-Modified: Sat, 31 Aug 2024 21:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15034
Expires: Mon, 02 Sep 2024 05:45:07 GMT
Date: Mon, 02 Sep 2024 01:34:33 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
404e3e4520c09fcce1358b1a21f6b171
040aa03460f3d7ec6f75cae0bf5a462a4bb9798d
f6fc34acb6b2d60bb37dd5caf92b0988cdd52927d80d1f5e7bc23b7db9e8209a

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F6FC34ACB6B2D60BB37DD5CAF92B0988CDD52927D80D1F5E7BC23B7DB9E8209A"
Last-Modified: Sat, 31 Aug 2024 00:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8142
Expires: Mon, 02 Sep 2024 03:50:15 GMT
Date: Mon, 02 Sep 2024 01:34:33 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
231aa156f55dd8497dca6a2066312be3
741432c8275492eb38bba5d0841685dc4f864fee
f348affacf8e814c579ff56d592287275dcf79e2f55f1d041921833d730d2349

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F348AFFACF8E814C579FF56D592287275DCF79E2F55F1D041921833D730D2349"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2335
Expires: Mon, 02 Sep 2024 02:13:28 GMT
Date: Mon, 02 Sep 2024 01:34:33 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
9d2c063731a46a7e1548540195080de0
dd1924ebf7697509a10f3f07604f28f96b4fc498
0d414ed4850119c53fae9ddd19ee1dd95783fd08f7389c3e8ec95215023e298e

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0D414ED4850119C53FAE9DDD19EE1DD95783FD08F7389C3E8EC95215023E298E"
Last-Modified: Sat, 31 Aug 2024 02:33:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10843
Expires: Mon, 02 Sep 2024 04:35:16 GMT
Date: Mon, 02 Sep 2024 01:34:33 GMT
Connection: keep-alive

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
13a0b3087b2cdad637a1530765944caf
1fe7d53d5307b28b9ba805e7098345075d5172c6
2bca0d22640349c90aed454e1baead9cbc2e597f6279cd29c5d88571b77183e4

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 02 Sep 2024 01:34:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
13a0b3087b2cdad637a1530765944caf
1fe7d53d5307b28b9ba805e7098345075d5172c6
2bca0d22640349c90aed454e1baead9cbc2e597f6279cd29c5d88571b77183e4

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 02 Sep 2024 01:34:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
13a0b3087b2cdad637a1530765944caf
1fe7d53d5307b28b9ba805e7098345075d5172c6
2bca0d22640349c90aed454e1baead9cbc2e597f6279cd29c5d88571b77183e4

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 02 Sep 2024 01:34:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
20c9eec1ed6a0f3c730b021493b9e3ec
9f241af1cf1513631da05ffbaede6bcd16e93571
0b2e4962ad211e7e6f6382c7fd9e05fcfc046cad9d26eccd1ef9c7d94ce3cfcf

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0B2E4962AD211E7E6F6382C7FD9E05FCFC046CAD9D26ECCD1EF9C7D94CE3CFCF"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2677
Expires: Mon, 02 Sep 2024 02:19:12 GMT
Date: Mon, 02 Sep 2024 01:34:35 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
20c9eec1ed6a0f3c730b021493b9e3ec
9f241af1cf1513631da05ffbaede6bcd16e93571
0b2e4962ad211e7e6f6382c7fd9e05fcfc046cad9d26eccd1ef9c7d94ce3cfcf

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0B2E4962AD211E7E6F6382C7FD9E05FCFC046CAD9D26ECCD1EF9C7D94CE3CFCF"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2677
Expires: Mon, 02 Sep 2024 02:19:12 GMT
Date: Mon, 02 Sep 2024 01:34:35 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
20c9eec1ed6a0f3c730b021493b9e3ec
9f241af1cf1513631da05ffbaede6bcd16e93571
0b2e4962ad211e7e6f6382c7fd9e05fcfc046cad9d26eccd1ef9c7d94ce3cfcf

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0B2E4962AD211E7E6F6382C7FD9E05FCFC046CAD9D26ECCD1EF9C7D94CE3CFCF"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2677
Expires: Mon, 02 Sep 2024 02:19:12 GMT
Date: Mon, 02 Sep 2024 01:34:35 GMT
Connection: keep-alive

cdn.show-sb.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html

172.67.170.115

200 OK

1.1 kB

URL User Request GET HTTP/2
cdn.show-sb.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html
IP
172.67.170.115:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectshow-sb.com
Fingerprint5C:AC:AB:52:E9:2A:90:AC:2F:C2:14:81:74:2F:99:FA:09:9C:99:2B
ValidityTue, 20 Aug 2024 17:52:01 GMT - Mon, 18 Nov 2024 17:52:00 GMT

File type
HTML document, ASCII text
Size
1.1 kB (1123 bytes)
Hash
027fddd0d322239ada2f2b8b93934fda
6f99560bca5c6d8d747c802f26058344eb179cec
a5b2073d8f57ef0469b777f73d6c3f4a85cc17b4c2ed2a53aa3f1acb2273dbd5

HTTP Headers

GET /sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html HTTP/1.1
Host: cdn.show-sb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.show-sb.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 02 Sep 2024 01:34:34 GMT
content-type: text/html
last-modified: Tue, 29 Mar 2022 08:27:42 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=54SMoxWEliD8XY1qEBgzjEM%2BxuldeSuTm%2FIRDc664%2FDhDiHESGkMciVct97tcA8Lyk0LThcF2QVXdFwDUCB3Rxp%2F8QAXgklVknSYa5UJu8eSM1vNEK%2B8TEShNS1hBeTWzP0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bc9c22a2dcf0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

7.0 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://cdn.show-sb.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint67:2C:47:03:FC:2F:6C:04:CD:B8:61:4D:97:F1:C4:EA:71:E9:9E:11
ValidityMon, 05 Aug 2024 07:18:20 GMT - Mon, 28 Oct 2024 07:18:19 GMT

File type
ASCII text, with very long lines (7193), with no line terminators
Size
7.0 kB (7004 bytes)
Hash
1b9a5aaa00577f3b515cd8bdb5902734
ac084682592bdc2893faced3b83a36599817add0
19507720081a42c4fcac9da0e5a874af98db546cd9f4aa9aaf271cfb442b9030

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.show-sb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 02 Sep 2024 01:34:34 GMT
date: Mon, 02 Sep 2024 01:34:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.show-sb.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html

172.67.170.115

200 OK

3.0 kB

URL GET HTTP/3
cdn.show-sb.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html
IP
172.67.170.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.show-sb.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html
Certificate
IssuerGoogle Trust Services
Subjectshow-sb.com
Fingerprint5C:AC:AB:52:E9:2A:90:AC:2F:C2:14:81:74:2F:99:FA:09:9C:99:2B
ValidityTue, 20 Aug 2024 17:52:01 GMT - Mon, 18 Nov 2024 17:52:00 GMT

File type
HTML document, ASCII text, with very long lines (3229), with no line terminators
Size
3.0 kB (2977 bytes)
Hash
0b579b1f5697d55d3bc0856975d08243
e68a8e8bc08f86086744aba736df40ca7bea6d01
8ac4909eb5c0efc3278c66a43990535925fb271226f96261415df027fe40cb0c

HTTP Headers

GET /sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html HTTP/1.1
Host: cdn.show-sb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.show-sb.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Sep 2024 01:34:34 GMT
content-type: text/html
last-modified: Tue, 29 Mar 2022 08:27:42 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=54SMoxWEliD8XY1qEBgzjEM%2BxuldeSuTm%2FIRDc664%2FDhDiHESGkMciVct97tcA8Lyk0LThcF2QVXdFwDUCB3Rxp%2F8QAXgklVknSYa5UJu8eSM1vNEK%2B8TEShNS1hBeTWzP0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bc9c22a2dcf0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

src_domain/sb/chat/mob/ssp/1/css/animate.css

0.0.0.0

0 B

URL GET
src_domain/sb/chat/mob/ssp/1/css/animate.css
IP
0.0.0.0:0
ASN
#0

Requested by
https://cdn.show-sb.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sb/chat/mob/ssp/1/css/animate.css HTTP/1.1
Host: src_domain
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.show-sb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

src_domain/sb/chat/mob/ssp/1/js/script.js

0.0.0.0

0 B

URL GET
src_domain/sb/chat/mob/ssp/1/js/script.js
IP
0.0.0.0:0
ASN
#0

Requested by
https://cdn.show-sb.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sb/chat/mob/ssp/1/js/script.js HTTP/1.1
Host: src_domain
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.show-sb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

7.0 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://cdn.show-sb.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint67:2C:47:03:FC:2F:6C:04:CD:B8:61:4D:97:F1:C4:EA:71:E9:9E:11
ValidityMon, 05 Aug 2024 07:18:20 GMT - Mon, 28 Oct 2024 07:18:19 GMT

File type
ASCII text, with very long lines (7193), with no line terminators
Size
7.0 kB (7004 bytes)
Hash
1b9a5aaa00577f3b515cd8bdb5902734
ac084682592bdc2893faced3b83a36599817add0
19507720081a42c4fcac9da0e5a874af98db546cd9f4aa9aaf271cfb442b9030

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.show-sb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 02 Sep 2024 01:34:34 GMT
date: Mon, 02 Sep 2024 01:34:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

src_domain/sb/chat/mob/ssp/1/img/close.png

0.0.0.0

0 B

URL GET
src_domain/sb/chat/mob/ssp/1/img/close.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://cdn.show-sb.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sb/chat/mob/ssp/1/img/close.png HTTP/1.1
Host: src_domain
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.show-sb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

src_domain/sb/chat/mob/ssp/1/css/style.css

0.0.0.0

0 B

URL GET
src_domain/sb/chat/mob/ssp/1/css/style.css
IP
0.0.0.0:0
ASN
#0

Requested by
https://cdn.show-sb.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sb/chat/mob/ssp/1/css/style.css HTTP/1.1
Host: src_domain
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.show-sb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

src_domain/sb/chat/mob/ssp/1/js/jquery.min.js

0.0.0.0

0 B

URL GET
src_domain/sb/chat/mob/ssp/1/js/jquery.min.js
IP
0.0.0.0:0
ASN
#0

Requested by
https://cdn.show-sb.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sb/chat/mob/ssp/1/js/jquery.min.js HTTP/1.1
Host: src_domain
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.show-sb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

cdn.show-sb.com/favicon.ico

172.67.170.115

404 Not Found

153 B

URL GET HTTP/3
cdn.show-sb.com/favicon.ico
IP
172.67.170.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.show-sb.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html
Certificate
IssuerGoogle Trust Services
Subjectshow-sb.com
Fingerprint5C:AC:AB:52:E9:2A:90:AC:2F:C2:14:81:74:2F:99:FA:09:9C:99:2B
ValidityTue, 20 Aug 2024 17:52:01 GMT - Mon, 18 Nov 2024 17:52:00 GMT

File type
HTML document, ASCII text, with no line terminators
Size
153 B (153 bytes)
Hash
ab147a6a2e585634731959a1eb1c626e
ccff19bed8352ac0c6a87cdc917c472eee0400be
9052aef1b68e36ac44659e88bb05481a20f89a06096e8c60b09aa79209f9371e

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cdn.show-sb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.show-sb.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Mon, 02 Sep 2024 01:34:35 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3%2Ftg%2BCjD3S7F%2FiiHwMwrzvOd1wFOGlZbLUT0R47E%2BGB%2F%2BzNTDmilycrOxBRrQL3Ch0Ss1AUo3dWE9xLEFn3uep9Tk9qtwBzyAilLCKFsx%2FnIQfruCQHVjmfDuA4hFwxZMfs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc9c22b9e270afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (20)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN