141.179.100.92 - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 141.179.100.92, located in Jubail, Saudi Arabia and belongs to SAUDINETSTC-AS, SA. The main domain is 141.179.100.92.

This is the only time 141.179.100.92 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	141.179.100.92 141.179.100.92	25019 (SAUDINETS...) (SAUDINETSTC-AS)
1 2	96.43.128.66 96.43.128.66	19969 (JOESDATAC...) (JOESDATACENTER)
1	2606:50c0:800... 2606:50c0:8003::154	54113 (FASTLY) (FASTLY)
6	3

4 141.179.100.92 (Jubail, Saudi Arabia)

ASN25019 (SAUDINETSTC-AS, SA)

141.179.100.92	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.43.128.66 (United States) 1 redirects

ASN19969 (JOESDATACENTER, US)

cur.cursors-4u.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8003::154 (United States)

ASN54113 (FASTLY, US)

avatars.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	cursors-4u.net 1 redirects cur.cursors-4u.net — Cisco Umbrella Rank: 922833	5 KB
1	githubusercontent.com avatars.githubusercontent.com — Cisco Umbrella Rank: 9843	24 KB
6	2

	Domain	Requested by
2	cur.cursors-4u.net	1 redirects 141.179.100.92
1	avatars.githubusercontent.com	141.179.100.92
6	2

This site contains links to these domains. Also see Links.

Domain
www.htmlguard.com
t.me
discord.gg

Subject Issuer	Validity	Valid
*.github.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-15` - `2025-03-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://141.179.100.92:1337/
Frame ID: AE614084635D9979A6253BFE7E65425C
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ksr info

Page URL History Show full URLs

http://141.179.100.92:1337/ HTTP 307
https://141.179.100.92:1337/ HTTP 307
http://141.179.100.92:1337/ Page URL

Page Statistics

6
Requests

17 %
HTTPS

33 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

43 kB
Transfer

8099 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.htmlguard.com/
Title: HTML Guard

Search URL Search Domain Scan URL

URL: https://t.me/ksr1337
Title: Telegram

Search URL Search Domain Scan URL

URL: https://discord.gg/dBEbxvUhWQ
Title: discord

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://141.179.100.92:1337/ HTTP 307
https://141.179.100.92:1337/ HTTP 307
http://141.179.100.92:1337/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://cur.cursors-4u.net/symbols/sym-1/sym46.cur HTTP 301
https://cur.cursors-4u.net/symbols/sym-1/sym46.cur

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
141.179.100.92/
Redirect Chain

http://141.179.100.92:1337/
https://141.179.100.92:1337/
http://141.179.100.92:1337/

10 KB
11 KB

138ms
137ms

Document
text/html

141.179.100.92
SAUDINETSTC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://141.179.100.92:1337/
Protocol: HTTP/1.1
Server: 141.179.100.92 Jubail, Saudi Arabia, ASN25019 (SAUDINETSTC-AS, SA),
Reverse DNS
Software: /
Resource Hash: a925dcd99b42b6607e62869a86cdb38c60691eda8fec38fc72f990350f8ae92c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 10677
Date: Fri, 12 Apr 2024 01:28:48 GMT
content-type: text/html;charset=utf-8

Redirect headers

Location: http://141.179.100.92:1337/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1

200
OK

sym46.cur
cur.cursors-4u.net/symbols/sym-1/
Redirect Chain

http://cur.cursors-4u.net/symbols/sym-1/sym46.cur
https://cur.cursors-4u.net/symbols/sym-1/sym46.cur

4 KB
4 KB

438ms
144ms

Image
application/octet-stream

96.43.128.66
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cur.cursors-4u.net/symbols/sym-1/sym46.cur
Requested by: Host: 141.179.100.92
URL: http://141.179.100.92:1337/
Protocol: HTTP/1.1
Server: 96.43.128.66 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: cc451aa50cb9f48a52bcf89ae2f2ad26f4f75ab5cad6de73174e9016b79079f7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://141.179.100.92:1337/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Fri, 12 Apr 2024 01:28:48 GMT
Last-Modified: Wed, 27 Feb 2013 18:46:54 GMT
Server: nginx/1.16.1
ETag: "512e549e-10be"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4286

Redirect headers

Location: https://cur.cursors-4u.net/symbols/sym-1/sym46.cur
Date: Fri, 12 Apr 2024 01:28:47 GMT
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H2 200 68067743
avatars.githubusercontent.com/u/ 23 KB
24 KB 388ms
228ms Image
image/jpeg 2606:50c0:8003::154
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars.githubusercontent.com/u/68067743?v=4

Requested by

Host: 141.179.100.92
URL: http://141.179.100.92:1337/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/

Resource Hash

4a4a00d3454cc505a9e54639bc863e1f70206ea5db2c17d8d7b61266400cd8f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: http://141.179.100.92:1337/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fastly-request-id: 2cbb711a603a7347f46b1560af523f19df360129
content-security-policy: default-src 'none'
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
date: Fri, 12 Apr 2024 01:28:47 GMT
via: 1.1 varnish
x-cache-hits: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 23893
x-xss-protection: 1; mode=block
x-served-by: cache-mxp6921-MXP
last-modified: Tue, 02 Apr 2024 20:15:01 GMT
x-github-tenant
x-github-request-id: A448:2E1BEC:2CE5BE2:2F16800:66188E4B
x-timer: S1712885327.448625,VS0,VE179
etag: "7e1d789d22c04381033d8698fda16dfc15bd9f627fdf1de36ae5dd375b27624f"
source-age: 0
x-frame-options: deny
vary: Authorization,Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
timing-allow-origin: https://github.com
expires: Fri, 12 Apr 2024 01:33:47 GMT

GET
H/1.1 200
OK bcam.webm
141.179.100.92/ 8 MB
0 160ms
160ms Media
video/webm 141.179.100.92
SAUDINETSTC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://141.179.100.92:1337/bcam.webm
Requested by: Host: 141.179.100.92
URL: http://141.179.100.92:1337/
Protocol: HTTP/1.1
Server: 141.179.100.92 Jubail, Saudi Arabia, ASN25019 (SAUDINETSTC-AS, SA),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://141.179.100.92:1337/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 12 Apr 2024 01:28:48 GMT
Content-Length: 27224209
content-type: video/webm

GET
H/1.1 200
OK TAWAFAN.mp3
141.179.100.92/ 128 KB
0 304ms
147ms Media
audio/mpeg 141.179.100.92
SAUDINETSTC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://141.179.100.92:1337/TAWAFAN.mp3
Requested by: Host: 141.179.100.92
URL: http://141.179.100.92:1337/
Protocol: HTTP/1.1
Server: 141.179.100.92 Jubail, Saudi Arabia, ASN25019 (SAUDINETSTC-AS, SA),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://141.179.100.92:1337/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 12 Apr 2024 01:28:48 GMT
Content-Length: 4200655
content-type: audio/mpeg

GET
H/1.1 200
OK favicon.ico
141.179.100.92/ 4 KB
4 KB 265ms
133ms Other
text/html 141.179.100.92
SAUDINETSTC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://141.179.100.92:1337/favicon.ico
Protocol: HTTP/1.1
Server: 141.179.100.92 Jubail, Saudi Arabia, ASN25019 (SAUDINETSTC-AS, SA),
Reverse DNS
Software: /
Resource Hash: bf1aaf6b2a44f50c8f0e47c1d03a3fcf6cf4b4f1c60808774e8472cd89b6251c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://141.179.100.92:1337/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Fri, 12 Apr 2024 01:28:49 GMT
Content-Length: 3602
content-type: text/html;charset=utf-8

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avatars.githubusercontent.com
cur.cursors-4u.net
141.179.100.92
2606:50c0:8003::154
96.43.128.66
4a4a00d3454cc505a9e54639bc863e1f70206ea5db2c17d8d7b61266400cd8f3
a925dcd99b42b6607e62869a86cdb38c60691eda8fec38fc72f990350f8ae92c
bf1aaf6b2a44f50c8f0e47c1d03a3fcf6cf4b4f1c60808774e8472cd89b6251c
cc451aa50cb9f48a52bcf89ae2f2ad26f4f75ab5cad6de73174e9016b79079f7

141.179.100.92 Open in urlscan Pro 141.179.100.92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

6 Requests

17 %HTTPS

33 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

43 kBTransfer

8099 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

0 Cookies

Indicators

141.179.100.92 Open in urlscan Pro
141.179.100.92 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

17 %
HTTPS

33 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

43 kB
Transfer

8099 kB
Size

0
Cookies

6 HTTP transactions
0 data transactions