52-90-145-42.ipv4.nknlabs.io Open in urlscan Pro
52.90.145.42 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://52-90-145-42.ipv4.nknlabs.io/
Submission Tags: nerfmoknah
Submission: On April 16 via api (April 16th 2022, 2:50:53 pm UTC) from NL — Scanned from NL

Summary HTTP 22 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 22 HTTP transactions. The main IP is 52.90.145.42, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is 52-90-145-42.ipv4.nknlabs.io.

This is the only time 52-90-145-42.ipv4.nknlabs.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Discord (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
21	52.90.145.42 52.90.145.42	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
22	2

21 52.90.145.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-90-145-42.compute-1.amazonaws.com

52-90-145-42.ipv4.nknlabs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	nknlabs.io 52-90-145-42.ipv4.nknlabs.io	9 MB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	988 B
22	2

	Domain	Requested by
21	52-90-145-42.ipv4.nknlabs.io	52-90-145-42.ipv4.nknlabs.io
1	fonts.googleapis.com	52-90-145-42.ipv4.nknlabs.io
22	2

This site contains links to these domains. Also see Links.

Domain
discord.com
support.discord.com
twitter.com
www.instagram.com
www.facebook.com
www.youtube.com
discordstatus.com
feedback.discord.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://52-90-145-42.ipv4.nknlabs.io/
Frame ID: F366D356BCDCB1164DFB0B65F4444C1B
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Moderator Academy Exam

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

Page Statistics

22
Requests

5 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

9724 kB
Transfer

9719 kB
Size

0
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://discord.com/login
Title: Entrar

Search URL Search Domain Scan URL

URL: https://support.discord.com/hc/en-us
Title: Support

Search URL Search Domain Scan URL

URL: https://twitter.com/discord

Search URL Search Domain Scan URL

URL: https://www.instagram.com/discord/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/discord/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/discord/

Search URL Search Domain Scan URL

URL: https://discordstatus.com/
Title: Status

Search URL Search Domain Scan URL

URL: http://support.discord.com/hc/en-us
Title: Support

Search URL Search Domain Scan URL

URL: http://feedback.discord.com/
Title: Feedback

Search URL Search Domain Scan URL

URL: http://discord.com/register
Title: Register

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
52-90-145-42.ipv4.nknlabs.io/ 54 KB
54 KB 313ms
99ms Document
text/html 52.90.145.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://52-90-145-42.ipv4.nknlabs.io/
Protocol: HTTP/1.1
Server: 52.90.145.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-90-145-42.compute-1.amazonaws.com
Software: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4 / PHP/8.1.4
Resource Hash: 09e8915452402bab391a71efe6a5cf955403caeaef0a673c65b84511b6d93840

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 16 Apr 2022 14:50:47 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4
Transfer-Encoding: chunked
X-Powered-By: PHP/8.1.4

GET
H/1.1 200
OK 0.fd715bb4c90d19661ecd.css
52-90-145-42.ipv4.nknlabs.io/assets/ 255 KB
255 KB 200ms
101ms Stylesheet
text/css 52.90.145.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://52-90-145-42.ipv4.nknlabs.io/assets/0.fd715bb4c90d19661ecd.css
Requested by: Host: 52-90-145-42.ipv4.nknlabs.io
URL: http://52-90-145-42.ipv4.nknlabs.io/
Protocol: HTTP/1.1
Server: 52.90.145.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-90-145-42.compute-1.amazonaws.com
Software: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4 /
Resource Hash: 9b895456804f07e7fce5906edccf55e6df896e6a7dae05192b04661bf453c1c2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://52-90-145-42.ipv4.nknlabs.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 14:50:47 GMT
Last-Modified: Mon, 21 Mar 2022 03:34:14 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4
ETag: "3fb7e-5dab22b987980"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 260990

GET
H/1.1 200
OK otSDKStub.html Show response
52-90-145-42.ipv4.nknlabs.io/assets/oneTrust/v2/scripttemplates/ 299 B
608 B 200ms
101ms Script
text/html 52.90.145.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://52-90-145-42.ipv4.nknlabs.io/assets/oneTrust/v2/scripttemplates/otSDKStub.html
Requested by: Host: 52-90-145-42.ipv4.nknlabs.io
URL: http://52-90-145-42.ipv4.nknlabs.io/
Protocol: HTTP/1.1
Server: 52.90.145.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-90-145-42.compute-1.amazonaws.com
Software: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4 /
Resource Hash: 5d4fd63067f6aea29beae6f790d8c942b3b330f5aa40f6fdc471de1d87fc67df

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://52-90-145-42.ipv4.nknlabs.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 14:50:47 GMT
Last-Modified: Sun, 27 Mar 2022 22:32:26 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4
ETag: "12b-5db3ac531ce86"
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 299

GET
H/1.1 200
OK api.html Show response
52-90-145-42.ipv4.nknlabs.io/cdn-cgi/bm/cv/669835187/ 299 B
607 B 101ms
100ms Script
text/html 52.90.145.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://52-90-145-42.ipv4.nknlabs.io/cdn-cgi/bm/cv/669835187/api.html
Requested by: Host: 52-90-145-42.ipv4.nknlabs.io
URL: http://52-90-145-42.ipv4.nknlabs.io/
Protocol: HTTP/1.1
Server: 52.90.145.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-90-145-42.compute-1.amazonaws.com
Software: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4 /
Resource Hash: 5d4fd63067f6aea29beae6f790d8c942b3b330f5aa40f6fdc471de1d87fc67df

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://52-90-145-42.ipv4.nknlabs.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 14:50:47 GMT
Last-Modified: Sun, 27 Mar 2022 22:32:27 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4
ETag: "12b-5db3ac540cb59"
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 299

GET
H/1.1 200
OK a6193089fb762c7874fffcc9e61fa91e.svg
52-90-145-42.ipv4.nknlabs.io/assets/ 36 KB
36 KB 101ms
101ms Image
image/svg+xml 52.90.145.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52-90-145-42.ipv4.nknlabs.io/assets/a6193089fb762c7874fffcc9e61fa91e.svg
Requested by: Host: 52-90-145-42.ipv4.nknlabs.io
URL: http://52-90-145-42.ipv4.nknlabs.io/
Protocol: HTTP/1.1
Server: 52.90.145.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-90-145-42.compute-1.amazonaws.com
Software: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4 /
Resource Hash: e5d5284e778466ff3cec71bf016f248e81047facf07748ff844ef0d831b98bff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://52-90-145-42.ipv4.nknlabs.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 14:50:47 GMT
Last-Modified: Mon, 21 Mar 2022 03:06:25 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4
ETag: "8fab-5dab1c81d8e40"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 36779

GET
H/1.1 200
OK 779a770c34fcb823a598a7277301adaf.svg
52-90-145-42.ipv4.nknlabs.io/assets/ 179 B
490 B 100ms
100ms Image
image/svg+xml 52.90.145.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52-90-145-42.ipv4.nknlabs.io/assets/779a770c34fcb823a598a7277301adaf.svg
Requested by: Host: 52-90-145-42.ipv4.nknlabs.io
URL: http://52-90-145-42.ipv4.nknlabs.io/
Protocol: HTTP/1.1
Server: 52.90.145.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-90-145-42.compute-1.amazonaws.com
Software: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4 /
Resource Hash: 34141e9a95e611f7ba839276d4fbcf27228af1a3a903c2724098fab7df60d447

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://52-90-145-42.ipv4.nknlabs.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 14:50:48 GMT
Last-Modified: Mon, 21 Mar 2022 03:05:59 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4
ETag: "b3-5dab1c690d3c0"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 179

GET
H/1.1 200
OK 1158b5aabb909516cc92.js Show response
52-90-145-42.ipv4.nknlabs.io/assets/ 8 KB
9 KB 100ms
100ms Script
application/javascript 52.90.145.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://52-90-145-42.ipv4.nknlabs.io/assets/1158b5aabb909516cc92.js
Requested by: Host: 52-90-145-42.ipv4.nknlabs.io
URL: http://52-90-145-42.ipv4.nknlabs.io/
Protocol: HTTP/1.1
Server: 52.90.145.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-90-145-42.compute-1.amazonaws.com
Software: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4 /
Resource Hash: d35ae468c649895c5d202fef7df7b136002f993d4816b47e49653d7c1764f949

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://52-90-145-42.ipv4.nknlabs.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 14:50:48 GMT
Last-Modified: Mon, 21 Mar 2022 03:33:51 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4
ETag: "2140-5dab22a3985c0"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 8512

GET
H/1.1 200
OK eab51d4c3cdee20a43e5.js Show response
52-90-145-42.ipv4.nknlabs.io/assets/ 62 KB
62 KB 101ms
101ms Script
application/javascript 52.90.145.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://52-90-145-42.ipv4.nknlabs.io/assets/eab51d4c3cdee20a43e5.js
Requested by: Host: 52-90-145-42.ipv4.nknlabs.io
URL: http://52-90-145-42.ipv4.nknlabs.io/
Protocol: HTTP/1.1
Server: 52.90.145.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-90-145-42.compute-1.amazonaws.com
Software: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4 /
Resource Hash: 83804d5ab9a3a557db6ebf23efe6fdee2b536f19383f4d2d3c4abf3b63ebf223

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://52-90-145-42.ipv4.nknlabs.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 14:50:48 GMT
Last-Modified: Mon, 21 Mar 2022 03:34:04 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4
ETag: "f845-5dab22affe300"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 63557

GET
H/1.1 200
OK 654e9e800f382e7f2622.js Show response
52-90-145-42.ipv4.nknlabs.io/assets/ 9 MB
9 MB 101ms
100ms Script
application/javascript 52.90.145.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://52-90-145-42.ipv4.nknlabs.io/assets/654e9e800f382e7f2622.js
Requested by: Host: 52-90-145-42.ipv4.nknlabs.io
URL: http://52-90-145-42.ipv4.nknlabs.io/
Protocol: HTTP/1.1
Server: 52.90.145.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-90-145-42.compute-1.amazonaws.com
Software: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4 /
Resource Hash: 7aa50681c56cdcf980c72ea951005d8abf2d962ab9b180950436a426aa9225a7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://52-90-145-42.ipv4.nknlabs.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 14:50:48 GMT
Last-Modified: Mon, 21 Mar 2022 03:33:48 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4
ETag: "9149bb-5dab22a0bbf00"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9521595

GET
H2 200 css
fonts.googleapis.com/ 2 KB
988 B 79ms
29ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Press+Start+2P

Requested by

Host: 52-90-145-42.ipv4.nknlabs.io
URL: http://52-90-145-42.ipv4.nknlabs.io/assets/0.fd715bb4c90d19661ecd.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

472580df0fe70ff63b5ea69ef222a5dcbadfe84bc863817593fccb086696bc55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://52-90-145-42.ipv4.nknlabs.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 16 Apr 2022 13:49:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 16 Apr 2022 14:50:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Apr 2022 14:50:48 GMT

GET
H/1.1 404
Not Found gtm5445.html
52-90-145-42.ipv4.nknlabs.io/www.googletagmanager.com/ 0
0 300ms
101ms Script
text/html 52.90.145.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://52-90-145-42.ipv4.nknlabs.io/www.googletagmanager.com/gtm5445.html?id=GTM-N7BVC2W&gtm_auth=GI0g9O-54_SitcgmxQKxlA&gtm_preview=env-2&gtm_cookies_win=x
Requested by: Host: 52-90-145-42.ipv4.nknlabs.io
URL: http://52-90-145-42.ipv4.nknlabs.io/
Protocol: HTTP/1.1
Server: 52.90.145.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-90-145-42.compute-1.amazonaws.com
Software: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4 /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://52-90-145-42.ipv4.nknlabs.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 14:50:48 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 314
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found fbevents.js
52-90-145-42.ipv4.nknlabs.io/connect.facebook.net/en_US/ 0
0 297ms
97ms Script
text/html 52.90.145.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://52-90-145-42.ipv4.nknlabs.io/connect.facebook.net/en_US/fbevents.js
Requested by: Host: 52-90-145-42.ipv4.nknlabs.io
URL: http://52-90-145-42.ipv4.nknlabs.io/
Protocol: HTTP/1.1
Server: 52.90.145.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-90-145-42.compute-1.amazonaws.com
Software: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4 /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://52-90-145-42.ipv4.nknlabs.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 14:50:48 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 314
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK be0060dafb7a0e31d2a1ca17c0708636.html
52-90-145-42.ipv4.nknlabs.io/assets/ 299 B
607 B 113ms
100ms Font
text/html 52.90.145.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://52-90-145-42.ipv4.nknlabs.io/assets/be0060dafb7a0e31d2a1ca17c0708636.html
Requested by: Host: 52-90-145-42.ipv4.nknlabs.io
URL: http://52-90-145-42.ipv4.nknlabs.io/assets/0.fd715bb4c90d19661ecd.css
Protocol: HTTP/1.1
Server: 52.90.145.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-90-145-42.compute-1.amazonaws.com
Software: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4 /
Resource Hash: 5d4fd63067f6aea29beae6f790d8c942b3b330f5aa40f6fdc471de1d87fc67df

Request headers

Referer: http://52-90-145-42.ipv4.nknlabs.io/assets/0.fd715bb4c90d19661ecd.css
Origin: http://52-90-145-42.ipv4.nknlabs.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 14:50:48 GMT
Last-Modified: Sun, 27 Mar 2022 22:38:48 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4
ETag: "12b-5db3adbfb4c05"
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 299

GET
H/1.1 200
OK 3bdef1251a424500c1b3a78dea9b7e57.html
52-90-145-42.ipv4.nknlabs.io/assets/ 299 B
608 B 190ms
97ms Font
text/html 52.90.145.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://52-90-145-42.ipv4.nknlabs.io/assets/3bdef1251a424500c1b3a78dea9b7e57.html
Requested by: Host: 52-90-145-42.ipv4.nknlabs.io
URL: http://52-90-145-42.ipv4.nknlabs.io/assets/0.fd715bb4c90d19661ecd.css
Protocol: HTTP/1.1
Server: 52.90.145.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-90-145-42.compute-1.amazonaws.com
Software: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4 /
Resource Hash: 5d4fd63067f6aea29beae6f790d8c942b3b330f5aa40f6fdc471de1d87fc67df

Request headers

Referer: http://52-90-145-42.ipv4.nknlabs.io/assets/0.fd715bb4c90d19661ecd.css
Origin: http://52-90-145-42.ipv4.nknlabs.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 14:50:48 GMT
Last-Modified: Sun, 27 Mar 2022 22:38:48 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4
ETag: "12b-5db3adbfb4c05"
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 299

GET
H/1.1 200
OK e8acd7d9bf6207f99350ca9f9e23b168.html
52-90-145-42.ipv4.nknlabs.io/assets/ 299 B
608 B 196ms
101ms Font
text/html 52.90.145.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://52-90-145-42.ipv4.nknlabs.io/assets/e8acd7d9bf6207f99350ca9f9e23b168.html
Requested by: Host: 52-90-145-42.ipv4.nknlabs.io
URL: http://52-90-145-42.ipv4.nknlabs.io/assets/0.fd715bb4c90d19661ecd.css
Protocol: HTTP/1.1
Server: 52.90.145.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-90-145-42.compute-1.amazonaws.com
Software: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4 /
Resource Hash: 5d4fd63067f6aea29beae6f790d8c942b3b330f5aa40f6fdc471de1d87fc67df

Request headers

Referer: http://52-90-145-42.ipv4.nknlabs.io/assets/0.fd715bb4c90d19661ecd.css
Origin: http://52-90-145-42.ipv4.nknlabs.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 14:50:48 GMT
Last-Modified: Sun, 27 Mar 2022 22:38:48 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4
ETag: "12b-5db3adbfb4434"
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 299

GET
H/1.1 200
OK ae7c84783ad48b6d1c8e2bfbe707e0d4.html
52-90-145-42.ipv4.nknlabs.io/assets/ 299 B
608 B 169ms
98ms Font
text/html 52.90.145.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://52-90-145-42.ipv4.nknlabs.io/assets/ae7c84783ad48b6d1c8e2bfbe707e0d4.html
Requested by: Host: 52-90-145-42.ipv4.nknlabs.io
URL: http://52-90-145-42.ipv4.nknlabs.io/assets/0.fd715bb4c90d19661ecd.css
Protocol: HTTP/1.1
Server: 52.90.145.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-90-145-42.compute-1.amazonaws.com
Software: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4 /
Resource Hash: 5d4fd63067f6aea29beae6f790d8c942b3b330f5aa40f6fdc471de1d87fc67df

Request headers

Referer: http://52-90-145-42.ipv4.nknlabs.io/assets/0.fd715bb4c90d19661ecd.css
Origin: http://52-90-145-42.ipv4.nknlabs.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 14:50:48 GMT
Last-Modified: Sun, 27 Mar 2022 22:38:48 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4
ETag: "12b-5db3adbfb6377"
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 299

GET
H/1.1 200
OK 1cce82154216dc3cb04a84d011ce1201.html
52-90-145-42.ipv4.nknlabs.io/assets/ 299 B
607 B 188ms
100ms Font
text/html 52.90.145.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://52-90-145-42.ipv4.nknlabs.io/assets/1cce82154216dc3cb04a84d011ce1201.html
Requested by: Host: 52-90-145-42.ipv4.nknlabs.io
URL: http://52-90-145-42.ipv4.nknlabs.io/assets/0.fd715bb4c90d19661ecd.css
Protocol: HTTP/1.1
Server: 52.90.145.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-90-145-42.compute-1.amazonaws.com
Software: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4 /
Resource Hash: 5d4fd63067f6aea29beae6f790d8c942b3b330f5aa40f6fdc471de1d87fc67df

Request headers

Referer: http://52-90-145-42.ipv4.nknlabs.io/assets/0.fd715bb4c90d19661ecd.css
Origin: http://52-90-145-42.ipv4.nknlabs.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 14:50:48 GMT
Last-Modified: Sun, 27 Mar 2022 22:38:48 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4
ETag: "12b-5db3adbfb7700"
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 299

GET
H/1.1 200
OK e215f61cbbc2e49cea6121e0d2679aa2.html
52-90-145-42.ipv4.nknlabs.io/assets/ 299 B
607 B 263ms
98ms Font
text/html 52.90.145.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://52-90-145-42.ipv4.nknlabs.io/assets/e215f61cbbc2e49cea6121e0d2679aa2.html
Requested by: Host: 52-90-145-42.ipv4.nknlabs.io
URL: http://52-90-145-42.ipv4.nknlabs.io/assets/0.fd715bb4c90d19661ecd.css
Protocol: HTTP/1.1
Server: 52.90.145.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-90-145-42.compute-1.amazonaws.com
Software: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4 /
Resource Hash: 5d4fd63067f6aea29beae6f790d8c942b3b330f5aa40f6fdc471de1d87fc67df

Request headers

Referer: http://52-90-145-42.ipv4.nknlabs.io/assets/0.fd715bb4c90d19661ecd.css
Origin: http://52-90-145-42.ipv4.nknlabs.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 14:50:48 GMT
Last-Modified: Sun, 27 Mar 2022 22:38:48 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4
ETag: "12b-5db3adbfb7318"
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 299

GET
H/1.1 200
OK 92e32db984c8577d8b81548b43b9c061.html
52-90-145-42.ipv4.nknlabs.io/assets/ 299 B
607 B 101ms
101ms Font
text/html 52.90.145.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://52-90-145-42.ipv4.nknlabs.io/assets/92e32db984c8577d8b81548b43b9c061.html
Requested by: Host: 52-90-145-42.ipv4.nknlabs.io
URL: http://52-90-145-42.ipv4.nknlabs.io/assets/0.fd715bb4c90d19661ecd.css
Protocol: HTTP/1.1
Server: 52.90.145.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-90-145-42.compute-1.amazonaws.com
Software: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4 /
Resource Hash: 5d4fd63067f6aea29beae6f790d8c942b3b330f5aa40f6fdc471de1d87fc67df

Request headers

Referer: http://52-90-145-42.ipv4.nknlabs.io/assets/0.fd715bb4c90d19661ecd.css
Origin: http://52-90-145-42.ipv4.nknlabs.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 14:50:48 GMT
Last-Modified: Sun, 27 Mar 2022 22:38:48 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4
ETag: "12b-5db3adbfb675f"
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 299

GET
H/1.1 200
OK 746a4f241e03deffc59b08c5650cf458.html
52-90-145-42.ipv4.nknlabs.io/assets/ 299 B
607 B 100ms
100ms Font
text/html 52.90.145.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://52-90-145-42.ipv4.nknlabs.io/assets/746a4f241e03deffc59b08c5650cf458.html
Requested by: Host: 52-90-145-42.ipv4.nknlabs.io
URL: http://52-90-145-42.ipv4.nknlabs.io/assets/0.fd715bb4c90d19661ecd.css
Protocol: HTTP/1.1
Server: 52.90.145.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-90-145-42.compute-1.amazonaws.com
Software: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4 /
Resource Hash: 5d4fd63067f6aea29beae6f790d8c942b3b330f5aa40f6fdc471de1d87fc67df

Request headers

Referer: http://52-90-145-42.ipv4.nknlabs.io/assets/0.fd715bb4c90d19661ecd.css
Origin: http://52-90-145-42.ipv4.nknlabs.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 14:50:48 GMT
Last-Modified: Sun, 27 Mar 2022 22:38:48 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4
ETag: "12b-5db3adbfb7ae9"
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 299

GET
H/1.1 200
OK 88055567e3d928bcb1e67e967081572e.html
52-90-145-42.ipv4.nknlabs.io/assets/ 299 B
607 B 101ms
101ms Font
text/html 52.90.145.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://52-90-145-42.ipv4.nknlabs.io/assets/88055567e3d928bcb1e67e967081572e.html
Requested by: Host: 52-90-145-42.ipv4.nknlabs.io
URL: http://52-90-145-42.ipv4.nknlabs.io/assets/0.fd715bb4c90d19661ecd.css
Protocol: HTTP/1.1
Server: 52.90.145.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-90-145-42.compute-1.amazonaws.com
Software: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4 /
Resource Hash: 5d4fd63067f6aea29beae6f790d8c942b3b330f5aa40f6fdc471de1d87fc67df

Request headers

Referer: http://52-90-145-42.ipv4.nknlabs.io/assets/0.fd715bb4c90d19661ecd.css
Origin: http://52-90-145-42.ipv4.nknlabs.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 14:50:48 GMT
Last-Modified: Sun, 27 Mar 2022 22:38:48 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4
ETag: "12b-5db3adbfb7318"
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 299

GET
H/1.1 200
OK 8e12fb4f14d9c4592eb8ec9f22337b04.html
52-90-145-42.ipv4.nknlabs.io/assets/ 299 B
607 B 100ms
100ms Font
text/html 52.90.145.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://52-90-145-42.ipv4.nknlabs.io/assets/8e12fb4f14d9c4592eb8ec9f22337b04.html
Requested by: Host: 52-90-145-42.ipv4.nknlabs.io
URL: http://52-90-145-42.ipv4.nknlabs.io/assets/0.fd715bb4c90d19661ecd.css
Protocol: HTTP/1.1
Server: 52.90.145.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-90-145-42.compute-1.amazonaws.com
Software: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4 /
Resource Hash: 5d4fd63067f6aea29beae6f790d8c942b3b330f5aa40f6fdc471de1d87fc67df

Request headers

Referer: http://52-90-145-42.ipv4.nknlabs.io/assets/0.fd715bb4c90d19661ecd.css
Origin: http://52-90-145-42.ipv4.nknlabs.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 14:50:48 GMT
Last-Modified: Sun, 27 Mar 2022 22:38:48 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4
ETag: "12b-5db3adbfb4fed"
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 299

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Discord (Instant Messenger)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

22 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://52-90-145-42.ipv4.nknlabs.io/ Message: Failed to decode downloaded font: http://52-90-145-42.ipv4.nknlabs.io/assets/be0060dafb7a0e31d2a1ca17c0708636.html
other	warning	URL: http://52-90-145-42.ipv4.nknlabs.io/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://52-90-145-42.ipv4.nknlabs.io/ Message: Failed to decode downloaded font: http://52-90-145-42.ipv4.nknlabs.io/assets/3bdef1251a424500c1b3a78dea9b7e57.html
other	warning	URL: http://52-90-145-42.ipv4.nknlabs.io/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://52-90-145-42.ipv4.nknlabs.io/ Message: Failed to decode downloaded font: http://52-90-145-42.ipv4.nknlabs.io/assets/ae7c84783ad48b6d1c8e2bfbe707e0d4.html
other	warning	URL: http://52-90-145-42.ipv4.nknlabs.io/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://52-90-145-42.ipv4.nknlabs.io/ Message: Failed to decode downloaded font: http://52-90-145-42.ipv4.nknlabs.io/assets/e8acd7d9bf6207f99350ca9f9e23b168.html
other	warning	URL: http://52-90-145-42.ipv4.nknlabs.io/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://52-90-145-42.ipv4.nknlabs.io/ Message: Failed to decode downloaded font: http://52-90-145-42.ipv4.nknlabs.io/assets/1cce82154216dc3cb04a84d011ce1201.html
other	warning	URL: http://52-90-145-42.ipv4.nknlabs.io/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://52-90-145-42.ipv4.nknlabs.io/ Message: Failed to decode downloaded font: http://52-90-145-42.ipv4.nknlabs.io/assets/e215f61cbbc2e49cea6121e0d2679aa2.html
other	warning	URL: http://52-90-145-42.ipv4.nknlabs.io/ Message: OTS parsing error: invalid sfntVersion: 1008813135
network	error	URL: http://52-90-145-42.ipv4.nknlabs.io/connect.facebook.net/en_US/fbevents.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://52-90-145-42.ipv4.nknlabs.io/www.googletagmanager.com/gtm5445.html?id=GTM-N7BVC2W&gtm_auth=GI0g9O-54_SitcgmxQKxlA&gtm_preview=env-2&gtm_cookies_win=x Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: http://52-90-145-42.ipv4.nknlabs.io/ Message: Failed to decode downloaded font: http://52-90-145-42.ipv4.nknlabs.io/assets/92e32db984c8577d8b81548b43b9c061.html
other	warning	URL: http://52-90-145-42.ipv4.nknlabs.io/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://52-90-145-42.ipv4.nknlabs.io/ Message: Failed to decode downloaded font: http://52-90-145-42.ipv4.nknlabs.io/assets/746a4f241e03deffc59b08c5650cf458.html
other	warning	URL: http://52-90-145-42.ipv4.nknlabs.io/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://52-90-145-42.ipv4.nknlabs.io/ Message: Failed to decode downloaded font: http://52-90-145-42.ipv4.nknlabs.io/assets/88055567e3d928bcb1e67e967081572e.html
other	warning	URL: http://52-90-145-42.ipv4.nknlabs.io/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://52-90-145-42.ipv4.nknlabs.io/ Message: Failed to decode downloaded font: http://52-90-145-42.ipv4.nknlabs.io/assets/8e12fb4f14d9c4592eb8ec9f22337b04.html
other	warning	URL: http://52-90-145-42.ipv4.nknlabs.io/ Message: OTS parsing error: invalid sfntVersion: 1008813135

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

52-90-145-42.ipv4.nknlabs.io
fonts.googleapis.com
2a00:1450:4001:811::200a
52.90.145.42
09e8915452402bab391a71efe6a5cf955403caeaef0a673c65b84511b6d93840
34141e9a95e611f7ba839276d4fbcf27228af1a3a903c2724098fab7df60d447
472580df0fe70ff63b5ea69ef222a5dcbadfe84bc863817593fccb086696bc55
5d4fd63067f6aea29beae6f790d8c942b3b330f5aa40f6fdc471de1d87fc67df
7aa50681c56cdcf980c72ea951005d8abf2d962ab9b180950436a426aa9225a7
83804d5ab9a3a557db6ebf23efe6fdee2b536f19383f4d2d3c4abf3b63ebf223
9b895456804f07e7fce5906edccf55e6df896e6a7dae05192b04661bf453c1c2
d35ae468c649895c5d202fef7df7b136002f993d4816b47e49653d7c1764f949
e5d5284e778466ff3cec71bf016f248e81047facf07748ff844ef0d831b98bff

52-90-145-42.ipv4.nknlabs.io Open in urlscan Pro 52.90.145.42 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

22 Requests

5 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

9724 kBTransfer

9719 kBSize

0 Cookies

10 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

13 JavaScript Global Variables

0 Cookies

22 Console Messages

Indicators

52-90-145-42.ipv4.nknlabs.io Open in urlscan Pro
52.90.145.42 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

5 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

9724 kB
Transfer

9719 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!