104.194.158.12
Open in
urlscan Pro
104.194.158.12
Public Scan
Effective URL: http://104.194.158.12/login
Submission Tags: @phish_report
Submission: On September 15 via api from FI — Scanned from FI
Summary
This is the only time 104.194.158.12 was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 10 | 104.194.158.12 104.194.158.12 | 14956 (ROUTERHOS...) (ROUTERHOSTING) | |
4 | 2400:52e0:1e0... 2400:52e0:1e00::1079:1 | 60068 (CDN77 _) (CDN77 _) | |
13 | 2 |
ASN14956 (ROUTERHOSTING, US)
PTR: 12.158.194.104.static.cloudzy.com
104.194.158.12 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
bunny.net
fonts.bunny.net — Cisco Umbrella Rank: 10850 |
37 KB |
13 | 1 |
Domain | Requested by | |
---|---|---|
4 | fonts.bunny.net |
104.194.158.12
fonts.bunny.net |
13 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
fonts.bunny.net R11 |
2024-08-19 - 2024-11-17 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://104.194.158.12/login
Frame ID: DA1034D2A8174A55798CCFEA542B0F62
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
Log in - bananaPage URL History Show full URLs
-
http://104.194.158.12/demo
HTTP 307
https://104.194.158.12/demo HTTP 307
http://104.194.158.12/demo HTTP 302
http://104.194.158.12/login Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://104.194.158.12/demo
HTTP 307
https://104.194.158.12/demo HTTP 307
http://104.194.158.12/demo HTTP 302
http://104.194.158.12/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login
104.194.158.12/ Redirect Chain
|
22 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app-H3YzuvaM.css
104.194.158.12/build/assets/ |
46 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app-Bmt-Zwg6.js
104.194.158.12/build/assets/ |
252 KB 85 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Login-W8XmenoX.js
104.194.158.12/build/assets/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GuestLayout-D88M_Tdj.js
104.194.158.12/build/assets/ |
533 B 682 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
TextInput-CiKJPpRd.js
104.194.158.12/build/assets/ |
613 B 710 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
InputLabel-BOKwdP_h.js
104.194.158.12/build/assets/ |
224 B 533 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PrimaryButton-Co-q9fl7.js
104.194.158.12/build/assets/ |
636 B 713 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ApplicationLogo-CApVo4LN.js
104.194.158.12/build/assets/ |
152 B 493 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.bunny.net/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
figtree-latin-500-normal.woff2
fonts.bunny.net/figtree/files/ |
11 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
figtree-latin-400-normal.woff2
fonts.bunny.net/figtree/files/ |
11 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
figtree-latin-600-normal.woff2
fonts.bunny.net/figtree/files/ |
11 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| route function| axios2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
104.194.158.12/ | Name: XSRF-TOKEN Value: eyJpdiI6IkJwUXRIYVNyWGdOZ2sxeGJUc2E3ZHc9PSIsInZhbHVlIjoiSFdmS0NqQ2tvcWRBNzJLeUV5OU90QSs0aE8wdGZieElRSXhNVDFaRkFWNHhka1B6dDFGZUp6UXVWSVZqeDdWK1NOeDYrNUtDNGVJMXpNYlNVR2hPTGxxdFdiQU5ycGNrRm5Tc0lZU1hOYmo4V0dGZ2JFTFF2RVM1V01tZk8xMGIiLCJtYWMiOiI3ZTZhMDY1NjIyY2VlYmEyZWJmYmEwYzdkYjlkOGQ2ODAzM2QzODNlNDNhZDliODUyZWZkMzg1OGE3ZGM3YWUwIiwidGFnIjoiIn0%3D |
|
104.194.158.12/ | Name: banana_session Value: eyJpdiI6IkVFMHhCK3REcWY3TDh3eGR5Y09IbFE9PSIsInZhbHVlIjoiK0hIclh1YVNoWUU3b0s2QWxpbzl0c3dxRFdDSkR4T3NYa3ZvNlNqK3ZlMVNxL1JPNVlaY0wxckNKOHF4VjZObUZSNUpXVnUyN2hSVENsV3U2SnZVd1c3ajBIL3czTEhkV2l2OGRuTjNsbVdyWjUxS01OVXo3enV3SXJsbVQ4STUiLCJtYWMiOiI1Y2IxMzA4OGMxZjFmZmNlMjgwY2QyN2JmNjE5Y2IyNzViNjBmZTc5ZTcxODA3MzgxMzQ0MzgwNDBiNmNmNDYyIiwidGFnIjoiIn0%3D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.bunny.net
104.194.158.12
2400:52e0:1e00::1079:1
0ae52e4bd77c3fc50dad8de596fb5171a67686c94771023a92396810d946e45c
28056b616fa64a4e60d59b503e3b5824713aef583f19f8000889f4557daf8701
377f18cefe8b5edb97d2c12dc55024771d7b93037997b872083e59db77bb0423
68a672ca99ef4eaa642d689724e3b97b5915353486f863f592761e7f5b005835
6bb15b2794673fdf34d6cb3967ef43fc455b0cfc45edb8b60c771ad059ebdc8e
71f5a51cae509e69b054fac558a4922011b094193030a97653ab273d78bb2ac9
7417122e9b7f408cd614cac2645db5455d6368c594b418c4aa6d1239f4972026
80f262452330131819f4f0b9a12276c8ed09f27967df8f8f568a448ae7dd3cbc
88cf1ed01311a63534583abadd583ce08205459f538958f2f1cd8403450b844a
893ffc324eaae01eefacca4f82c17bdc067b4c0a8be26b832d404fafc6fbc0d2
9b97ee0e7558c56cfdcaee19f4876b519968721ebc139769c3209c34f8a34eed
addffecee543a201504a235520f2d3f5b732bc5c170c3b95d44381215fc20a6d
e9b3ad3a08afc4cd00dc2fbcee48f32aede0832f5db073ac43fb2d22c5b626e1