| | 92.204.133.142 | 200 OK | 146 B |
URL User Request GET HTTP/2IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typeHTML document, ASCII text Hash6a0fb20ef80d3e33f8f131429ee2f4d8 e71f2e4b796111bf9757fe120a882ef1fe016b9d e94c6b1af67f3e7d4e44ece228108165efaae10a572af23489e7dde7f38cbdfd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://92.204.133.142/
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: https://www.swreg.org
Date: Thu, 18 Apr 2024 11:36:29 GMT
Content-Length: 146
|
|
| | 92.204.133.142 | 200 OK | 23 kB |
URL User Request GET HTTP/2IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typeHTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hashf3ae57fa613042569bee47f2364a38af 305ebed5f401d3e07bb878c42fa116124f1cb178 687a3c9c0caf9d7a3cb8f45f8a4b8b70012a008c7573f280ab41a92100b0d35d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 23427
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/css/font-icons.css | 92.204.133.142 | 200 OK | 53 kB |
URL GET HTTP/292.204.133.142/css/font-icons.css IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
Hashc8a26a6daec2301ebf6e8dbbc4dfbed0 f59ec53a3dbf033d5482c2b9162e7ec3a98a65e9 39f3f0e75114d42699b963a3c8204a85ce4fe3ec32942e5226ba9717b885a338
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/font-icons.css HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: text/css
last-modified: Tue, 25 Oct 2016 03:02:01 GMT
accept-ranges: bytes
etag: "801a6286c2ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 53335
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/css/dark.css | 92.204.133.142 | 200 OK | 64 kB |
URL GET HTTP/292.204.133.142/css/dark.css IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typeASCII text, with CRLF line terminators Hashac1a97fbc284481bb454ab29ef7aa878 792d58939b937ad6bdd6d12d4ca3a5d2d009b05c b86ffc9378c4e0100f71f456b7a32d3bc981b41e97fa9fd2d9dbc2298f323efa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/dark.css HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: text/css
last-modified: Tue, 10 Jan 2017 01:32:09 GMT
accept-ranges: bytes
etag: "80f2f25be16ad21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 63745
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/css/magnific-popup.css | 92.204.133.142 | 200 OK | 8.7 kB |
URL GET HTTP/292.204.133.142/css/magnific-popup.css IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
Hash42e41fb7cb3dfea5f0b109e1acfb4232 a62a29e13fff1f5d4627c8c003dea1130f4a4367 c0359a11481ad731b95da24cbab56389f914995f5475a407507a51f2c10d3542
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/magnific-popup.css HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: text/css
last-modified: Tue, 25 Oct 2016 03:01:46 GMT
accept-ranges: bytes
etag: "049151f6c2ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 8729
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/css/bootstrap.css | 92.204.133.142 | 200 OK | 158 kB |
URL GET HTTP/292.204.133.142/css/bootstrap.css IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typeASCII text, with very long lines (540), with CRLF line terminators Size158 kB (158006 bytes) Hash30d7024d9e89627484bda86cdda09108 2c9c6cc505a0e35e1437d2347e7fa3300738c12b 2c5d2f131e75cbdfaba97306fdf868fe139d991a9fbca44fb41dd75383c170bb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/bootstrap.css HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: text/css
last-modified: Wed, 06 Sep 2017 22:45:08 GMT
accept-ranges: bytes
etag: "0b21bca6127d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 158006
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/css/animate.css | 92.204.133.142 | 200 OK | 78 kB |
URL GET HTTP/292.204.133.142/css/animate.css IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typeUnicode text, UTF-8 (with BOM) text Hashff17c246f26a91e56bf3a09a63f71d6d f5afa6782e3e28d27545f4108581e809c1f6b24e 67ea22ad919fea6c523531f188a637750fbce8c0335599aa78ea633bbceca2d1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/animate.css HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: text/css
last-modified: Tue, 25 Oct 2016 03:01:00 GMT
accept-ranges: bytes
etag: "03eaa36c2ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 78141
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/css/responsive.css | 92.204.133.142 | 200 OK | 54 kB |
URL GET HTTP/292.204.133.142/css/responsive.css IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typeASCII text, with very long lines (437), with CRLF line terminators Hash6a4e88bb435438e592cfa812a0e27c2f 89d5723125e231ef36f0238cb327af8e74f12c68 3ae8f86ae9797bc9063cb0ce4762c4922eeba10da3df5eb8929b7cf2139883e3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/responsive.css HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: text/css
last-modified: Tue, 25 Oct 2016 03:18:45 GMT
accept-ranges: bytes
etag: "8058747e6e2ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 54459
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/cadzation_res/font-awesome.css | 92.204.133.142 | 200 OK | 36 kB |
URL GET HTTP/292.204.133.142/cadzation_res/font-awesome.css IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (412), with CRLF line terminators Hash57144939e53c9da99091034cc7720154 fa4c66b9dc68dffe2e1cf832854ece48ddd0b1ae 662e767870c41944803ab701dff96ca60a7be3f66ba649a904303f06affcfcbd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cadzation_res/font-awesome.css HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: text/css
last-modified: Fri, 17 Jun 2016 20:59:22 GMT
accept-ranges: bytes
etag: "0715c1fdbc8d11:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 36429
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/style-cadzation.css | 92.204.133.142 | 200 OK | 7.6 kB |
URL GET HTTP/292.204.133.142/style-cadzation.css IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typeASCII text, with very long lines (7623), with CRLF line terminators Hashde782e55c320892ce185b624a1a85d21 7effb5a68cf4d7a1b94ad97d3f783db97a803d1a 3912668ee6be6c131190e0b0e36f1391f27c5aa10eed38ffa54d329c6a11f51a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /style-cadzation.css HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/css
last-modified: Thu, 03 Nov 2016 04:08:51 GMT
accept-ranges: bytes
etag: "804be3fb8735d21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 7625
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/cadzation_img/logo.png | 92.204.133.142 | 200 OK | 3.4 kB |
URL GET HTTP/292.204.133.142/cadzation_img/logo.png IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typePNG image data, 250 x 100, 8-bit colormap, non-interlaced Hashfb7a1ec1ea74df94a182b197c7ce8114 a7c8c5820ce05b3f6767e13c972dd581fd0d6b7a b1de32b3f8a0a62e63d0cef8f521da7046eb1c74ac63b4c17457b28ced1a7534
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cadzation_img/logo.png HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/png
last-modified: Tue, 25 Oct 2016 09:28:16 GMT
accept-ranges: bytes
etag: "078661da22ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 3395
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/cadzation_img/logo@2x.png | 92.204.133.142 | 200 OK | 4.9 kB |
URL GET HTTP/292.204.133.142/cadzation_img/logo@2x.png IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typePNG image data, 500 x 200, 8-bit colormap, non-interlaced Hash67dbeb72057f2cc31420b8499dd585d3 75eaf9b2b597de690cd64b70625bef84586ca733 0a0605de476212ac00cce1c22377eb8af606e387131ef929296584688ec17c39
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cadzation_img/logo@2x.png HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/png
last-modified: Tue, 25 Oct 2016 09:28:16 GMT
accept-ranges: bytes
etag: "078661da22ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 4949
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/cadzation_img/recentnews.png | 92.204.133.142 | 200 OK | 12 kB |
URL GET HTTP/292.204.133.142/cadzation_img/recentnews.png IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typePNG image data, 93 x 60, 8-bit/color RGBA, non-interlaced Hash08837702e86930203c0774b67774f1cd 65bd773ca6d684a80c114e53b8bd6b0a4d9940c1 672a9b24e4f34f50b5ca12252f542d4ab3ca4537fab9a9ed7fe502ccd2656596
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cadzation_img/recentnews.png HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/png
last-modified: Tue, 21 Mar 2017 16:55:54 GMT
accept-ranges: bytes
etag: "049bd064a2d21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 12031
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/cadzation_img/linesmerge.png | 92.204.133.142 | 200 OK | 181 B |
URL GET HTTP/292.204.133.142/cadzation_img/linesmerge.png IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typePNG image data, 62 x 62, 4-bit colormap, non-interlaced Hashd2d3bc56f8c1b909a13ddad1e77f61f5 f8c7019762dbbc4febef19e0fa02cc1d997800e1 cbf3947bf42774bce1920d30cd0df51c465bdfef21607a87b0aa93fea8f6453c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cadzation_img/linesmerge.png HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/png
last-modified: Tue, 25 Oct 2016 09:28:16 GMT
accept-ranges: bytes
etag: "078661da22ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 181
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/cadzation_img/logo-dark@200x40.png | 92.204.133.142 | 200 OK | 2.8 kB |
URL GET HTTP/292.204.133.142/cadzation_img/logo-dark@200x40.png IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typePNG image data, 200 x 40, 8-bit colormap, non-interlaced Hash1fab83522632f9f0512e3216f08a0396 bf9ae885908641914f5d846b1d58e440ebdcca7d 4f62c793c48c3e90df225f794293b002c05771a74d632e0b9f3be6d8a44c3ac2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cadzation_img/logo-dark@200x40.png HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/png
last-modified: Tue, 25 Oct 2016 09:28:16 GMT
accept-ranges: bytes
etag: "078661da22ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 2788
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/style.css | 92.204.133.142 | 200 OK | 212 kB |
IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size212 kB (211991 bytes) Hash78fdccbaeb7f04258531f48409d10508 281ad8c8e0a892fdb187ec5293370078be22ba0f 248be906a871f0d782801c6c7f47af8801bc1cac2d365d6337496c94d9063bf9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /style.css HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/css
last-modified: Thu, 21 Jan 2021 19:18:28 GMT
accept-ranges: bytes
etag: "09a77322af0d61:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 211991
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/cadzation_img/acroplotsuite_750x500.jpg | 92.204.133.142 | 200 OK | 70 kB |
URL GET HTTP/292.204.133.142/cadzation_img/acroplotsuite_750x500.jpg IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x667, components 3 Hash630f1235aab4fd9f0dfb6e76290684ac 5f816db5c86847dea418c529d140c3f9ea28f183 1711904238f7810aa65b14339b081b7be350a630a4110d3389f11b5d94c60c9f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cadzation_img/acroplotsuite_750x500.jpg HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/jpeg
last-modified: Tue, 25 Oct 2016 09:27:14 GMT
accept-ranges: bytes
etag: "0572f8a12ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 69849
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/cadzation_img/acroplotauto_750x500.jpg | 92.204.133.142 | 200 OK | 49 kB |
URL GET HTTP/292.204.133.142/cadzation_img/acroplotauto_750x500.jpg IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x666, components 3 Hash7940c87cacca48b6f25fbe9ca0cbe3bc 778788ec0600aa6bab025601bf240f9648d796b0 54be4bfc517184e37f57516c29e974c37bbd9ca3c4bf7597c3d1f3ece104f468
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cadzation_img/acroplotauto_750x500.jpg HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/jpeg
last-modified: Tue, 25 Oct 2016 09:27:14 GMT
accept-ranges: bytes
etag: "0572f8a12ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 49269
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/cadzation_img/acroplotrepro_750x500.jpg | 92.204.133.142 | 200 OK | 68 kB |
URL GET HTTP/292.204.133.142/cadzation_img/acroplotrepro_750x500.jpg IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x667, components 3 Hash9adca9f0db9c5ae8363a0368647be4dc 1c267f835a56cf485e45b6c4a45f67fdfb0ea9e4 2141bd1983a2038bb6113d589aef3b8c8a82f5bd5a91324c3f7dd149dd4c2a9c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cadzation_img/acroplotrepro_750x500.jpg HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/jpeg
last-modified: Tue, 25 Oct 2016 09:27:12 GMT
accept-ranges: bytes
etag: "0d840f7a12ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 68195
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/cadzation_img/Adsk_ADN_AuthorizedD_M_Wht.png | 92.204.133.142 | 200 OK | 1.2 kB |
URL GET HTTP/292.204.133.142/cadzation_img/Adsk_ADN_AuthorizedD_M_Wht.png IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typePNG image data, 145 x 35, 8-bit colormap, non-interlaced Hashe577277f6c305b86e376ddc0d99d8698 7d035bda700253770e40554b3dacc2f4c35868a7 bbb6ce4ce600ab6c7464d0d3b97b6dd4691f5db567cdbce7bc9bfd73f069e97e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cadzation_img/Adsk_ADN_AuthorizedD_M_Wht.png HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/png
last-modified: Tue, 25 Oct 2016 09:28:16 GMT
accept-ranges: bytes
etag: "078661da22ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 1191
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/js/jquery.js | 92.204.133.142 | 200 OK | 96 kB |
URL GET HTTP/292.204.133.142/js/jquery.js IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typeJavaScript source, ASCII text, with very long lines (65451), with CRLF line terminators Hashcdce6651c76bcdd9ed88e4c28b076730 a75e1d1015f3ec7ea87e94926bb2f01a3421dcc4 9801c1c9ecc18a5361fbb2188614518c84837fd23cdcc5dafde214c7efc5ba61
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/jquery.js HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: application/javascript
last-modified: Wed, 06 Sep 2017 22:26:51 GMT
accept-ranges: bytes
etag: "80c73e3c5f27d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 95954
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/js/functions.js | 92.204.133.142 | 200 OK | 127 kB |
URL GET HTTP/292.204.133.142/js/functions.js IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typeJavaScript source, ASCII text, with very long lines (491), with CRLF line terminators Size127 kB (126684 bytes) Hash78a300d8b03609f68cef1b5c73e3d7c9 b5fa3b2e98423461d5f2546b3b0edb09f0677a9b 9a664866023704ea6d63e3e16b33ee6bfc563f54fb2cf802771770d1088fdf88
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/functions.js HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: application/javascript
last-modified: Fri, 17 Jun 2016 19:38:46 GMT
accept-ranges: bytes
etag: "067e1dccfc8d11:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 126684
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/js/plugins.js | 92.204.133.142 | 200 OK | 562 kB |
URL GET HTTP/292.204.133.142/js/plugins.js IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (23754), with CRLF line terminators Size562 kB (561893 bytes) Hashd3c8ea5d089906bafb94e41d55637bbb 0e740e0f7fa4fcbe42ea56b7bdb6966bf9e12e72 42142711b7b7e9b1f59aee53e3498757a12d1a5687c497a64ef8c0ac0ec846b3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/plugins.js HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: application/javascript
last-modified: Fri, 17 Jun 2016 19:38:46 GMT
accept-ranges: bytes
etag: "067e1dccfc8d11:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 561893
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/cadzation_img/acroplotsuite_1920x1080.jpg | 92.204.133.142 | 200 OK | 249 kB |
URL GET HTTP/292.204.133.142/cadzation_img/acroplotsuite_1920x1080.jpg IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2560x1440, components 3 Size249 kB (248566 bytes) Hashd93d532a09adfab2f41edac431ab4271 3cde4f465f122f073b621484bed296128d1337d8 7d37c5d41b4b49671d3e0091d31d3439cf66d32cb1846c0de52e45a7b7a412d4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cadzation_img/acroplotsuite_1920x1080.jpg HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/style-cadzation.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/jpeg
last-modified: Tue, 25 Oct 2016 09:27:14 GMT
accept-ranges: bytes
etag: "0572f8a12ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 248566
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/images/icons/iconalt.svg | 92.204.133.142 | 200 OK | 312 B |
URL GET HTTP/292.204.133.142/images/icons/iconalt.svg IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typeSVG Scalable Vector Graphics image Hasha58e730537997f3cdc49ae3ea1878ca5 af30ad370fd7232d44d69b5a9f613d75fa32f417 361017d06db35a5760aca46eb1d07db22ea1b3389c1ce52ee5e21973dc67a307
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/icons/iconalt.svg HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/svg+xml
last-modified: Wed, 12 Mar 2014 23:57:24 GMT
accept-ranges: bytes
etag: "04a4bd04e3ecf1:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 312
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/css/fonts/font-icons.woff | 92.204.133.142 | 200 OK | 180 kB |
URL GET HTTP/292.204.133.142/css/fonts/font-icons.woff IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typeWeb Open Font Format, CFF, length 179736, version 1.0 Size180 kB (179736 bytes) Hash49d544be262deb157694b7501e3283b8 3ca362bc7f39ff6648bccce71a65dd4372c916b4 13de66596d19798ffdcad167e0913ab7afddc5ad944f669242dbeb87814843d4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/fonts/font-icons.woff HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/css/font-icons.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: font/x-woff
last-modified: Fri, 17 Jun 2016 19:38:26 GMT
accept-ranges: bytes
etag: "0a5f5d0cfc8d11:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:33 GMT
content-length: 179736
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.131 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.131:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://92.204.133.142
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 185521
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/spinnaker/v19/w8gYH2oyX-I0_rvR6HmX23YK.woff2 | 142.250.74.131 | 200 OK | 10 kB |
URL GET HTTP/2fonts.gstatic.com/s/spinnaker/v19/w8gYH2oyX-I0_rvR6HmX23YK.woff2 IP142.250.74.131:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 10480, version 1.0 Hash384f7f79a88734e8c84556ae756e5fcc ccbaacd081ae44135b38435c235486aada5d4e49 30fed205471d2e627b18975eb3276714519ba417be9fa25be5d4e2b3efcede8c
GET /s/spinnaker/v19/w8gYH2oyX-I0_rvR6HmX23YK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://92.204.133.142
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10480
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:16:42 GMT
expires: Fri, 18 Apr 2025 03:16:42 GMT
cache-control: public, max-age=31536000
age: 29991
last-modified: Thu, 24 Aug 2023 21:53:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 | 142.250.74.131 | 200 OK | 33 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP142.250.74.131:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 33092, version 1.0 Hash057478083c1d55ea0c2182b24f6dd72f caf557cd276a76992084efc4c8857b66791a6b7f bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://92.204.133.142
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 02:14:58 GMT
expires: Wed, 16 Apr 2025 02:14:58 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
age: 206495
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.131 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.131:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://92.204.133.142
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 185521
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/images/preloader-dark.gif | 92.204.133.142 | 200 OK | 2.2 kB |
URL GET HTTP/292.204.133.142/images/preloader-dark.gif IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typeGIF image data, version 89a, 24 x 24 Hash69522f0d3bc89c43483f1d9d1f966a2b 11376f4639851e7969107d2128abbcba6435bf03 815b0caef99b4fe4e2ed6377732fabe05af8b9c377febb22a19c56f68c52a1dd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/preloader-dark.gif HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/css/dark.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/gif
last-modified: Thu, 29 Jan 2015 21:21:08 GMT
accept-ranges: bytes
etag: "07a307f93cd01:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:33 GMT
content-length: 2165
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/cadzation_img/logo-dark.png | 92.204.133.142 | 200 OK | 3.3 kB |
URL GET HTTP/292.204.133.142/cadzation_img/logo-dark.png IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typePNG image data, 250 x 100, 8-bit colormap, non-interlaced Hash7fe5afec6ec5a9c15524d32ee6043a10 752f9aaf979ff770f4c8ca2e478881b97f5160e5 3cb0a0faa76706e782ccf6f2081b6f12dcac6de42b6c181958a826eacd33215f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cadzation_img/logo-dark.png HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/png
last-modified: Tue, 25 Oct 2016 09:28:16 GMT
accept-ranges: bytes
etag: "078661da22ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:33 GMT
content-length: 3282
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/cadzation_img/logo-dark@2x.png | 92.204.133.142 | 200 OK | 4.9 kB |
URL GET HTTP/292.204.133.142/cadzation_img/logo-dark@2x.png IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typePNG image data, 500 x 200, 8-bit colormap, non-interlaced Hash3d0c6356d232f50d66eb28ce61cad299 943bdff4574699022f28dfbe7172d40d177f58f0 7c49a0fd3ab102357ea248d85c9d5812dfd3c54e636aeef5093afe44dae4873c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cadzation_img/logo-dark@2x.png HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/png
last-modified: Tue, 25 Oct 2016 09:28:16 GMT
accept-ranges: bytes
etag: "078661da22ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:33 GMT
content-length: 4941
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 | 142.250.74.131 | 200 OK | 33 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP142.250.74.131:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 33092, version 1.0 Hash057478083c1d55ea0c2182b24f6dd72f caf557cd276a76992084efc4c8857b66791a6b7f bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://92.204.133.142
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 02:14:58 GMT
expires: Wed, 16 Apr 2025 02:14:58 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
age: 206495
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 92.204.133.142/cadzation_img/favicon.ico | 92.204.133.142 | 200 OK | 24 kB |
URL GET HTTP/292.204.133.142/cadzation_img/favicon.ico IP92.204.133.142:443 ASN#398108 GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectcadzation.com FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT
File typeMS Windows icon resource - 7 icons, 48x48, 8 bits/pixel, 32x32, 8 bits/pixel Hash4c2c401fcb37bb87e530db1438d6ffb6 ca8091ad362d911a41e47e80fb01ce6bb8ebf490 a10f661f8593b86f17d010fdcd2590f4956c8dccd4e7878a8c3a7789be499e9a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cadzation_img/favicon.ico HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/x-icon
last-modified: Tue, 24 Sep 2013 12:14:38 GMT
accept-ranges: bytes
etag: "08b96a31fb9ce1:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:33 GMT
content-length: 24238
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans:400,700 | 216.58.207.234 | 200 OK | 11 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Open+Sans:400,700 IP216.58.207.234:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (1572) Hashb69c29c8c917c014d6f4b79752d8ce0b 71a580b2e8792ba930815bcca3bda73e7715ca3f 5cccc465f4c8cdcec789a0b28846823f18646206351bc9ff794f1aec7f58f5b0
GET /css?family=Open+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 11:36:32 GMT
date: Thu, 18 Apr 2024 11:36:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Lato:300,400,400italic,600,700|Raleway:300,400,500,600,700|Crete+Round:400italic | 216.58.207.234 | 200 OK | 12 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Lato:300,400,400italic,600,700|Raleway:300,400,500,600,700|Crete+Round:400italic IP216.58.207.234:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hash8763d474cd4128c60efae40cd6ea9171 80e6a9893ef04440d2a653af0880750774070519 0e1677d661fe9267bb8f8ae5cb269eabbb2915a32436a63491febd945c55f8a9
GET /css?family=Lato:300,400,400italic,600,700|Raleway:300,400,500,600,700|Crete+Round:400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 11:36:32 GMT
date: Thu, 18 Apr 2024 11:36:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Spinnaker:400,700 | 216.58.207.234 | 200 OK | 750 B |
URL GET HTTP/2fonts.googleapis.com/css?family=Spinnaker:400,700 IP216.58.207.234:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (766), with no line terminators Hash0c80f4b640198c0207cf85f539c5540a eb30f7a1d1f6ab2235221cc5e6e122079a390548 dc6774faa4e18e13a860ea065be7abddb8f12e3d16ed0293f577682181013d20
GET /css?family=Spinnaker:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 11:36:32 GMT
date: Thu, 18 Apr 2024 11:36:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Montserrat:400,700 | 216.58.207.234 | 200 OK | 3.4 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Montserrat:400,700 IP216.58.207.234:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (3520), with no line terminators Hash33cc8247adb15606dc2a75a81f4437bf 0640197a8569aa0d5fd4fa3e665058602cc58534 6ac4d9219bcf5a755e4bbb88b9049421a6cf4e65a409ecf8278614d0b7abc5f0
GET /css?family=Montserrat:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 11:36:32 GMT
date: Thu, 18 Apr 2024 11:36:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Libre+Franklin:400,700 | 216.58.207.234 | 200 OK | 2.4 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Libre+Franklin:400,700 IP216.58.207.234:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (2400), with no line terminators Hashb1871c40e64cf158e3da80245a1db414 e10f62275a10c1d24dfd3642fefd780e1d47b8b6 d05f070a9d33d146164b646df043f277801c8578ae7dc27ec7b56918bece8ddd
GET /css?family=Libre+Franklin:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 11:36:32 GMT
date: Thu, 18 Apr 2024 11:36:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|