| |  64.227.122.85 | 200 OK | 178 B |
URL User Request GET HTTP/2IP64.227.122.85:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectapi.urlquery.net Fingerprint36:ED:B2:E2:66:55:68:8D:64:5C:F2:DD:19:25:7D:BE:CE:3D:CC:C1 ValidityWed, 01 May 2024 03:05:10 GMT - Tue, 30 Jul 2024 03:05:09 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashbd2695f4b079c71dbddde3436286fb9c 733c05da132193d6cf1d8e242d12e2525c03bab4 2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 64.227.122.85
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 08 May 2024 06:05:00 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://64.227.122.85/
|
|
| cdn.jsdelivr.net/npm/@fancyapps/ui@5.0/dist/fancybox/fancybox.umd.js |  104.18.186.31 | 200 OK | 45 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/@fancyapps/ui@5.0/dist/fancybox/fancybox.umd.js IP104.18.186.31:443
CertificateIssuerSectigo Limited Subject*.jsdelivr.net Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash0cb6b36bc12b1753e10d64eacb992fab 2dbee8e916c97fdceab2894629fa2240cff0573b 862504070144a4b17a0e507cb065e52a8e243d9e3a522e2a1a9774beb5643a6e
GET /npm/@fancyapps/ui@5.0/dist/fancybox/fancybox.umd.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://64.227.122.85/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 06:05:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 44571
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.0.36
x-jsd-version-type: version
etag: W/"22c19-Lb7o6RbJf9zqsolGKfoiQM/wVzs"
content-encoding: br
x-served-by: cache-fra-etou8220130-FRA, cache-lga21935-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 17183
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t%2FMw52DanI8TaKUFOGSuWnyd%2BxJZBvyi9zJ%2FS3MA846Eczn1o7wS1kgSEdDdJcA26X5xb2wGt1DN8poZguWuucBrK05iF1S3ujJvSFSBXxAcISbcJg2HJVHQJ9z66JeYxok%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8807417a0d8456c3-OSL
X-Firefox-Spdy: h2
|
|
| 64.227.122.85/static/images/flags/NO.png | 64.227.122.85 | 200 OK | 540 B |
URL GET HTTP/264.227.122.85/static/images/flags/NO.png IP64.227.122.85:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectapi.urlquery.net Fingerprint36:ED:B2:E2:66:55:68:8D:64:5C:F2:DD:19:25:7D:BE:CE:3D:CC:C1 ValidityWed, 01 May 2024 03:05:10 GMT - Tue, 30 Jul 2024 03:05:09 GMT
File typePNG image data, 16 x 11, 8-bit/color RGB, non-interlaced Hash559ce5baaee373db8da150a5066c1062 ee80e5f63c986d04f46bff10f639113c88107ced f8dc302371c809ebda3e9183c606264601f8dd851d2b1878fd25f0f6abe2988c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /static/images/flags/NO.png HTTP/1.1
Host: 64.227.122.85
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://64.227.122.85/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:05:02 GMT
content-type: image/png
content-length: 540
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
expires: Mon, 13 May 2024 06:05:02 GMT
cache-control: max-age=432000, public, no-transform
X-Firefox-Spdy: h2
|
|
| 64.227.122.85/static/images/flags/US.png | 64.227.122.85 | 200 OK | 637 B |
URL GET HTTP/264.227.122.85/static/images/flags/US.png IP64.227.122.85:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectapi.urlquery.net Fingerprint36:ED:B2:E2:66:55:68:8D:64:5C:F2:DD:19:25:7D:BE:CE:3D:CC:C1 ValidityWed, 01 May 2024 03:05:10 GMT - Tue, 30 Jul 2024 03:05:09 GMT
File typePNG image data, 16 x 11, 8-bit/color RGB, non-interlaced Hash968591e0050981be9fa94bd2597afb48 dd9e149e2b5ad59dd8b4b262f5fdeb5cc10ecf43 36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /static/images/flags/US.png HTTP/1.1
Host: 64.227.122.85
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://64.227.122.85/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:05:02 GMT
content-type: image/png
content-length: 637
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
expires: Mon, 13 May 2024 06:05:02 GMT
cache-control: max-age=432000, public, no-transform
X-Firefox-Spdy: h2
|
|
| 64.227.122.85/static/images/flags/NL.png | 64.227.122.85 | 200 OK | 481 B |
URL GET HTTP/264.227.122.85/static/images/flags/NL.png IP64.227.122.85:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectapi.urlquery.net Fingerprint36:ED:B2:E2:66:55:68:8D:64:5C:F2:DD:19:25:7D:BE:CE:3D:CC:C1 ValidityWed, 01 May 2024 03:05:10 GMT - Tue, 30 Jul 2024 03:05:09 GMT
File typePNG image data, 16 x 11, 8-bit/color RGB, non-interlaced Hash6186550ebc77b1c51cd3ae37e78c33c1 622ec95e782d65a5115921b1788b7fc3e97d90ef 1546928846ee0a8377fd30865d4c43cef501eba7d775d494b98d1ce699627a4a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /static/images/flags/NL.png HTTP/1.1
Host: 64.227.122.85
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://64.227.122.85/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:05:02 GMT
content-type: image/png
content-length: 481
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
expires: Mon, 13 May 2024 06:05:02 GMT
cache-control: max-age=432000, public, no-transform
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/@fancyapps/ui@5.0/dist/fancybox/fancybox.css | 104.18.186.31 | 200 OK | 5.6 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/@fancyapps/ui@5.0/dist/fancybox/fancybox.css IP104.18.186.31:443
CertificateIssuerSectigo Limited Subject*.jsdelivr.net Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File typeASCII text, with very long lines (25343), with no line terminators Hash6273cfb7c536e571916509ef02d26aa5 82269e38f05f2221dac05e27069718c211f16041 cccf165ed1b87949fb74a28d313ba8599b9bfbe56749f68ea40ffc3c97ef4c1a
GET /npm/@fancyapps/ui@5.0/dist/fancybox/fancybox.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://64.227.122.85/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 06:05:02 GMT
content-type: text/css; charset=utf-8
content-length: 5627
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.0.36
x-jsd-version-type: version
etag: W/"62ff-giaeOPBfIiHawF4nBpcYwhHxYEE"
content-encoding: br
x-served-by: cache-fra-eddf8230077-FRA, cache-lga21965-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 17183
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NC9HaM849WhsOng15KumrstibtOTV%2FTzb%2Bd4tfFnDb8qkN47oBMroDFlQItnL4hoMm8h6ULFdPVN2443Jz9bxqT6JFCQhyuD2A%2BitwNMcV5PMbdklvfhe1HBy1xNa79G%2FmM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8807417a4dbd56c3-OSL
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/htmx.org@1.9.4/dist/htmx.min.js | 104.18.186.31 | 200 OK | 15 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/htmx.org@1.9.4/dist/htmx.min.js IP104.18.186.31:443
CertificateIssuerSectigo Limited Subject*.jsdelivr.net Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (44307), with no line terminators Hash484d377093d8ab3c878ecf43c6837e20 09e9ba373bf91dba8b4b4061a1acaf06d3d117e1 5c88af44013df62fde8a5e4fdf524d8a16834a28b1d15e34ae0994ac27cd4c7e
GET /npm/htmx.org@1.9.4/dist/htmx.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://64.227.122.85
DNT: 1
Connection: keep-alive
Referer: https://64.227.122.85/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 06:05:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 15391
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.9.4
x-jsd-version-type: version
etag: W/"ad13-Cem6Nzv5HbqLS0BhoayvBtPRF+E"
content-encoding: br
x-served-by: cache-fra-etou8220027-FRA, cache-lga21933-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 146513
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JnKwM%2Bwn86x0LMuqc9bQIkethMOrgwDWMWl7Cv%2BlOeumxj9Y5rMiNdUwEKUhIwkgTTJ8cDnT1CVdDKCwIR2F7ZCLCjZIyLew1LckF8mOp2YUsxw4Ck6ALbpRnkIFyx4ShTA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8807417a6934712e-OSL
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/highlight.js/11.9.0/languages/http.min.js | 104.17.25.14 | 200 OK | 443 B |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/highlight.js/11.9.0/languages/http.min.js IP104.17.25.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash0e52f41d35330b6fb0006aa35861d2a5 400cb497128007fba47e9eddbaa95c8b276bb20a fc86f0ebfcf92f1ed6db4619b0996f58d4f00938295a786a7803d5fa1770bab1
GET /ajax/libs/highlight.js/11.9.0/languages/http.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://64.227.122.85/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 06:05:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 443
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6523913a-1bb"
last-modified: Mon, 09 Oct 2023 05:35:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 653899
expires: Mon, 28 Apr 2025 06:05:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ddWmnSj%2FvPU%2BQLofuT2qRe8dAO%2Fae%2Bv5ixubDFJFOsHSssnOnEoBtAQDAapJWB8x3PtVHqmtPU93pjsMO3O6lNs5G%2FG7FgLnB53Pbzkn6DY2iqW3dFfSrn8UuSdLzHeTmZssGNLZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8807417a6c21b529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 64.227.122.85/static/images/flags/GB.png | 64.227.122.85 | 200 OK | 627 B |
URL GET HTTP/264.227.122.85/static/images/flags/GB.png IP64.227.122.85:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectapi.urlquery.net Fingerprint36:ED:B2:E2:66:55:68:8D:64:5C:F2:DD:19:25:7D:BE:CE:3D:CC:C1 ValidityWed, 01 May 2024 03:05:10 GMT - Tue, 30 Jul 2024 03:05:09 GMT
File typePNG image data, 16 x 11, 8-bit/color RGB, non-interlaced Hash0894999b108830afc0733ee7b6e08310 a98ec259c5e198fffb3116e4cf950e2d8b695880 5d72c5a8bef80fca6f99f476e15ec95ce2d5e5f65c6dab9ee8e56348be0d39fc
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /static/images/flags/GB.png HTTP/1.1
Host: 64.227.122.85
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://64.227.122.85/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:05:02 GMT
content-type: image/png
content-length: 627
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
expires: Mon, 13 May 2024 06:05:02 GMT
cache-control: max-age=432000, public, no-transform
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/highlight.js/11.9.0/highlight.min.js | 104.17.25.14 | 200 OK | 36 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/highlight.js/11.9.0/highlight.min.js IP104.17.25.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (7910) Hash1ba1ea897d65b202b5450f6e55d043ef 0f2dc760b670bb0e8f0ec3d054536852ac1829d0 837a6fa5b0c736b52bbde2b2b6190f305da3fc9ed41681db5321507057b5c846
GET /ajax/libs/highlight.js/11.9.0/highlight.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://64.227.122.85/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 06:05:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 35973
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6523913a-8c85"
last-modified: Mon, 09 Oct 2023 05:35:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 654319
expires: Mon, 28 Apr 2025 06:05:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cpfwRcUASI8GclmxrKvV8f8IkBfyAaaUolsqPhrFOCjQJl9AvLN4jwnLU%2B8Qbj2EOVR2Kul65rqCMFfsBqMdS05x4bR9xAGtgvu8cHe38aokjw9jtAe%2FsKdgikeWo9KjPxLMVFqc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8807417a6c23b529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 64.227.122.85/static/images/flags/VN.png | 64.227.122.85 | 200 OK | 502 B |
URL GET HTTP/264.227.122.85/static/images/flags/VN.png IP64.227.122.85:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectapi.urlquery.net Fingerprint36:ED:B2:E2:66:55:68:8D:64:5C:F2:DD:19:25:7D:BE:CE:3D:CC:C1 ValidityWed, 01 May 2024 03:05:10 GMT - Tue, 30 Jul 2024 03:05:09 GMT
File typePNG image data, 16 x 11, 8-bit/color RGB, non-interlaced Hash638136b1a6f5dab7be6cec84fcc2cd53 c4e3637f2de0741c3a365d14a7d1f0873198e167 d05aa8078604f4560d99aacf12c80e400651e4ef9b0860b3ad478c2d8b08e36d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /static/images/flags/VN.png HTTP/1.1
Host: 64.227.122.85
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://64.227.122.85/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:05:02 GMT
content-type: image/png
content-length: 502
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
expires: Mon, 13 May 2024 06:05:02 GMT
cache-control: max-age=432000, public, no-transform
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/flowbite/1.7.0/flowbite.min.js | 104.17.25.14 | 200 OK | 12 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/flowbite/1.7.0/flowbite.min.js IP104.17.25.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (64079) Hash0b639ebc4d0144d8fe0a984d936de580 20c08e5f02c94f8927baacef7fbbdfd13e4dfe5e abc58a610000f7ffdf6ac500284b5f185899d321db121854af644b85056a407c
GET /ajax/libs/flowbite/1.7.0/flowbite.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://64.227.122.85/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 06:05:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 12295
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64a42099-3007"
last-modified: Tue, 04 Jul 2023 13:37:29 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 637229
expires: Mon, 28 Apr 2025 06:05:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kCjbvS0ggHs2bBXckght%2FP0sy1pGQ%2B0KJdhTWMvzvlJNqVdFnkjiD34K%2BSbu6FJjrjRL9Xc6GQzRdBZBl2%2FUOgR%2B4cj5r90QLf%2FG%2BC8bmCgdDGtx1yj%2B%2B0PRt7Qq73ys5W%2FhORAM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8807417a7c47b529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 64.227.122.85/static/images/flags/JP.png | 64.227.122.85 | 200 OK | 448 B |
URL GET HTTP/264.227.122.85/static/images/flags/JP.png IP64.227.122.85:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectapi.urlquery.net Fingerprint36:ED:B2:E2:66:55:68:8D:64:5C:F2:DD:19:25:7D:BE:CE:3D:CC:C1 ValidityWed, 01 May 2024 03:05:10 GMT - Tue, 30 Jul 2024 03:05:09 GMT
File typePNG image data, 16 x 11, 8-bit/color RGB, non-interlaced Hash10958397bc7c25c746e6e122365c003c 3c5b175471d77c6e813a140c6859bca53952d9d3 5efce88ac7228ea159bcf7fd1cc56d73c19428394218706524bac0e9151d4c61
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /static/images/flags/JP.png HTTP/1.1
Host: 64.227.122.85
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://64.227.122.85/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:05:02 GMT
content-type: image/png
content-length: 448
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
expires: Mon, 13 May 2024 06:05:02 GMT
cache-control: max-age=432000, public, no-transform
X-Firefox-Spdy: h2
|
|
| 64.227.122.85/static/images/flags/zz.png | 64.227.122.85 | 200 OK | 499 B |
URL GET HTTP/264.227.122.85/static/images/flags/zz.png IP64.227.122.85:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectapi.urlquery.net Fingerprint36:ED:B2:E2:66:55:68:8D:64:5C:F2:DD:19:25:7D:BE:CE:3D:CC:C1 ValidityWed, 01 May 2024 03:05:10 GMT - Tue, 30 Jul 2024 03:05:09 GMT
File typePNG image data, 16 x 11, 8-bit/color RGBA, non-interlaced Hashda8d2176c7277d7dbf80d12db4f63266 4f99e45031e7d636ef6ace4bd14754a02d09bd00 4553c108184afc6949877bd03942da4070c900031a1042a05b7ba1a63f25857c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /static/images/flags/zz.png HTTP/1.1
Host: 64.227.122.85
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://64.227.122.85/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:05:02 GMT
content-type: image/png
content-length: 499
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
expires: Mon, 13 May 2024 06:05:02 GMT
cache-control: max-age=432000, public, no-transform
X-Firefox-Spdy: h2
|
|
| 64.227.122.85/static/images/flags/RU.png | 64.227.122.85 | 200 OK | 448 B |
URL GET HTTP/264.227.122.85/static/images/flags/RU.png IP64.227.122.85:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectapi.urlquery.net Fingerprint36:ED:B2:E2:66:55:68:8D:64:5C:F2:DD:19:25:7D:BE:CE:3D:CC:C1 ValidityWed, 01 May 2024 03:05:10 GMT - Tue, 30 Jul 2024 03:05:09 GMT
File typePNG image data, 16 x 11, 8-bit/color RGB, non-interlaced Hash0d31ef75adef220e73f0cb93a84a7422 24b172c54d4691a8862403c73624f6b0bf23fc09 c6e9489e25e7854a58db93acc5a91b3cc023d33a70c4931dce8d2ef2868b5e94
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /static/images/flags/RU.png HTTP/1.1
Host: 64.227.122.85
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://64.227.122.85/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:05:02 GMT
content-type: image/png
content-length: 448
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
expires: Mon, 13 May 2024 06:05:02 GMT
cache-control: max-age=432000, public, no-transform
X-Firefox-Spdy: h2
|
|
| 64.227.122.85/static/javascript/main.js | 64.227.122.85 | 200 OK | 1.3 kB |
URL GET HTTP/264.227.122.85/static/javascript/main.js IP64.227.122.85:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectapi.urlquery.net Fingerprint36:ED:B2:E2:66:55:68:8D:64:5C:F2:DD:19:25:7D:BE:CE:3D:CC:C1 ValidityWed, 01 May 2024 03:05:10 GMT - Tue, 30 Jul 2024 03:05:09 GMT
File typeJavaScript source, ASCII text Hashdd82549124f2377e0d131daf66f981ec e35d32d6f90a3db03aaf6e484dee864de894a3ac e5f462e8692faf2a703ef39f172674bdef56dd54b6001a7abedb3e10fb5ad751
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /static/javascript/main.js HTTP/1.1
Host: 64.227.122.85
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://64.227.122.85/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:05:02 GMT
content-type: text/javascript; charset=utf-8
content-length: 1275
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
expires: Mon, 13 May 2024 06:05:02 GMT
cache-control: max-age=432000, public, no-transform
X-Firefox-Spdy: h2
|
|
| 64.227.122.85/static/css/main.css | 64.227.122.85 | 200 OK | 1.1 kB |
URL GET HTTP/264.227.122.85/static/css/main.css IP64.227.122.85:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectapi.urlquery.net Fingerprint36:ED:B2:E2:66:55:68:8D:64:5C:F2:DD:19:25:7D:BE:CE:3D:CC:C1 ValidityWed, 01 May 2024 03:05:10 GMT - Tue, 30 Jul 2024 03:05:09 GMT
File typeassembler source, ASCII text Hasha9515922ceded799510f746a07563fe9 5ccb06ea7f35ebad41c6d72d62dc6b4d7991e24e 9396ed2829ef43cf175d663b90cf9ab307b1b028aa5667aa59a2b0753adefd07
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /static/css/main.css HTTP/1.1
Host: 64.227.122.85
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://64.227.122.85/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:05:02 GMT
content-type: text/css; charset=utf-8
content-length: 1148
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
expires: Mon, 13 May 2024 06:05:02 GMT
cache-control: max-age=432000, public, no-transform
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.7.0.slim.min.js |  151.101.130.137 | 200 OK | 24 kB |
URL GET HTTP/2code.jquery.com/jquery-3.7.0.slim.min.js IP151.101.130.137:443
CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65241) Hash1ced6014a269eb745c97f6b1dd099a5f a9b71bbb3d1e9177365b5632b792199f71b3d9de b46e6671952d26c66fc8a03160b557ae68ca0552dde95a5571cab3febe32a451
GET /jquery-3.7.0.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://64.227.122.85
DNT: 1
Connection: keep-alive
Referer: https://64.227.122.85/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-11231"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 08 May 2024 06:05:02 GMT
age: 2845476
x-served-by: cache-lga21962-LGA, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 448, 2934
x-timer: S1715148303.570009,VS0,VE0
vary: Accept-Encoding
content-length: 24009
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-V7JCPCMYLL | 142.250.74.168 | 200 OK | 99 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-V7JCPCMYLL IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash9bb22e7134665c9c46eab6c7ace57d19 9c10f2d9a4864c13d82b94d9bb6fc9b51edc3def 1152f7fc7f581e70299cfcdda1296511a0b97dc22910e505c071ecf01de70f0b
GET /gtag/js?id=G-V7JCPCMYLL HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://64.227.122.85/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 06:05:02 GMT
expires: Wed, 08 May 2024 06:05:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 98666
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| unpkg.com/htmx.org/dist/ext/morphdom-swap.js | 104.17.248.203 | 302 Found | 539 B |
URL GET HTTP/2unpkg.com/htmx.org/dist/ext/morphdom-swap.js IP104.17.248.203:443
CertificateIssuerGoogle Trust Services LLC Subjectunpkg.com Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3 ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT
File typeASCII text, with no line terminators Hashe83ff9ec0ab7100f56095340fe236fd3 cea02e07cb93134e8f547e744260c326b895a05f 12c8dee884e66d418073789a62abe1dd5080b448771b0bf2c6634e5517f7f0ec
GET /htmx.org/dist/ext/morphdom-swap.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://64.227.122.85/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 08 May 2024 06:05:02 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /htmx.org@1.9.12/dist/ext/morphdom-swap.js
vary: Accept, Accept-Encoding
content-encoding: br
via: 1.1 fly.io
fly-request-id: 01HXBCWA6ZZ02HRQDQY7TA3N54-arn
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8807417ad8b90b59-OSL
X-Firefox-Spdy: h2
|
|
| cdn.tailwindcss.com/ | 172.67.41.16 | 302 Found | 122 kB |
IP172.67.41.16:443
CertificateIssuerCloudflare, Inc. Subjecttailwindcss.com Fingerprint5F:87:FB:92:D4:93:DA:09:E3:5B:EF:92:CE:2F:47:18:3A:8A:C7:49 ValidityTue, 07 Nov 2023 00:00:00 GMT - Tue, 05 Nov 2024 23:59:59 GMT
Size122 kB (122339 bytes) Hash4f043870347a791a67108409a5fb4470 742ba7d4d469399178491be1350751fcee7061f1 4945d5b7d6f97425576e7cc4d28af720d462dfbc6996feceecf25fc8d8c04579
GET / HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://64.227.122.85/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 08 May 2024 06:05:02 GMT
cache-control: max-age=14400
location: /3.4.3
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::c89m2-1715147600293-859fd7df4ef6
cf-cache-status: HIT
age: 457
vary: Accept-Encoding
server: cloudflare
cf-ray: 8807417aeec856b5-OSL
X-Firefox-Spdy: h2
|
|
| cdn.tailwindcss.com/3.4.3 | 172.67.41.16 | 200 OK | 366 kB |
URL GET HTTP/2cdn.tailwindcss.com/3.4.3 IP172.67.41.16:443
CertificateIssuerCloudflare, Inc. Subjecttailwindcss.com Fingerprint5F:87:FB:92:D4:93:DA:09:E3:5B:EF:92:CE:2F:47:18:3A:8A:C7:49 ValidityTue, 07 Nov 2023 00:00:00 GMT - Tue, 05 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (52292) Size366 kB (365681 bytes) Hash4bdcdace639cc6c0f08a15c295482172 6fa7ad6e87d8b19bff7e2bd0becf87d87d57be31 d2c35bf03246b0634bb22cbdc74962c8368e5e13b656e7f3cc10029da79d2e5c
GET /3.4.3 HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://64.227.122.85/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 06:05:02 GMT
content-type: text/javascript
cache-control: max-age=31536000
content-encoding: br
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::rn74h-1711569125689-ef02b3caf33b
last-modified: Wed, 27 Mar 2024 19:52:06 GMT
cf-cache-status: HIT
age: 640390
vary: Accept-Encoding
server: cloudflare
cf-ray: 8807417cb89f56b5-OSL
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/tailwindcss@2.2.19/dist/tailwind.min.css | 104.18.186.31 | 200 OK | 2.9 MB |
URL GET HTTP/2cdn.jsdelivr.net/npm/tailwindcss@2.2.19/dist/tailwind.min.css IP104.18.186.31:443
CertificateIssuerSectigo Limited Subject*.jsdelivr.net Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
Size2.9 MB (2934019 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npm/tailwindcss@2.2.19/dist/tailwind.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://64.227.122.85/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 06:05:02 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 2.2.19
x-jsd-version-type: version
etag: W/"2cc503-cyTPK4s7rX9aC3Y3NNaHIxjV1fQ"
x-served-by: cache-fra-eddf8230029-FRA, cache-lga21966-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 146513
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BIai7AkU9C57ufXcGOrXZjQvtduqFJ9AdbDkmusjAFzzRxpUgatOJhyVe0RslfklOQc3RSGfgMAn3DrqXIt6IHbFG4DymEILNNgwZCkJStgvdhyIhd5zuphgRV2OPFDiOkQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88074179fd8156c3-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| 64.227.122.85/static/images/urlquery.png | 64.227.122.85 | 200 OK | 16 kB |
URL GET HTTP/264.227.122.85/static/images/urlquery.png IP64.227.122.85:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectapi.urlquery.net Fingerprint36:ED:B2:E2:66:55:68:8D:64:5C:F2:DD:19:25:7D:BE:CE:3D:CC:C1 ValidityWed, 01 May 2024 03:05:10 GMT - Tue, 30 Jul 2024 03:05:09 GMT
File typePNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced Hashebf392b3c9dd380ef62b3d966c73603b a432558de6098a9894a57cc4e982126b9736062e deb8c2b1cc48bd920ddcc05e6328de6d5e0873d11102f1d61262f9f2558ef550
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /static/images/urlquery.png HTTP/1.1
Host: 64.227.122.85
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://64.227.122.85/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:05:02 GMT
content-type: image/png
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
expires: Mon, 13 May 2024 06:05:02 GMT
cache-control: max-age=432000, public, no-transform
X-Firefox-Spdy: h2
|
|
| 64.227.122.85/static/images/favicon.ico | 64.227.122.85 | 200 OK | 16 kB |
URL GET HTTP/264.227.122.85/static/images/favicon.ico IP64.227.122.85:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectapi.urlquery.net Fingerprint36:ED:B2:E2:66:55:68:8D:64:5C:F2:DD:19:25:7D:BE:CE:3D:CC:C1 ValidityWed, 01 May 2024 03:05:10 GMT - Tue, 30 Jul 2024 03:05:09 GMT
File typePNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced Hashebf392b3c9dd380ef62b3d966c73603b a432558de6098a9894a57cc4e982126b9736062e deb8c2b1cc48bd920ddcc05e6328de6d5e0873d11102f1d61262f9f2558ef550
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /static/images/favicon.ico HTTP/1.1
Host: 64.227.122.85
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://64.227.122.85/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:05:03 GMT
content-type: image/png
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
expires: Mon, 13 May 2024 06:05:03 GMT
cache-control: max-age=432000, public, no-transform
X-Firefox-Spdy: h2
|
|
| unpkg.com/htmx.org@1.9.12/dist/ext/morphdom-swap.js | 104.17.248.203 | 200 OK | 629 B |
URL GET HTTP/2unpkg.com/htmx.org@1.9.12/dist/ext/morphdom-swap.js IP104.17.248.203:443
CertificateIssuerGoogle Trust Services LLC Subjectunpkg.com Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3 ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT
File typeASCII text, with very long lines (646), with no line terminators Hashdc0ec869a3f01d6636b077d9e21ac3dd c6450e5e10988c5f088eb52633c0aca2f6099450 facb35d37cc8a6fbd64fc85783373e4170427a845186a66f91fcbb3fe10f43ca
GET /htmx.org@1.9.12/dist/ext/morphdom-swap.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://64.227.122.85/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 06:05:02 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "275-JlJzoI/y55/Jgba5b7x/e5dqSjs"
via: 1.1 fly.io
fly-request-id: 01HWRF6BYY59WGJDXP4ZBMJ9QR-arn
cf-cache-status: HIT
age: 635107
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8807417cca0a0b59-OSL
X-Firefox-Spdy: h2
|
|