Report - robinhoodlogiin-us.ukit.me/

Report Overview

Submitted URL
robinhoodlogiin-us.ukit.me/
IP
185.129.100.126
ASN
#57724 Ddos-guard Ltd
Submitted
2022-09-19 06:51:05
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
52

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	5.6 kB	142.250.74.3
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.215.91.121
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	45 kB	34.120.237.76
robinhoodlogiin-us.ukit.me	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	20 kB	160 kB	185.129.100.126
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	325 B	1.6 kB	143.204.55.36
ocsp.usertrust.com	899	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	330 B	1.0 kB	172.64.155.188
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	345 kB	142.250.74.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-19	medium	ukit.me	Sinkholed
2022-09-19	medium	ukit.me	Sinkholed
2022-09-19	medium	ukit.me	Sinkholed
2022-09-19	medium	ukit.me	Sinkholed
2022-09-19	medium	ukit.me	Sinkholed
2022-09-19	medium	ukit.me	Sinkholed
2022-09-19	medium	ukit.me	Sinkholed
2022-09-19	medium	ukit.me	Sinkholed
2022-09-19	medium	ukit.me	Sinkholed
2022-09-19	medium	ukit.me	Sinkholed
2022-09-19	medium	ukit.me	Sinkholed
2022-09-19	medium	ukit.me	Sinkholed
2022-09-19	medium	ukit.me	Sinkholed
2022-09-19	medium	ukit.me	Sinkholed
2022-09-19	medium	ukit.me	Sinkholed
2022-09-19	medium	ukit.me	Sinkholed
2022-09-19	medium	ukit.me	Sinkholed
2022-09-19	medium	ukit.me	Sinkholed
2022-09-19	medium	ukit.me	Sinkholed
2022-09-19	medium	ukit.me	Sinkholed
2022-09-19	medium	ukit.me	Sinkholed
2022-09-19	medium	ukit.me	Sinkholed
2022-09-19	medium	ukit.me	Sinkholed
2022-09-19	medium	ukit.me	Sinkholed
2022-09-19	medium	ukit.me	Sinkholed
2022-09-19	medium	ukit.me	Sinkholed

JavaScript (24)

	URL	Size	First Seen	Last Seen
	robinhoodlogiin-us.ukit.me/	106 kB	2023-03-07	2023-03-07
Pretty URL robinhoodlogiin-us.ukit.me/ IP 185.129.100.126 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:40:10 Last Seen2023-03-07 18:40:10 Times Seen1 Hash 098727d168fa1c5d647e73dc82b6dc69 d62ebb7e73f15a2a7680d0953b2e3261906e8d67 0e3514dc6e1fa5c5d9e648d4e148fd0fcb271c6db4daee8efc5493ab9a40570b Loading...

	robinhoodlogiin-us.ukit.me/js/ulib/viewportObserver.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234	23 kB	2023-03-07	2023-03-07
Pretty URL robinhoodlogiin-us.ukit.me/js/ulib/viewportObserver.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 IP 185.129.100.126 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:40:10 Last Seen2023-03-07 18:40:10 Times Seen1 Hash 8f48b7b3d25bfedb07093f1fae145e53 014c058ec950c9ae2a900d89a5789e9f6aa4cd92 553c1efc189f376f101cd45c7707eb9ebf2127d4f424f4bbf4d2a072bdb9a716 Loading...

	robinhoodlogiin-us.ukit.me/	36 B	2023-03-07	2024-04-16
Pretty URL robinhoodlogiin-us.ukit.me/ IP 185.129.100.126 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:44 Last Seen2024-04-16 19:38:28 Times Seen54 Hash bc7dba7982c7743571f85761a805adc7 8ae09100d53818abb0801e564494e38087e61287 e61f62ba98ba7d1ce9065bdbec9bc8ffee48ae385815080353d5ab8575544d48 Loading...

	robinhoodlogiin-us.ukit.me/js/lib/requirejs.min.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234	15 kB	2023-03-07	2024-04-18
Pretty URL robinhoodlogiin-us.ukit.me/js/lib/requirejs.min.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 IP 185.129.100.126 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:44 Last Seen2024-04-18 08:48:26 Times Seen474 Hash 36a1fa5a5ed5536889d0e25d473b108e 8c2236f5c3c85ce942dc6fa85e2af674856e2296 2fa19f6b3c28f9c731ff02b27efc3dedde8c2f71e95521c0aec2cbe12de16405 Loading...

	robinhoodlogiin-us.ukit.me/js/ulib/performance.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234	23 kB	2023-03-07	2023-03-07
Pretty URL robinhoodlogiin-us.ukit.me/js/ulib/performance.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 IP 185.129.100.126 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:40:11 Last Seen2023-03-07 18:40:11 Times Seen1 Hash 205c265cacffd358cad369d816ff222b f2537590de0f83eb498416505d7476f80a0d0601 07c033004235a8f559a919a7759e74cb2ff58c22aa0ede85bc6ee4a7973f6ae0 Loading...

	robinhoodlogiin-us.ukit.me/	790 B	2023-03-07	2023-03-07
Pretty URL robinhoodlogiin-us.ukit.me/ IP 185.129.100.126 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:40:11 Last Seen2023-03-07 18:40:11 Times Seen1 Hash e51774cf73b8fa2c11be5e76ef35e5c3 06cff60620b40b663fab9321fa4a382c0a996d96 67452a940ad1c98a0739cf085ca6e73bb15a5702547d94e6de580e09376b270f Loading...

	robinhoodlogiin-us.ukit.me/	398 B	2023-03-07	2023-03-07
Pretty URL robinhoodlogiin-us.ukit.me/ IP 185.129.100.126 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:40:11 Last Seen2023-03-07 18:40:11 Times Seen1 Hash 4460507691a6d928530735022e60a34b b5af7357890615c3008aa3ec020106a4c9206ae0 053323f6cb9b5c9da4e335bbc027a3455b0ba9fe1f7c86614f031776a82a7da6 Loading...

	robinhoodlogiin-us.ukit.me/js/lib/modernizr-webp.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234	6.0 kB	2023-03-07	2023-03-07
Pretty URL robinhoodlogiin-us.ukit.me/js/lib/modernizr-webp.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 IP 185.129.100.126 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:40:11 Last Seen2023-03-07 18:40:11 Times Seen1 Hash 0a2ab17af2708c6fd17d20993143d291 05df5a31dba7814b934a1367a40fb6de644597f3 1a77c67f2fadc19c0524f8636027bf4e3111128ed62cf032c1a8e4b52513e5c4 Loading...

	robinhoodlogiin-us.ukit.me/	1.4 kB	2023-03-07	2023-03-07
Pretty URL robinhoodlogiin-us.ukit.me/ IP 185.129.100.126 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:40:11 Last Seen2023-03-07 18:40:11 Times Seen1 Hash 31dd52272becba7634d4886440e918f7 ca2e293a7f0409f0e6e68103c34c8ae303b2590b 476a94d18c6d3347080f8485349c2ab5dd01560fa39494ac358e4a72fac90efd Loading...

	robinhoodlogiin-us.ukit.me/	730 B	2023-03-07	2024-04-16
Pretty URL robinhoodlogiin-us.ukit.me/ IP 185.129.100.126 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:44 Last Seen2024-04-16 19:38:29 Times Seen37 Hash de804d5826ac58304fd3052df4a81bd8 96ca32ac4df5bb5d1ab8982841cf63de0b5840ea 2342b9863ffffef78dc354abe15f414919f025f1597bcce42cf0ce077e342967 Loading...

	robinhoodlogiin-us.ukit.me/	1.3 kB	2023-03-07	2023-11-27
Pretty URL robinhoodlogiin-us.ukit.me/ IP 185.129.100.126 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:44 Last Seen2023-11-27 22:24:17 Times Seen23 Hash 8ad073d8aaa99c8980074de6f2817bf4 24129217b659a0f5f239925e13e0518a5e0552dd 43d3040faecc69a8a9f862a6d9819792b7234872bb4dd9c9a8bdc196a238532e Loading...

	robinhoodlogiin-us.ukit.me/js/lib/cssrelpreload.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234	32 kB	2023-03-07	2023-03-07
Pretty URL robinhoodlogiin-us.ukit.me/js/lib/cssrelpreload.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 IP 185.129.100.126 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:40:11 Last Seen2023-03-07 18:40:11 Times Seen1 Hash b0ffed58f39272a607b10a1afa68d75a e0df664959b113f6c4c6278dab7aedfee5c4892d 281537d91bd935c1b4aafa7d87f392cb8aacfad0bdc53a875f5df0c5dd8bad3a Loading...

	robinhoodlogiin-us.ukit.me/js/ulib/ulErrorHandler.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234	30 kB	2023-03-07	2023-03-07
Pretty URL robinhoodlogiin-us.ukit.me/js/ulib/ulErrorHandler.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 IP 185.129.100.126 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:40:11 Last Seen2023-03-07 18:40:11 Times Seen1 Hash 2ed42f25857c04888959d805d68870cd e7115e4fab747b62ce9f872723ee0c6ad682e8f1 f2e5122a5f6c6fc71e5172670e6ee69ae391481e22762b0d6fb351f61569e42a Loading...

	robinhoodlogiin-us.ukit.me/js/ulib/scroll-animation.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234	8.5 kB	2023-03-07	2023-03-07
Pretty URL robinhoodlogiin-us.ukit.me/js/ulib/scroll-animation.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 IP 185.129.100.126 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:40:11 Last Seen2023-03-07 18:40:11 Times Seen1 Hash 88c899560ec295a952e814e502b8ab78 a3d033fd92a66ab91ca3ac492355473c1154d527 3a37e34b73e9b3d100c934e02b494238c5d8a7ef385b33ae9012e4a95a0ef886 Loading...

	robinhoodlogiin-us.ukit.me/js/ulib/eventDispatcher.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234	35 kB	2023-03-07	2023-03-07
Pretty URL robinhoodlogiin-us.ukit.me/js/ulib/eventDispatcher.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 IP 185.129.100.126 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:40:11 Last Seen2023-03-07 18:40:11 Times Seen1 Hash 0b1caf1e1c8b56005af214fcb0b8d630 67eaa39fd086c14fbb89773828a380c766a74620 4df574b5e89097ac92ae7bee4a84b4c2f10ad6d01af4da42062a110e71194293 Loading...

	robinhoodlogiin-us.ukit.me/js/lib/jquery-2.1.0.min.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234	84 kB	2023-03-07	2024-04-16
Pretty URL robinhoodlogiin-us.ukit.me/js/lib/jquery-2.1.0.min.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 IP 185.129.100.126 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:44 Last Seen2024-04-16 19:38:29 Times Seen170 Hash ed9cc403240d6bb8795d9dab787bb992 a7505476a2af3a88f0745b4a772ba44052ab6b2c 82c0e95421976376332a5c09dda6ad817660a852770f73f70992b47b6c49faaf Loading...

	robinhoodlogiin-us.ukit.me/js/lib/error-stack-parser.min.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234	4.7 kB	2023-03-07	2024-04-16
Pretty URL robinhoodlogiin-us.ukit.me/js/lib/error-stack-parser.min.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 IP 185.129.100.126 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:44 Last Seen2024-04-16 19:38:29 Times Seen83 Hash 120beee18caf6652e4bc1837488c0265 e2cba6bb53b9b4254ee61d65ba4cfcaeeef8fcd5 c23785796f4d4692c656777ba12b495c9b4431e757b50799e708431f03c16e89 Loading...

	robinhoodlogiin-us.ukit.me/js/ulib/backgroundBlockColor.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234	21 kB	2023-03-07	2023-03-07
Pretty URL robinhoodlogiin-us.ukit.me/js/ulib/backgroundBlockColor.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 IP 185.129.100.126 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:40:11 Last Seen2023-03-07 18:40:11 Times Seen1 Hash 4504f5baf874e2f0864e022149526fcd 78249736fac5ec6115396a88f7e38abad0dcf400 60ba2d0f221c6aedec5b6793d0bcf00244be5615a692d775889f853dc510f7b1 Loading...

	robinhoodlogiin-us.ukit.me/js/ulib/critical.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234	7.3 kB	2023-03-07	2023-03-07
Pretty URL robinhoodlogiin-us.ukit.me/js/ulib/critical.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 IP 185.129.100.126 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:40:11 Last Seen2023-03-07 18:40:11 Times Seen1 Hash f702e5065216c179af16a3459f618291 f74c538c0b1d2f124f4d8e1c0a944f34919d9a78 a83f9a4183c08df468c933f5d52766b74c3344d6b6728815ec6c82c0a29fa80c Loading...

	robinhoodlogiin-us.ukit.me/	91 B	2023-03-07	2023-03-07
Pretty URL robinhoodlogiin-us.ukit.me/ IP 185.129.100.126 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:40:11 Last Seen2023-03-07 18:40:11 Times Seen1 Hash 202183d91689df64134cb2780d8566ca ceaecc191e63639423f8a41cb8fc93c8120b57fe a238f84a496718f4d8399fcc0de34681fe4778b87b3aeb83d3f50c77254045df Loading...

	robinhoodlogiin-us.ukit.me/	61 B	2023-03-07	2024-02-23
Pretty URL robinhoodlogiin-us.ukit.me/ IP 185.129.100.126 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:40:11 Last Seen2024-02-23 11:48:16 Times Seen2 Hash c9a90a2c825805b502c080cb9588660a 60dc5995b561c05149de22ef23a0f77779b1a574 9ca1835e5f177711aca9b4d48388fe3bb4bfd7c4407c0ea3dd5882ceebcd473f Loading...

	robinhoodlogiin-us.ukit.me/	1.2 kB	2023-03-07	2023-03-07
Pretty URL robinhoodlogiin-us.ukit.me/ IP 185.129.100.126 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:40:11 Last Seen2023-03-07 18:40:11 Times Seen1 Hash a1827bdf579e2854ecaa5979a967f704 56f33b670618c1cf7d60b3e5a58dbe0a78ded048 047a947d1cfe55064f76240c8f6da295a031708f6f145e06bb027a8fbe0b97ba Loading...

	robinhoodlogiin-us.ukit.me/js/requireConf.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234	55 kB	2023-03-07	2024-04-18
Pretty URL robinhoodlogiin-us.ukit.me/js/requireConf.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:44 Last Seen2024-04-18 08:48:26 Times Seen446 Hash 08ffd87764a67a4b74cc28913a86777f 5101ef61f1b77e709c156f948648923e521e3a8c b26248035a70f01d37a38b4fe64abda5ded10ec3a6416b6f583e7dd738549000 Loading...

		Size	First Seen	Last Seen
	#1 Write - c3a4068afe21d6c9f3c5b4e0f5fb59d8	159 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 18:40:11 Last Seen2023-03-07 18:40:11 Times Seen1 Hash c3a4068afe21d6c9f3c5b4e0f5fb59d8 5faf149accc934b2818f52cc46a37016a96e59db 93aa0c0f16ba18d94291f6379f31d04ece5a143024a03c9db0d6b569e75fc78e Loading...

HTTP Transactions (55)

URL IP Response Size

robinhoodlogiin-us.ukit.me/

185.129.100.126

301 Moved Permanently

0 B

URL HTTP/1.1
robinhoodlogiin-us.ukit.me/
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg1_=ILQGBcsNP6sRiBtRSO4x; Domain=.ukit.me; HttpOnly; Path=/; Expires=Tue, 19-Sep-2023 06:50:54 GMT
Date: Mon, 19 Sep 2022 06:50:54 GMT
X-Powered-By: Express
Location: https://robinhoodlogiin-us.ukit.me/
x-cms: ukit
Cache-Control: public, max-age=600
Transfer-Encoding: chunked

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 06:12:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8sTMxZue4ZqgAfc7UPukMdE8q3ukZmMFItU9y7gKLuBB0_y12z-a9g==
Age: 2295

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15347
Expires: Mon, 19 Sep 2022 11:06:41 GMT
Date: Mon, 19 Sep 2022 06:50:54 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 80Kb7FNpOnYueIvwh-V5dOkx76o-NPD_EGbD7st8JDnANXwExTpjIw==
age: 8141
X-Firefox-Spdy: h2

ocsp.usertrust.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.usertrust.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
ca2229ef10692bae4f65a1717c7f2fe2
04a1ec8f961531f369ca6ee0e411f84b656bd880
7c5cd09ff1a4685ae3a7bf2daa9bba0e76a719c000090b7342c30b463c12aed3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 06:50:54 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 19:50:42 GMT
Expires: Thu, 22 Sep 2022 19:50:41 GMT
Etag: "04a1ec8f961531f369ca6ee0e411f84b656bd880"
Cache-Control: max-age=305562,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74d063ca0beb0afa-OSL

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 06:50:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

robinhoodlogiin-us.ukit.me/

185.129.100.126

200 OK

25 kB

URL HTTP/2
robinhoodlogiin-us.ukit.me/
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type
data
Size
25 kB (24832 bytes)
Hash
b14d68f1909bf3622ad2010c57cac1f6
2f1fadbbcc1f45ea9529c574b6f4c63fdd4ddf0c
94327ca908a88cbf5e268195486c28637d9d7ea1d822ec09c737e6b2ee0de415

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=ZEx5Mvpj1y5V0C8urzmd; Domain=.ukit.me; HttpOnly; Path=/; Expires=Tue, 19-Sep-2023 06:50:54 GMT
date: Mon, 19 Sep 2022 06:50:54 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
vary: Accept-Encoding
content-encoding: gzip
x-cms: ukit
cache-control: public, max-age=600
X-Firefox-Spdy: h2

robinhoodlogiin-us.ukit.me/js/lib/modernizr-webp.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234

185.129.100.126

200 OK

62 kB

URL HTTP/2
robinhoodlogiin-us.ukit.me/js/lib/modernizr-webp.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (3053)
Size
62 kB (62507 bytes)
Hash
8aead99dc713748fa111441322603a3a
c8e01951543e243d5707931d7562d0cca3d67cf4
298b8f6723de80abf5a2738854797cbe6f5e440ca764a83e9f4f3e4ce5368809

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/lib/modernizr-webp.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Cookie: __ddg1_=ZEx5Mvpj1y5V0C8urzmd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
date: Mon, 19 Sep 2022 06:50:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 18 Dec 2021 14:05:40 GMT
etag: W/"61bdeab4-1745"
cache-control: max-age=3600, must-revalidate, public
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 06:50:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4238
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 06:50:54 GMT
Last-Modified: Mon, 19 Sep 2022 05:40:16 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 06:50:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 06:50:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 06:50:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 06:50:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 06:50:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 06:50:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

34.215.91.121

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.215.91.121:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Aynk7kCd/EV9KQuXuwkozA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3MkQO5FnSz2kCiTmjxM21dD+fSg=

fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

142.250.74.163

200 OK

36 kB

URL HTTP/2
fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 35764, version 1.0\012- data
Size
36 kB (35764 bytes)
Hash
60f23230f1a8d5c3b7d25b73f5b5ce23
ed08ada85d017893b9bcb8224e99154c6708f5d2
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8

HTTP Headers

GET /s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://robinhoodlogiin-us.ukit.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35764
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 21:14:36 GMT
expires: Tue, 12 Sep 2023 21:14:36 GMT
cache-control: public, max-age=31536000
age: 552979
last-modified: Mon, 18 Jul 2022 19:06:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v11/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuFuYMZg.ttf

142.250.74.163

200 OK

158 kB

URL HTTP/2
fonts.gstatic.com/s/inter/v11/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuFuYMZg.ttf
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
TrueType Font data, 16 tables, 1st "GDEF", 12 names, Microsoft, language 0x409, Copyright 2020 The Inter Project Authors (https://github.com/rsms/inter)InterBold3.019;RSMS;Inte\012- data
Size
158 kB (158245 bytes)
Hash
c7ec655addfc05e57ee4d01338f97143
5149e33669349360baeed27f12910c5b3abd2dc3
021e48ec89c14cf2297ec2e41cd7ece8fd8899bfcc5c8c83e9d9cb98c292e357

HTTP Headers

GET /s/inter/v11/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuFuYMZg.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://robinhoodlogiin-us.ukit.me
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 158245
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 19:18:28 GMT
expires: Wed, 13 Sep 2023 19:18:28 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:30:10 GMT
content-type: font/ttf
age: 473547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v11/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfMZg.ttf

142.250.74.163

200 OK

147 kB

URL HTTP/2
fonts.gstatic.com/s/inter/v11/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfMZg.ttf
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
TrueType Font data, 16 tables, 1st "GDEF", 11 names, Microsoft, language 0x409, Copyright 2020 The Inter Project Authors (https://github.com/rsms/inter)InterRegular3.019;RSMS;I\012- data
Size
147 kB (146696 bytes)
Hash
05e60e843a90c5c01a04278a4633631d
73bd7ae9e498dabc26c39df77b3dbab0d83c37d7
300e1cbe0e2d89e4380eab91250d5023c2856873d0fba0ff0c2bdda8a356d09a

HTTP Headers

GET /s/inter/v11/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfMZg.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://robinhoodlogiin-us.ukit.me
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 146696
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 19:18:28 GMT
expires: Wed, 13 Sep 2023 19:18:28 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:40:49 GMT
content-type: font/ttf
age: 473547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 06:50:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

robinhoodlogiin-us.ukit.me/__scale/uploads/s/1/6/d/16dg5me9rz46/img/full_5mDKbrnw.png?quality=60&width=1170&webp=1

185.129.100.126

200 OK

27 kB

URL HTTP/2
robinhoodlogiin-us.ukit.me/__scale/uploads/s/1/6/d/16dg5me9rz46/img/full_5mDKbrnw.png?quality=60&width=1170&webp=1
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1170x740, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
27 kB (26592 bytes)
Hash
474cfd32a3627ee4f06ad1ff1c635d4b
ce2064fd8a3cad2e985573b2cd41c930d9d08ba0
a8c86e089041e05fcf5587c05190b9426a82648115b36822633b2b40b8928e5c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /__scale/uploads/s/1/6/d/16dg5me9rz46/img/full_5mDKbrnw.png?quality=60&width=1170&webp=1 HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Cookie: __ddg1_=ZEx5Mvpj1y5V0C8urzmd; x-csrf-token=cAbZihOQKoLpPjLgY0Iz; i18n_b97b50e59a0819bd0fc9d477f903e77e923a904d2d8b87f90a15548b35124351=s%3A1d55f595832a8d0bc05384ecc183517a68d9ab00529e722f9a084a64b670788c24d06d606dead78fcc844ef5caa2e7502ffcce48a6cbe298a9b1a6e67cfacb7eee1d3124a75f61fcc057581a4de10838f7d51cd623df.q%2Br2FNrpzZ2fXqSt7zWU1Y%2BSHyFDW17%2F7XOKAU%2BjpQ8; session=l6FL_c75pnGAu4NsZW5xtQ.MfnypXoxWMZIuVRxbLiwJ_y5WYu15RPXN9nhZuMjV3iiJaxHAmh3neVUkmeNwatR1pWnk7cIxSCkH3O5k5IPDZpBiBoscThFudMfJnzurfO8rPQvmEgJ__-pAtFvIE24e6HrvEiTnpRsS_FwqCz0ICE6KBEc7WPSg5rXMVS40k-eWT6n4IWuAq9k9llc1F547leGffyATJDc2-84W1lzJ_eRT8nMcjN4Ofja8bC0hLKT-Iz7sSy7VBP1sxWAkPs4tTixb6MKsNBYhSPfOuyRQf5dV-RKHVPdZvTTbRyplHrV05nrfaZfziQu7eWpAq5YQLu-yv7x9iVF-F3fs2d69WAGt8B26bvaNtS9GmJGGbk.1663570254843.630720000000.Fasb5v6nL7AXJmi84kC4SB2Hrkk4IS4O64s7rkGuDpg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
date: Mon, 19 Sep 2022 06:50:55 GMT
content-type: image/webp
content-length: 26592
last-modified: Thu, 08 Sep 2022 09:36:15 GMT
etag: "6319b78f-46a9c"
cache-control: max-age=3600, must-revalidate, public, max-age=3600, must-revalidate, public
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3361
Expires: Mon, 19 Sep 2022 07:46:57 GMT
Date: Mon, 19 Sep 2022 06:50:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3361
Expires: Mon, 19 Sep 2022 07:46:57 GMT
Date: Mon, 19 Sep 2022 06:50:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3361
Expires: Mon, 19 Sep 2022 07:46:57 GMT
Date: Mon, 19 Sep 2022 06:50:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3361
Expires: Mon, 19 Sep 2022 07:46:57 GMT
Date: Mon, 19 Sep 2022 06:50:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3361
Expires: Mon, 19 Sep 2022 07:46:57 GMT
Date: Mon, 19 Sep 2022 06:50:56 GMT
Connection: keep-alive

robinhoodlogiin-us.ukit.me/css/lib/bootstrap.min.css?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234

185.129.100.126

200 OK

37 kB

URL HTTP/2
robinhoodlogiin-us.ukit.me/css/lib/bootstrap.min.css?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (20306)
Size
37 kB (36974 bytes)
Hash
59387b8172a8c9237e2dc3c7bd4fb962
9671b2bb311602d2f4bfc13643255b7376cf0e97
b06c070dead909c3f7053d0650ea8ee35ed3d6aafe53f494ce0e7858c5effe4b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/lib/bootstrap.min.css?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Cookie: __ddg1_=ZEx5Mvpj1y5V0C8urzmd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
date: Mon, 19 Sep 2022 06:50:54 GMT
content-type: text/css
last-modified: Wed, 07 Dec 2016 14:14:05 GMT
etag: W/"5848192d-50b9"
cache-control: max-age=3600, must-revalidate, public
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3d8aaa4-a2c1-416d-a396-a4c00758ba53.jpeg

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3d8aaa4-a2c1-416d-a396-a4c00758ba53.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9426 bytes)
Hash
febaa50825802847e9cbc0479e7121ba
36355214d6f866681edc3eacd5f1af87b16bdcc2
7a808fbeb6ce87490299fb3d5de52ec450c9161d9098254f1b54a0d4a97b645c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3d8aaa4-a2c1-416d-a396-a4c00758ba53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9426
x-amzn-requestid: 6569d647-e17c-4456-8d54-b093e1cc1d7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl9trEPNoAMFteg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63257657-7bba0e970a8114a11fd6bf32;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:25:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sO0jibO4hXSxONHRYPgA2WA9U9GBFbVhCGy9F3RwrJqZoAzU90Tpsg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:57:45 GMT
age: 82391
etag: "36355214d6f866681edc3eacd5f1af87b16bdcc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad78a6f9-e73d-465c-b7fd-7c8b261e5825.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4878 bytes)
Hash
672ffe8377dcaf5bad2d7e4534441984
e1b634652b4112c30f80745059523cbfce09365a
a4b6bcfb246be2d02b5d04b49f9d8c13fef8661abc7d9f146d5cc9c766fc96f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad78a6f9-e73d-465c-b7fd-7c8b261e5825.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4878
x-amzn-requestid: 2d39705a-e054-428a-a3c8-fc0b12e70724
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeH-EGvAoAMFZSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322538d-6ca748d854879c6b0d6194cd;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:19:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Qh4tZrSUApljhjyz5vgrbKiBdVSHyy8xjR4zBj4w_m283Fk2DtW57A==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 08:42:57 GMT
age: 79679
etag: "e1b634652b4112c30f80745059523cbfce09365a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51d0e81a-9a24-4b9d-8b77-02caa029aba6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7637 bytes)
Hash
87e0d8be3547c9a4e09c496a8e43bfeb
86e5b19c0c395b8cdac33f0e07d1689d00940fac
268a7135b2d273730a258d6af8317436f87e79b652207432a33fce98a9a9121b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51d0e81a-9a24-4b9d-8b77-02caa029aba6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7637
x-amzn-requestid: d3f7a8f4-c5e8-474e-8b62-0677931aae37
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCrNFO5IAMFygA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e47-7cc884381e0ae1144d212b7c;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:59 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lwuuov3xBZDoHGBumvYqgDtQbV0J8lpCyKzmkw_XiNhFeA7DsdPYQw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:56:06 GMT
age: 32090
etag: "86e5b19c0c395b8cdac33f0e07d1689d00940fac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8735 bytes)
Hash
3d9fd171b51b27aa84e06e7d5a40116e
a81660dcace8f232018ce9a6d027b271d1f8a863
2c80ffd2c0c451c61623a677d1b17e8e58a40a0a7bdb5ef1cac2610bb0a7e0a8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: 8af37b3f-bacb-4f13-a539-0a8a1e2c7fe8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrN_VHdooAMF8cQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63279061-083f90a5264568d85ce86e5a;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:40:49 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tPeWvkV7t7BSrnTA0G2Sf_KmuH5M4azBRhaeNuuaeiOW7zB4RhM_mw==
via: 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:51:50 GMT
age: 32346
etag: "a81660dcace8f232018ce9a6d027b271d1f8a863"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a5d9ce-7d6b-4006-832c-dda7f7999129.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9371 bytes)
Hash
f99c08fdd1a74ec569e02207b9919df8
3f24ca8e9c96f3c9ca2e95946f1f67d242c7e5df
7b5f48166db186dcf19987f5f91cb03cbd069ec74de8ea42059626019b00fc14

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a5d9ce-7d6b-4006-832c-dda7f7999129.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9371
x-amzn-requestid: dd94b1a0-f6a1-4e41-8b97-9c9904b6f6b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRFF6rIAMFY2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf39-289c5acb4e5bcb715b689f55;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ru8zmqf8FBNIJatpnkFCgjq49arUFR2o8pqE50dzLOXsgsyaf5oMKg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 14:26:40 GMT
age: 59056
etag: "3f24ca8e9c96f3c9ca2e95946f1f67d242c7e5df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

robinhoodlogiin-us.ukit.me/js/ulib/critical.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234

185.129.100.126

200 OK

0 B

URL HTTP/2
robinhoodlogiin-us.ukit.me/js/ulib/critical.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/ulib/critical.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Cookie: __ddg1_=ZEx5Mvpj1y5V0C8urzmd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
date: Mon, 19 Sep 2022 06:50:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 18 Dec 2021 14:05:40 GMT
etag: W/"61bdeab4-1c7c"
cache-control: max-age=3600, must-revalidate, public
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

robinhoodlogiin-us.ukit.me/img/ukit-copyright-dark.svg

185.129.100.126

200 OK

0 B

URL HTTP/2
robinhoodlogiin-us.ukit.me/img/ukit-copyright-dark.svg
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/ukit-copyright-dark.svg HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/templates/new_film/css/main-g-theme-site-1-desktop.css
Cookie: __ddg1_=ZEx5Mvpj1y5V0C8urzmd; x-csrf-token=cAbZihOQKoLpPjLgY0Iz; i18n_b97b50e59a0819bd0fc9d477f903e77e923a904d2d8b87f90a15548b35124351=s%3A1d55f595832a8d0bc05384ecc183517a68d9ab00529e722f9a084a64b670788c24d06d606dead78fcc844ef5caa2e7502ffcce48a6cbe298a9b1a6e67cfacb7eee1d3124a75f61fcc057581a4de10838f7d51cd623df.q%2Br2FNrpzZ2fXqSt7zWU1Y%2BSHyFDW17%2F7XOKAU%2BjpQ8; session=l6FL_c75pnGAu4NsZW5xtQ.MfnypXoxWMZIuVRxbLiwJ_y5WYu15RPXN9nhZuMjV3iiJaxHAmh3neVUkmeNwatR1pWnk7cIxSCkH3O5k5IPDZpBiBoscThFudMfJnzurfO8rPQvmEgJ__-pAtFvIE24e6HrvEiTnpRsS_FwqCz0ICE6KBEc7WPSg5rXMVS40k-eWT6n4IWuAq9k9llc1F547leGffyATJDc2-84W1lzJ_eRT8nMcjN4Ofja8bC0hLKT-Iz7sSy7VBP1sxWAkPs4tTixb6MKsNBYhSPfOuyRQf5dV-RKHVPdZvTTbRyplHrV05nrfaZfziQu7eWpAq5YQLu-yv7x9iVF-F3fs2d69WAGt8B26bvaNtS9GmJGGbk.1663570254843.630720000000.Fasb5v6nL7AXJmi84kC4SB2Hrkk4IS4O64s7rkGuDpg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
date: Mon, 19 Sep 2022 06:50:55 GMT
content-type: image/svg+xml
last-modified: Fri, 05 Jul 2019 10:57:13 GMT
etag: W/"5d1f2d09-1306"
cache-control: max-age=3600, must-revalidate, public
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

robinhoodlogiin-us.ukit.me/api/loadsitesstat/resolve

185.129.100.126

200 OK

0 B

URL HTTP/2
robinhoodlogiin-us.ukit.me/api/loadsitesstat/resolve
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /api/loadsitesstat/resolve HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 57
Origin: https://robinhoodlogiin-us.ukit.me
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Cookie: __ddg1_=ZEx5Mvpj1y5V0C8urzmd; x-csrf-token=cAbZihOQKoLpPjLgY0Iz; i18n_b97b50e59a0819bd0fc9d477f903e77e923a904d2d8b87f90a15548b35124351=s%3A1d55f595832a8d0bc05384ecc183517a68d9ab00529e722f9a084a64b670788c24d06d606dead78fcc844ef5caa2e7502ffcce48a6cbe298a9b1a6e67cfacb7eee1d3124a75f61fcc057581a4de10838f7d51cd623df.q%2Br2FNrpzZ2fXqSt7zWU1Y%2BSHyFDW17%2F7XOKAU%2BjpQ8; session=l6FL_c75pnGAu4NsZW5xtQ.MfnypXoxWMZIuVRxbLiwJ_y5WYu15RPXN9nhZuMjV3iiJaxHAmh3neVUkmeNwatR1pWnk7cIxSCkH3O5k5IPDZpBiBoscThFudMfJnzurfO8rPQvmEgJ__-pAtFvIE24e6HrvEiTnpRsS_FwqCz0ICE6KBEc7WPSg5rXMVS40k-eWT6n4IWuAq9k9llc1F547leGffyATJDc2-84W1lzJ_eRT8nMcjN4Ofja8bC0hLKT-Iz7sSy7VBP1sxWAkPs4tTixb6MKsNBYhSPfOuyRQf5dV-RKHVPdZvTTbRyplHrV05nrfaZfziQu7eWpAq5YQLu-yv7x9iVF-F3fs2d69WAGt8B26bvaNtS9GmJGGbk.1663570254843.630720000000.Fasb5v6nL7AXJmi84kC4SB2Hrkk4IS4O64s7rkGuDpg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
date: Mon, 19 Sep 2022 06:50:55 GMT
content-type: text/html; charset=utf-8
vary: Origin, X-HTTP-Method-Override, Accept-Encoding
access-control-allow-credentials: true
set-cookie: x-csrf-token=DG11MBWcRYn2M61iOI8g; Path=/
session=BaG1_pgLhHjcr-mq9W4P9A.0Cb9gha5nM6-zy8iX_4J0WeCnPIL2yoFZEoYGTz0gIaw6KKxF_cE5Lpryzhz8bEjhPmuch0wQjo1dbXbKERTPE21P13zfxnc212nrFBmScG1XySjk28jQ3r_3-2Cu52R9eq4YiZ9ySZ6KFD5DaFefn5ZB1ISrvvmD5-LzXWSejFc8TIdEyoYvKZ0zgpuPhYvFJYEWwvU9goy7RpyDH1dPVMub32XkUDYdNVDFVH_wZ1Wo2s-JcmaBoXbct3b3yQw0WBksTMABnkiJ25PI_u5TyYiQ_xYTomZxXIUG2KLdl0HhnHKLKDVXHiju4cPB0HteU67UiQJxUtBL3RmALSd6PY-Zzz6Tqb99z7BLWb7zdI.1663570254843.630720000000.LONOO-3Q1WX5BxyufKz9n0zj8yDbELagJxRv-RD9e8k; path=/; expires=Sun, 14 Sep 2042 06:50:55 GMT; secure; httponly
etag: W/"0-1B2M2Y8AsgTpgAmY7PhCfg"
cache-control: no-cache, no-store, max-age=0, must-revalidate, post-check=0, pre-check=0
x-xss-protection: 1; mode=block
content-encoding: br
X-Firefox-Spdy: h2

robinhoodlogiin-us.ukit.me/js/lib/jquery-2.1.0.min.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234

185.129.100.126

200 OK

0 B

URL HTTP/2
robinhoodlogiin-us.ukit.me/js/lib/jquery-2.1.0.min.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/lib/jquery-2.1.0.min.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Cookie: __ddg1_=ZEx5Mvpj1y5V0C8urzmd; x-csrf-token=cAbZihOQKoLpPjLgY0Iz; i18n_b97b50e59a0819bd0fc9d477f903e77e923a904d2d8b87f90a15548b35124351=s%3A1d55f595832a8d0bc05384ecc183517a68d9ab00529e722f9a084a64b670788c24d06d606dead78fcc844ef5caa2e7502ffcce48a6cbe298a9b1a6e67cfacb7eee1d3124a75f61fcc057581a4de10838f7d51cd623df.q%2Br2FNrpzZ2fXqSt7zWU1Y%2BSHyFDW17%2F7XOKAU%2BjpQ8; session=l6FL_c75pnGAu4NsZW5xtQ.MfnypXoxWMZIuVRxbLiwJ_y5WYu15RPXN9nhZuMjV3iiJaxHAmh3neVUkmeNwatR1pWnk7cIxSCkH3O5k5IPDZpBiBoscThFudMfJnzurfO8rPQvmEgJ__-pAtFvIE24e6HrvEiTnpRsS_FwqCz0ICE6KBEc7WPSg5rXMVS40k-eWT6n4IWuAq9k9llc1F547leGffyATJDc2-84W1lzJ_eRT8nMcjN4Ofja8bC0hLKT-Iz7sSy7VBP1sxWAkPs4tTixb6MKsNBYhSPfOuyRQf5dV-RKHVPdZvTTbRyplHrV05nrfaZfziQu7eWpAq5YQLu-yv7x9iVF-F3fs2d69WAGt8B26bvaNtS9GmJGGbk.1663570254843.630720000000.Fasb5v6nL7AXJmi84kC4SB2Hrkk4IS4O64s7rkGuDpg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
date: Mon, 19 Sep 2022 06:50:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 07 Dec 2016 14:14:06 GMT
etag: W/"5848192e-1469e"
cache-control: max-age=3600, must-revalidate, public
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

robinhoodlogiin-us.ukit.me/js/lib/requirejs.min.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234

185.129.100.126

200 OK

0 B

URL HTTP/2
robinhoodlogiin-us.ukit.me/js/lib/requirejs.min.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/lib/requirejs.min.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Cookie: __ddg1_=ZEx5Mvpj1y5V0C8urzmd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
date: Mon, 19 Sep 2022 06:50:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 07 Dec 2016 14:14:06 GMT
etag: W/"5848192e-3b81"
cache-control: max-age=3600, must-revalidate, public
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

robinhoodlogiin-us.ukit.me/js/lib/cssrelpreload.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234

185.129.100.126

200 OK

0 B

URL HTTP/2
robinhoodlogiin-us.ukit.me/js/lib/cssrelpreload.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/lib/cssrelpreload.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Cookie: __ddg1_=ZEx5Mvpj1y5V0C8urzmd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
date: Mon, 19 Sep 2022 06:50:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 16 Feb 2018 14:24:16 GMT
etag: W/"5a86e990-7dc2"
cache-control: max-age=3600, must-revalidate, public
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

robinhoodlogiin-us.ukit.me/js/ulib/backgroundBlockColor.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234

185.129.100.126

200 OK

0 B

URL HTTP/2
robinhoodlogiin-us.ukit.me/js/ulib/backgroundBlockColor.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/ulib/backgroundBlockColor.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Cookie: __ddg1_=ZEx5Mvpj1y5V0C8urzmd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
date: Mon, 19 Sep 2022 06:50:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 24 Sep 2019 11:22:23 GMT
etag: W/"5d89fc6f-539d"
cache-control: max-age=3600, must-revalidate, public
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

robinhoodlogiin-us.ukit.me/js/lib/error-stack-parser.min.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234

185.129.100.126

200 OK

0 B

URL HTTP/2
robinhoodlogiin-us.ukit.me/js/lib/error-stack-parser.min.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/lib/error-stack-parser.min.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Cookie: __ddg1_=ZEx5Mvpj1y5V0C8urzmd; x-csrf-token=cAbZihOQKoLpPjLgY0Iz; i18n_b97b50e59a0819bd0fc9d477f903e77e923a904d2d8b87f90a15548b35124351=s%3A1d55f595832a8d0bc05384ecc183517a68d9ab00529e722f9a084a64b670788c24d06d606dead78fcc844ef5caa2e7502ffcce48a6cbe298a9b1a6e67cfacb7eee1d3124a75f61fcc057581a4de10838f7d51cd623df.q%2Br2FNrpzZ2fXqSt7zWU1Y%2BSHyFDW17%2F7XOKAU%2BjpQ8; session=l6FL_c75pnGAu4NsZW5xtQ.MfnypXoxWMZIuVRxbLiwJ_y5WYu15RPXN9nhZuMjV3iiJaxHAmh3neVUkmeNwatR1pWnk7cIxSCkH3O5k5IPDZpBiBoscThFudMfJnzurfO8rPQvmEgJ__-pAtFvIE24e6HrvEiTnpRsS_FwqCz0ICE6KBEc7WPSg5rXMVS40k-eWT6n4IWuAq9k9llc1F547leGffyATJDc2-84W1lzJ_eRT8nMcjN4Ofja8bC0hLKT-Iz7sSy7VBP1sxWAkPs4tTixb6MKsNBYhSPfOuyRQf5dV-RKHVPdZvTTbRyplHrV05nrfaZfziQu7eWpAq5YQLu-yv7x9iVF-F3fs2d69WAGt8B26bvaNtS9GmJGGbk.1663570254843.630720000000.Fasb5v6nL7AXJmi84kC4SB2Hrkk4IS4O64s7rkGuDpg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
date: Mon, 19 Sep 2022 06:50:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 07 Dec 2016 14:14:06 GMT
etag: W/"5848192e-1241"
cache-control: max-age=3600, must-revalidate, public
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

robinhoodlogiin-us.ukit.me/dist-version/css/pub.v1.css?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234

185.129.100.126

200 OK

0 B

URL HTTP/2
robinhoodlogiin-us.ukit.me/dist-version/css/pub.v1.css?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dist-version/css/pub.v1.css?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Cookie: __ddg1_=ZEx5Mvpj1y5V0C8urzmd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
date: Mon, 19 Sep 2022 06:50:54 GMT
content-type: text/css
last-modified: Wed, 20 Apr 2022 10:52:05 GMT
etag: W/"625fe5d5-477c"
cache-control: max-age=3600, must-revalidate, public
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

robinhoodlogiin-us.ukit.me/dist-version/js/pub.v1.bundle.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234

185.129.100.126

200 OK

0 B

URL HTTP/2
robinhoodlogiin-us.ukit.me/dist-version/js/pub.v1.bundle.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dist-version/js/pub.v1.bundle.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Cookie: __ddg1_=ZEx5Mvpj1y5V0C8urzmd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
date: Mon, 19 Sep 2022 06:50:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 01 Aug 2022 12:23:15 GMT
etag: W/"62e7c5b3-1186b4"
cache-control: max-age=3600, must-revalidate, public
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

robinhoodlogiin-us.ukit.me/js/ulib/orderForm.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234

185.129.100.126

200 OK

0 B

URL HTTP/2
robinhoodlogiin-us.ukit.me/js/ulib/orderForm.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/ulib/orderForm.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Cookie: __ddg1_=ZEx5Mvpj1y5V0C8urzmd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
date: Mon, 19 Sep 2022 06:50:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 24 Jan 2022 09:32:03 GMT
etag: W/"61ee7213-a6f"
cache-control: max-age=3600, must-revalidate, public
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v11/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuOKfMZg.ttf

142.250.74.163

200 OK

0 B

URL HTTP/2
fonts.gstatic.com/s/inter/v11/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuOKfMZg.ttf
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /s/inter/v11/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuOKfMZg.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://robinhoodlogiin-us.ukit.me
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 154459
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 19:15:56 GMT
expires: Wed, 13 Sep 2023 19:15:56 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:40:33 GMT
content-type: font/ttf
age: 473699
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

robinhoodlogiin-us.ukit.me/sitecss/srcset-6319b6935764f52393ec5d18-all.css?v=1

185.129.100.126

200 OK

0 B

URL HTTP/2
robinhoodlogiin-us.ukit.me/sitecss/srcset-6319b6935764f52393ec5d18-all.css?v=1
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sitecss/srcset-6319b6935764f52393ec5d18-all.css?v=1 HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Cookie: __ddg1_=ZEx5Mvpj1y5V0C8urzmd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
date: Mon, 19 Sep 2022 06:50:54 GMT
content-type: text/css; charset=utf-8
x-powered-by: Express
vary: Accept-Encoding
content-encoding: br
x-cms: ukit
cache-control: public, max-age=600
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

robinhoodlogiin-us.ukit.me/js/ulib/viewportObserver.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234

185.129.100.126

200 OK

0 B

URL HTTP/2
robinhoodlogiin-us.ukit.me/js/ulib/viewportObserver.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/ulib/viewportObserver.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Cookie: __ddg1_=ZEx5Mvpj1y5V0C8urzmd; x-csrf-token=cAbZihOQKoLpPjLgY0Iz; i18n_b97b50e59a0819bd0fc9d477f903e77e923a904d2d8b87f90a15548b35124351=s%3A1d55f595832a8d0bc05384ecc183517a68d9ab00529e722f9a084a64b670788c24d06d606dead78fcc844ef5caa2e7502ffcce48a6cbe298a9b1a6e67cfacb7eee1d3124a75f61fcc057581a4de10838f7d51cd623df.q%2Br2FNrpzZ2fXqSt7zWU1Y%2BSHyFDW17%2F7XOKAU%2BjpQ8; session=l6FL_c75pnGAu4NsZW5xtQ.MfnypXoxWMZIuVRxbLiwJ_y5WYu15RPXN9nhZuMjV3iiJaxHAmh3neVUkmeNwatR1pWnk7cIxSCkH3O5k5IPDZpBiBoscThFudMfJnzurfO8rPQvmEgJ__-pAtFvIE24e6HrvEiTnpRsS_FwqCz0ICE6KBEc7WPSg5rXMVS40k-eWT6n4IWuAq9k9llc1F547leGffyATJDc2-84W1lzJ_eRT8nMcjN4Ofja8bC0hLKT-Iz7sSy7VBP1sxWAkPs4tTixb6MKsNBYhSPfOuyRQf5dV-RKHVPdZvTTbRyplHrV05nrfaZfziQu7eWpAq5YQLu-yv7x9iVF-F3fs2d69WAGt8B26bvaNtS9GmJGGbk.1663570254843.630720000000.Fasb5v6nL7AXJmi84kC4SB2Hrkk4IS4O64s7rkGuDpg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
date: Mon, 19 Sep 2022 06:50:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 24 Jul 2019 11:14:41 GMT
etag: W/"5d383da1-58fb"
cache-control: max-age=3600, must-revalidate, public
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

robinhoodlogiin-us.ukit.me/js/ulib/ulErrorHandler.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234

185.129.100.126

200 OK

0 B

URL HTTP/2
robinhoodlogiin-us.ukit.me/js/ulib/ulErrorHandler.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/ulib/ulErrorHandler.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Cookie: __ddg1_=ZEx5Mvpj1y5V0C8urzmd; x-csrf-token=cAbZihOQKoLpPjLgY0Iz; i18n_b97b50e59a0819bd0fc9d477f903e77e923a904d2d8b87f90a15548b35124351=s%3A1d55f595832a8d0bc05384ecc183517a68d9ab00529e722f9a084a64b670788c24d06d606dead78fcc844ef5caa2e7502ffcce48a6cbe298a9b1a6e67cfacb7eee1d3124a75f61fcc057581a4de10838f7d51cd623df.q%2Br2FNrpzZ2fXqSt7zWU1Y%2BSHyFDW17%2F7XOKAU%2BjpQ8; session=l6FL_c75pnGAu4NsZW5xtQ.MfnypXoxWMZIuVRxbLiwJ_y5WYu15RPXN9nhZuMjV3iiJaxHAmh3neVUkmeNwatR1pWnk7cIxSCkH3O5k5IPDZpBiBoscThFudMfJnzurfO8rPQvmEgJ__-pAtFvIE24e6HrvEiTnpRsS_FwqCz0ICE6KBEc7WPSg5rXMVS40k-eWT6n4IWuAq9k9llc1F547leGffyATJDc2-84W1lzJ_eRT8nMcjN4Ofja8bC0hLKT-Iz7sSy7VBP1sxWAkPs4tTixb6MKsNBYhSPfOuyRQf5dV-RKHVPdZvTTbRyplHrV05nrfaZfziQu7eWpAq5YQLu-yv7x9iVF-F3fs2d69WAGt8B26bvaNtS9GmJGGbk.1663570254843.630720000000.Fasb5v6nL7AXJmi84kC4SB2Hrkk4IS4O64s7rkGuDpg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
date: Mon, 19 Sep 2022 06:50:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Jul 2018 11:31:14 GMT
etag: W/"5b51c802-7358"
cache-control: max-age=3600, must-revalidate, public
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

robinhoodlogiin-us.ukit.me/css/devicePublish.min.css?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234

185.129.100.126

200 OK

0 B

URL HTTP/2
robinhoodlogiin-us.ukit.me/css/devicePublish.min.css?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/devicePublish.min.css?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Cookie: __ddg1_=ZEx5Mvpj1y5V0C8urzmd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
date: Mon, 19 Sep 2022 06:50:54 GMT
content-type: text/css
last-modified: Thu, 26 Aug 2021 11:46:11 GMT
etag: W/"61277f03-2d4"
cache-control: max-age=3600, must-revalidate, public
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

robinhoodlogiin-us.ukit.me/js/ulib/performance.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234

185.129.100.126

200 OK

0 B

URL HTTP/2
robinhoodlogiin-us.ukit.me/js/ulib/performance.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/ulib/performance.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Cookie: __ddg1_=ZEx5Mvpj1y5V0C8urzmd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
date: Mon, 19 Sep 2022 06:50:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 15 Jan 2019 11:48:35 GMT
etag: W/"5c3dc893-5af2"
cache-control: max-age=3600, must-revalidate, public
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

robinhoodlogiin-us.ukit.me/i18n/en/constructor.json?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234

185.129.100.126

200 OK

0 B

URL HTTP/2
robinhoodlogiin-us.ukit.me/i18n/en/constructor.json?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /i18n/en/constructor.json?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Cookie: __ddg1_=ZEx5Mvpj1y5V0C8urzmd; x-csrf-token=cAbZihOQKoLpPjLgY0Iz; i18n_b97b50e59a0819bd0fc9d477f903e77e923a904d2d8b87f90a15548b35124351=s%3A1d55f595832a8d0bc05384ecc183517a68d9ab00529e722f9a084a64b670788c24d06d606dead78fcc844ef5caa2e7502ffcce48a6cbe298a9b1a6e67cfacb7eee1d3124a75f61fcc057581a4de10838f7d51cd623df.q%2Br2FNrpzZ2fXqSt7zWU1Y%2BSHyFDW17%2F7XOKAU%2BjpQ8; session=l6FL_c75pnGAu4NsZW5xtQ.MfnypXoxWMZIuVRxbLiwJ_y5WYu15RPXN9nhZuMjV3iiJaxHAmh3neVUkmeNwatR1pWnk7cIxSCkH3O5k5IPDZpBiBoscThFudMfJnzurfO8rPQvmEgJ__-pAtFvIE24e6HrvEiTnpRsS_FwqCz0ICE6KBEc7WPSg5rXMVS40k-eWT6n4IWuAq9k9llc1F547leGffyATJDc2-84W1lzJ_eRT8nMcjN4Ofja8bC0hLKT-Iz7sSy7VBP1sxWAkPs4tTixb6MKsNBYhSPfOuyRQf5dV-RKHVPdZvTTbRyplHrV05nrfaZfziQu7eWpAq5YQLu-yv7x9iVF-F3fs2d69WAGt8B26bvaNtS9GmJGGbk.1663570254843.630720000000.Fasb5v6nL7AXJmi84kC4SB2Hrkk4IS4O64s7rkGuDpg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
date: Mon, 19 Sep 2022 06:50:55 GMT
content-type: application/json
last-modified: Mon, 12 Sep 2022 11:07:21 GMT
etag: W/"631f12e9-109b7"
cache-control: max-age=3600, must-revalidate, public
content-encoding: gzip
X-Firefox-Spdy: h2

robinhoodlogiin-us.ukit.me/css/require/scroll-animation.css?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234

185.129.100.126

200 OK

0 B

URL HTTP/2
robinhoodlogiin-us.ukit.me/css/require/scroll-animation.css?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/require/scroll-animation.css?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Cookie: __ddg1_=ZEx5Mvpj1y5V0C8urzmd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
date: Mon, 19 Sep 2022 06:50:54 GMT
content-type: text/css
last-modified: Tue, 31 Aug 2021 11:48:21 GMT
etag: W/"612e1705-229"
cache-control: max-age=3600, must-revalidate, public
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

robinhoodlogiin-us.ukit.me/sitecss/typography.css?v=1

185.129.100.126

200 OK

0 B

URL HTTP/2
robinhoodlogiin-us.ukit.me/sitecss/typography.css?v=1
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sitecss/typography.css?v=1 HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Cookie: __ddg1_=ZEx5Mvpj1y5V0C8urzmd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
date: Mon, 19 Sep 2022 06:50:54 GMT
content-type: text/css; charset=utf-8
x-powered-by: Express
vary: Accept-Encoding
content-encoding: br
x-cms: ukit
cache-control: public, max-age=600
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

robinhoodlogiin-us.ukit.me/js/ulib/eventDispatcher.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234

185.129.100.126

200 OK

0 B

URL HTTP/2
robinhoodlogiin-us.ukit.me/js/ulib/eventDispatcher.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/ulib/eventDispatcher.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Cookie: __ddg1_=ZEx5Mvpj1y5V0C8urzmd; x-csrf-token=cAbZihOQKoLpPjLgY0Iz; i18n_b97b50e59a0819bd0fc9d477f903e77e923a904d2d8b87f90a15548b35124351=s%3A1d55f595832a8d0bc05384ecc183517a68d9ab00529e722f9a084a64b670788c24d06d606dead78fcc844ef5caa2e7502ffcce48a6cbe298a9b1a6e67cfacb7eee1d3124a75f61fcc057581a4de10838f7d51cd623df.q%2Br2FNrpzZ2fXqSt7zWU1Y%2BSHyFDW17%2F7XOKAU%2BjpQ8; session=l6FL_c75pnGAu4NsZW5xtQ.MfnypXoxWMZIuVRxbLiwJ_y5WYu15RPXN9nhZuMjV3iiJaxHAmh3neVUkmeNwatR1pWnk7cIxSCkH3O5k5IPDZpBiBoscThFudMfJnzurfO8rPQvmEgJ__-pAtFvIE24e6HrvEiTnpRsS_FwqCz0ICE6KBEc7WPSg5rXMVS40k-eWT6n4IWuAq9k9llc1F547leGffyATJDc2-84W1lzJ_eRT8nMcjN4Ofja8bC0hLKT-Iz7sSy7VBP1sxWAkPs4tTixb6MKsNBYhSPfOuyRQf5dV-RKHVPdZvTTbRyplHrV05nrfaZfziQu7eWpAq5YQLu-yv7x9iVF-F3fs2d69WAGt8B26bvaNtS9GmJGGbk.1663570254843.630720000000.Fasb5v6nL7AXJmi84kC4SB2Hrkk4IS4O64s7rkGuDpg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
date: Mon, 19 Sep 2022 06:50:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 07 Dec 2016 14:14:06 GMT
etag: W/"5848192e-89ef"
cache-control: max-age=3600, must-revalidate, public
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

robinhoodlogiin-us.ukit.me/js/ulib/scroll-animation.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234

185.129.100.126

200 OK

0 B

URL HTTP/2
robinhoodlogiin-us.ukit.me/js/ulib/scroll-animation.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234
IP
185.129.100.126:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/ulib/scroll-animation.js?v=2022_08_24T11_09_28_03_00_dd31e7e1efd0d8436e1d7b38ba53249ddf330234 HTTP/1.1
Host: robinhoodlogiin-us.ukit.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robinhoodlogiin-us.ukit.me/
Cookie: __ddg1_=ZEx5Mvpj1y5V0C8urzmd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
date: Mon, 19 Sep 2022 06:50:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 21 Dec 2021 09:32:58 GMT
etag: W/"61c19f4a-2111"
cache-control: max-age=3600, must-revalidate, public
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations