Report - 45.79.187.117/srci/918/mid/600/p-11

Report Overview

Visited public
2023-10-26 19:20:19
Tags
URL
45.79.187.117/srci/918/mid/600/p-11
Finishing URL
45.79.187.117/srci/918/mid/600/p-11
IP / ASN
45.79.187.117
#63949 Linode, LLC
Title
918-600-11## based in Tulsa, We have more...

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-10-26 19:11:22	437 B	1.4 kB	216.58.207.202
kit.fontawesome.com	1868	2012-10-18	2019-12-16 20:51:31	2023-10-26 18:16:00	435 B	12 kB	104.18.23.52
45.79.187.117	unknown	unknown	2020-04-09 10:51:31	2023-08-05 14:01:57	2.3 kB	59 kB	45.79.187.117
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-10-26 18:12:02	2.0 kB	4.2 kB	142.250.74.131
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-10-26 18:44:10	875 B	150 kB	142.250.74.168
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-10-26 19:03:39	527 B	12 kB	216.58.207.227
ka-f.fontawesome.com	3598	2012-10-18	2019-12-17 07:36:13	2023-10-26 18:16:00	2.0 kB	124 kB	172.64.131.9

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-10-26	medium	45.79.187.117	Sinkholed
2023-10-26	medium	45.79.187.117	Sinkholed
2023-10-26	medium	45.79.187.117	Sinkholed
2023-10-26	medium	45.79.187.117	Sinkholed
2023-10-26	medium	45.79.187.117	Sinkholed
2023-10-26	medium	45.79.187.117	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	From	Size	First Seen	Last Seen
	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-09
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 04:17 Times Seen340539 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.googletagmanager.com/gtag/js?id=UA-168238567-1	ScriptElement	190 kB	2023-10-26	2023-10-26
Pretty URL www.googletagmanager.com/gtag/js?id=UA-168238567-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-26 21:20 Last Seen2023-10-26 21:20 Times Seen1 Hash b9f5ec6c1f3858dca4cd1be8f0068e00 67c42415ccab21b2d72739b38325e1c90ab85831 3038d8d36a0f2ccbeef5e094e97780b46a74e579ebd0c5b45d0c52fb40d9620a Loading...

	45.79.187.117/srci/918/mid/600/p-11	ScriptElement	175 B	2023-05-31	2024-08-21
Pretty URL 45.79.187.117/srci/918/mid/600/p-11 IP 45.79.187.117 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-31 14:32 Last Seen2024-08-21 07:49 Times Seen18 Hash 9ee56ec7f4e6834aea5a3c2c253ce72c bbc9f560d11966d12952dffeba0c174209531df8 c874e2e797b4c1ac0b52695a80473e9a7d9ad95c687181cfeefa850c84782072 Loading...

	kit.fontawesome.com/e637e58ed3.js	ScriptElement	12 kB	2023-05-31	2023-11-26
Pretty URL kit.fontawesome.com/e637e58ed3.js IP 104.18.23.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-31 14:32 Last Seen2023-11-26 05:57 Times Seen10 Hash d8fdf0234dda483458e4ecd2742912da 300c8574597aa3c8554ae46aba919fedff8c6e92 e5fbfaa710a88934bd21812eaac2026eb1e483eeaaca68454819bf64823eeec4 Loading...

	45.79.187.117/ref/jquery-3.2.1.min.js	ScriptElement	87 kB	2023-03-07	2025-05-07
Pretty URL 45.79.187.117/ref/jquery-3.2.1.min.js IP 45.79.187.117 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-07 22:58 Times Seen1319 Hash 24f2e59beae1680f19632d9c1b89d730 b3a77b35c4809324ab79e64d40c4ee391234e008 39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f Loading...

	45.79.187.117/ref/mauhgtw.js	ScriptElement	3.6 kB	2023-05-31	2024-08-21
Pretty URL 45.79.187.117/ref/mauhgtw.js IP 45.79.187.117 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-31 14:32 Last Seen2024-08-21 07:49 Times Seen23 Hash b6a670fad6df2f1c6d0e248dae9a436d 7980d8fcbb72e726baf625216b15e82e572f7e7e 4ed3405ed4d8f2c95322fd0745dca5050920071add6d9235570e2d4f2ae1086d Loading...

	45.79.187.117/srci/918/mid/600/sandbox%20eval%20code		147 B	2023-04-11	2025-05-09
Pretty URL 45.79.187.117/srci/918/mid/600/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 04:17 Times Seen341339 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.googletagmanager.com/gtag/js?id=G-RHSFPK2YVQ&l=dataLayer&cx=c	ScriptElement	228 kB	2023-10-26	2023-10-26
Pretty URL www.googletagmanager.com/gtag/js?id=G-RHSFPK2YVQ&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-26 21:20 Last Seen2023-10-26 21:20 Times Seen1 Hash 64048b7cfeac3237341d48350e289529 c0a4faf58a4e7661a1f907b5e9896f5bcef189d9 63cd90f377dced855504fa10ed0b43ad29a1cfcfc0d85d1ed99e03efd40f9c85 Loading...

HTTP Transactions (21)

URL IP Response Size

45.79.187.117/srci/918/mid/600/p-11

45.79.187.117

200 OK

4.2 kB

URL User Request GET HTTP/1.1
45.79.187.117/srci/918/mid/600/p-11
IP
45.79.187.117:80
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (14480), with CRLF, LF line terminators
Size
4.2 kB (4175 bytes)
Hash
1d6ae5dc3cfbee22a7a67673ea0e0bf3
64c799970d27990f41ff6f37e5330c1fd0e3db4d
239450f14018495f2584a46ce86d306e149b58098401f95a0fa87abb91919039

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /srci/918/mid/600/p-11 HTTP/1.1
Host: 45.79.187.117
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 26 Oct 2023 19:20:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c088aa1505da9f4e034c43608e2135bb
0ea8e2a58b27fc8a7f547367c4fda26c78bdefd9
60c63114d67758ba8a98a5ceae6f2f0a6ca9b7a6e3367e6545517e78e07b74ad

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Oct 2023 19:20:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3c3f73d561909931bf5b3c20ab0b29b7
f37e526553114af3fb70d472a8ac18e6a2648d72
e70eda981d6b6acde45cc5479ac4e8f3d3dd56498156d6ffd9ef4949fd4d23ab

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Oct 2023 19:20:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-168238567-1

142.250.74.168

200 OK

69 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-168238567-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
http://45.79.187.117/srci/918/mid/600/p-11
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint81:B9:A4:E4:E4:84:05:A7:F6:52:4F:E2:74:27:36:05:0D:74:15:89
ValidityThu, 28 Sep 2023 05:26:20 GMT - Thu, 21 Dec 2023 05:26:19 GMT

File type
ASCII text, with very long lines (4179)
Size
69 kB (68621 bytes)
Hash
b9f5ec6c1f3858dca4cd1be8f0068e00
67c42415ccab21b2d72739b38325e1c90ab85831
3038d8d36a0f2ccbeef5e094e97780b46a74e579ebd0c5b45d0c52fb40d9620a

HTTP Headers

GET /gtag/js?id=UA-168238567-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://45.79.187.117/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 26 Oct 2023 19:20:01 GMT
expires: Thu, 26 Oct 2023 19:20:01 GMT
cache-control: private, max-age=900
last-modified: Thu, 26 Oct 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

45.79.187.117/ref/styles.css

45.79.187.117

200 OK

0 B

URL GET HTTP/1.1
45.79.187.117/ref/styles.css
IP
45.79.187.117:80
ASN
#63949 Linode, LLC

Requested by
http://45.79.187.117/srci/918/mid/600/p-11

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ref/styles.css HTTP/1.1
Host: 45.79.187.117
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.79.187.117/srci/918/mid/600/p-11
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 26 Oct 2023 19:20:01 GMT
Content-Type: text/css
Content-Length: 0
Connection: keep-alive
Last-Modified: Fri, 13 Mar 2020 11:09:00 GMT
ETag: "0-5a0ba7f23cf8f"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=2592000, public

45.79.187.117/ref/bootstrap.min.css

45.79.187.117

200 OK

20 kB

URL GET HTTP/1.1
45.79.187.117/ref/bootstrap.min.css
IP
45.79.187.117:80
ASN
#63949 Linode, LLC

Requested by
http://45.79.187.117/srci/918/mid/600/p-11

File type
ASCII text, with very long lines (65325)
Size
20 kB (20523 bytes)
Hash
00d6dfad6aeb16c54618f415a16d004a
2f1be2cb36fd4d6aaaec04b62225586dd54d442a
f9f1ce2a9079ebe7445ff10ac12b8f049abc43c499f4978297ec5dd23283a2e5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ref/bootstrap.min.css HTTP/1.1
Host: 45.79.187.117
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.79.187.117/srci/918/mid/600/p-11
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 26 Oct 2023 19:20:01 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Mar 2020 11:09:00 GMT
ETag: W/"235c0-5a0ba7f23bfef"
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=2592000, public
Content-Encoding: gzip

45.79.187.117/ref/mauhgtw.js

45.79.187.117

200 OK

1.1 kB

URL GET HTTP/1.1
45.79.187.117/ref/mauhgtw.js
IP
45.79.187.117:80
ASN
#63949 Linode, LLC

Requested by
http://45.79.187.117/srci/918/mid/600/p-11

File type
ASCII text, with very long lines (3641), with no line terminators
Size
1.1 kB (1129 bytes)
Hash
b6a670fad6df2f1c6d0e248dae9a436d
7980d8fcbb72e726baf625216b15e82e572f7e7e
4ed3405ed4d8f2c95322fd0745dca5050920071add6d9235570e2d4f2ae1086d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ref/mauhgtw.js HTTP/1.1
Host: 45.79.187.117
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.79.187.117/srci/918/mid/600/p-11
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 26 Oct 2023 19:20:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 02 Apr 2020 15:04:26 GMT
ETag: W/"e39-5a2501de66b4d"
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=2592000, public
Content-Encoding: gzip

45.79.187.117/ref/jquery-3.2.1.min.js

45.79.187.117

200 OK

30 kB

URL GET HTTP/1.1
45.79.187.117/ref/jquery-3.2.1.min.js
IP
45.79.187.117:80
ASN
#63949 Linode, LLC

Requested by
http://45.79.187.117/srci/918/mid/600/p-11

File type
ASCII text, with very long lines (32058)
Size
30 kB (30174 bytes)
Hash
24f2e59beae1680f19632d9c1b89d730
b3a77b35c4809324ab79e64d40c4ee391234e008
39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ref/jquery-3.2.1.min.js HTTP/1.1
Host: 45.79.187.117
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.79.187.117/srci/918/mid/600/p-11
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 26 Oct 2023 19:20:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Mar 2020 11:09:00 GMT
ETag: W/"15282-5a0ba7f23bfef"
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=2592000, public
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3c3f73d561909931bf5b3c20ab0b29b7
f37e526553114af3fb70d472a8ac18e6a2648d72
e70eda981d6b6acde45cc5479ac4e8f3d3dd56498156d6ffd9ef4949fd4d23ab

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Oct 2023 19:20:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c088aa1505da9f4e034c43608e2135bb
0ea8e2a58b27fc8a7f547367c4fda26c78bdefd9
60c63114d67758ba8a98a5ceae6f2f0a6ca9b7a6e3367e6545517e78e07b74ad

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Oct 2023 19:20:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-RHSFPK2YVQ&l=dataLayer&cx=c

142.250.74.168

200 OK

81 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-RHSFPK2YVQ&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
http://45.79.187.117/srci/918/mid/600/p-11
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint81:B9:A4:E4:E4:84:05:A7:F6:52:4F:E2:74:27:36:05:0D:74:15:89
ValidityThu, 28 Sep 2023 05:26:20 GMT - Thu, 21 Dec 2023 05:26:19 GMT

File type
ASCII text, with very long lines (5788)
Size
81 kB (80687 bytes)
Hash
64048b7cfeac3237341d48350e289529
c0a4faf58a4e7661a1f907b5e9896f5bcef189d9
63cd90f377dced855504fa10ed0b43ad29a1cfcfc0d85d1ed99e03efd40f9c85

HTTP Headers

GET /gtag/js?id=G-RHSFPK2YVQ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://45.79.187.117/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 26 Oct 2023 19:20:02 GMT
expires: Thu, 26 Oct 2023 19:20:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
762489f21e64159610410f6912dae74b
486de8848e389dfea01157fb9dc03f270d665e27
18b5806e63a3b9836ec6007ba5d377aa1235f849c609207987c26b02bd4b9ed5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Oct 2023 19:20:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/sen/v9/6xK0dSxYI9_dkN18-vZKK2EISCq5L4nAlQ.woff2

216.58.207.227

200 OK

11 kB

URL GET HTTP/2
fonts.gstatic.com/s/sen/v9/6xK0dSxYI9_dkN18-vZKK2EISCq5L4nAlQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://45.79.187.117/srci/918/mid/600/p-11
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint55:7F:79:64:ED:7A:04:50:63:54:9C:32:2A:AF:B7:95:17:D7:E0:33
ValidityThu, 28 Sep 2023 05:32:05 GMT - Thu, 21 Dec 2023 05:32:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 10900, version 1.0\012- data
Size
11 kB (10900 bytes)
Hash
854cd8719e95c0a1a3e94e2a71ed5795
c3d9a463a7a823b41d499f26f3df090f31142585
32c2cac3d7aa657e4a427d7fa827d4cd97446df11a7b7bfa59a9d345c9b7fb2e

HTTP Headers

GET /s/sen/v9/6xK0dSxYI9_dkN18-vZKK2EISCq5L4nAlQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://45.79.187.117
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Oct 2023 22:03:37 GMT
expires: Sat, 19 Oct 2024 22:03:37 GMT
cache-control: public, max-age=31536000
age: 508585
last-modified: Thu, 20 Jul 2023 20:47:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
762489f21e64159610410f6912dae74b
486de8848e389dfea01157fb9dc03f270d665e27
18b5806e63a3b9836ec6007ba5d377aa1235f849c609207987c26b02bd4b9ed5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Oct 2023 19:20:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=e637e58ed3

172.64.131.9

200 OK

14 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=e637e58ed3
IP
172.64.131.9:443
ASN
#13335 CLOUDFLARENET

Requested by
http://45.79.187.117/srci/918/mid/600/p-11
Certificate
IssuerGoogle Trust Services LLC
Subjectka-f.fontawesome.com
Fingerprint64:27:AB:CA:DB:24:8C:C9:87:09:13:04:21:49:9C:6A:4E:DD:97:93
ValiditySun, 10 Sep 2023 05:39:32 GMT - Sat, 09 Dec 2023 05:39:31 GMT

File type
ASCII text, with very long lines (60130)
Size
14 kB (13596 bytes)
Hash
a12ec7ebe75a4d59a5dd6b79e2ba2e16
28f5dcc595ee6d4163481ef64170180502c8629b
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

HTTP Headers

GET /releases/v5.15.4/css/free.min.css?token=e637e58ed3 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://45.79.187.117/
Origin: http://45.79.187.117
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 26 Oct 2023 19:20:02 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a481094379fbeeb96ddc8b0f96f0ce90.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: 32iP_ugaGtKSYG25r2Tf_olRNCLo4JgHI998FUePZGWeO99yuTt-eg==
age: 1784167
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bzc5mD5mIbJmGYJHXDhMkDM37HxJh3QXcifqUCvzgzGsirNlwChBrwkbZ5n6dEKSeBGMZlUVFEGP2krbXCH3A4sOXFgZPfWZo%2F4FQC9%2FPMSSiTfuQjK0ETSonRlxZ32b9GkMDpqdmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81c50de63ea8653f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2

172.64.131.9

200 OK

77 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
IP
172.64.131.9:443
ASN
#13335 CLOUDFLARENET

Requested by
http://45.79.187.117/srci/918/mid/600/p-11
Certificate
IssuerGoogle Trust Services LLC
Subjectka-f.fontawesome.com
Fingerprint64:27:AB:CA:DB:24:8C:C9:87:09:13:04:21:49:9C:6A:4E:DD:97:93
ValiditySun, 10 Sep 2023 05:39:32 GMT - Sat, 09 Dec 2023 05:39:31 GMT

File type
Web Open Font Format (Version 2), TrueType, length 76736, version 331.-31196\012- data
Size
77 kB (76736 bytes)
Hash
4f5ec865a8274ab291b6a42b5f70639e
6f00f8c75208b96e585646824c4011093446acd2
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

HTTP Headers

GET /releases/v5.15.4/webfonts/free-fa-brands-400.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://45.79.187.117
DNT: 1
Connection: keep-alive
Referer: http://45.79.187.117/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Oct 2023 19:20:02 GMT
content-type: font/woff2
content-length: 76736
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
etag: "4f5ec865a8274ab291b6a42b5f70639e"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 329cb27be8d7871661ed5a94ecaacb28.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: CTZBFm3nUQfDQGL2uZYxfw96aLc9rWMmZ-aAwlWyDsQu97lJd7Makg==
age: 243789
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3S%2FO1WXXHyBGAehSNDD35XHfNan7Elt7UBzzCpkt0atq6g3HHgbSLtps4NcWe4rSJQ%2B8EhzvGwDRW2fc3ztMQjrfIuJ3L%2FFCX3Y6Nv%2FUBdziATu%2Bn0vT%2BU%2FmQDlk%2FuUKZS7K0Q65w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81c50de74897653f-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=e637e58ed3

172.64.131.9

200 OK

27 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=e637e58ed3
IP
172.64.131.9:443
ASN
#13335 CLOUDFLARENET

Requested by
http://45.79.187.117/srci/918/mid/600/p-11
Certificate
IssuerGoogle Trust Services LLC
Subjectka-f.fontawesome.com
Fingerprint64:27:AB:CA:DB:24:8C:C9:87:09:13:04:21:49:9C:6A:4E:DD:97:93
ValiditySun, 10 Sep 2023 05:39:32 GMT - Sat, 09 Dec 2023 05:39:31 GMT

File type
ASCII text, with very long lines (26500)
Size
27 kB (26682 bytes)
Hash
76f34b71fc9fb641507ff6a822cc07f5
73ed2f8f21cd40fb496e61306acbb5849d4dbff4
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

HTTP Headers

GET /releases/v5.15.4/css/free-v4-shims.min.css?token=e637e58ed3 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://45.79.187.117/
Origin: http://45.79.187.117
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 26 Oct 2023 19:20:02 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 76cca2ef798b9dc955bb151bf3bff218.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: 4sZhEu9k0amp_YQT7ABCjG5v1sY-9sQt-4OZpBGKagpfE_7W1z4S-w==
age: 1784167
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOq9nTRMAKlzfvPt6Ueos8cCflCWDg%2FlqFK%2FiSi%2BhlgcyVG69VCw58BkW2EGxfUOoei9xIZDrZzJkuCthdqvhwa8NARx8bQgOiflGMTNpImVC70QANMg0WEmH1m2Fxjc1jLI3Nx6XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81c50de64ec0653f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

45.79.187.117/favicon-16x16.png

45.79.187.117

200 OK

703 B

URL GET HTTP/1.1
45.79.187.117/favicon-16x16.png
IP
45.79.187.117:80
ASN
#63949 Linode, LLC

Requested by
http://45.79.187.117/srci/918/mid/600/p-11

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
703 B (703 bytes)
Hash
4e34e9886719ed4fe46d941329e83d18
78a21d9b53b811d7ae407f646783824bc3262a43
15d53e2930a5adca714880f97207b0ecc935788d953ff6bc01ae9984af483775

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon-16x16.png HTTP/1.1
Host: 45.79.187.117
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.79.187.117/srci/918/mid/600/p-11
Cookie: _ga_RHSFPK2YVQ=GS1.1.1698348003.1.0.1698348003.0.0.0; _ga=GA1.1.275409698.1698348003
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 26 Oct 2023 19:20:02 GMT
Content-Type: image/png
Content-Length: 703
Connection: keep-alive
Last-Modified: Fri, 27 Mar 2020 11:21:27 GMT
ETag: "2bf-5a1d44d6373e9"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=2592000, public

fonts.googleapis.com/css?family=Sen&display=swap

216.58.207.202

200 OK

787 B

URL GET HTTP/2
fonts.googleapis.com/css?family=Sen&display=swap
IP
216.58.207.202:443
ASN
#15169 GOOGLE

Requested by
http://45.79.187.117/srci/918/mid/600/p-11
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint28:23:2B:8B:2D:09:6C:BB:06:7A:35:80:95:BB:F8:03:41:C8:99:2C
ValidityThu, 28 Sep 2023 05:32:05 GMT - Thu, 21 Dec 2023 05:32:04 GMT

File type
ASCII text, with very long lines (805), with no line terminators
Size
787 B (787 bytes)
Hash
e6cd106b48927dbc74c4eeda6f5f76db
db6b85626f534e0ff25a24a968cdcfe431ae1f0c
d73c4debf3b26e6a18485ef2323af5c7ba168332ac0bcedc7e8a61168476ebbe

HTTP Headers

GET /css?family=Sen&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://45.79.187.117/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Oct 2023 19:20:01 GMT
date: Thu, 26 Oct 2023 19:20:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

kit.fontawesome.com/e637e58ed3.js

104.18.23.52

200 OK

12 kB

URL GET HTTP/2
kit.fontawesome.com/e637e58ed3.js
IP
104.18.23.52:443
ASN
#13335 CLOUDFLARENET

Requested by
http://45.79.187.117/srci/918/mid/600/p-11
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (11213)
Size
12 kB (11643 bytes)
Hash
d8fdf0234dda483458e4ecd2742912da
300c8574597aa3c8554ae46aba919fedff8c6e92
e5fbfaa710a88934bd21812eaac2026eb1e483eeaaca68454819bf64823eeec4

HTTP Headers

GET /e637e58ed3.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://45.79.187.117
DNT: 1
Connection: keep-alive
Referer: http://45.79.187.117/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 26 Oct 2023 19:20:01 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F2QDJdcTAZa36r4Aw17C
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 81c50de2dce3b505-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=e637e58ed3

172.64.131.9

200 OK

3.0 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=e637e58ed3
IP
172.64.131.9:443
ASN
#13335 CLOUDFLARENET

Requested by
http://45.79.187.117/srci/918/mid/600/p-11
Certificate
IssuerGoogle Trust Services LLC
Subjectka-f.fontawesome.com
Fingerprint64:27:AB:CA:DB:24:8C:C9:87:09:13:04:21:49:9C:6A:4E:DD:97:93
ValiditySun, 10 Sep 2023 05:39:32 GMT - Sat, 09 Dec 2023 05:39:31 GMT

File type
ASCII text, with very long lines (3007), with no line terminators
Size
3.0 kB (2956 bytes)
Hash
164aeedbf1c90c5467de5320f9f2d89e
63fdf9f59785c7b84dc82523cc76d81773e9c60b
676748e7bec72f0310e785f353d6b9e33305b577b57a08c57f98d1ce9e77ed25

HTTP Headers

GET /releases/v5.15.4/css/free-v4-font-face.min.css?token=e637e58ed3 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://45.79.187.117/
Origin: http://45.79.187.117
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 26 Oct 2023 19:20:02 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 329cb27be8d7871661ed5a94ecaacb28.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: bgpOdpk7MJdx4Qd4jXfIB8iqhYCbvkremODgq9JKRFuSPhGfrB1OyQ==
age: 1784167
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNkiZ2sW%2FdyDGZ%2BQvO3cmQUhvFT1tvS4mWUIpUvAbxd0Z2n5r4avrZHunOXijBAzyd3RwaYHunnGr3uXB9Ab%2Bryd9ZZI1Ml49v2Qe8w8Woczl5DFufJ2PYTlfwM7SaqdWW9VJnH77w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81c50de64ebd653f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (21)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP