Report - boxupton.com/

Report Overview

Visited public
2024-08-23 15:50:39
Tags
URL
boxupton.com/
Finishing URL
boxupton.com/
IP / ASN
188.114.96.1
#13335 CLOUDFLARENET
Title
BOXUPTON.com - Official

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-08-22 18:12:04	981 B	2.7 kB	23.36.76.226
unpkg.com	11693	2016-01-06	2016-01-08 00:26:01	2024-08-23 08:07:19	869 B	174 kB	104.17.247.203
static.okx.com	390310	2001-07-03	2022-12-01 01:12:01	2024-08-21 18:41:27	894 B	6.2 kB	143.204.55.27
www.cloudflare.com	6775	2009-02-17	2012-05-22 15:19:15	2024-08-23 11:22:54	431 B	594 B	104.16.124.96
wallet.tg	unknown	2023-09-25	2020-01-18 00:26:36	2024-08-22 17:08:19	423 B	1.2 kB	0.0.0.0
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-08-22 18:12:25	2.0 kB	5.3 kB	23.36.76.226
tonkeeper.com	284047	2021-08-20	2021-08-25 01:38:14	2024-08-22 17:08:19	432 B	4.6 kB	104.26.3.107
static.mytonwallet.io	unknown	2022-03-28	2024-07-22 10:39:01	2024-08-21 18:15:44	426 B	18 kB	143.204.55.43
s.pvcliping.com	436163	2017-03-07	2020-04-26 07:25:14	2024-08-22 15:09:36	441 B	1.6 kB	128.1.77.227
xtonwallet.com	unknown	2022-11-06	2022-12-10 22:12:16	2024-08-22 17:08:19	435 B	8.8 kB	188.114.97.1
ocsp.trust-provider.cn	unknown	2015-04-09	2022-02-10 09:18:30	2024-08-22 22:28:44	334 B	1.1 kB	172.64.149.23
boxupton.com	unknown	unknown	No data	No data	14 kB	6.1 MB	188.114.97.1
blastup.io	unknown	2023-12-22	2024-01-17 18:59:03	2024-02-26 13:02:34	1.5 kB	174 kB	172.66.43.146
raw.githubusercontent.com	35802	2014-02-06	2014-03-01 08:08:08	2024-08-22 19:07:02	2.9 kB	827 kB	185.199.108.133
photo2010my.com	unknown	unknown	No data	No data	1.1 kB	1.2 kB	188.114.96.1
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2024-08-23 07:43:13	406 B	32 kB	151.101.194.137
tonhub.com	unknown	2021-02-27	2015-09-27 04:20:45	2024-08-22 17:08:19	422 B	70 kB	104.26.1.199
wallet.ton.org	unknown	2003-11-13	2023-12-21 10:52:39	2024-08-22 17:08:19	430 B	17 kB	104.26.14.213

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	photo2010my.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	photo2010my.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed
2024-08-23	medium	boxupton.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (6)

	URL	From	Size	First Seen	Last Seen
	boxupton.com/tod.pro.js	ScriptElement	50 kB	2024-08-29	2024-08-29
Pretty URL boxupton.com/tod.pro.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-29 18:07 Last Seen2024-08-29 18:07 Times Seen1 Hash 1c794bca85d915a85bf8f1a01f89513b fb3a5f7f7f245e6a1d47e72714c2e789ee917729 b3a7f3680c45f08aee85d2b8d8a8f1e9f3e2cf434d3fd2b91cbc09ebe05e52d9 Loading...

	unpkg.com/@tonconnect/ui@latest/dist/tonconnect-ui.min.js	ScriptElement	325 kB	2024-08-23	2024-12-08
Pretty URL unpkg.com/@tonconnect/ui@latest/dist/tonconnect-ui.min.js IP 104.17.247.203 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-23 17:50 Last Seen2024-12-08 05:03 Times Seen5 Hash a143ba0dfd05743e5a81c925b96a3b81 bd0821992df7f3f132d353437f0c006fa3b733ab 31942476ae28cad9113c1536375245ccb88240d9fa3f637492be79998a19663f Loading...

	boxupton.com/js/jquery.js	ScriptElement	248 kB	2023-03-12	2025-04-13
Pretty URL boxupton.com/js/jquery.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:24 Last Seen2025-04-13 09:17 Times Seen8 Hash bd5acd460aa627c4187fecc7c6894992 ff4ae0ffc83511bf08248d0eef1778b03b8ab2a5 0765d0119c7638a5fbd9053f023ce1f114a0a7ad7b2953be8ec322a553e12146 Loading...

	boxupton.com/js/jquery.min.js	ScriptElement	84 kB	2023-03-07	2025-05-01
Pretty URL boxupton.com/js/jquery.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-05-01 22:19 Times Seen9701 Hash 7a7b18606448bded22cd1cf48d4712cc 5b9df089eb85cecb320fd9ed3f0f9da173c92d61 ab0d063b4ff2827192c0e44103d3091457a1d2374c3b6243721c5679bb61eae2 Loading...

	code.jquery.com/jquery-3.6.0.min.js	ScriptElement	90 kB	2023-03-07	2025-05-02
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-02 04:18 Times Seen204081 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	boxupton.com/	ScriptElement	1.7 kB	2024-08-29	2024-08-29
Pretty URL boxupton.com/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-29 18:07 Last Seen2024-08-29 18:07 Times Seen1 Hash 14484f1a170e4ef98b796eeb6d7ef1b9 ac556e23dd3f00431bdf5b28e63dea43c919de9b c83cef1d909a7829f6ad2b1135e107de287b124b206083761dc3ebbbe77f3d02 Loading...

HTTP Transactions (66)

URL IP Response Size

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
13ea5888d3245867e3b2271529ae3a07
2ac08d083a3db9818f13427caf2afd6ffe844e19
5c2f7da36674ccad93a922282c4cc5dc25ffe3e17206be2fc0e1dfa98181fd46

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5C2F7DA36674CCAD93A922282C4CC5DC25FFE3E17206BE2FC0E1DFA98181FD46"
Last-Modified: Thu, 22 Aug 2024 00:55:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5824
Expires: Fri, 23 Aug 2024 17:27:13 GMT
Date: Fri, 23 Aug 2024 15:50:09 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
189517abaffd3ad15fac051239960c9d
99019d46813ecf2b1215757ca1f05ac850b9f692
31daadeeb8828e5e01008ca5a4e7c5fba0acf5517903eafce413a10dcfe66fdb

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "31DAADEEB8828E5E01008CA5A4E7C5FBA0ACF5517903EAFCE413A10DCFE66FDB"
Last-Modified: Wed, 21 Aug 2024 06:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4262
Expires: Fri, 23 Aug 2024 17:01:11 GMT
Date: Fri, 23 Aug 2024 15:50:09 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
8541cd70139dfda2d95ed0b4e252f586
38437f949815bd7b58655cc9dba515e53a6abee6
21b5b0e771d125bc1d1cd5b12f7bb8567f86c7ab1fe44c531bb98e84a62bfdf0

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "21B5B0E771D125BC1D1CD5B12F7BB8567F86C7AB1FE44C531BB98E84A62BFDF0"
Last-Modified: Thu, 22 Aug 2024 09:59:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5070
Expires: Fri, 23 Aug 2024 17:14:40 GMT
Date: Fri, 23 Aug 2024 15:50:10 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
fa24406b28144f03c66e0892b293241b
64ec25a3e583dcd2ea13558272ac7badebbfc3d6
8d1b5de3eaf9d4ae520c30cb01548286eeb9853665444c34be6caac091af5638

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "8D1B5DE3EAF9D4AE520C30CB01548286EEB9853665444C34BE6CAAC091AF5638"
Last-Modified: Wed, 21 Aug 2024 03:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15896
Expires: Fri, 23 Aug 2024 20:15:06 GMT
Date: Fri, 23 Aug 2024 15:50:10 GMT
Connection: keep-alive

code.jquery.com/jquery-3.6.0.min.js

151.101.194.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://boxupton.com/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 23 Aug 2024 15:50:11 GMT
age: 2445956
x-served-by: cache-lga21931-LGA, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 558849
x-timer: S1724428211.295076,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

boxupton.com/images/ton.gif

188.114.97.1

200 OK

1.3 MB

URL GET HTTP/3
boxupton.com/images/ton.gif
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
GIF image data, version 89a, 512 x 512
Size
1.3 MB (1344528 bytes)
Hash
c7810e9e28940e02887e4903da6b1b83
a9e793ba169cad14fde879b7b25e44fddec3ccfd
777eaedd296700885141d24dbf1cbd35689b1159b4f76aaf78ba8b6dcdc17deb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/ton.gif HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:11 GMT
content-type: image/gif
content-length: 1344528
last-modified: Mon, 19 Aug 2024 19:39:15 GMT
etag: "66c39f63-148410"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JF7GD1UVV6IGUOXYhqjYV360ud77y9iOTSErGLM5VCWmMnqLJmNWAwVvtICwbaQScIKaky%2BdLWrSfgGT%2FCoFWq0ZrezPDTiI32N7wLvoqVE53IxGvWrtLr1jsT1MycA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41bfa8491bfa-OSL
alt-svc: h3=":443"; ma=86400

blastup.io/_next/static/media/aa8d273d9caf0df4-s.p.woff2

172.66.43.146

200 OK

51 kB

URL GET HTTP/2
blastup.io/_next/static/media/aa8d273d9caf0df4-s.p.woff2
IP
172.66.43.146:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectblastup.io
Fingerprint6A:31:E4:F5:06:19:3E:D3:97:6B:66:38:10:43:FA:EB:A0:8E:EC:59
ValidityFri, 28 Jun 2024 18:42:14 GMT - Thu, 26 Sep 2024 18:42:13 GMT

File type
Web Open Font Format (Version 2), TrueType, length 51204, version 1.0
Size
51 kB (51204 bytes)
Hash
78cc8ece1b35bcc532eb235639d79121
e7f01d4b32de184ea26bae6bba04537927d235a2
a8a7899f0bbc9094028351fd7bfa9e4cd2d7fa08c630146a85260a90bb1059d1

HTTP Headers

GET /_next/static/media/aa8d273d9caf0df4-s.p.woff2 HTTP/1.1
Host: blastup.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://boxupton.com/
Origin: https://boxupton.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 23 Aug 2024 15:50:11 GMT
content-type: font/woff2
content-length: 51204
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "e976518fb6f6851f243ee65f015e4be8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xdYaByeilt9PEnptZ0sPi%2FKcEzJWAplCD8D7BmxG5TNevE9vSZSg%2B5xS97QZ3TnJQS3pFV7RO0UbVguQtsTq2pS%2FvxrX04545xES3qzWiVI02OKlSphq3BZo9bem"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8b7c41c1bcd056c6-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

blastup.io/_next/static/media/61b81e7bde89ba40-s.p.woff2

172.66.43.146

200 OK

31 kB

URL GET HTTP/2
blastup.io/_next/static/media/61b81e7bde89ba40-s.p.woff2
IP
172.66.43.146:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectblastup.io
Fingerprint6A:31:E4:F5:06:19:3E:D3:97:6B:66:38:10:43:FA:EB:A0:8E:EC:59
ValidityFri, 28 Jun 2024 18:42:14 GMT - Thu, 26 Sep 2024 18:42:13 GMT

File type
Web Open Font Format (Version 2), TrueType, length 31040, version 1.0
Size
31 kB (31040 bytes)
Hash
e7c8b3a1196384678e2b2044f8baa115
c12801af391b80141edf296621373dac5fcbd6dc
0cdf1e4b27f7420b0ad37ad1d6bac03f7470438bc8f49de10bcf1440dc4fd37b

HTTP Headers

GET /_next/static/media/61b81e7bde89ba40-s.p.woff2 HTTP/1.1
Host: blastup.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://boxupton.com/
Origin: https://boxupton.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 23 Aug 2024 15:50:11 GMT
content-type: font/woff2
content-length: 31040
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "128a9b90c5ec354c3b71043fdc0d2399"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2BZI4Xr2tcKfR4o6j1Mu7tP6su1GyWBUt65%2BI9ETI5W3WrNxB%2BmWB2D3U37tkV2XzcSuCE2KP%2BhSAYNXi0pqSkGJX0KYc3T7MmbRZQOR8DVP0WujUCA2A8Jz2tuE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8b7c41c1bcdd56c6-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

boxupton.com/fonts/aa8d273d9caf0df4-s.p.woff2

188.114.97.1

200 OK

60 kB

URL GET HTTP/3
boxupton.com/fonts/aa8d273d9caf0df4-s.p.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 16128, version -28672.256
Size
60 kB (59712 bytes)
Hash
180ee6ee1a9fdebb13793f62ef389e5e
a0365222dcf4c2ad8c60747d2387b000e7dd1375
cb8445021d0de347e5e42c2b3a97627ec0cf21debfed224ebf6b64bd69520518

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/aa8d273d9caf0df4-s.p.woff2 HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/css/efede304a6457402.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:12 GMT
content-type: font/woff2
content-length: 59712
last-modified: Mon, 19 Aug 2024 19:39:04 GMT
etag: "66c39f58-e940"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C9LLbCokDoLcocs4smAsgzAIxXnGHHl8zNjfxVx07D6qeP4a4ju%2FDBHdn0YTk4kvZ2w3y1DlPPqPVBpq9Aq2ukJEAX5ViTuymgA8YYtxZC%2Fki%2Bfw8mCsMw99uzynX4A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41c609b91bfa-OSL
alt-svc: h3=":443"; ma=86400

unpkg.com/@tonconnect/ui@latest/dist/tonconnect-ui.min.js

104.17.247.203

302 Found

36 kB

URL GET HTTP/2
unpkg.com/@tonconnect/ui@latest/dist/tonconnect-ui.min.js
IP
104.17.247.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectunpkg.com
Fingerprint78:2B:78:78:28:26:0C:48:36:B0:F1:BE:16:37:48:76:93:BB:A7:42
ValiditySun, 28 Jul 2024 05:23:27 GMT - Sat, 26 Oct 2024 05:23:26 GMT

File type
ASCII text, with no line terminators
Size
36 kB (36463 bytes)
Hash
9ede44cf70ce6a1e586a00af09fc9952
0f466b010f3594666897a5479924ea1a7c8cad2b
99f5069bfee53827588911842824a216351e204d47c2cc7783e3f8ea4d0934e4

HTTP Headers

GET /@tonconnect/ui@latest/dist/tonconnect-ui.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 23 Aug 2024 15:50:11 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /@tonconnect/ui@2.0.9/dist/tonconnect-ui.min.js
vary: Accept, Accept-Encoding
content-encoding: br
via: 1.1 fly.io
fly-request-id: 01J5ZYFFAEDRCVEMTNFQ34V3G1-arn
cf-cache-status: HIT
age: 432
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8b7c41bffb5cb50b-OSL
X-Firefox-Spdy: h2

boxupton.com/fonts/61b81e7bde89ba40-s.p.woff2

188.114.97.1

200 OK

36 kB

URL GET HTTP/3
boxupton.com/fonts/61b81e7bde89ba40-s.p.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 31040, version 256.0
Size
36 kB (36390 bytes)
Hash
762e70459dee9dd862497304005e6f92
c947cf88d95d0f5f4a391b9d859610733b1dee31
cd61c51f194a92d6e448a9a2bc267c8fff7eea2abfeef2c6e6c708350cd2dd76

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/61b81e7bde89ba40-s.p.woff2 HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/css/b12e68bb23e7cef0.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:12 GMT
content-type: font/woff2
content-length: 36390
last-modified: Mon, 19 Aug 2024 19:39:04 GMT
etag: "66c39f58-8e26"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rj1X%2Bgc14cNGRl2K%2BY6pIGeaKoiBhnYnE%2BFqlLGQJvGTuSoqQOsTMq%2FAzjX09H48R0iIFqW7Z09yGzaUwdIp8gqJ4OWjqU2D2Zs1cszKsqmTFPv3tS31chD3u52SssY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41c639fa1bfa-OSL
alt-svc: h3=":443"; ma=86400

boxupton.com/css/b12e68bb23e7cef0.css

188.114.97.1

200 OK

63 kB

URL GET HTTP/3
boxupton.com/css/b12e68bb23e7cef0.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
gzip compressed data, max speed, from Unix
Size
63 kB (63184 bytes)
Hash
d0ed760cea34dd82659beec7602e8e45
febc63e8f6c43490cdfdb094418b921ae46af1c7
d516db8480e7a2728c26e2617fa8e6f87785ce641cb6fec705eb05fbb1565e79

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/b12e68bb23e7cef0.css HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:11 GMT
content-type: text/css
last-modified: Mon, 19 Aug 2024 19:39:04 GMT
etag: W/"66c39f58-e276"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lmsNol7HHbDdfPWEp7Ei0BVGBlJ2f2%2BslvQCyTxBGHyjdrNIFrHodtX4KBQNsZgyTGa4rT%2BDbhAadr%2FPNq3aNZ9uPU8apMW4WMARX9WoEIZzpIrZtNQ%2BtiKxRAnG%2B%2Bs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41bf98341bfa-OSL
alt-svc: h3=":443"; ma=86400

boxupton.com/

188.114.97.1

200 OK

45 kB

URL User Request GET HTTP/2
boxupton.com/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2424)
Size
45 kB (45210 bytes)
Hash
d201a4edf28502ee99cfff016785f7ea
feefc4eea7c8058f8c663438fe553bb46e001967
60c2dffb12cf249e50841878ae9e9c7320fde4435b69ac66f6d29338ced46014

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 23 Aug 2024 15:50:10 GMT
content-type: text/html; charset=UTF-8
last-modified: Mon, 19 Aug 2024 19:39:04 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PA82etZNUBhHJZMXbRb0GhUf85HtV3cmKn8vEH3F0B%2BOFFwUrvNLeczJFVDhuuf2G3DSthIG%2B1K2ixMc2mWJsUeqoz4YtNeC9BWj8XGy%2FgvDopD%2FXTmt6tV5RASKP%2BA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b7c41bcadec0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

boxupton.com/media/box.webm

188.114.97.1

206 Partial Content

420 kB

URL GET HTTP/3
boxupton.com/media/box.webm
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
WebM
Size
420 kB (419516 bytes)
Hash
3b6f38a1b45eeccd8a4125c1ff4cacc8
16acbbe14c49a0408b04ad7bc3c14004479afee0
3e76d756609a91eaa58a995427900971c555eb61a9f2cb27958457decb4a84c1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/box.webm HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 206 Partial Content
date: Fri, 23 Aug 2024 15:50:12 GMT
content-type: video/webm
content-length: 419516
last-modified: Mon, 19 Aug 2024 19:39:11 GMT
etag: "666bc-6200e7694f0e9"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
content-range: bytes 0-419515/419516
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5yEGGwr1lhN74dU03G7I8IYL6FZriCFloDEjV4uH8f2IRMzKPtzk23lGXNx2VxnrPc3AbBuLdG7tMZMEBd9Am5i99sy0vyQTvlwJNTcgdvBDANjR6w6hNHWsG1no8VI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41c6badb1bfa-OSL
alt-svc: h3=":443"; ma=86400

boxupton.com/images/pass.ba754725.png

188.114.97.1

200 OK

78 kB

URL GET HTTP/3
boxupton.com/images/pass.ba754725.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced
Size
78 kB (77484 bytes)
Hash
860a8269fca57dc89866db4e4be633a5
13b238d43925ed898784d18be3b9b18e4f5a0d8b
cf354f0d71bf3da9e2d8f042a71a9b66286c71c7f1e3eeeffd5db763ee7cbb5c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/pass.ba754725.png HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:12 GMT
content-type: image/png
content-length: 77484
last-modified: Mon, 19 Aug 2024 19:39:07 GMT
etag: "66c39f5b-12eac"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WKF4zbEBfdf%2Bdh%2BZG%2Bgcp0NAOqd5mWgsUu3dS6m75sqd%2BAO0Bj4waelMFUJz2lQq79hjcOBGeNLYmy3%2BVqKm06IWAKrfJXFqm0VrynxFDw96aIOTkoJXF87TOBGgn8o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41c74bc21bfa-OSL
alt-svc: h3=":443"; ma=86400

boxupton.com/images/token.a6f58887.png

188.114.97.1

200 OK

135 kB

URL GET HTTP/3
boxupton.com/images/token.a6f58887.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced
Size
135 kB (135197 bytes)
Hash
3bc0f25bb9097b0d4e94cd9f7757af50
9848e723ca7fd60a77a74a050ecf2ed2ba67ad14
25839514cf165ca0d41d1d75a2509581a0f17fae006f631d67d1ab7ea9e976bb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/token.a6f58887.png HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:12 GMT
content-type: image/png
content-length: 135197
last-modified: Mon, 19 Aug 2024 19:39:09 GMT
etag: "66c39f5d-2101d"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vhYI6jubZsTxyyO%2FTzbb3vAQI%2BQu%2BsSdvEPn3YbQI%2BaL9KkidnYy%2BuR2et%2FTIJomSh6WtKnMylm6gDgX4aUEbjBI5YV8IyC6hthrRVdR%2BxMvXc%2F3V270Q0%2BnI%2Bgryqo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41c74bbf1bfa-OSL
alt-svc: h3=":443"; ma=86400

boxupton.com/images/bg.365595d2.png

188.114.97.1

200 OK

59 kB

URL GET HTTP/3
boxupton.com/images/bg.365595d2.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
PNG image data, 916 x 240, 8-bit colormap, non-interlaced
Size
59 kB (59337 bytes)
Hash
225e1d1ae878def28fdda9c8c39fc8c8
0a002972fb9ab45d9e55944e12dc5c3e447e5443
eb5ab6b06e253e6af6b64156db1a2320ffda00644ded52f1a94ae6b80e8439cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/bg.365595d2.png HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:12 GMT
content-type: image/png
content-length: 59337
last-modified: Mon, 19 Aug 2024 19:39:05 GMT
etag: "66c39f59-e7c9"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8OgdZpE8caLuqa3J6BM%2Bq244FnVdYBMhkIXhM5nGEqspDlDnfATdoXf2EzLJepuHtmq%2FwCVq1Tt4cgaMfqW50hesfmavkH8OztBrOi8Br5spvOA%2Bkjm4gQRCXrfulHc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41c73bb01bfa-OSL
alt-svc: h3=":443"; ma=86400

raw.githubusercontent.com/ton-blockchain/wallets-list/main/wallets-v2.json

185.199.108.133

200 OK

1.3 kB

URL GET HTTP/2
raw.githubusercontent.com/ton-blockchain/wallets-list/main/wallets-v2.json
IP
185.199.108.133:443
ASN
#54113 FASTLY

Requested by
https://boxupton.com/
Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type
JSON text data
Size
1.3 kB (1252 bytes)
Hash
cc73e791e9778f5a654922c8a8939788
35dc14d60f1756a076de17c1b385243d71dbe130
363cf1722ddba8ed66ebbb21f36ac9a6c22c8c468b55dae2ea1a84d780155611

HTTP Headers

GET /ton-blockchain/wallets-list/main/wallets-v2.json HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://boxupton.com/
Origin: https://boxupton.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: text/plain; charset=utf-8
etag: W/"660f92acede9d24e7943c41615d932c9da2102468b25a97d262b47d9cb9fcbac"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: B850:240A07:98498A:9FD1EE:66C8AFB4
content-encoding: gzip
accept-ranges: bytes
date: Fri, 23 Aug 2024 15:50:12 GMT
via: 1.1 varnish
x-served-by: cache-hel1410024-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1724428212.413802,VS0,VE118
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 448c98170fbc0e1c99a0a6042ac56fc8b2fbdf43
expires: Fri, 23 Aug 2024 15:55:12 GMT
source-age: 0
content-length: 1252
X-Firefox-Spdy: h2

boxupton.com/images/nft.af8878ef.png

188.114.97.1

200 OK

140 kB

URL GET HTTP/3
boxupton.com/images/nft.af8878ef.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced
Size
140 kB (139845 bytes)
Hash
3cab49822797d2bb434823bf3c81ced0
de968a506b2ab7873e23abfe4d6bde6223d310e3
4f902cd6c874028a8ab43608d7891c4a9a90226bbbbd95f5c440a0cca40b6c04

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/nft.af8878ef.png HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:12 GMT
content-type: image/png
content-length: 139845
last-modified: Mon, 19 Aug 2024 19:39:07 GMT
etag: "66c39f5b-22245"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gGzBLPELwXeFaO4vaOo7I3S7IUVzlNWWgi%2FpIjpMUDpRrSaQpGoregqTkyUo%2B%2BRHKNKhNTReDYxBJCi4%2FOOb2uGR877oa0g6ekt74AsY6ygNDZAqK88WHDs5MVdjzVA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41c74bc11bfa-OSL
alt-svc: h3=":443"; ma=86400

unpkg.com/@tonconnect/ui@2.0.9/dist/tonconnect-ui.min.js

104.17.247.203

200 OK

136 kB

URL GET HTTP/2
unpkg.com/@tonconnect/ui@2.0.9/dist/tonconnect-ui.min.js
IP
104.17.247.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectunpkg.com
Fingerprint78:2B:78:78:28:26:0C:48:36:B0:F1:BE:16:37:48:76:93:BB:A7:42
ValiditySun, 28 Jul 2024 05:23:27 GMT - Sat, 26 Oct 2024 05:23:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
136 kB (136008 bytes)
Hash
a143ba0dfd05743e5a81c925b96a3b81
bd0821992df7f3f132d353437f0c006fa3b733ab
31942476ae28cad9113c1536375245ccb88240d9fa3f637492be79998a19663f

HTTP Headers

GET /@tonconnect/ui@2.0.9/dist/tonconnect-ui.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://boxupton.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Aug 2024 15:50:11 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "4f420-vQghmS338/Ey01NDfwwAb6O3M6s"
via: 1.1 fly.io
fly-request-id: 01J58SGBFSKT0S0KHAK0MZTVM4-arn
cf-cache-status: HIT
age: 777397
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8b7c41c20e88b50b-OSL
X-Firefox-Spdy: h2

boxupton.com/images/step1.png

188.114.97.1

200 OK

1.9 MB

URL GET HTTP/3
boxupton.com/images/step1.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
PNG image data, 1549 x 1500, 8-bit/color RGB, non-interlaced
Size
1.9 MB (1871613 bytes)
Hash
5acd00da0a6b43162718bbac61f0b42e
4c2e05559ca7a01a75c190364f30659383e5fbb5
c48929ed7431d9cc0d91b53abe080612f04c4e5037df1a73d2a3aef960a185df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/step1.png HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:12 GMT
content-type: image/png
content-length: 1871613
last-modified: Mon, 19 Aug 2024 19:39:10 GMT
etag: "66c39f5e-1c8efd"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yHqH69pZMMV2sLECQOSSkk8xao4WaG2l3pYocMbhReOP2FnvBdL0wvbizz04IM%2FgL2N%2FKvjvkuvPO%2BElzMO2MdPbYsrAuw41M8TYipbLuG6kNhkr7BgLT2NqrvaQY7Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41c74bc31bfa-OSL
alt-svc: h3=":443"; ma=86400

photo2010my.com/

188.114.96.1

0 B

URL
photo2010my.com/
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: photo2010my.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://boxupton.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XauwgZ1uMi5/JW9RuGifOQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Fri, 23 Aug 2024 15:50:12 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rFDOLl25iiUjjDz/Lkr2n/O4BLY=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xLzVjWKOOmTabSHCnVC1ZA8ueVA7VDgD4dNqfa1VeZO0ZgMmoK1VcMphY6Dcerd%2B4%2Ft5qWbFn%2BQxGw31y6g7ph9HcwIVd1x6m0odK%2FBbPt7LNw2aIl0W6DST1qtKta%2FtRf4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8b7c41ca1fbfb527-OSL
alt-svc: h3=":443"; ma=86400

boxupton.com/images/step3.png

188.114.97.1

200 OK

898 kB

URL GET HTTP/3
boxupton.com/images/step3.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
PNG image data, 672 x 817, 8-bit/color RGBA, non-interlaced
Size
898 kB (897730 bytes)
Hash
777af5bdd418bccd0db2dbe36fd91169
ace2cbe2f3708704b72d5f1485cfbd7cb847c193
ad14be391241fb8c805e3e9879c068d68e779cef2f9e36556e79329bc59a2711

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/step3.png HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:12 GMT
content-type: image/png
content-length: 897730
last-modified: Mon, 19 Aug 2024 19:39:08 GMT
etag: "66c39f5c-db2c2"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=88Q1WeR0nb0uhbcTHhqA70YdFC1Q6moltS0hIhwwWgOrr0kK09F3IlRSEskQI315IzukW%2FPCzCCNJl4qrEOuDebFcCnSB3lARK7UpHMYqepI1dLx%2F793dWU6PohcgFI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41c76bfe1bfa-OSL
alt-svc: h3=":443"; ma=86400

boxupton.com/images/box.52e004d4.png

188.114.97.1

200 OK

141 kB

URL GET HTTP/3
boxupton.com/images/box.52e004d4.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
PNG image data, 346 x 314, 8-bit/color RGBA, non-interlaced
Size
141 kB (141088 bytes)
Hash
7fbd000a9b7d20080cff7ebb152f161b
3537b938c45d4127e8644e08259254d1a3955a15
1707b4854da1b301d4755fb1095294044f8f38ae8b50f51891a87abd16e8418b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/box.52e004d4.png HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:12 GMT
content-type: image/png
content-length: 141088
last-modified: Mon, 19 Aug 2024 19:39:06 GMT
etag: "66c39f5a-22720"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5IDYOVUNf%2BzRVLdX36ZJPKeuNUMBH1LsV2LZKnW10oliXxKX2TGNcpiAmmbthp4X6nMsxkrJsw9uwZJo%2BgI32Y%2BHRD3bmF%2B0Uwi01hWrCTSXoeARnT6BegrMBIwnZUI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41c76c021bfa-OSL
alt-svc: h3=":443"; ma=86400

boxupton.com/images/refferals.f6bfb99f.png

188.114.97.1

200 OK

174 kB

URL GET HTTP/3
boxupton.com/images/refferals.f6bfb99f.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced
Size
174 kB (173921 bytes)
Hash
6c0d0ddd6ea1648660369e18a0a196cf
8444fa9e000dd667886a424ae21637631f460bd0
2bcee8ae74ad10ef53689255f76f53f3f16836a6472d71065f92f2f7cf4f64c5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/refferals.f6bfb99f.png HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:12 GMT
content-type: image/png
content-length: 173921
last-modified: Mon, 19 Aug 2024 19:39:08 GMT
etag: "66c39f5c-2a761"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qmkf7PPcHbT%2FdWBlQQ05nIf1lQNCJu5K8nUDrnF4LYnVnfkTMmxHR66tl5m%2BVsYayGHTG%2BZkB0tnlIR7VYui%2Fh%2Bc%2FKBSg0QqDu2VrkDhKZqsYEc8nZoecvrD2u8FRw4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41c76c041bfa-OSL
alt-svc: h3=":443"; ma=86400

boxupton.com/fonts/aa8d273d9caf0df4-s.p.woff2

188.114.97.1

200 OK

60 kB

URL GET HTTP/3
boxupton.com/fonts/aa8d273d9caf0df4-s.p.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 16128, version -28672.256
Size
60 kB (59712 bytes)
Hash
180ee6ee1a9fdebb13793f62ef389e5e
a0365222dcf4c2ad8c60747d2387b000e7dd1375
cb8445021d0de347e5e42c2b3a97627ec0cf21debfed224ebf6b64bd69520518

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/aa8d273d9caf0df4-s.p.woff2 HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/css/b12e68bb23e7cef0.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:12 GMT
content-type: font/woff2
content-length: 59712
last-modified: Mon, 19 Aug 2024 19:39:04 GMT
etag: "66c39f58-e940"
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yXWrlyUZGSq7ktmCF5WIuGEC%2BKNDZoeHaVkR1AjECBrB65Utxg%2BGoyrPdHWr8sB4FmcZcg5O100kVBBFyfOemuPwN20zcFlRsYPfaOmbb%2BN8wytuQBRhyhZEMSvovmk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41c87d601bfa-OSL
alt-svc: h3=":443"; ma=86400

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
cf4beded5cc66b936a54a6514b3d9bc8
a53a94acfc4c8ee1478737c46b73ffc45644b63e
80698e8fd5496078caf28a66f56b4d83c215ab7ce22eba2948be2e7e505957c2

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "80698E8FD5496078CAF28A66F56B4D83C215AB7CE22EBA2948BE2E7E505957C2"
Last-Modified: Thu, 22 Aug 2024 21:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7849
Expires: Fri, 23 Aug 2024 18:01:02 GMT
Date: Fri, 23 Aug 2024 15:50:13 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
cf4beded5cc66b936a54a6514b3d9bc8
a53a94acfc4c8ee1478737c46b73ffc45644b63e
80698e8fd5496078caf28a66f56b4d83c215ab7ce22eba2948be2e7e505957c2

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "80698E8FD5496078CAF28A66F56B4D83C215AB7CE22EBA2948BE2E7E505957C2"
Last-Modified: Thu, 22 Aug 2024 21:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7849
Expires: Fri, 23 Aug 2024 18:01:02 GMT
Date: Fri, 23 Aug 2024 15:50:13 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
cf4beded5cc66b936a54a6514b3d9bc8
a53a94acfc4c8ee1478737c46b73ffc45644b63e
80698e8fd5496078caf28a66f56b4d83c215ab7ce22eba2948be2e7e505957c2

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "80698E8FD5496078CAF28A66F56B4D83C215AB7CE22EBA2948BE2E7E505957C2"
Last-Modified: Thu, 22 Aug 2024 21:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7849
Expires: Fri, 23 Aug 2024 18:01:02 GMT
Date: Fri, 23 Aug 2024 15:50:13 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
cf4beded5cc66b936a54a6514b3d9bc8
a53a94acfc4c8ee1478737c46b73ffc45644b63e
80698e8fd5496078caf28a66f56b4d83c215ab7ce22eba2948be2e7e505957c2

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "80698E8FD5496078CAF28A66F56B4D83C215AB7CE22EBA2948BE2E7E505957C2"
Last-Modified: Thu, 22 Aug 2024 21:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7849
Expires: Fri, 23 Aug 2024 18:01:02 GMT
Date: Fri, 23 Aug 2024 15:50:13 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
cf4beded5cc66b936a54a6514b3d9bc8
a53a94acfc4c8ee1478737c46b73ffc45644b63e
80698e8fd5496078caf28a66f56b4d83c215ab7ce22eba2948be2e7e505957c2

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "80698E8FD5496078CAF28A66F56B4D83C215AB7CE22EBA2948BE2E7E505957C2"
Last-Modified: Thu, 22 Aug 2024 21:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7849
Expires: Fri, 23 Aug 2024 18:01:02 GMT
Date: Fri, 23 Aug 2024 15:50:13 GMT
Connection: keep-alive

boxupton.com/css/49914b74ea2c9f7c.css

188.114.97.1

200 OK

13 kB

URL GET HTTP/3
boxupton.com/css/49914b74ea2c9f7c.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
gzip compressed data, max speed, from Unix
Size
13 kB (13430 bytes)
Hash
0c83497db042c85903a6998828ae79f4
9f764e4e07e36930d6341e7472c8ede17deb2ad0
60ff524cb79c354163810c28e3a83f9d185be3669e94381a81264d4a30e01b1e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/49914b74ea2c9f7c.css HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:11 GMT
content-type: text/css
last-modified: Mon, 19 Aug 2024 19:39:04 GMT
etag: W/"66c39f58-2212"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cJn%2BWtvl9Ro7xEhLdlY0XpzGXeSEeQA%2B7cZxam1cOCQ1AcJSfkg5U9CbHR5ZLFXLa%2FoEEK0luXKmmBOt6nlnvtWgfR%2BT9PkI43iHBr9i58t%2ByPkMh7rNvg%2Fs7eIVKoQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41bfa8381bfa-OSL
alt-svc: h3=":443"; ma=86400

raw.githubusercontent.com/ton-blockchain/wallets-list/main/wallets-v2.json

185.199.108.133

200 OK

1.3 kB

URL GET HTTP/2
raw.githubusercontent.com/ton-blockchain/wallets-list/main/wallets-v2.json
IP
185.199.108.133:443
ASN
#54113 FASTLY

Requested by
https://boxupton.com/
Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type
JSON text data
Size
1.3 kB (1252 bytes)
Hash
cc73e791e9778f5a654922c8a8939788
35dc14d60f1756a076de17c1b385243d71dbe130
363cf1722ddba8ed66ebbb21f36ac9a6c22c8c468b55dae2ea1a84d780155611

HTTP Headers

GET /ton-blockchain/wallets-list/main/wallets-v2.json HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://boxupton.com/
Origin: https://boxupton.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: text/plain; charset=utf-8
etag: W/"660f92acede9d24e7943c41615d932c9da2102468b25a97d262b47d9cb9fcbac"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: B850:240A07:98498A:9FD1EE:66C8AFB4
content-encoding: gzip
accept-ranges: bytes
date: Fri, 23 Aug 2024 15:50:13 GMT
via: 1.1 varnish
x-served-by: cache-hel1410024-HEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1724428214.913550,VS0,VE1
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: a7cb8c2ff2657e1f87e2e623565863c3e8212987
expires: Fri, 23 Aug 2024 15:55:13 GMT
source-age: 1
content-length: 1252
X-Firefox-Spdy: h2

boxupton.com/favicon.ico

188.114.97.1

200 OK

7.6 kB

URL GET HTTP/3
boxupton.com/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
gzip compressed data, max speed, from Unix
Size
7.6 kB (7575 bytes)
Hash
66e7659d1c96f302984f20eb4d6e1fc5
5e758514df83990e02e696edb24a51ec3b2e4156
1bfdacba695b44f8e8bb9e07825ac6d64574e0e9f5bb050a11c414c39ead7434

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:13 GMT
content-type: image/x-icon
last-modified: Mon, 19 Aug 2024 19:39:04 GMT
etag: W/"66c39f58-47e"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=enMpPykK3htmy91q%2BTvOOdWE1WDkz0vJ6cLGV9TaHtLb4QmEluJjpsE6esqVNWSq0xS0xS3osGHpAsWRmgfgIVw0ZoiGp4rNu9cbx5cd0rHVwVisjty7dBhlgriKS%2B8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41ce2dee1bfa-OSL
alt-svc: h3=":443"; ma=86400

raw.githubusercontent.com/bitkeepwallet/download/main/logo/png/bitget_wallet_logo_0_gas_fee.png

185.199.108.133

200 OK

30 kB

URL GET HTTP/2
raw.githubusercontent.com/bitkeepwallet/download/main/logo/png/bitget_wallet_logo_0_gas_fee.png
IP
185.199.108.133:443
ASN
#54113 FASTLY

Requested by
https://boxupton.com/
Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 240x240, components 3
Size
30 kB (29633 bytes)
Hash
c3ec98eed488c8308c16d96a23525013
e49104534f55ea82388209fc8c2f48e416b0c94b
4b32b2bd400928a07b8953ffe66ba58658457280e133330c3bf89c8dfd7c34fe

HTTP Headers

GET /bitkeepwallet/download/main/logo/png/bitget_wallet_logo_0_gas_fee.png HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: image/png
etag: W/"d2273e6b234dfb2629c23e78d95384640c107bb3887a0aa5bd99320944d63c13"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: C192:0DE8:348BEEB:3735201:66A83FEA
accept-ranges: bytes
date: Fri, 23 Aug 2024 15:50:13 GMT
via: 1.1 varnish
x-served-by: cache-hel1410024-HEL
x-cache: HIT
x-cache-hits: 215
x-timer: S1724428214.997860,VS0,VE0
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: b7605331a738da69e9be295fb65b61b70f0f9a1b
expires: Fri, 23 Aug 2024 15:55:13 GMT
source-age: 120
content-length: 29633
X-Firefox-Spdy: h2

raw.githubusercontent.com/hot-dao/media/main/logo.png

185.199.108.133

200 OK

55 kB

URL GET HTTP/2
raw.githubusercontent.com/hot-dao/media/main/logo.png
IP
185.199.108.133:443
ASN
#54113 FASTLY

Requested by
https://boxupton.com/
Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type
PNG image data, 288 x 288, 8-bit/color RGBA, non-interlaced
Size
55 kB (54702 bytes)
Hash
a127d8a6a542f1a60214ad74673a47a9
5979dfa3ced667400d5269b14962f316d9783353
102a1096653e51db8911e8bc6250d50871e237429d977267cb265870332c99f9

HTTP Headers

GET /hot-dao/media/main/logo.png HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: image/png
etag: W/"1de198e102f5ad105bd6b35fdbcc11433afb16c250a55372b26bd0d56ee7d629"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: DE8C:3B4C82:2180AB0:23289E3:66C3CBCF
accept-ranges: bytes
date: Fri, 23 Aug 2024 15:50:14 GMT
via: 1.1 varnish
x-served-by: cache-hel1410024-HEL
x-cache: HIT
x-cache-hits: 216
x-timer: S1724428214.014468,VS0,VE0
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 39b0fece78d4cebb44404662ddcd5ec59ec3cc5f
expires: Fri, 23 Aug 2024 15:55:14 GMT
source-age: 123
content-length: 54702
X-Firefox-Spdy: h2

tonkeeper.com/assets/tonconnect-icon.png

104.26.3.107

200 OK

3.8 kB

URL GET HTTP/2
tonkeeper.com/assets/tonconnect-icon.png
IP
104.26.3.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerLet's Encrypt
Subjecttonkeeper.com
FingerprintF9:A2:7E:C8:6D:26:B0:3D:A9:AE:9B:54:C1:AB:FD:C2:15:96:23:0C
ValiditySun, 21 Jul 2024 11:17:12 GMT - Sat, 19 Oct 2024 11:17:11 GMT

File type
PNG image data, 288 x 288, 8-bit/color RGB, non-interlaced
Size
3.8 kB (3795 bytes)
Hash
c5347b0d696ae11f2f5b3f554a22b947
32e634daefdcdb2b4e69a32c76e5a431a64fd42f
7dfcb629bcffa853b06362c4b73d3198888bc01ab6b1b68a84409bde0b5481bd

HTTP Headers

GET /assets/tonconnect-icon.png HTTP/1.1
Host: tonkeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 23 Aug 2024 15:50:14 GMT
content-type: image/png
content-length: 3795
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "28430af1f378c22ac4ef6c3762d07739"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QYTCTKUsUI1mjAQeHtS1P9BIJfHoq1FPTG2Aw6WaEs5pFvPNEXrv8adDtDvpz7FaQ2gsQUOprxDWftahMzbluNC81WSYP%2B7N21k9%2BrSckUdf363ZqxRRP%2FK%2FwZxnPaSK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 5657
accept-ranges: bytes
server: cloudflare
cf-ray: 8b7c41d1befa0b45-OSL
X-Firefox-Spdy: h2

raw.githubusercontent.com/delab-team/manifests-images/main/WalletAvatar.png

185.199.108.133

200 OK

728 kB

URL GET HTTP/2
raw.githubusercontent.com/delab-team/manifests-images/main/WalletAvatar.png
IP
185.199.108.133:443
ASN
#54113 FASTLY

Requested by
https://boxupton.com/
Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type
PNG image data, 1000 x 1000, 8-bit/color RGBA, non-interlaced
Size
728 kB (728102 bytes)
Hash
8cc9e0640a0a0b0313f1603712a546a0
789f65964f8a96ec287fb65678133f84518a3c49
ddb20771135c376efeec8385304d44425d77eb0e2f9949f501d83d8b5835f530

HTTP Headers

GET /delab-team/manifests-images/main/WalletAvatar.png HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: image/png
etag: W/"df457b9b9debab993ac009ec9303b0d5d87ce19fbc63bd76050a8d2984b89909"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 32B9:37D49F:90A741:96DC77:66BAAC7B
accept-ranges: bytes
date: Fri, 23 Aug 2024 15:50:13 GMT
via: 1.1 varnish
x-served-by: cache-hel1410024-HEL
x-cache: HIT
x-cache-hits: 465
x-timer: S1724428214.987183,VS0,VE0
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 4572f2d34c51dee30a014e0f66fe4a58a66f1959
expires: Fri, 23 Aug 2024 15:55:13 GMT
source-age: 268
content-length: 728102
X-Firefox-Spdy: h2

xtonwallet.com/assets/img/icon-256-back.png

188.114.97.1

200 OK

7.7 kB

URL GET HTTP/2
xtonwallet.com/assets/img/icon-256-back.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectxtonwallet.com
FingerprintD6:20:ED:85:4F:CB:16:A6:16:CA:D0:4A:22:5D:16:2F:7F:31:28:85
ValiditySat, 13 Jul 2024 05:28:25 GMT - Fri, 11 Oct 2024 05:28:24 GMT

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
Size
7.7 kB (7747 bytes)
Hash
0983df3ca4f09d3d163cc00073d732da
eae458b0b90c8b7c54fa7ee30a19262b4f6d322b
ace8dd194c4e421b91d44669bab890974dc28265a1196dd41c48c70abe8debc0

HTTP Headers

GET /assets/img/icon-256-back.png HTTP/1.1
Host: xtonwallet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 23 Aug 2024 15:50:14 GMT
content-type: image/png
content-length: 7747
last-modified: Fri, 07 Apr 2023 15:34:09 GMT
access-control-allow-origin: *
etag: "643037f1-1e43"
expires: Tue, 20 Aug 2024 01:38:33 GMT
cache-control: max-age=14400
x-proxy-cache: MISS
x-github-request-id: E0F1:33537F:822045:867B75:666A9FC1
age: 526
via: 1.1 varnish
x-served-by: cache-osl6531-OSL
x-cache: MISS
x-cache-hits: 0
x-timer: S1718263750.967956,VS0,VE119
vary: Accept-Encoding
x-fastly-request-id: ee7b7bb1ceb66065958fc560844cab2a043ad6f1
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tp62Hc%2BAt9iFgCpncfo%2F4cTpVIUVS5YtgPHiUc%2FeCtc1iWBL%2FZpxDLWbYW9zzJpNvReZP2VpCP4O0IP1MOQU8LLs6xTK6rkzcRMjFqwiHz7QE4XGk7BJIerGKO%2FUE78k9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b7c41d20c82b51e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

boxupton.com/images/border-yellow-desk.e448ac72.svg

188.114.97.1

200 OK

16 kB

URL GET HTTP/3
boxupton.com/images/border-yellow-desk.e448ac72.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
gzip compressed data, max speed, from Unix
Size
16 kB (16320 bytes)
Hash
fddf4e57181256adb694d45f39675567
7f6eb5215075b83beac200a8b3a1eb7c326ce248
882900e84d96913e11ab062033f3923d68290ffa2494e7c898250e568e87a151

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/border-yellow-desk.e448ac72.svg HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/css/49914b74ea2c9f7c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:12 GMT
content-type: image/svg+xml
last-modified: Mon, 19 Aug 2024 19:39:06 GMT
etag: W/"66c39f5a-13c"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pDFXT7dN7L5qo3eB%2BZaJ58OxnOGoKHbqdft5%2BzhYLMMPbCJYaI93Uu2iANIgcd7mmbcRACP6UreDc29ylcVI%2BQocXLgP6myCKY7D7qIs4nBC4zFQmH1fxMm92LEm6xI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41c609a71bfa-OSL
alt-svc: h3=":443"; ma=86400

tonhub.com/tonconnect_logo.png

104.26.1.199

200 OK

69 kB

URL GET HTTP/2
tonhub.com/tonconnect_logo.png
IP
104.26.1.199:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjecttonhub.com
FingerprintA1:57:AB:02:35:07:97:A1:0B:C9:C4:F3:CB:44:7D:74:1D:F2:E9:C9
ValidityFri, 28 Jun 2024 03:36:20 GMT - Thu, 26 Sep 2024 03:36:19 GMT

File type
PNG image data, 288 x 288, 8-bit/color RGBA, non-interlaced
Size
69 kB (69267 bytes)
Hash
aafd05d9de4af75985d1b39589517d53
4a55ca19e919bee7bc4a3fd4240c47b8a75f0a9b
6781d3a7cdd5d44f7083892ec03d04058bca8214da9e7f27300e9a68e5b6aff3

HTTP Headers

GET /tonconnect_logo.png HTTP/1.1
Host: tonhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 23 Aug 2024 15:50:14 GMT
content-type: image/png
content-length: 69267
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
content-disposition: inline; filename="tonconnect_logo.png"
etag: "aafd05d9de4af75985d1b39589517d53"
strict-transport-security: max-age=63072000
x-matched-path: /tonconnect_logo.png
x-vercel-cache: HIT
x-vercel-id: cdg1::5zj85-1720617166705-2531438c5998
cf-cache-status: HIT
age: 182241
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hQG0PtkVzLgUT1tsndcRk2VOmAtmsCojQlEepzzsNWFx0aCXHe%2BfPtcotZ8DZSqBbBi%2Baol4xa3ylqC0KYOuW0ecdRbCEky07GO59ZErCWfe9jqoFfH6UhRJ6Jk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41d22ab6712a-OSL
X-Firefox-Spdy: h2

static.mytonwallet.io/icon-256.png

143.204.55.43

200 OK

17 kB

URL GET HTTP/2
static.mytonwallet.io/icon-256.png
IP
143.204.55.43:443
ASN
#16509 AMAZON-02

Requested by
https://boxupton.com/
Certificate
IssuerAmazon
Subjectmytonwallet.io
Fingerprint52:E1:D5:63:88:32:FD:3C:F3:37:AB:B5:0B:48:A8:23:98:B4:DC:67
ValidityWed, 10 Jul 2024 00:00:00 GMT - Fri, 08 Aug 2025 23:59:59 GMT

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced
Size
17 kB (17378 bytes)
Hash
a236702dcabd99d3c9a608f1a47c58ec
edfac80ec40d42f2cb1c9b586f93908b483660bd
079a79544561da8d78e7b871f9ac5e04e5d1aef4a9466cb09a0505a612acd463

HTTP Headers

GET /icon-256.png HTTP/1.1
Host: static.mytonwallet.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 17378
last-modified: Tue, 06 Aug 2024 23:08:27 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Aug 2024 15:23:12 GMT
cache-control: public, max-age=3600
etag: "a236702dcabd99d3c9a608f1a47c58ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Ffg4ZkBl11axkOSvqAHPkvDghha3MsRG4jZ_ac2q_gEUCSj1dqh8wA==
age: 1623
X-Firefox-Spdy: h2

static.okx.com/cdn/assets/imgs/247/587A8296F0BB640F.png

143.204.55.27

200 OK

2.5 kB

URL GET HTTP/2
static.okx.com/cdn/assets/imgs/247/587A8296F0BB640F.png
IP
143.204.55.27:443
ASN
#16509 AMAZON-02

Requested by
https://boxupton.com/
Certificate
IssuerDigiCert Inc
Subject*.okx.com
FingerprintF0:18:3F:A6:E1:75:1C:E0:EF:BF:97:FC:91:AD:09:36:D4:67:01:CF
ValidityWed, 01 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT

File type
PNG image data, 270 x 270, 8-bit/color RGBA, non-interlaced
Size
2.5 kB (2547 bytes)
Hash
8febe895587a8296f0bb640f49ebec81
8d68f73f407bdffde163e32eb2f152a9160b8d2b
7d704f76b206a4e5f1b40f73ec84b8201e251149488ceb5d56e8c129fe4acca2

HTTP Headers

GET /cdn/assets/imgs/247/587A8296F0BB640F.png HTTP/1.1
Host: static.okx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 2547
server: Tengine
x-oss-server-side-encryption: AES256
x-oss-cdn-auth: success
date: Tue, 16 Jul 2024 11:44:57 GMT
x-oss-request-id: 66965D398A23F731368DA54F
x-oss-storage-class: Standard
x-oss-object-type: Normal
x-oss-server-time: 56
content-md5: j+volVh6gpbwu2QPSevsgQ==
accept-ranges: bytes
via: cache19.l2de2[1012,1011,304-0,H], cache15.l2de2[1013,0], ens-cache1.de8[1014,1015,200-0,H], ens-cache4.de8[1018,0], 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-oss-hash-crc64ecma: 11402406832424349802
etag: "8FEBE895587A8296F0BB640F49EBEC81"
last-modified: Tue, 16 Jul 2024 09:18:05 GMT
ali-swift-global-savetime: 1721130297
x-swift-savetime: Tue, 16 Jul 2024 11:44:57 GMT
x-swift-cachetime: 881
cache-control: public,max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
eagleid: a3b5828817211302968173111e
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FmXFcED4MBv56tgLjierFxHQq_oWkSnqYnE0myY8BeRgJgBlZ-v28g==
age: 3297917
X-Firefox-Spdy: h2

static.okx.com/cdn/assets/imgs/247/58E63FEA47A2B7D7.png

143.204.55.27

200 OK

1.5 kB

URL GET HTTP/2
static.okx.com/cdn/assets/imgs/247/58E63FEA47A2B7D7.png
IP
143.204.55.27:443
ASN
#16509 AMAZON-02

Requested by
https://boxupton.com/
Certificate
IssuerDigiCert Inc
Subject*.okx.com
FingerprintF0:18:3F:A6:E1:75:1C:E0:EF:BF:97:FC:91:AD:09:36:D4:67:01:CF
ValidityWed, 01 Nov 2023 00:00:00 GMT - Sat, 30 Nov 2024 23:59:59 GMT

File type
PNG image data, 270 x 270, 8-bit colormap, non-interlaced
Size
1.5 kB (1481 bytes)
Hash
c72d04242c776739dc65b00dbdcaffd1
63100f059745133569fae6f2d882c27aba01b524
18f089d08eec3be12ebbfaf98d8e3706141d1a0ced66e01d81f9ea053d643b3b

HTTP Headers

GET /cdn/assets/imgs/247/58E63FEA47A2B7D7.png HTTP/1.1
Host: static.okx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 1481
server: Tengine
x-oss-server-side-encryption: AES256
date: Sat, 13 Jul 2024 15:29:27 GMT
x-oss-hash-crc64ecma: 2315367713013820641
x-oss-cdn-auth: success
x-oss-request-id: 66929D57D0409B3738BB937C
etag: "C72D04242C776739DC65B00DBDCAFFD1"
x-oss-storage-class: Standard
x-oss-server-time: 44
x-oss-object-type: Normal
content-md5: xy0EJCx3ZzncZbANvcr/0Q==
last-modified: Mon, 08 Jul 2024 09:10:25 GMT
accept-ranges: bytes
via: cache9.l2de2[1091,1090,200-0,M], cache6.l2de2[1091,0], ens-cache4.de5[1093,1093,200-0,M], ens-cache3.de5[1095,0], 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
ali-swift-global-savetime: 1720884567
x-swift-savetime: Sat, 13 Jul 2024 15:29:27 GMT
x-swift-cachetime: 3600
cache-control: public,max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
eagleid: a3b55c9717208845665778949e
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZGxS3r5vn1IzbV3CKWA0rr3s-ITG2E600HbsePaQfhU9J4XjyIAWUg==
age: 3543647
X-Firefox-Spdy: h2

ocsp.trust-provider.cn/

172.64.149.23

599 B

URL
ocsp.trust-provider.cn/
IP
172.64.149.23:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
599 B (599 bytes)
Hash
5de6919d95cef6e638d0423b137107ce
6eef680b1e53843ffdde7df573d9630eeae0c544
aa66a9fae7bda77c27929c445b73f526813089f9bd4f07ed9eb308a6d159a7fa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 23 Aug 2024 15:50:15 GMT
Content-Type: application/ocsp-response
Content-Length: 599
Connection: keep-alive
Last-Modified: Wed, 21 Aug 2024 22:51:57 GMT
Expires: Wed, 28 Aug 2024 22:51:56 GMT
Etag: "6eef680b1e53843ffdde7df573d9630eeae0c544"
Cache-Control: max-age=457133,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8b7c41d7acec5687-OSL

s.pvcliping.com/web/public_image/SafePal_x288.png

128.1.77.227

200 OK

735 B

URL GET HTTP/2
s.pvcliping.com/web/public_image/SafePal_x288.png
IP
128.1.77.227:443
ASN
#21859 ZEN-ECN

Requested by
https://boxupton.com/
Certificate
IssuerTrustAsia Technologies, Inc.
Subjects.pvcliping.com
Fingerprint1A:88:C7:9A:27:7C:54:84:C8:DE:CD:8B:E1:B5:02:DF:D4:FC:09:2B
ValidityThu, 28 Sep 2023 00:00:00 GMT - Sun, 27 Oct 2024 23:59:59 GMT

File type
PNG image data, 288 x 288, 4-bit colormap, non-interlaced
Size
735 B (735 bytes)
Hash
0538634f954d877d5ed633b704fc475d
97cf8e669eafa065d964a577c7f58af15d7555ac
2173dbf44e5b986d15cb52b206af9e85e2dcc4808aebd6f7f29fdb5949f5fa4a

HTTP Headers

GET /web/public_image/SafePal_x288.png HTTP/1.1
Host: s.pvcliping.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 23 Aug 2024 15:50:15 GMT
content-type: image/png
content-length: 735
server: openresty
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
access-control-max-age: 2592000
cache-control: public, max-age=31536000
content-disposition: inline; filename="SafePal_x288.png"; filename*=utf-8''SafePal_x288.png
content-md5: 0538634f954d877d5ed633b704fc475d
content-transfer-encoding: binary
etag: "FpfPjmaer6Bl2WSld8f1ivFddVWs"
last-modified: Thu, 15 Dec 2022 09:28:55 GMT
x-log: X-Log
x-m-log: QNM:dal51;QNM3
x-m-reqid: 3YwAABr97KBEStoX
x-qiniu-zone: na0
x-qnm-cache: Hit
x-reqid: pAQAAACX5OFDStoX
x-svr: IO
x-ser: BC19_dx-lt-yd-jiangsu-yancheng-8-cache-2, BC226_FR-Paris-Paris-3-cache-1, BC227_FR-Paris-Paris-3-cache-1
x-cache: HIT from BC227_FR-Paris-Paris-3-cache-1(cloudsvr)
X-Firefox-Spdy: h2

boxupton.com/tod.pro.js

188.114.97.1

200 OK

50 kB

URL GET HTTP/3
boxupton.com/tod.pro.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type

Size
50 kB (49590 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tod.pro.js HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 20 Aug 2024 15:15:46 GMT
etag: W/"66c4b322-c1b6"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3RslHn0%2F%2Fs7Jludzcw16xFoEb9I6SBRloVXP0AWEzQabCQ4yZu2Q7Jy6PxVrPMuOrT%2B3HLoVE1gTcmWlb%2FKSSii2NNxsFyvd4EFaKRg3gLXhD1s6EwRflHKiXpSOMRE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41bfa8551bfa-OSL
alt-svc: h3=":443"; ma=86400

boxupton.com/images/bg-down.7e001a8d.svg

188.114.97.1

200 OK

3.3 kB

URL GET HTTP/3
boxupton.com/images/bg-down.7e001a8d.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
SVG Scalable Vector Graphics image
Size
3.3 kB (3277 bytes)
Hash
66b99064c829a758daaaa1ed425d2942
5cf886b8dc67cafd12d334c5ba9e1fe656c6e6cf
6ea4acfe4b94c46c8f5c865fc7cabc232d83726e660fb97098d853253b56c2f7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/bg-down.7e001a8d.svg HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/css/49914b74ea2c9f7c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:12 GMT
content-type: image/svg+xml
last-modified: Mon, 19 Aug 2024 19:39:05 GMT
etag: W/"66c39f59-ccd"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TPRCRRUx6MMzfw2s3sNZVHIHDZ4K20228XaSZvSGCOVpN2488WJKLm3m5Q2RBa49fAul3Ikq1ddUZbNh3O5PkYPxF0CKyyaSGChwrDf7me6oGMbuE4gbWvCE%2B8%2B50j4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41c6099f1bfa-OSL
alt-svc: h3=":443"; ma=86400

raw.githubusercontent.com/OpenProduct/openmask-extension/main/public/openmask-logo-288.png

185.199.108.133

200 OK

6.9 kB

URL GET HTTP/2
raw.githubusercontent.com/OpenProduct/openmask-extension/main/public/openmask-logo-288.png
IP
185.199.108.133:443
ASN
#54113 FASTLY

Requested by
https://boxupton.com/
Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type
PNG image data, 288 x 288, 8-bit/color RGBA, non-interlaced
Size
6.9 kB (6912 bytes)
Hash
01781f31a294a7f938b3465853c3c415
1bd08a5089fea9a6fb60fdecd76d6442167d9830
25ef6e0912f90e0adea8597b19554aa1518521e6cf0a88cfaec303808cf4d4b8

HTTP Headers

GET /OpenProduct/openmask-extension/main/public/openmask-logo-288.png HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: image/png
etag: W/"3bd3143ce8353aa8b9d4296ec4a937b1000cf8fc46a68e40afc9cb03a4030555"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 69FF:102F9E:216A903:232FDF5:66B18F28
accept-ranges: bytes
date: Fri, 23 Aug 2024 15:50:13 GMT
via: 1.1 varnish
x-served-by: cache-hel1410024-HEL
x-cache: HIT
x-cache-hits: 368
x-timer: S1724428214.979558,VS0,VE0
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 667596886e876625ba6db1dd24054e8ee5658277
expires: Fri, 23 Aug 2024 15:55:13 GMT
source-age: 218
content-length: 6912
X-Firefox-Spdy: h2

boxupton.com/images/step2.png

188.114.97.1

200 OK

14 kB

URL GET HTTP/3
boxupton.com/images/step2.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
PNG image data, 470 x 339, 8-bit/color RGBA, non-interlaced
Size
14 kB (13937 bytes)
Hash
d68b23a7c5ca0b8de4d7cef19bc8a483
931e4ddb41548154279b0fe1680e6e70309f4a71
fdf98e88d6c1ee8d6a0d408584c01bc82a47f3d454d353e1960b3f40cc1a248b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/step2.png HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:12 GMT
content-type: image/png
content-length: 13937
last-modified: Mon, 19 Aug 2024 19:39:08 GMT
etag: "66c39f5c-3671"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fx4amvIXcnKptvlcgL1IYo3e0UKaFX9J4xeUrNqK90DB5TlPyi9uC%2F4melfhKiBKgBVN5xccDuacEp0i281BYRq16UAuw94e%2FNipCpCfloO5ILiV7i%2FvYY8%2BbKHKHZ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41c74bc51bfa-OSL
alt-svc: h3=":443"; ma=86400

boxupton.com/images/bg-right.f9d05769.svg

188.114.97.1

200 OK

3.9 kB

URL GET HTTP/3
boxupton.com/images/bg-right.f9d05769.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
SVG Scalable Vector Graphics image
Size
3.9 kB (3858 bytes)
Hash
1702dc8621acac8ccd75b00f6e1bb01f
6bb69737c44c5165df9df400b3c353d77c2a51c3
21816f658b3fe842fde3fc5defed68d82435d0f0f8b9446534812737360557e7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/bg-right.f9d05769.svg HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/css/49914b74ea2c9f7c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:12 GMT
content-type: image/svg+xml
last-modified: Mon, 19 Aug 2024 19:39:05 GMT
etag: W/"66c39f59-f12"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PPjmjsZeC1tSUHVPaxFlFbgo%2FSLt2WnKfp7Xutgx7fV9oUiODwCALg93Nr0K%2BjFhndP8ihoEeyWBhGo6vPfS3koDM4be1hFYVTf2k%2BYGCyb2ITn1S0LLmBKBmqYF0zc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41c5c9271bfa-OSL
alt-svc: h3=":443"; ma=86400

boxupton.com/images/bg-left.b2784771.svg

188.114.97.1

200 OK

3.7 kB

URL GET HTTP/3
boxupton.com/images/bg-left.b2784771.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
SVG Scalable Vector Graphics image
Size
3.7 kB (3702 bytes)
Hash
ee640392d9164d87a6582aa5ad43b6c8
e4fb35831bf231f80201c2438c7768504f7418c6
2f793003cbbcb642363f5088c261b0e20ff6ace2525e09ff07d282c429212e52

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/bg-left.b2784771.svg HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/css/49914b74ea2c9f7c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:12 GMT
content-type: image/svg+xml
last-modified: Mon, 19 Aug 2024 19:39:05 GMT
etag: W/"66c39f59-e76"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=97S1z4qLmj5AmKfYs%2Fcbl29%2FoaVqPCyEW6dgCLZ5Yp3g5RLO4poRRWL5tT9xMCl%2BQwbDGYk0Xm%2BL%2BkJDgRDzyP%2FJpffgUhEyToGHSyxhud9103XhcdSDDzg60jFaK4g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41c5b91b1bfa-OSL
alt-svc: h3=":443"; ma=86400

boxupton.com/js/jquery.js

188.114.97.1

200 OK

248 kB

URL GET HTTP/3
boxupton.com/js/jquery.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
JavaScript source, ASCII text
Size
248 kB (247596 bytes)
Hash
bd5acd460aa627c4187fecc7c6894992
ff4ae0ffc83511bf08248d0eef1778b03b8ab2a5
0765d0119c7638a5fbd9053f023ce1f114a0a7ad7b2953be8ec322a553e12146

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery.js HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 19 Aug 2024 19:39:10 GMT
etag: W/"66c39f5e-3c72c"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EkwU0ieSo0DI5xiXDIljP3iulM9ZoaXAx8f3hcSfAe%2FDRY6%2BgEQvxZqQh%2FZPnV3d0jYmvRsKQSDikkeTUlL71Npd4%2FF7FuEy3vqdTSBsJxyeMcYxblD8WKLdDbhJoyw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41bfa83d1bfa-OSL
alt-svc: h3=":443"; ma=86400

boxupton.com/js/jquery.min.js

188.114.97.1

200 OK

84 kB

URL GET HTTP/3
boxupton.com/js/jquery.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
JavaScript source, ASCII text, with very long lines (32025)
Size
84 kB (84344 bytes)
Hash
7a7b18606448bded22cd1cf48d4712cc
5b9df089eb85cecb320fd9ed3f0f9da173c92d61
ab0d063b4ff2827192c0e44103d3091457a1d2374c3b6243721c5679bb61eae2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 19 Aug 2024 19:39:11 GMT
etag: W/"66c39f5f-14978"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bpFZO3LJ2ufJaHxAxiazdKJyy0T9V3UCvN%2BjBfy3ebgn6gtzhm5XZgcrDEtUPaTgzT4l5c%2FugneLEAcdp6Ez9FEu%2FbzPR4XSsY9laJllebSlg2SUQ68uSwkV8NiuhVs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41bfa84e1bfa-OSL
alt-svc: h3=":443"; ma=86400

boxupton.com/images/labelBg.1d155bab.svg

188.114.97.1

200 OK

488 B

URL GET HTTP/3
boxupton.com/images/labelBg.1d155bab.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
SVG Scalable Vector Graphics image
Size
488 B (488 bytes)
Hash
226ed1bcbd2b8de95afd33032924fa63
c2320953b7ec7cda83a88cdd0a930dd21b338379
7305eae79fb0116bb9a000e529c100d05412d5389617ec5d7f4ae332bb6ac3f3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/labelBg.1d155bab.svg HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/css/49914b74ea2c9f7c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:12 GMT
content-type: image/svg+xml
last-modified: Mon, 19 Aug 2024 19:39:07 GMT
etag: W/"66c39f5b-1e8"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g34aQcgg80zb8uJwv0K4hdq%2F4HgZE%2BbZoGar7lk2pFbZpuH6niHTQjoIWkHY3JMqUIiW2XF%2BBKzUmOgIKLaDFYrlVufnRylJ8aS27uppRdNce71LAhkeBQnHCfkvRwU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41c5e9651bfa-OSL
alt-svc: h3=":443"; ma=86400

wallet.ton.org/assets/ui/qr-logo.png

104.26.14.213

200 OK

16 kB

URL GET HTTP/2
wallet.ton.org/assets/ui/qr-logo.png
IP
104.26.14.213:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectton.org
Fingerprint6B:4B:F0:83:DF:EB:01:39:33:26:E8:CD:7C:CB:61:E9:E3:24:3A:7A
ValiditySat, 20 Jul 2024 09:12:05 GMT - Fri, 18 Oct 2024 09:12:04 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
16 kB (16076 bytes)
Hash
01a19c2212e59910fa40fa4fdf5249a9
29f7b61b422a735fbd620758915d3fb769265d58
bc41e7e2c2e72d3c3d78893bdf5bdfbb2aad0ada2e447e30fb9fa81b60f01005

HTTP Headers

GET /assets/ui/qr-logo.png HTTP/1.1
Host: wallet.ton.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 23 Aug 2024 15:50:14 GMT
content-type: image/png
content-length: 16076
permissions-policy: interest-cohort=()
last-modified: Sun, 11 Feb 2024 19:07:35 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "65c91af7-3ecc"
expires: Wed, 31 Jul 2024 04:31:55 GMT
cache-control: max-age=7200
x-proxy-cache: MISS
x-github-request-id: 9850:211D95:CC0B37:D19ED7:66A9BBE3
via: 1.1 varnish
x-served-by: cache-fra-eddf8230054-FRA
x-cache: HIT
x-cache-hits: 2
x-timer: S1724406424.906026,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 964441081c8303c0b05ff88f3635984c8ca53246
cf-cache-status: HIT
age: 109
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uVyY6tPs1WbwsN5J5u8cO%2BqkZ9Rcnqq2Xl0DjvTugWKPsi1ier5wPal4zTmjhryUcxtxtJC8MmP0TGmy0DGp9XFaWSjY6x0TJiN8Rx%2BJcZG7Wwi4iCrLDFWHqg77aOdS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b7c41d208b7b515-OSL
X-Firefox-Spdy: h2

boxupton.com/images/availableBg.d105cb57.svg

188.114.97.1

200 OK

6.9 kB

URL GET HTTP/3
boxupton.com/images/availableBg.d105cb57.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
SVG Scalable Vector Graphics image
Size
6.9 kB (6946 bytes)
Hash
44f61f075db1be614c31a4cb2e6f3888
2f4e5b82d6704f1acd6edf76118aaf017a1ef2cc
71e9f86945fbb2590eac0fbc6a7ccd81cf205d0c82a6fcf77c596978d19447d4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/availableBg.d105cb57.svg HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/css/49914b74ea2c9f7c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:12 GMT
content-type: image/svg+xml
last-modified: Mon, 19 Aug 2024 19:39:05 GMT
etag: W/"66c39f59-1b22"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lMLcZKcO%2Fup9Q2i6R0H9CKWFdcMlnzichMZ4QKN79QSPia5l8lMB6Sw4xuA9U6P3SO7iWcuS8d0gkQWJgp2%2BH8zqh8GZe4Ed4yQO3kkO1htRnEGRCcbjzfeZCoAMmX8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41c5f97f1bfa-OSL
alt-svc: h3=":443"; ma=86400

boxupton.com/images/bg-up.2a8a5a3e.svg

188.114.97.1

200 OK

3.3 kB

URL GET HTTP/3
boxupton.com/images/bg-up.2a8a5a3e.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
SVG Scalable Vector Graphics image
Size
3.3 kB (3345 bytes)
Hash
9b8982fdc108a1fff9990c342a764f41
6cc0d69a178c63c2f54e97481c9648ffa3d7a563
d5aebc737daff2f9e61e324f7f53fbe3b125889a97edb053fef09cc2e58a6ee9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/bg-up.2a8a5a3e.svg HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/css/49914b74ea2c9f7c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:12 GMT
content-type: image/svg+xml
last-modified: Mon, 19 Aug 2024 19:39:05 GMT
etag: W/"66c39f59-d11"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oRJPjMdyjFeZhpjc1oWgIije6jSOW3wSMuIl%2Fe2mmeOqA%2B95GCf6BPSprEP9DWZJuBpTwZ8hGLnSclSmo4wLlooRb7A%2B9%2BJ0rQDseHi7mxFMUKATprA1LGYIVX8iMsM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41c5f9941bfa-OSL
alt-svc: h3=":443"; ma=86400

www.cloudflare.com/cdn-cgi/trace

104.16.124.96

200 OK

267 B

URL GET HTTP/2
www.cloudflare.com/cdn-cgi/trace
IP
104.16.124.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerLet's Encrypt
Subjectwww.cloudflare.com
FingerprintC7:8B:73:B8:C1:03:85:88:5D:05:FE:91:BA:EC:D2:EC:4C:4C:97:E6
ValidityWed, 21 Aug 2024 20:16:40 GMT - Tue, 19 Nov 2024 20:16:39 GMT

File type
ASCII text, with no line terminators
Size
267 B (267 bytes)
Hash
67aee1e1d60040d36198c82e3f063cad
b375b9aaa5908bce889038006a94beca05935ff4
f6f3cf45fc780ecff725c31d7753260db9f035036a0f6b14fbcd5421993193f2

HTTP Headers

GET /cdn-cgi/trace HTTP/1.1
Host: www.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://boxupton.com/
Origin: https://boxupton.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 23 Aug 2024 15:50:12 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 8b7c41c769b61c02-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

boxupton.com/css/efede304a6457402.css

188.114.97.1

200 OK

35 kB

URL GET HTTP/3
boxupton.com/css/efede304a6457402.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
ASCII text, with very long lines (35224), with no line terminators
Size
35 kB (35224 bytes)
Hash
b11d4d64e3df54ebbac532b6d44b6aa0
e32345d141dee9b7b87501e1e9a71a8e44605823
fa7f610eb4686f8e8d925415ec1e975dbb14c4bedcbd099f5af9dc38aa1a046e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/efede304a6457402.css HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:11 GMT
content-type: text/css
last-modified: Mon, 19 Aug 2024 19:39:04 GMT
etag: W/"66c39f58-8998"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ywTi2qINP6RmVShEydEkRg6tye%2B5tKdm%2B4tPuzZve%2FviEiHQrq0oCjIOvmIJMSW16Tl9ybNy0vbYIC25Z6VTY5T%2FDsP%2BPPHQeDmY45tMeqrtAnJpaJOOhb6W2dQ5KRs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41bfa8361bfa-OSL
alt-svc: h3=":443"; ma=86400

boxupton.com/images/card-bg.b675e813.png

188.114.97.1

200 OK

51 kB

URL GET HTTP/3
boxupton.com/images/card-bg.b675e813.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
PNG image data, 361 x 380, 8-bit/color RGBA, non-interlaced
Size
51 kB (51175 bytes)
Hash
98d2b09e65b86d7b9c50379755b90507
84509b52662891625746e419f9c4b7b00515b790
f461daccc438247240e9b79e79f526a07bd7327d5f242cf804aeffd2d1bcc471

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/card-bg.b675e813.png HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/css/49914b74ea2c9f7c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:12 GMT
content-type: image/png
content-length: 51175
last-modified: Mon, 19 Aug 2024 19:39:06 GMT
etag: "66c39f5a-c7e7"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bN3fVSuSsMW3SQQ3ETeYPGIjopY1uir6J2F3vwcxd6E98qCm7cFiHFUtP995vQT7IzYEaBO6C8N8v3B0x%2BiickX7b7a1Kdb%2BR5HixZ2Vzbla%2ByYXsLW7biMoxD4JA9c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41c609b41bfa-OSL
alt-svc: h3=":443"; ma=86400

blastup.io/_next/static/media/34acce4158cc4164-s.p.otf

172.66.43.146

200 OK

89 kB

URL GET HTTP/2
blastup.io/_next/static/media/34acce4158cc4164-s.p.otf
IP
172.66.43.146:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectblastup.io
Fingerprint6A:31:E4:F5:06:19:3E:D3:97:6B:66:38:10:43:FA:EB:A0:8E:EC:59
ValidityFri, 28 Jun 2024 18:42:14 GMT - Thu, 26 Sep 2024 18:42:13 GMT

File type
OpenType font data
Size
89 kB (89220 bytes)
Hash
3e5a870c6d7a4be23b299043400eae98
04087de75cde5623a95bf9b6fc13fc87df64055a
1cb95c2ec64cf54425b124f54868660a7fdc60cd4f0b9219115344743f2afd7f

HTTP Headers

GET /_next/static/media/34acce4158cc4164-s.p.otf HTTP/1.1
Host: blastup.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://boxupton.com/
Origin: https://boxupton.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 23 Aug 2024 15:50:11 GMT
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"03cd89695e30f5939209f6d98a7ffbce"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iLoib457bMRIZDtNKJpB5r0DEGOHE1DyIm88NQBOsCp1O8hz3BjcFrQUJzKdQRVcldTXKONSGgV2xpvfn7PiaplP3w3bs1X25o%2FypEMYuB0JuSXB9IKiwLAsdOh3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: MISS
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8b7c41c1bcd456c6-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

photo2010my.com/

188.114.96.1

101 Switching Protocols

0 B

URL GET HTTP/1.1
photo2010my.com/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectphoto2010my.com
Fingerprint8F:67:13:8D:C1:72:1A:C1:77:E8:DB:F6:09:38:91:72:93:76:17:64
ValidityMon, 29 Jul 2024 13:11:12 GMT - Sun, 27 Oct 2024 13:11:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: photo2010my.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://boxupton.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XauwgZ1uMi5/JW9RuGifOQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Fri, 23 Aug 2024 15:50:12 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rFDOLl25iiUjjDz/Lkr2n/O4BLY=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xLzVjWKOOmTabSHCnVC1ZA8ueVA7VDgD4dNqfa1VeZO0ZgMmoK1VcMphY6Dcerd%2B4%2Ft5qWbFn%2BQxGw31y6g7ph9HcwIVd1x6m0odK%2FBbPt7LNw2aIl0W6DST1qtKta%2FtRf4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8b7c41ca1fbfb527-OSL
alt-svc: h3=":443"; ma=86400

boxupton.com/css/8493161a807a8376.css

188.114.97.1

200 OK

918 B

URL GET HTTP/3
boxupton.com/css/8493161a807a8376.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
ASCII text, with very long lines (922), with no line terminators
Size
918 B (918 bytes)
Hash
831972db4ba890c9ea438be9cc290c72
9797d858cd0a86d6b789d45f45fa575e76246c64
d4dfa3f75b24b88b235cacc10cc5e8e1d9ae5d4f39c4eb2623d609a4690f2d37

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/8493161a807a8376.css HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:11 GMT
content-type: text/css
last-modified: Mon, 19 Aug 2024 19:39:04 GMT
etag: W/"66c39f58-396"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hF5Y%2BjTrPJJskYx%2F5mGbr4kbMt1y0DHER4kGfVG4F%2BUbg8P2%2BHk7%2Fs6%2BQDOaFxt1JnuxoY%2FC0Cic4GKgJkk%2FjECFid64n3093ZCX4cXINwFSKidA97%2FyOambWMkiddY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41bfa8431bfa-OSL
alt-svc: h3=":443"; ma=86400

wallet.tg/images/logo-288.png

0.0.0.0

0 B

URL GET
wallet.tg/images/logo-288.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectwallet.tg
Fingerprint52:AE:52:83:57:C4:EA:DB:FC:01:FC:48:C5:F4:A7:81:A6:D8:9E:3A
ValiditySat, 10 Aug 2024 03:27:30 GMT - Fri, 08 Nov 2024 03:27:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/logo-288.png HTTP/1.1
Host: wallet.tg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 23 Aug 2024 15:50:14 GMT
content-type: image/png
cache-control: public, max-age=7200
content-encoding: gzip
content-security-policy: default-src 'self';  connect-src 'self' https://sentry.rtbst.com;  script-src 'self' 'unsafe-eval' 'unsafe-inline';  style-src 'self' 'unsafe-inline';  img-src 'self' blob: data:;  font-src 'self';  object-src 'none';  base-uri 'self';  form-action 'self';  frame-src 'none';  frame-ancestors 'none';  upgrade-insecure-requests;
etag: W/"5f15-19127ad9120"
last-modified: Tue, 06 Aug 2024 12:32:52 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 5660
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I1mofhMljIT0ykh9Ly04XwvBaQi2dxbIR7468Oda2V175sfV18Cwlsu3l5jaPZuBFJCWsk%2FcwRSCuStn11QxaHyWTrnzvdgmJ0CzBDTXaY18lVqcXiT%2BuGa7eg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains; preload
server: cloudflare
cf-ray: 8b7c41d1b93756bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

boxupton.com/images/borderDesk.dd90bf8b.svg

188.114.97.1

200 OK

810 B

URL GET HTTP/3
boxupton.com/images/borderDesk.dd90bf8b.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://boxupton.com/
Certificate
IssuerGoogle Trust Services
Subjectboxupton.com
FingerprintB0:62:25:BD:3D:DF:38:14:D7:AD:58:CB:09:CE:95:20:D0:CC:DF:1A
ValidityMon, 19 Aug 2024 18:35:58 GMT - Sun, 17 Nov 2024 18:35:57 GMT

File type
SVG Scalable Vector Graphics image
Size
810 B (810 bytes)
Hash
64f13343b5e5f2bc0b524319a40f5398
fc7fdfc3dd86d8a5a7907bdf9f912e236be5227c
5a5b8e1709b80ad15c87e6f4359b5bbf86a9dbc24750fc9cb3ab47a5a325b6ec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/borderDesk.dd90bf8b.svg HTTP/1.1
Host: boxupton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://boxupton.com/css/49914b74ea2c9f7c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 23 Aug 2024 15:50:12 GMT
content-type: image/svg+xml
last-modified: Mon, 19 Aug 2024 19:39:06 GMT
etag: W/"66c39f5a-32a"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AH6pvh6yRnvMM5bONUCCdHVTkOrBJKBBF4hTw%2BqnMpXzWdQLcT21SrowXNNSzCEYycpgug3AVMvp2RV%2FCjQSjdRxvC2hJYuvlds55UBma8rgxMp06zU77kIbVCNEPkA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b7c41c5d9601bfa-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (66)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN