{"report_id":"86ae2e75-f05a-4e18-8139-94519f0c9530","version":6,"status":"done","tags":[],"date":"2026-04-08T12:31:42Z","url":{"schema":"http","addr":"easybank-barc9090.up.railway.app","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":0,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"title":"easybank-barc9090.up.railway.app/","dom":{"size":3363,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"df82bf7026a604fcd3e2063fba132cca","sha1":"c3f6220557675fb5c5707a239316efa0f5dc0713","sha256":"1e3ce3ca97ae14ad11f6bdbcea562b987155e16facefc5200321b9a96127c789","sha512":"166b7fb7aee4aa68de4d1a1640c58c43d7830b944a3397b4ed1c426d0a271f4a2e82abc8ac2668fb82437646929519ca35467d5c0fe118b423b03aa5e7a8f637","ssdeep":"","tlshash":"d161412624f4043b02d2d599b9b2aa083dc5c503a606dc04b6fc4bda9fa3e87cc6725d","dom_hash":"domhashf5153bf2004671547fe118764e2191dc","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"easybank-barc9090.up.railway.app","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":0,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-13T12:31:42Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":2,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-08T12:31:21Z","timestamp":1775651481,"ip_dst":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":46828,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI","source":"{\"timestamp\":\"2026-04-08T12:31:21.789865+0000\",\"flow_id\":1630989312457820,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.5\",\"src_port\":46828,\"dest_ip\":\"172.67.74.152\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047703,\"rev\":1,\"signature\":\"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_22\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_08_22\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"External_IP_Lookup\"],\"updated_at\":[\"2023_08_22\"]}},\"tls\":{\"sni\":\"api.ipify.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":915,\"bytes_toclient\":3513,\"start\":\"2026-04-08T12:31:21.785500+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-08T12:31:21Z","timestamp":1775651481,"ip_dst":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":44538,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)","source":"{\"timestamp\":\"2026-04-08T12:31:21.833339+0000\",\"flow_id\":349347448963659,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.5\",\"src_port\":44538,\"dest_ip\":\"34.117.59.81\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2025331,\"rev\":5,\"signature\":\"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)\",\"category\":\"Device Retrieving External IP Address Detected\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Linux\",\"Mac_OSX\",\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2018_02_07\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0043\"],\"mitre_tactic_name\":[\"Reconnaissance\"],\"mitre_technique_id\":[\"T1590\"],\"mitre_technique_name\":[\"Gather_Victim_Network_Information\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_09_19\"]}},\"tls\":{\"sni\":\"ipinfo.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3414,\"start\":\"2026-04-08T12:31:21.803403+0000\"}}"}],"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-05T22:20:18.514512Z","alert_count":0,"request_count":1,"received_data":519,"sent_data":486,"comment":"","tags":null,"fingerprints":null},{"fqdn":"easybank-barc9090.up.railway.app","ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2019-08-01","domain_rank":0,"first_seen":"2026-04-08T12:31:43.44002Z","last_seen":"2026-04-08T12:31:43.44002Z","alert_count":26,"request_count":26,"received_data":313908,"sent_data":16666,"comment":"","tags":null,"fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Socket.io","description":"","website":"https://socket.io","common_platform_enumeration":"","icon":"Socket.io.svg","categories":["JavaScript frameworks"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]}]},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2026-04-05T23:05:20.049371Z","alert_count":0,"request_count":1,"received_data":88167,"sent_data":440,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"api.ipify.org","ip":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-01-05","domain_rank":8166,"first_seen":"2014-10-06T12:38:43Z","last_seen":"2026-04-06T11:59:43.380237Z","alert_count":0,"request_count":2,"received_data":538,"sent_data":954,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ipinfo.io","ip":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2013-04-23","domain_rank":1327,"first_seen":"2013-12-16T07:25:53Z","last_seen":"2026-04-01T15:23:30.174145Z","alert_count":0,"request_count":1,"received_data":539,"sent_data":465,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"631c31ad938a457b477ed9e3ba7db76f","sha1":"3cbaa0c8841b18874850726763dd3f253ca22d6f","sha256":"b30fbc084ca23fc3132deed62af951b341c900d6c0177abb564c9009fe0dc317","sha512":"677e52889638dec59092559ec20cc8ec1ad3add2f8a162480e8d90e22505f71696525b4f8b60a797a99ed1291a30e2e86200510327e2cd3a52c9a7ed8c033e92","ssdeep":"","tlshash":"f001acfb30a604610ab7b27a882b86443172d0033802dd087fac8745df69c5f997278b","size":766,"data":"","first_seen":"2026-04-08T12:31:45.413618Z","last_seen":"2026-04-08T13:01:01.745224Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.7.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87533,"data":"","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-04-08T18:40:27.866665Z","times_seen":137905,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/socket.io/socket.io.js","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec127053f9c5cbfeeefd263b4b23bc0a","sha1":"11c08d7468ffe8980b0f862280c0c371776938a8","sha256":"bc425714aa8f2547d6939e3721ebafd3830a7562a1f6cb08acc1e794bd707954","sha512":"81ec905226bb2b6632f968b204f873331a4a75f24c0f27d50bb5ea930bec797a7c201eed1eaf1a9ef06cbbe923a722bb54fdcbf2be7147eea00d77a80565a39e","ssdeep":"3072:zLTygH4CO2KsFpWw0axS8RZIXyR7dSGg18FEEaLH32emV/Tfkmh0KbhEGtkSWq:zLTy7X1sFpWw0aTRrgaEEaLH32emV/D5","tlshash":"6ce35f49aaf72051917330398bafa045f239d01b620acd443d1cd7f49f65b3897aafe9","size":155836,"data":"","first_seen":"2026-01-01T23:52:44.961231Z","last_seen":"2026-04-08T13:01:01.741323Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/js/tracker.js","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"58884f3d8bbac43418ee2b5c64691ef2","sha1":"837f572e941b1fbfb4e03db10649fef1a066bf6a","sha256":"9207970af58f14547d6d3d0c6217bed62b340ca83c067c5411ac1409fa9900f6","sha512":"c19d9abe4e2f0b3f0ac4fefa0ffaeab69967e026788e4a3aa0f216c7cb4c6493162b7ac74ea9ffab4c576e64f814547d7ccc3fc7676d313daf7c80135418d2b0","ssdeep":"768:gy+v5u9NQX3fDPsis9ORFbvSLt7OJKZjqIfENIqinQflbRsLSy:Gv2qHfrsis9bROYZOLIVnQNgSy","tlshash":"ba63d81d24a0223559731376bb53b009f23691232746a96abefd830c2fb15a4d776fec","size":69133,"data":"","first_seen":"2026-04-08T12:31:45.411562Z","last_seen":"2026-04-08T13:01:01.733366Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11o87rzc\u0026sid=s7_PopdtmE7RNqaGAAZJ","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:22.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"GET /socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11o87rzc\u0026sid=s7_PopdtmE7RNqaGAAZJ HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nCookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-store\r\nx-railway-cdn-edge: fastly/cache-hel1410022-HEL\r\ncontent-type: text/plain; charset=UTF-8\r\ndate: Wed, 08 Apr 2026 12:31:22 GMT\r\nserver: railway-edge\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: 6x6ZibWYQiKfLie755So4g\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410022-HEL\r\ncontent-length: 247\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":247,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"data","md5":"e337da6525cce4498a8e0d61e461eb83","sha1":"29cb4ef36ce13782c575e9c3dfd4f2b6c63a557d","sha256":"cac45a468d975547166b3d6334001e4e546bf1ad81439f788b81a2ab12795854","sha512":"60948dbfe3ca32e9925d722b47a4ddcdcb41610afb58d3aa8cb10f569030d93b4210e4113f598c69f265cb841922885737c7f6c64fdeaac3d734bef8f7fce0b7","ssdeep":"","tlshash":"d8d02e3aa8180a98ea7bd38cbc0a37170e81000a4d8880e88d88134c073aade2a4602b","first_seen":"2026-04-08T12:31:45.381868Z","last_seen":"2026-04-08T13:01:01.738652Z","times_seen":2,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11o9p990\u0026sid=s7_PopdtmE7RNqaGAAZJ","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:22.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"GET /socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11o9p990\u0026sid=s7_PopdtmE7RNqaGAAZJ HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nCookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-store\r\nx-railway-cdn-edge: fastly/cache-hel1410022-HEL\r\ncontent-type: text/plain; charset=UTF-8\r\ndate: Wed, 08 Apr 2026 12:31:22 GMT\r\nserver: railway-edge\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: 5Z7BtlXEQvyrx6Vgs_GTAg\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410022-HEL\r\ncontent-length: 226\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":226,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"data","md5":"dc70e95242563f0dd16663f440517198","sha1":"cae8a3a5ab35bd2a336096e3572fd6f5c2f8cbc0","sha256":"51005d4e3da922cb6fbce55a2ff072afb2080e2c72a8205533fc7e712c725687","sha512":"7ada94aa268171e15252fb74413411dc24b801cc04faabf90bd0cecc3e0a1d0519fe75785aa2de6cba60dd2133306f9a61f1b384bc65e4f02e6d94ffa148fbac","ssdeep":"","tlshash":"e3d0a72fbd584f9cea7fd39cbc05761b4d4500095d4c90e54998134c07364cb5a4901b","first_seen":"2026-04-08T12:31:45.382911Z","last_seen":"2026-04-08T12:31:45.382911Z","times_seen":1,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.7.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:21.465Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.7.1.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-155ed\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Wed, 08 Apr 2026 12:31:21 GMT\r\nage: 1909224\r\nx-served-by: cache-lga21978-LGA, cache-hel1410024-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 27, 9308\r\nx-timer: S1775651482.513642,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30336\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":87533,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-04-08T18:40:27.866665Z","times_seen":137905,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":43,"dns":3,"connect":13,"send":0,"wait":13,"receive":6,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/img/luigon-botuin.PNG","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:21.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"GET /img/luigon-botuin.PNG HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nCookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\nx-railway-cdn-edge: fastly/cache-hel1410022-HEL\r\ncontent-type: image/png\r\ndate: Wed, 08 Apr 2026 12:31:21 GMT\r\netag: W/\"28ff-19c9cef6e58\"\r\nlast-modified: Fri, 27 Feb 2026 02:31:03 GMT\r\nserver: railway-edge\r\nx-powered-by: Express\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: KosW-MTaRFSwXrKY55So4g\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410022-HEL\r\ncontent-length: 10495\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":10495,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 734 x 260, 8-bit/color RGBA, non-interlaced","md5":"acac62a9976d79278890af39dee1fad8","sha1":"f9329c67c96cda89174d8d4e34f19c8bf549e532","sha256":"744ec7606d123dbf1ff38403f354d4c2db220b2334019e5fa7a32a70e31bc0d3","sha512":"94088d94f9aebf5571dec094680d7ef7b3f499ca6a3e3e15b5042341d68015480577990f4caffa29fd922952c8eace3adff87934948fc27d5d8e909a4b35b2b8","ssdeep":"192:931Tx5JuqtqwBO5jwN7RJ5PAHwDLIeNHtGnUb6N0bwmS2LZJ+scq+zZfP5dt:9Dbu1I5PWwD9tGUDtLT+bjlHt","tlshash":"1d225ecdd2a31a91e6378c32dd7a2bba6744091046689a748fd0f3831ecb05458fd1be","first_seen":"2026-04-08T12:31:45.387615Z","last_seen":"2026-04-08T13:01:01.726161Z","times_seen":2,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"easybank-barc9090.up.railway.app/socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=websocket\u0026sid=s7_PopdtmE7RNqaGAAZJ","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:21.853Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"GET /socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=websocket\u0026sid=s7_PopdtmE7RNqaGAAZJ HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://easybank-barc9090.up.railway.app\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: jSY0WPTa+2Olll3ksTojpQ==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nCookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 400 \r\nConnection: close\r\ncontent-type: application/json\r\ndate: Wed, 08 Apr 2026 12:31:21 GMT\r\nserver: railway-edge\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: l3FJwBNERoWEIksHnbOCzg\r\nx-railway-cdn-edge: fastly/cache-hel1410034-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410034-HEL\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-08T18:38:04.927941Z","times_seen":13511318,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":1,"connect":26,"send":0,"wait":62,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.ipify.org/?format=json","fqdn":"api.ipify.org","domain":"ipify.org","tld":"org"},"ip":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:21.947Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipify.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 01 Mar 2026 16:45:18 GMT","end":"Sat, 30 May 2026 17:45:14 GMT"},"fingerprint":{"sha1":"EF:8D:ED:C7:B3:46:8A:91:47:71:92:F2:D9:B0:67:EA:C1:FC:5B:89","sha256":"01:CA:DB:EB:79:61:2D:B3:FE:2B:09:FE:44:84:EA:5B:6E:C1:3B:81:A1:0F:8C:9F:DE:2E:16:1E:59:45:06:D9"}}},"request":{"raw":"GET /?format=json HTTP/1.1\r\nHost: api.ipify.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nOrigin: https://easybank-barc9090.up.railway.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Apr 2026 12:31:22 GMT\r\ncontent-type: application/json\r\ncontent-length: 21\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\ncf-ray: 9e9149e22e344c11-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7d69c71af0f191e9a72db6153f8018d1","sha1":"f67c5f2887bc05654b47f76e9621e53a4091aed1","sha256":"5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65","sha512":"fdf43a8f3d843fe9008949d6709c8e2a5cd640f6101522319745f0a829f21dc8f4bd4d70ff3e2f6e1fd53ca0d2dd872bf3588c593a403071102ab28763cbdba5","ssdeep":"","tlshash":"b8700022000000208c80800eca0a032223a0000ac20a00088e800b2288a0b380282032","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-08T18:41:45.814693Z","times_seen":83668,"resource_available":true,"data":null}},"time_used":90,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":90,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/update-client-ip","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:22.047Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"POST /update-client-ip HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nContent-Type: application/json\r\nContent-Length: 236\r\nOrigin: https://easybank-barc9090.up.railway.app\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":236,"data":"{\"clientIP\":\"91.90.42.154\",\"source\":\"ipify.org\",\"timestamp\":\"2026-04-08T12:31:22.039Z\",\"userAgent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"pageUrl\":\"https://easybank-barc9090.up.railway.app/\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nx-railway-cdn-edge: fastly/cache-hel1410022-HEL\r\ncontent-type: application/json; charset=utf-8\r\ndate: Wed, 08 Apr 2026 12:31:22 GMT\r\netag: W/\"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA\"\r\nserver: railway-edge\r\nx-powered-by: Express\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: syx6hZCkTsK_Pk9R55So4g\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410022-HEL\r\ncontent-length: 16\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-08T18:34:17.466882Z","times_seen":117193,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11o88mc0\u0026sid=s7_PopdtmE7RNqaGAAZJ","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:22.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"POST /socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11o88mc0\u0026sid=s7_PopdtmE7RNqaGAAZJ HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: text/plain;charset=UTF-8\r\nContent-Length: 286\r\nOrigin: https://easybank-barc9090.up.railway.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nCookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":286,"data":"42[\"client-ip\",{\"clientIP\":\"91.90.42.154\",\"source\":\"ipify.org\",\"timestamp\":\"2026-04-08T12:31:22.039Z\",\"userAgent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"pageUrl\":\"https://easybank-barc9090.up.railway.app/\"}]\u001e42[\"get-country-filter-settings\"]"}},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-store\r\nx-railway-cdn-edge: fastly/cache-hel1410022-HEL\r\ncontent-type: text/html\r\ndate: Wed, 08 Apr 2026 12:31:22 GMT\r\nserver: railway-edge\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: HCmvKaSMT5-IzNOv55So4g\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410022-HEL\r\ncontent-length: 2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2,"size_decoded":0,"mime_type":"text/html","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-04-08T18:36:02.945192Z","times_seen":392877,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/favicon.ico","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:22.147Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nCookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nx-railway-cdn-edge: fastly/cache-hel1410022-HEL\r\ncontent-security-policy: default-src 'none'\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 08 Apr 2026 12:31:22 GMT\r\nserver: railway-edge\r\nx-content-type-options: nosniff\r\nx-powered-by: Express\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: UV7ClwpNTB2tNtVy55So4g\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410022-HEL\r\ncontent-length: 150\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":150,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"84241342d84ac29592a5d9516f8edf7f","sha1":"03c53980e18e17625f439c20e7d438f066202428","sha256":"6e21162bc64073fe9e3d3d6375ca24d04fed1912a5b7716aac0cb0f2d16fae7c","sha512":"7509483335c7a30365f7f403098491ac0b44fffcc68a5cdacb86ec191f02dbda5b16a20a09e924b6a29ac938578d43bacb9a50115db5c5668ea27fe1811bd530","ssdeep":"","tlshash":"34c08c9e140012010b2087042ac1326464973b992de685006a87e027ece8a1ad987288","first_seen":"2023-04-05T13:59:49Z","last_seen":"2026-04-08T17:45:37.132268Z","times_seen":5619,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/img/main-tup.PNG","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:21.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"GET /img/main-tup.PNG HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nCookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\nx-railway-cdn-edge: fastly/cache-hel1410022-HEL\r\ncontent-type: image/png\r\ndate: Wed, 08 Apr 2026 12:31:21 GMT\r\netag: W/\"c123-19c9cef6e58\"\r\nlast-modified: Fri, 27 Feb 2026 02:31:03 GMT\r\nserver: railway-edge\r\nx-powered-by: Express\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: bCf-dL_EQzqMPCNEs_GTAg\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410022-HEL\r\ncontent-length: 49443\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":49443,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1315 x 664, 8-bit/color RGBA, non-interlaced","md5":"1616ae669b4de4b37d9dc32a0e7e72cf","sha1":"739c9a86607c19bd88abbd9a963b6b20b3d4057b","sha256":"389a873de70d6bbdcfe68862bc225cdf2f25a2e5d6027a55fd994828d34682ea","sha512":"92d48b07100cf3ba173844ff357e0c953d9d5f69b77fe410c6d8858f7fe7c3797ca1af825d3ded03baccd4f3cdb28b92c8c4c8239e71895d302fc90c3d30a6e8","ssdeep":"768:dZ4wUSxLrNsHrda9dKrW7tCeuPivSz8Wcj/7aNnWHBrak7jS4od6VWWWWWWWWWWP:dZ4AHsHxaV7puMF3jWNnWHXjS4oU/","tlshash":"e023ad86da47cd62d49df0be28083a36bbf45714f88161ee87f5702c4add32a2751f26","first_seen":"2026-04-08T12:31:45.398668Z","last_seen":"2026-04-08T13:01:01.743425Z","times_seen":2,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipinfo.io/json","fqdn":"ipinfo.io","domain":"ipinfo.io","tld":"io"},"ip":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:21.794Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipinfo.io","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 17:34:23 GMT","end":"Wed, 17 Jun 2026 17:34:22 GMT"},"fingerprint":{"sha1":"46:EE:4F:2A:8F:A9:1C:FF:C1:D1:E0:E0:F3:F9:46:3D:35:3D:99:A0","sha256":"7F:8C:02:5E:AA:BB:83:7C:17:1B:48:B5:1A:1F:AE:02:D4:EF:7B:D0:A8:AF:9D:62:8A:3E:14:8F:66:E7:C8:4D"}}},"request":{"raw":"GET /json HTTP/1.1\r\nHost: ipinfo.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nOrigin: https://easybank-barc9090.up.railway.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-type: application/json\r\ncontent-encoding: gzip\r\ndate: Wed, 08 Apr 2026 12:31:21 GMT\r\nvary: accept-encoding\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":280,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"adf22d9a8ca3a97a9ff78909b8702358","sha1":"f5046826566a7e98d6b5e5c7b0a65677c3bde708","sha256":"756edd1454b049c1370e83c864bc93dfdd82f44d8f9752b3068e5a11867a5de3","sha512":"182391c8c01e54481853a09aa4cf8072496850e45863b198721d0d572e3aa93d8fe11a90bfb24cf97fa64cc132f1594c379474db65db5a1d2207694f770443b9","ssdeep":"","tlshash":"c3d02b6621341b37aeed455c8406960622656e1f1642369f0fe72b0c100c87334f03ae","first_seen":"2023-04-17T17:28:07Z","last_seen":"2026-04-08T18:13:31.092255Z","times_seen":47702,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":44,"dns":19,"connect":13,"send":0,"wait":138,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11o15hbn\u0026sid=s7_PopdtmE7RNqaGAAZJ","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:21.847Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"POST /socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11o15hbn\u0026sid=s7_PopdtmE7RNqaGAAZJ HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: text/plain;charset=UTF-8\r\nContent-Length: 2\r\nOrigin: https://easybank-barc9090.up.railway.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nCookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"40"}},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-store\r\nx-railway-cdn-edge: fastly/cache-hel1410022-HEL\r\ncontent-type: text/html\r\ndate: Wed, 08 Apr 2026 12:31:21 GMT\r\nserver: railway-edge\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: h19c7U51T6i7WKQtm3z_FQ\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410022-HEL\r\ncontent-length: 2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2,"size_decoded":0,"mime_type":"text/html","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-04-08T18:36:02.945192Z","times_seen":392877,"resource_available":true,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11o44l2d\u0026sid=s7_PopdtmE7RNqaGAAZJ","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:21.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"POST /socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11o44l2d\u0026sid=s7_PopdtmE7RNqaGAAZJ HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: text/plain;charset=UTF-8\r\nContent-Length: 252\r\nOrigin: https://easybank-barc9090.up.railway.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nCookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":252,"data":"42[\"client-ip\",{\"clientIP\":\"91.90.42.154\",\"source\":\"ipify.org\",\"timestamp\":\"2026-04-08T12:31:21.939Z\",\"userAgent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"pageUrl\":\"https://easybank-barc9090.up.railway.app/\"}]"}},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-store\r\nx-railway-cdn-edge: fastly/cache-hel1410022-HEL\r\ncontent-type: text/html\r\ndate: Wed, 08 Apr 2026 12:31:21 GMT\r\nserver: railway-edge\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: QQ3dRi0_QqiQyWW2s_GTAg\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410022-HEL\r\ncontent-length: 2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2,"size_decoded":0,"mime_type":"text/html","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-04-08T18:36:02.945192Z","times_seen":392877,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11nzakpy","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:21.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"GET /socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11nzakpy HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nCookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-store\r\nx-railway-cdn-edge: fastly/cache-hel1410022-HEL\r\ncontent-type: text/plain; charset=UTF-8\r\ndate: Wed, 08 Apr 2026 12:31:21 GMT\r\nserver: railway-edge\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: yXPm4UVETmSZ47eU55So4g\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410022-HEL\r\ncontent-length: 118\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":118,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"b7e793a24d96609f115eb1b27abc9bbc","sha1":"27974a7bad9d88e5a9deb28e7304f11c3486e79c","sha256":"cafbeaebb1e35ec0adc607c134ccb8a9346371ad2b00e75e6b08789ce4e9fa86","sha512":"922928fdc00bca09e056e977370fbe6c88b0526e06e92dbf33e69dc60eb04f42e858285cc81a6e2cebae0315af173cba89e49ba685e6b9ba89035b7a53961dd3","ssdeep":"","tlshash":"7bb02b85844c42c0f920b684b0e35a090504780e54c204982134008c8c060005012a17","first_seen":"2026-04-08T12:31:45.400171Z","last_seen":"2026-04-08T12:31:45.400171Z","times_seen":1,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/update-client-ip","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:21.952Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"POST /update-client-ip HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nContent-Type: application/json\r\nContent-Length: 236\r\nOrigin: https://easybank-barc9090.up.railway.app\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":236,"data":"{\"clientIP\":\"91.90.42.154\",\"source\":\"ipify.org\",\"timestamp\":\"2026-04-08T12:31:21.940Z\",\"userAgent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"pageUrl\":\"https://easybank-barc9090.up.railway.app/\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nx-railway-cdn-edge: fastly/cache-hel1410022-HEL\r\ncontent-type: application/json; charset=utf-8\r\ndate: Wed, 08 Apr 2026 12:31:21 GMT\r\netag: W/\"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA\"\r\nserver: railway-edge\r\nx-powered-by: Express\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: -KhU6QbXQBO0YHmNm3z_FQ\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410022-HEL\r\ncontent-length: 16\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-08T18:34:17.466882Z","times_seen":117193,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/img/luigon.PNG","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:21.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"GET /img/luigon.PNG HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nCookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\nx-railway-cdn-edge: fastly/cache-hel1410022-HEL\r\ncontent-type: image/png\r\ndate: Wed, 08 Apr 2026 12:31:21 GMT\r\netag: W/\"1e84-19c9cef6e58\"\r\nlast-modified: Fri, 27 Feb 2026 02:31:03 GMT\r\nserver: railway-edge\r\nx-powered-by: Express\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: siO9piu4SRyC3VN2vEOTxA\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410022-HEL\r\ncontent-length: 7812\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":7812,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 713 x 337, 8-bit/color RGBA, non-interlaced","md5":"9bf92e3993e40eb95cf4f37185aeba4d","sha1":"4affd6b9a56c5ebe266bd76e8598aade68772381","sha256":"ca4dbf5aba4ada573b672681cd1095b196c844091526e378fa2b903453aa9c6a","sha512":"609e070d6227486fec16c5b820c77bc2ba45cffe75fc43e93dc16046c7705be74d61e0d42a1be291a349c8ddb2e9109c3f41b3d52f22b0737bf7729af6ff6212","ssdeep":"192:yQKH1Ec8h45vbziQ5WsU0d6olnTXHhsPipusgRy:CVEVhuCilpd6OjBjpAc","tlshash":"6ef11ad72c6888376608e64fef93e775143f6684e055ea6220d2e09f738ea35fc19253","first_seen":"2026-04-08T12:31:45.402862Z","last_seen":"2026-04-08T13:01:01.742152Z","times_seen":2,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11o42eie\u0026sid=s7_PopdtmE7RNqaGAAZJ","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:21.945Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"GET /socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11o42eie\u0026sid=s7_PopdtmE7RNqaGAAZJ HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nCookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-store\r\nx-railway-cdn-edge: fastly/cache-hel1410022-HEL\r\ncontent-type: text/plain; charset=UTF-8\r\ndate: Wed, 08 Apr 2026 12:31:21 GMT\r\nserver: railway-edge\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: Tnc5ms5jT9SbSy4ynTga3g\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410022-HEL\r\ncontent-length: 619\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":619,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"data","md5":"0d0fd7c25cbf623cd9209001b7aae7f4","sha1":"4bdab2740afd2efb38afee7a3c1a42410f94eca3","sha256":"30ecee9a3d9693e7848094a1643c629f1e8b63a1be60f4e9c05ecaf5ed39079b","sha512":"42b80fdcefd62d2e527b90871c221bfa6f249a8667202bd45c8ad0de279968e6ca2fb682911e35155ceff11237a82da764e825b971df205fccbe8bf823dde03c","ssdeep":"","tlshash":"28f0e10b84280db0fd1ba20d8d0b6f1a53b4733fe2469428e48d0b94a6547ed547d8cf","first_seen":"2026-04-08T12:31:45.403866Z","last_seen":"2026-04-08T12:31:45.403866Z","times_seen":1,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11o9rcnr\u0026sid=s7_PopdtmE7RNqaGAAZJ","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:22.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"POST /socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11o9rcnr\u0026sid=s7_PopdtmE7RNqaGAAZJ HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: text/plain;charset=UTF-8\r\nContent-Length: 107\r\nOrigin: https://easybank-barc9090.up.railway.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nCookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":107,"data":"42[\"get-visitor-country\",{\"clientIP\":\"91.90.42.154\"}]\u001e42[\"get-visitor-country\",{\"clientIP\":\"91.90.42.154\"}]"}},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-store\r\nx-railway-cdn-edge: fastly/cache-hel1410022-HEL\r\ncontent-type: text/html\r\ndate: Wed, 08 Apr 2026 12:31:22 GMT\r\nserver: railway-edge\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: PwLAQNK1RP2t5nB0m3z_FQ\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410022-HEL\r\ncontent-length: 2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2,"size_decoded":0,"mime_type":"text/html","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-04-08T18:36:02.945192Z","times_seen":392877,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11obc5ya\u0026sid=s7_PopdtmE7RNqaGAAZJ","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:22.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"GET /socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11obc5ya\u0026sid=s7_PopdtmE7RNqaGAAZJ HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nCookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-store\r\nx-railway-cdn-edge: fastly/cache-hel1410022-HEL\r\ncontent-type: text/plain; charset=UTF-8\r\ndate: Wed, 08 Apr 2026 12:31:22 GMT\r\nserver: railway-edge\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: G4D350AZQeq0Hs2ss_GTAg\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410022-HEL\r\ncontent-length: 83\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":83,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"0b8a247784b2b16e3820821ab38f1364","sha1":"03421c7b62fee62968160ea1549a11a42578944f","sha256":"7496b13691c950faa2d2cff527e850b86d21a510a9320b45f3a9cadd5efc655e","sha512":"d1261370f9d9e9500fab158801e23abe4e6a42ca27f6de51b27dd091f52e3d6306740730e4aa7e20ff382e93219a957108ec84adda43fdcfecfb82987fa3ad7d","ssdeep":"","tlshash":"66a0122d3c282599c47e8208500731420985c61241427000818c7634c51b0da0000953","first_seen":"2026-04-08T12:31:45.405215Z","last_seen":"2026-04-08T13:01:01.73643Z","times_seen":2,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11ogzb4b\u0026sid=s7_PopdtmE7RNqaGAAZJ","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:22.410Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"GET /socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11ogzb4b\u0026sid=s7_PopdtmE7RNqaGAAZJ HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nCookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-store\r\nx-railway-cdn-edge: fastly/cache-hel1410022-HEL\r\ncontent-type: text/plain; charset=UTF-8\r\ndate: Wed, 08 Apr 2026 12:31:39 GMT\r\nserver: railway-edge\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: ApZ-juQZTqywEyFKm3z_FQ\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410022-HEL\r\ncontent-length: 22\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"f445710fadc2cbca5b56558b227f2735","sha1":"8cd5ed78d59cf14d02daafd6752a75c3c5c9db1e","sha256":"299fee0b39239aefa1e55337805215dde034301f24faca0475be1d32ad7fbd85","sha512":"2cda6dff48e56d58b9a573571ac904b1db8eabffa3a0bd5d434804d69eae3c1332fa43d7ccf30d99338a110adb0c56ec65287474073c85300fce2178305e4816","ssdeep":"","tlshash":"0f70000828a88a28c82e000c00008a080a800008ba0a00a0020a220002200000a0e008","first_seen":"2025-11-17T17:16:55.715431Z","last_seen":"2026-04-08T13:01:01.73439Z","times_seen":4,"resource_available":false,"data":null}},"time_used":16805,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16805,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=121g4mwb\u0026sid=s7_PopdtmE7RNqaGAAZJ","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:39.225Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"GET /socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=121g4mwb\u0026sid=s7_PopdtmE7RNqaGAAZJ HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nCookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-store\r\nx-railway-cdn-edge: fastly/cache-hel1410022-HEL\r\ncontent-type: text/plain; charset=UTF-8\r\ndate: Wed, 08 Apr 2026 12:31:39 GMT\r\nserver: railway-edge\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: db42ZQmNRzCfEXJqnbOCzg\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410022-HEL\r\ncontent-length: 45\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"6c292656c3aa1b2cefec3f58fdd4418c","sha1":"b3964aebe9fa745493965294c4fbbb3984f88d6d","sha256":"f10a69b6979a560bb7aeb110cf411433a9e1b5bf65bffb9bb5aa3f5689a2e7bd","sha512":"177438d9d302ed358aeeb52f0e8493937140861a1011a6a76e43c989ae8a9f688b3cc9885db8ed55b03156f742818b425a34ce61b4faa940c7da5421b8bf2893","ssdeep":"","tlshash":"6a900430d5144735d075d1cd3c07f45000c1735104434555c155317713d174c3d05575","first_seen":"2026-04-08T12:31:45.407147Z","last_seen":"2026-04-08T12:31:45.407147Z","times_seen":1,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/css/botta.css","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:21.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"GET /css/botta.css HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nCookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\nx-railway-cdn-edge: fastly/cache-hel1410022-HEL\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Wed, 08 Apr 2026 12:31:21 GMT\r\netag: W/\"1067-19c9cef6e58\"\r\nlast-modified: Fri, 27 Feb 2026 02:31:03 GMT\r\nserver: railway-edge\r\nx-powered-by: Express\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: NdbDaS7-Q5melJzBvEOTxA\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410022-HEL\r\ncontent-length: 4199\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":4199,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"27922ed7a5e02cad90fef44fd7a6223c","sha1":"883e89bfd614341beee9e7f3800e0322b9f61686","sha256":"21e67b9fc2f0e7bbcdcb6654d99a343890d420f773b1fb295201cdea2acc502f","sha512":"4fce727ce13730b4fbf31302d3e7aeef6472714dc2aad6c80b0596750367ccf7444341a795afe735ef6c0d9c378b9d1935358cf19de51ebe4e421142f9fc4140","ssdeep":"96:B4oJpb4pFhI1heS8t9zzRw85tXhofD+Y6HC3LXf4H3u:5Jpb4pTI1heSu9/5txyD+Y6i7f4H3u","tlshash":"ef81268a6a732551740be5b86bead746333c9043840edd787fd936888f492e49572fcc","first_seen":"2026-04-08T12:31:45.408406Z","last_seen":"2026-04-08T13:01:01.739657Z","times_seen":2,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/socket.io/socket.io.js","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:21.466Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"GET /socket.io/socket.io.js HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nCookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=0\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 08 Apr 2026 12:31:21 GMT\r\netag: \"4.8.3\"\r\nserver: railway-edge\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: 0MYKZ0fTTdC_BwF6m3z_FQ\r\nx-railway-cdn-edge: fastly/cache-hel1410022-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410022-HEL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":155836,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"ec127053f9c5cbfeeefd263b4b23bc0a","sha1":"11c08d7468ffe8980b0f862280c0c371776938a8","sha256":"bc425714aa8f2547d6939e3721ebafd3830a7562a1f6cb08acc1e794bd707954","sha512":"81ec905226bb2b6632f968b204f873331a4a75f24c0f27d50bb5ea930bec797a7c201eed1eaf1a9ef06cbbe923a722bb54fdcbf2be7147eea00d77a80565a39e","ssdeep":"3072:zLTygH4CO2KsFpWw0axS8RZIXyR7dSGg18FEEaLH32emV/Tfkmh0KbhEGtkSWq:zLTy7X1sFpWw0aTRrgaEEaLH32emV/D5","tlshash":"6ce35f49aaf72051917330398bafa045f239d01b620acd443d1cd7f49f65b3897aafe9","first_seen":"2026-01-01T23:52:44.961231Z","last_seen":"2026-04-08T13:01:01.741323Z","times_seen":60,"resource_available":true,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.ipify.org/?format=json","fqdn":"api.ipify.org","domain":"ipify.org","tld":"org"},"ip":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:21.792Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipify.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 01 Mar 2026 16:45:18 GMT","end":"Sat, 30 May 2026 17:45:14 GMT"},"fingerprint":{"sha1":"EF:8D:ED:C7:B3:46:8A:91:47:71:92:F2:D9:B0:67:EA:C1:FC:5B:89","sha256":"01:CA:DB:EB:79:61:2D:B3:FE:2B:09:FE:44:84:EA:5B:6E:C1:3B:81:A1:0F:8C:9F:DE:2E:16:1E:59:45:06:D9"}}},"request":{"raw":"GET /?format=json HTTP/1.1\r\nHost: api.ipify.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nOrigin: https://easybank-barc9090.up.railway.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Apr 2026 12:31:21 GMT\r\ncontent-type: application/json\r\ncontent-length: 21\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\ncf-ray: 9e9149e14bb14c11-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7d69c71af0f191e9a72db6153f8018d1","sha1":"f67c5f2887bc05654b47f76e9621e53a4091aed1","sha256":"5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65","sha512":"fdf43a8f3d843fe9008949d6709c8e2a5cd640f6101522319745f0a829f21dc8f4bd4d70ff3e2f6e1fd53ca0d2dd872bf3588c593a403071102ab28763cbdba5","ssdeep":"","tlshash":"b8700022000000208c80800eca0a032223a0000ac20a00088e800b2288a0b380282032","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-08T18:41:45.814693Z","times_seen":83668,"resource_available":true,"data":null}},"time_used":122,"timings":{"blocked":9,"dns":3,"connect":1,"send":0,"wait":95,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11o177g4\u0026sid=s7_PopdtmE7RNqaGAAZJ","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:21.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"GET /socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11o177g4\u0026sid=s7_PopdtmE7RNqaGAAZJ HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nCookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-store\r\nx-railway-cdn-edge: fastly/cache-hel1410022-HEL\r\ncontent-type: text/plain; charset=UTF-8\r\ndate: Wed, 08 Apr 2026 12:31:21 GMT\r\nserver: railway-edge\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: Ql20lx1lQUGdYA86nTga3g\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410022-HEL\r\ncontent-length: 682\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":682,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"data","md5":"215ae7b220d119f12e19435b5197d6cc","sha1":"4883df2b3ab831bdf123d43f46a14f79bbda6550","sha256":"44484dd9fd5af39da5267291eba68e3034cf1cbe4a84303d78120e2c5d309edc","sha512":"c0c8e8e8db34d8677137c6240c87393d08368f52ce54557e672a7e9ff288693c34635f179af8e73f517b8d1e82a3ddab9156d1a18a91cc4425de0bc493ca183a","ssdeep":"","tlshash":"c801d34bdc241cf0ed1b510de90a6b165370763bb252e428e14e03901629bec757d88a","first_seen":"2026-04-08T12:31:45.409786Z","last_seen":"2026-04-08T12:31:45.409786Z","times_seen":1,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11o683us\u0026sid=s7_PopdtmE7RNqaGAAZJ","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:22.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"POST /socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11o683us\u0026sid=s7_PopdtmE7RNqaGAAZJ HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: text/plain;charset=UTF-8\r\nContent-Length: 416\r\nOrigin: https://easybank-barc9090.up.railway.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nCookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":416,"data":"42[\"visitor-metadata\",{\"clientIP\":\"91.90.42.154\",\"country\":\"NO\",\"city\":\"Oslo\",\"org\":\"AS50304 Blix Solutions AS\",\"isp\":\"AS50304 Blix Solutions AS\",\"proxy\":false,\"region\":\"Oslo\",\"timezone\":\"Europe/Oslo\",\"timestamp\":\"2026-04-08T12:31:22.006Z\"}]\u001e42[\"get-country-filter-settings\"]\u001e42[\"page-view\",{\"path\":\"/\",\"title\":\"\",\"referrer\":null,\"timestamp\":\"2026-04-08T12:31:22.007Z\",\"ip\":\"91.90.42.154\",\"clientIP\":\"91.90.42.154\"}]"}},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-store\r\nx-railway-cdn-edge: fastly/cache-hel1410022-HEL\r\ncontent-type: text/html\r\ndate: Wed, 08 Apr 2026 12:31:22 GMT\r\nserver: railway-edge\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: XACtgMTdQmWrKgJBs_GTAg\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410022-HEL\r\ncontent-length: 2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2,"size_decoded":0,"mime_type":"text/html","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-04-08T18:36:02.945192Z","times_seen":392877,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11offfrn\u0026sid=s7_PopdtmE7RNqaGAAZJ","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:22.354Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"GET /socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11offfrn\u0026sid=s7_PopdtmE7RNqaGAAZJ HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nCookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-store\r\nx-railway-cdn-edge: fastly/cache-hel1410022-HEL\r\ncontent-type: text/plain; charset=UTF-8\r\ndate: Wed, 08 Apr 2026 12:31:22 GMT\r\nserver: railway-edge\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: KuhLbFhUSauoMeUum3z_FQ\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410022-HEL\r\ncontent-length: 83\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":83,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"0b8a247784b2b16e3820821ab38f1364","sha1":"03421c7b62fee62968160ea1549a11a42578944f","sha256":"7496b13691c950faa2d2cff527e850b86d21a510a9320b45f3a9cadd5efc655e","sha512":"d1261370f9d9e9500fab158801e23abe4e6a42ca27f6de51b27dd091f52e3d6306740730e4aa7e20ff382e93219a957108ec84adda43fdcfecfb82987fa3ad7d","ssdeep":"","tlshash":"66a0122d3c282599c47e8208500731420985c61241427000818c7634c51b0da0000953","first_seen":"2026-04-08T12:31:45.405215Z","last_seen":"2026-04-08T13:01:01.73643Z","times_seen":2,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Segoe+UI:wght@400;600\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:21.570Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:41 GMT","end":"Mon, 08 Jun 2026 08:38:40 GMT"},"fingerprint":{"sha1":"03:81:A0:0E:E1:9B:80:A3:BC:CD:F9:25:A5:7B:8A:43:07:22:C6:00","sha256":"73:8D:9A:B1:F0:C3:6E:8F:EE:C0:2F:99:C8:89:24:16:9A:DB:D1:9C:27:5D:8A:7A:A8:2B:0E:10:42:28:53:7F"}}},"request":{"raw":"GET /css2?family=Segoe+UI:wght@400;600\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 400 Bad Request\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Wed, 08 Apr 2026 12:31:21 GMT\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"Bad Request","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-08T18:38:04.927941Z","times_seen":13511318,"resource_available":true,"data":null}},"time_used":135,"timings":{"blocked":52,"dns":1,"connect":7,"send":0,"wait":23,"receive":0,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-08T12:31:21.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-railway-cdn-edge: fastly/cache-hel1410022-HEL\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 08 Apr 2026 12:31:21 GMT\r\netag: W/\"e28-YPXUiLrOT7R91S/zFtT3Kjm/kI8\"\r\nserver: railway-edge\r\nset-cookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog; Path=/; HttpOnly\r\nx-powered-by: Express\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: b8aKsh5PTTuiScR9nbOCzg\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410022-HEL\r\ncontent-length: 3624\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Socket.io","description":"","website":"https://socket.io","common_platform_enumeration":"","icon":"Socket.io.svg","categories":["JavaScript frameworks"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]}],"data":{"size":3624,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"1c211aa36b936ba281b1563c1ef10dfc","sha1":"60f5d488bace4fb47dd52ff316d4f72a39bf908f","sha256":"f3818d040509c54164317bccbb4ce3e8645b965a5db6048ed733571081bafc3f","sha512":"a0b7021edb73019790a911d12f92abfd2f278cc89d32586fdf21f0c2f2866c7ae199c48621beaf845c2f4706175813ebd770a52ee2bd5ae6bc2bb8ea41fdf6bb","ssdeep":"","tlshash":"8771612624f4086b12d6d098a9b2bb183dc5c403a602dc0476fc4b969fa3f87cc7329d","first_seen":"2026-04-08T12:31:45.410714Z","last_seen":"2026-04-08T13:01:01.737655Z","times_seen":2,"resource_available":true,"data":null}},"time_used":236,"timings":{"blocked":51,"dns":12,"connect":13,"send":0,"wait":133,"receive":1,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/js/tracker.js","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:21.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"GET /js/tracker.js HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nCookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\nx-railway-cdn-edge: fastly/cache-hel1410022-HEL\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Wed, 08 Apr 2026 12:31:21 GMT\r\netag: W/\"10e0d-19c9cef6e58\"\r\nlast-modified: Fri, 27 Feb 2026 02:31:03 GMT\r\nserver: railway-edge\r\nx-powered-by: Express\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: IutTzaMqSCqv9Cou55So4g\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410022-HEL\r\ncontent-length: 69133\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":69133,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"58884f3d8bbac43418ee2b5c64691ef2","sha1":"837f572e941b1fbfb4e03db10649fef1a066bf6a","sha256":"9207970af58f14547d6d3d0c6217bed62b340ca83c067c5411ac1409fa9900f6","sha512":"c19d9abe4e2f0b3f0ac4fefa0ffaeab69967e026788e4a3aa0f216c7cb4c6493162b7ac74ea9ffab4c576e64f814547d7ccc3fc7676d313daf7c80135418d2b0","ssdeep":"768:gy+v5u9NQX3fDPsis9ORFbvSLt7OJKZjqIfENIqinQflbRsLSy:Gv2qHfrsis9bROYZOLIVnQNgSy","tlshash":"ba63d81d24a0223559731376bb53b009f23691232746a96abefd830c2fb15a4d776fec","first_seen":"2026-04-08T12:31:45.411562Z","last_seen":"2026-04-08T13:01:01.733366Z","times_seen":2,"resource_available":true,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easybank-barc9090.up.railway.app/socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11o66qr0\u0026sid=s7_PopdtmE7RNqaGAAZJ","fqdn":"easybank-barc9090.up.railway.app","domain":"easybank-barc9090.up.railway.app","tld":"up.railway.app"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://easybank-barc9090.up.railway.app/","date":"2026-04-08T12:31:22.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.up.railway.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 14:01:40 GMT","end":"Sat, 04 Jul 2026 14:01:39 GMT"},"fingerprint":{"sha1":"B9:2B:8F:AF:31:BE:0B:FA:A2:31:FE:0D:58:81:58:37:32:2E:47:C4","sha256":"67:AD:3F:29:E5:A2:4E:90:21:CE:53:E6:42:7B:1C:DD:AB:EB:1D:AA:4F:AA:0D:C0:5D:5A:BC:97:AF:A6:BB:BF"}}},"request":{"raw":"GET /socket.io/?clientIP=\u0026clientIPSource=\u0026EIO=4\u0026transport=polling\u0026t=11o66qr0\u0026sid=s7_PopdtmE7RNqaGAAZJ HTTP/1.1\r\nHost: easybank-barc9090.up.railway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybank-barc9090.up.railway.app/\r\nCookie: connect.sid=s%3AABWuMYwQwSAO25pl3MbvOHUYgfOnngLe.g1EUz92O%2FYE831QQyIzBuemVJxTz2edHjdxX4CJlwog\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-store\r\nx-railway-cdn-edge: fastly/cache-hel1410022-HEL\r\ncontent-type: text/plain; charset=UTF-8\r\ndate: Wed, 08 Apr 2026 12:31:22 GMT\r\nserver: railway-edge\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: JtrNSmsnTzmcf7W_55So4g\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410022-HEL\r\ncontent-length: 45\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"data","md5":"85ac2d199e53f7f5cb5c1da4ea9ed5a7","sha1":"d46f9f29763f322223885955f263d46033dfb655","sha256":"8d5f9be45d8a1a8a665ff1da85bf1834e148fba74250ff8e80c99002c1ed2c11","sha512":"d5004d01a67307ca4d656f83b866fe1c0e432e1cb8a92e9c8cacce595b7f50047c3fb6d99e0d928371cdadaa4d2998458cacc0c439dd39800394ced8b7e7d629","ssdeep":"","tlshash":"d690008e2ca88e28e82e000e08008a080a80000aba0a80a0020a220202200802a0e008","first_seen":"2025-11-17T17:17:36.341349Z","last_seen":"2026-04-08T13:01:01.730652Z","times_seen":3,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"easybank-barc9090.up.railway.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}}]}