Report - debugflow.com/

Report Overview

Submitted URL
debugflow.com/
IP
162.0.215.251
ASN
#22612 NAMECHEAP-NET
Submitted
2022-11-24 15:28:29
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
134

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
debugflow.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	30 kB	684 kB	162.0.215.251
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.42.234.253
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	43 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	964 B	172.64.155.188
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	142.250.74.3
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	142 kB	216.58.207.195
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	912 B	56 kB	142.250.74.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-24	medium	debugflow.com/	Malware
2022-11-24	medium	debugflow.com/	Malware
2022-11-24	medium	debugflow.com/assets/vendor/purecounter/purecounter.js	Malware
2022-11-24	medium	debugflow.com/assets/vendor/aos/aos.js	Malware
2022-11-24	medium	debugflow.com/assets/vendor/bootstrap/js/bootstrap.bundle.min.js	Malware
2022-11-24	medium	debugflow.com/assets/vendor/glightbox/js/glightbox.min.js	Malware
2022-11-24	medium	debugflow.com/assets/vendor/isotope-layout/isotope.pkgd.min.js	Malware
2022-11-24	medium	debugflow.com/assets/js/jquery.min.js	Malware
2022-11-24	medium	debugflow.com/assets/js/main.js	Malware
2022-11-24	medium	debugflow.com/assets/vendor/php-email-form/validate.js	Malware
2022-11-24	medium	debugflow.com/assets/vendor/swiper/swiper-bundle.min.js	Malware

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed
2022-11-24	medium	debugflow.com	Sinkholed

JavaScript (12)

	URL	Size	First Seen	Last Seen
	debugflow.com/assets/js/main.js	6.8 kB	2023-03-11	2024-01-31
Pretty URL debugflow.com/assets/js/main.js IP 162.0.215.251 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:11:18 Last Seen2024-01-31 09:02:32 Times Seen11 Hash 11d6931433aa90bcea8afa1a531b8260 82e85662f5d1512f1c44011ab76e885fd21ae945 cb1efa0df58018180eaa425f701f3208dd5fba8e70107cd98340db8f9592d8f3 Loading...

	debugflow.com/assets/vendor/php-email-form/validate.js	2.7 kB	2023-03-07	2024-03-17
Pretty URL debugflow.com/assets/vendor/php-email-form/validate.js IP 162.0.215.251 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:33 Last Seen2024-03-17 07:54:36 Times Seen156 Hash ed8b1bb7bc739ad1d93e6490d95fc511 9f08035259ff3724a333fe992a46f738e678d77c e99cdd73d19c092753755057bac9f28542476cc8920fb3937f89384997fcf391 Loading...

	debugflow.com/	3.7 kB	2023-03-11	2023-03-11
Pretty URL debugflow.com/ IP 162.0.215.251 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:11:18 Last Seen2023-03-11 19:11:18 Times Seen1 Hash a43ca65d7100e960a4fbc5b595c146d2 03b2c62a60c93cef363bf97d685ee90a47456a13 87e0510b9275236e7eb97d266e9489835704a42841e3f31e2872a96cd6bdf0c0 Loading...

	debugflow.com/	1.8 kB	2023-03-11	2023-03-11
Pretty URL debugflow.com/ IP 162.0.215.251 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:11:18 Last Seen2023-03-11 19:11:18 Times Seen1 Hash 61b9be1085e09449b4f450564a8d39a9 5c7874b2078791b0baf8ee1943a68bbdef0967f8 0badfba524169648c7ac08a6a6c2cb90b95659812854415a3d50ea8307d08ba2 Loading...

	debugflow.com/assets/vendor/isotope-layout/isotope.pkgd.min.js	35 kB	2023-03-07	2024-04-23
Pretty URL debugflow.com/assets/vendor/isotope-layout/isotope.pkgd.min.js IP 162.0.215.251 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2024-04-23 16:10:17 Times Seen5671 Hash 2afcff647ed260006faa71c8e779e8d4 c4e5994f24ee8c8d2cf2d6602f0b56b9096a2e98 081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22 Loading...

	debugflow.com/assets/js/jquery.min.js	90 kB	2023-03-07	2024-04-24
Pretty URL debugflow.com/assets/js/jquery.min.js IP 162.0.215.251 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-24 06:20:49 Times Seen260888 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	debugflow.com/assets/vendor/glightbox/js/glightbox.min.js	56 kB	2023-03-07	2024-04-23
Pretty URL debugflow.com/assets/vendor/glightbox/js/glightbox.min.js IP 162.0.215.251 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:38:25 Last Seen2024-04-23 04:24:17 Times Seen424 Hash 2c8b54832f234f81bb1ecd75549fd014 58238d71cb1f3b00e872803d7965024188b8736e 267ab4a5ea85c601950cdb29b6e278c024b3e1be38d2ba27d2c39523c2e34741 Loading...

	debugflow.com/assets/vendor/purecounter/purecounter.js	5.0 kB	2023-03-07	2024-04-13
Pretty URL debugflow.com/assets/vendor/purecounter/purecounter.js IP 162.0.215.251 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:11 Last Seen2024-04-13 11:48:30 Times Seen116 Hash 88f426ffdc9195a9d2c9ed57e4d455ac fd238664085eb447d8b43f1d7ae6559514f12ff3 675a4f9ed42b4f59403f2d02e37354bb5bd25628315aa1fbb752f238f7fffc72 Loading...

	debugflow.com/	1.6 kB	2023-03-11	2023-03-11
Pretty URL debugflow.com/ IP 162.0.215.251 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:11:18 Last Seen2023-03-11 19:11:18 Times Seen1 Hash 49fdfb3d6fc5599984b916af873730c9 a36fdae45e5da4a20d0d169de96f50848f000dd9 159216078842bf8df47feed53e30e68a17aaa201d80fc0a35b5ecf12075b0491 Loading...

	debugflow.com/	2.2 kB	2023-03-11	2023-03-11
Pretty URL debugflow.com/ IP 162.0.215.251 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:11:18 Last Seen2023-03-11 19:11:18 Times Seen1 Hash 6a254eab8b13798c0ce025dd86ca902b 505940dbc517e0f3cf5f91c43c977b9f35b6b4a3 cc0c5d997b49c2e72bc33b42f6593d077200ee39d158a3512b09192c62078419 Loading...

	debugflow.com/assets/vendor/aos/aos.js	15 kB	2023-03-07	2024-04-23
Pretty URL debugflow.com/assets/vendor/aos/aos.js IP 162.0.215.251 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:08 Last Seen2024-04-23 10:53:29 Times Seen2027 Hash d3718e34eeb0355be8e3179a2e2bccb7 850ee2e5c9fba610840137c6c4e92b5abbc428fe a5005b2e414770fd5ccb40bc221a12771966d02b5c1f9c89da48bd8e3811d377 Loading...

	debugflow.com/assets/vendor/bootstrap/js/bootstrap.bundle.min.js	78 kB	2023-03-07	2024-04-24
Pretty URL debugflow.com/assets/vendor/bootstrap/js/bootstrap.bundle.min.js IP 162.0.215.251 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:26 Last Seen2024-04-24 00:11:18 Times Seen8915 Hash 7ccd9d390d31af98110f74f842ea9b32 a85e681624c91a106a514c31eacf80de817b2cc3 f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3 Loading...

HTTP Transactions (60)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2696
Expires: Thu, 24 Nov 2022 16:13:14 GMT
Date: Thu, 24 Nov 2022 15:28:18 GMT
Connection: keep-alive

debugflow.com/

162.0.215.251

301 Moved Permanently

707 B

URL HTTP/1.1
debugflow.com/
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 24 Nov 2022 15:28:18 GMT
server: LiteSpeed
location: https://debugflow.com/
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9012
Expires: Thu, 24 Nov 2022 17:58:30 GMT
Date: Thu, 24 Nov 2022 15:28:18 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3554
Cache-Control: max-age=158527
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:28:18 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:30:25 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: X2+08zuzIJ644L683/US8yT8oqDDf8a3PNFpJ3Ph3RqkXplc9MvZu/Z3NWGydGvjEiuQU/HI/Ow=
x-amz-request-id: BPN174B2R62X82XS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 14:40:26 GMT
age: 2872
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 15:17:18 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 660
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 15:28:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
b33f790f7721b12186f4ea52119d4c66
ac98add4c92add098159d5c3e1abdf09a0dc115c
027d7c769af78cad91f5b6b45fd4dc3834d8765cba6a0ef160555b7f560a19a4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 15:28:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 22:29:01 GMT
Expires: Mon, 28 Nov 2022 22:29:00 GMT
Etag: "ac98add4c92add098159d5c3e1abdf09a0dc115c"
Cache-Control: max-age=370240,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f32c78bcc9b527-OSL

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 15:11:11 GMT
cache-control: public,max-age=3600
age: 1028
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4061
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:28:19 GMT
Last-Modified: Thu, 24 Nov 2022 14:20:38 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

debugflow.com/

162.0.215.251

200 OK

11 kB

URL HTTP/2
debugflow.com/
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, Unicode text, UTF-8 text, with very long lines (374)
Size
11 kB (10677 bytes)
Hash
d40d79de861e2681a1af60cb7d836d22
59c2a78994aed55ecfa8e1ff627df178a92dda5e
e25ed1ffecaed4e870c8e11beb243ef3b1cc2e92ce14ab5339986ed1817610df

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
x-powered-by: PHP/8.1.12
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; expires=Thu, 24 Nov 2022 17:28:19 GMT; Max-Age=7200; path=/; samesite=lax; secure
laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D; expires=Thu, 24 Nov 2022 17:28:19 GMT; Max-Age=7200; path=/; httponly; samesite=lax; secure
content-length: 10677
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 15:28:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:28:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

52.42.234.253

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.42.234.253:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: I78nX6hlWLhYJWTRqRkz2g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: t+DsY/c6Nw5ACKnMlnUCohYkSVc=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:28:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:28:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

debugflow.com/assets/vendor/aos/aos.css

162.0.215.251

200 OK

1.5 kB

URL HTTP/2
debugflow.com/assets/vendor/aos/aos.css
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (26053), with no line terminators
Size
1.5 kB (1539 bytes)
Hash
5639e4329fc2bd97ef94f1260781166a
554d440071df8ed105686daa38d6417f098e1ffc
355f6c40fcb2d2e7d9dd9c63d0dd980c4344d7f4b45cf6f078df23be853ef0a9

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/vendor/aos/aos.css HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debugflow.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:19 GMT
content-type: text/css
last-modified: Thu, 23 Dec 2021 14:00:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1539
date: Thu, 24 Nov 2022 15:28:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

debugflow.com/assets/vendor/bootstrap/css/bootstrap.min.css

162.0.215.251

200 OK

21 kB

URL HTTP/2
debugflow.com/assets/vendor/bootstrap/css/bootstrap.min.css
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (65306)
Size
21 kB (21225 bytes)
Hash
7ce9bc8c99502aabc8e246867cf482f3
e15ca275b29c828b603f6ee24c09e2fd14b5d108
f5eaf92340cc078a4b8595b420fd1993a7458bd9b29670c08f61c40072d501af

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/vendor/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debugflow.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:19 GMT
content-type: text/css
last-modified: Thu, 23 Dec 2021 14:00:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 21225
date: Thu, 24 Nov 2022 15:28:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

debugflow.com/assets/css/style.css

162.0.215.251

200 OK

6.5 kB

URL HTTP/2
debugflow.com/assets/css/style.css
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
6.5 kB (6542 bytes)
Hash
2e17515c5a0e24f777308733211835b0
d1ba8678ed22837f8ffb512a268a0fa76cca12b9
4f26fc429b90b0f01218d5aed762215f3032433397d23f144fed881280e7eafd

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/css/style.css HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debugflow.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:19 GMT
content-type: text/css
last-modified: Sat, 02 Jul 2022 19:16:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6542
date: Thu, 24 Nov 2022 15:28:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

debugflow.com/assets/vendor/bootstrap-icons/bootstrap-icons.css

162.0.215.251

200 OK

9.4 kB

URL HTTP/2
debugflow.com/assets/vendor/bootstrap-icons/bootstrap-icons.css
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
9.4 kB (9350 bytes)
Hash
746398d494750b7f9fd7ea4cfb273f06
623e5797b35ada695aba4ed249e14d2b25991774
cf4ef9e08486bb920f673642afe19490c4713e1cba600e1e658c38145f4eb0bb

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/vendor/bootstrap-icons/bootstrap-icons.css HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debugflow.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:19 GMT
content-type: text/css
last-modified: Thu, 23 Dec 2021 14:00:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9350
date: Thu, 24 Nov 2022 15:28:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

debugflow.com/assets/vendor/glightbox/css/glightbox.min.css

162.0.215.251

200 OK

2.4 kB

URL HTTP/2
debugflow.com/assets/vendor/glightbox/css/glightbox.min.css
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (13785), with no line terminators
Size
2.4 kB (2396 bytes)
Hash
3926654e5320b8123d2ca7948abb5df1
77e2008e30aa8e63326a071410a2ea7941a7117e
c605a4e33e7c025721357344be938bd9035ef21ca3ec585739562a49413502b0

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/vendor/glightbox/css/glightbox.min.css HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debugflow.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:19 GMT
content-type: text/css
last-modified: Thu, 23 Dec 2021 14:00:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2396
date: Thu, 24 Nov 2022 15:28:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

debugflow.com/assets/vendor/swiper/swiper-bundle.min.css

162.0.215.251

200 OK

4.1 kB

URL HTTP/2
debugflow.com/assets/vendor/swiper/swiper-bundle.min.css
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (15306)
Size
4.1 kB (4126 bytes)
Hash
94c33f548f1745740e3bd11d02b77809
93d82e6627e8e05a3f287005667a20a98cc0dfbb
7895f930a962930357dd000a80f2b3a0480732634b31716f79dd2d5a01367b91

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/vendor/swiper/swiper-bundle.min.css HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debugflow.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:19 GMT
content-type: text/css
last-modified: Thu, 23 Dec 2021 14:00:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4126
date: Thu, 24 Nov 2022 15:28:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

debugflow.com/assets/vendor/remixicon/remixicon.css

162.0.215.251

200 OK

13 kB

URL HTTP/2
debugflow.com/assets/vendor/remixicon/remixicon.css
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
13 kB (12936 bytes)
Hash
66c0b04d20d78a305a5535bfba9ab5a2
c2625ec01cd71021a1b4617131a84cfca6561c68
3b2947c2e7bcbf850e44d2d67d5a8a28e8cbe0cf742e3656c6e0833174f50ea5

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/vendor/remixicon/remixicon.css HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debugflow.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:19 GMT
content-type: text/css
last-modified: Thu, 23 Dec 2021 14:00:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12936
date: Thu, 24 Nov 2022 15:28:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:28:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

debugflow.com/assets/img/bg.jpg

162.0.215.251

200 OK

59 kB

URL HTTP/2
debugflow.com/assets/img/bg.jpg
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 626x417, components 3\012- data
Size
59 kB (58695 bytes)
Hash
67964bc4df062ed68d8f19461cb4a0bb
591601c8dc4256f86319272c36e32ebcf45870a7
dba9fd422918f26a045bed8341259c1787cbbfcd5970f2ac61476ddbb1d08b8b

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/bg.jpg HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debugflow.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:19 GMT
content-type: image/jpeg
last-modified: Thu, 23 Jun 2022 01:02:24 GMT
accept-ranges: bytes
content-length: 58695
date: Thu, 24 Nov 2022 15:28:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2

216.58.207.195

200 OK

36 kB

URL HTTP/2
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Size
36 kB (35904 bytes)
Hash
c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357

HTTP Headers

GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://debugflow.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 21:11:06 GMT
expires: Tue, 21 Nov 2023 21:11:06 GMT
cache-control: public, max-age=31536000
age: 238634
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:28:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

216.58.207.195

200 OK

48 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Size
48 kB (47952 bytes)
Hash
17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

HTTP Headers

GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://debugflow.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 18:59:14 GMT
expires: Tue, 21 Nov 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 246546
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2

216.58.207.195

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16756, version 1.0\012- data
Size
17 kB (16756 bytes)
Hash
603c99275486a11982874425a0bc0dd1
ffeb62d105d2893d323574407b459fbae8cc90a6
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://debugflow.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 18:53:46 GMT
expires: Tue, 21 Nov 2023 18:53:46 GMT
cache-control: public, max-age=31536000
age: 246874
last-modified: Mon, 15 Aug 2022 18:16:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:600

142.250.74.10

200 OK

46 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:600
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
46 kB (45459 bytes)
Hash
4aa57fe1dd6eec61b2fc25824d33c68f
6c7dc49c30f2b5c4e9b58d4fcb84b94cc24a7980
b9ef7bf15c53bdda3a57640fcda5d2e808befed0065bcfa8be6a663d8c80cacf

HTTP Headers

GET /css?family=Open+Sans:600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debugflow.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 15:28:19 GMT
date: Thu, 24 Nov 2022 15:28:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/nunito/v25/XRXX3I6Li01BKofIMNaDRs4.woff2

216.58.207.195

200 OK

38 kB

URL HTTP/2
fonts.gstatic.com/s/nunito/v25/XRXX3I6Li01BKofIMNaDRs4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 37852, version 1.0\012- data
Size
38 kB (37852 bytes)
Hash
3e234fa0724b4b5b6c5f0bb405055d7d
508857a361080c23b3a3ea6c0c66c36525b7422d
fe7839e0dc27d5a668c79b399849d56bc542d9c5dbf2ce2b52c476c6a35a7803

HTTP Headers

GET /s/nunito/v25/XRXX3I6Li01BKofIMNaDRs4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://debugflow.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 21:15:27 GMT
expires: Tue, 21 Nov 2023 21:15:27 GMT
cache-control: public, max-age=31536000
age: 238373
last-modified: Mon, 18 Jul 2022 19:37:26 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:28:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

debugflow.com/assets/vendor/purecounter/purecounter.js

162.0.215.251

200 OK

1.8 kB

URL HTTP/2
debugflow.com/assets/vendor/purecounter/purecounter.js
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4710), with CRLF line terminators
Size
1.8 kB (1827 bytes)
Hash
e3f7cc404d33491add57287c58d41198
b8f14a193734bee9ef466c5434d01b802139d24f
34ad31a564a890928c0ebcd1ad97df14731b0fac51aaffeb839ea94c590d704c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/vendor/purecounter/purecounter.js HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debugflow.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:20 GMT
content-type: application/javascript
last-modified: Thu, 23 Dec 2021 14:00:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1827
date: Thu, 24 Nov 2022 15:28:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

debugflow.com/assets/vendor/aos/aos.js

162.0.215.251

200 OK

4.4 kB

URL HTTP/2
debugflow.com/assets/vendor/aos/aos.js
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (14690), with no line terminators
Size
4.4 kB (4420 bytes)
Hash
8ddad4745d6169e10cbe097f3e4f903d
fe76e041aa0274b22f62b5b9ae7d939930bacfec
e7ac2f87da4618a08daba199e0c96c4e2bba069c6a7c51483b86579ed1179d45

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/vendor/aos/aos.js HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debugflow.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:20 GMT
content-type: application/javascript
last-modified: Thu, 23 Dec 2021 14:00:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4420
date: Thu, 24 Nov 2022 15:28:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

debugflow.com/assets/vendor/bootstrap/js/bootstrap.bundle.min.js

162.0.215.251

200 OK

22 kB

URL HTTP/2
debugflow.com/assets/vendor/bootstrap/js/bootstrap.bundle.min.js
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65299)
Size
22 kB (22192 bytes)
Hash
5eb1c5cbc976eabbe6cf106772c048d0
763b4dcc0aed6589a8fb327d5aa2b58eb3c04164
16a2ffb4059b0e9685e36a6a338e8667c8c4a92063999233816bacf656991cbc

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/vendor/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debugflow.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:20 GMT
content-type: application/javascript
last-modified: Thu, 23 Dec 2021 14:00:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 22192
date: Thu, 24 Nov 2022 15:28:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

debugflow.com/assets/vendor/glightbox/js/glightbox.min.js

162.0.215.251

200 OK

15 kB

URL HTTP/2
debugflow.com/assets/vendor/glightbox/js/glightbox.min.js
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (56222), with no line terminators
Size
15 kB (14887 bytes)
Hash
6822221c446fcfa253f27b5057d01966
27790312bf99253e6c401292fc277c8a1fd1657b
91bcd7934ca3ff8a693b480156573963ef542b63a1ecf6a3b6da6709807a34a1

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/vendor/glightbox/js/glightbox.min.js HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debugflow.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:20 GMT
content-type: application/javascript
last-modified: Thu, 23 Dec 2021 14:00:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14887
date: Thu, 24 Nov 2022 15:28:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

debugflow.com/assets/vendor/isotope-layout/isotope.pkgd.min.js

162.0.215.251

200 OK

9.6 kB

URL HTTP/2
debugflow.com/assets/vendor/isotope-layout/isotope.pkgd.min.js
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (32019)
Size
9.6 kB (9601 bytes)
Hash
7ec1b7b80c6ecdbf26c77fc379c834d7
3ace625e13ac7d3c8a8747ced72dc08dc3d90c6d
ccc5f6726f31bfa7706602829e66032cddb5c7e9f53a43bb0dd9a90ae7d1b11f

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/vendor/isotope-layout/isotope.pkgd.min.js HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debugflow.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:20 GMT
content-type: application/javascript
last-modified: Thu, 23 Dec 2021 14:00:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9601
date: Thu, 24 Nov 2022 15:28:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

debugflow.com/assets/img/logo.png

162.0.215.251

200 OK

62 kB

URL HTTP/2
debugflow.com/assets/img/logo.png
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 731 x 341, 8-bit/color RGBA, non-interlaced\012- data
Size
62 kB (61606 bytes)
Hash
e8136008eac88caef19abf6d2045f9a5
806ff5aaca7a5428325b9f497e8ff9f1cbb65c26
6fbb49c6d287e9c574fd37018f3f66b2dbd51d5ced561b2a636adc1dd0f4eba7

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/logo.png HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debugflow.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:19 GMT
content-type: image/png
last-modified: Thu, 23 Jun 2022 00:34:40 GMT
accept-ranges: bytes
content-length: 61606
date: Thu, 24 Nov 2022 15:28:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12312
Expires: Thu, 24 Nov 2022 18:53:33 GMT
Date: Thu, 24 Nov 2022 15:28:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12312
Expires: Thu, 24 Nov 2022 18:53:33 GMT
Date: Thu, 24 Nov 2022 15:28:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12312
Expires: Thu, 24 Nov 2022 18:53:33 GMT
Date: Thu, 24 Nov 2022 15:28:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12312
Expires: Thu, 24 Nov 2022 18:53:33 GMT
Date: Thu, 24 Nov 2022 15:28:21 GMT
Connection: keep-alive

debugflow.com/assets/js/jquery.min.js

162.0.215.251

200 OK

30 kB

URL HTTP/2
debugflow.com/assets/js/jquery.min.js
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65447)
Size
30 kB (30267 bytes)
Hash
fd2581a78d6243f886115b67b5d63df2
14fe979cb049fd3359ea2680111d2b6cdbfc40d4
c31c7dffdbf9e7ca35cdf28f93f6a5ef242d0542478928fcc835a11a5f8f92bb

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/jquery.min.js HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debugflow.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:20 GMT
content-type: application/javascript
last-modified: Sun, 03 Jul 2022 08:43:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30267
date: Thu, 24 Nov 2022 15:28:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6789 bytes)
Hash
d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:10:24 GMT
age: 29877
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

debugflow.com/assets/js/main.js

162.0.215.251

200 OK

1.7 kB

URL HTTP/2
debugflow.com/assets/js/main.js
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
1.7 kB (1663 bytes)
Hash
495fbdbfc3c2c919628502a6808017ce
cccf1fb456022b40c91d6dec2a0047ccda431811
0b2eb9d0b5b6d548d128390b3a443fb2dfe8e8bd93296c19720986cd12553e13

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/main.js HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debugflow.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:20 GMT
content-type: application/javascript
last-modified: Thu, 23 Dec 2021 14:00:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1663
date: Thu, 24 Nov 2022 15:28:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

debugflow.com/assets/vendor/php-email-form/validate.js

162.0.215.251

200 OK

792 B

URL HTTP/2
debugflow.com/assets/vendor/php-email-form/validate.js
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
792 B (792 bytes)
Hash
ccbb10a771121674980e59ea7735d761
f0aacd00a03d2d1e04276a32b1fad4971d0fe448
9886cfe363d89a4eea7f13a9963f0dfa5b83ac668dcc9d4effb845fd80005012

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/vendor/php-email-form/validate.js HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debugflow.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:20 GMT
content-type: application/javascript
last-modified: Thu, 23 Dec 2021 14:01:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 792
date: Thu, 24 Nov 2022 15:28:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12312
Expires: Thu, 24 Nov 2022 18:53:33 GMT
Date: Thu, 24 Nov 2022 15:28:21 GMT
Connection: keep-alive

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7993 bytes)
Hash
92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YJuHCuUgkLuFFiQUlrPWgv9grHznufMTU08hi4ZMpQTBmou6BGWrhQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:52 GMT
age: 63629
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i|Nunito:300,300i,400,400i,600,600i,700,700i|Poppins:300,300i,400,400i,500,500i,600,600i,700,700i

142.250.74.10

200 OK

9.1 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i|Nunito:300,300i,400,400i,600,600i,700,700i|Poppins:300,300i,400,400i,500,500i,600,600i,700,700i
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
9.1 kB (9137 bytes)
Hash
6f3a80fc290e2efc3dea8cf7773917b6
e73eedb410057f02af4bc9c6b6854d62a52eb816
03996b30fd065466221580a38a04b8575b3d75d6a07f27acda2b0db7d6f29b74

HTTP Headers

GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i|Nunito:300,300i,400,400i,600,600i,700,700i|Poppins:300,300i,400,400i,500,500i,600,600i,700,700i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debugflow.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 15:28:19 GMT
date: Thu, 24 Nov 2022 15:28:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 37433
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13882 bytes)
Hash
64d79191f005c9876b952c5f948aa0f7
1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DYBcunpyI0FBJsJGh1kKpFI3X8kzCkO3mCxzUtWnaMKBT-Bv-zkq3Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:59:18 GMT
age: 62943
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5070 bytes)
Hash
0856fdb55f19f03a1bec38b3d6e0ac77
89accd230fba95fe0049678070817b36ead015fa
17c6e6f9bb8f4261fff2dc2a43ed994986418761624b8afead768e89927594f2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5070
x-amzn-requestid: d86d95ad-9b78-4047-82e7-04e83a97e330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwViF1GIAMF_PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9423-10809ba1634776171cf79cb8;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:03 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rrs7G6Wto6iY0rT6KsKwKAOPJjehXqD0jHZrR_eaiqpepQILFr7Dtw==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:07 GMT
age: 63554
etag: "89accd230fba95fe0049678070817b36ead015fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

debugflow.com/assets/vendor/swiper/swiper-bundle.min.js

162.0.215.251

200 OK

36 kB

URL HTTP/2
debugflow.com/assets/vendor/swiper/swiper-bundle.min.js
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65279)
Size
36 kB (36270 bytes)
Hash
960e267b4a9de8afcfe11f1e3d9c9996
0c4514676401ee700348128f3351969293256c7c
bac218f52f6a8aaab989108239d2bf3032e16f8cb404e8ed5353e09e71cedc67

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/vendor/swiper/swiper-bundle.min.js HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debugflow.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:20 GMT
content-type: application/javascript
last-modified: Thu, 23 Dec 2021 14:00:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 36270
date: Thu, 24 Nov 2022 15:28:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

debugflow.com/assets/img/features-2.png

162.0.215.251

200 OK

45 kB

URL HTTP/2
debugflow.com/assets/img/features-2.png
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 1215 x 872, 8-bit colormap, non-interlaced\012- data
Size
45 kB (44762 bytes)
Hash
4af2583009d402f9bc3d52a98c310e01
7415f07adeebf46e595d0adbbb2fdfc4cde3ed11
9e3849f8437fbde6a471008f481922be59d966d723b1fe43fceaac8ef6516474

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/features-2.png HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debugflow.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:20 GMT
content-type: image/png
last-modified: Thu, 23 Dec 2021 14:00:40 GMT
accept-ranges: bytes
content-length: 44762
date: Thu, 24 Nov 2022 15:28:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

debugflow.com/assets/img/footer-bg.png

162.0.215.251

200 OK

11 kB

URL HTTP/2
debugflow.com/assets/img/footer-bg.png
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 800 x 409, 8-bit colormap, non-interlaced\012- data
Size
11 kB (10959 bytes)
Hash
71b7047225cbc9212422da00f70b5799
ce4fc3e6fcbab60362c383f59a604544e3099b42
4bd39788fed5dad7c502e7bc2c5526eff4953c2ba635a2217f9118646fa42fea

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/footer-bg.png HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debugflow.com/assets/css/style.css
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:20 GMT
content-type: image/png
last-modified: Thu, 23 Dec 2021 14:00:40 GMT
accept-ranges: bytes
content-length: 10959
date: Thu, 24 Nov 2022 15:28:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

debugflow.com/assets/img/hero-bg.png

162.0.215.251

200 OK

7.3 kB

URL HTTP/2
debugflow.com/assets/img/hero-bg.png
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 1920 x 1080, 4-bit colormap, non-interlaced\012- data
Size
7.3 kB (7253 bytes)
Hash
2bcf3599eea75094307f0078718ec467
db30452f54b1b0fa2b3295163099889959f8c15b
eb83399560d7c17b1eb68277c6e5aa493e7ee2e9fff6fee0300b2244a81eb49a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/hero-bg.png HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debugflow.com/assets/css/style.css
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:20 GMT
content-type: image/png
last-modified: Thu, 23 Dec 2021 14:00:40 GMT
accept-ranges: bytes
content-length: 7253
date: Thu, 24 Nov 2022 15:28:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

debugflow.com/assets/img/about.jpg

162.0.215.251

200 OK

193 kB

URL HTTP/2
debugflow.com/assets/img/about.jpg
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1], progressive, precision 8, 800x600, components 3\012- data
Size
193 kB (193104 bytes)
Hash
add73d0f5a31425ab8d0cb828160bd50
df637d358f64062fca8a4e92a8b3088ac990cc63
84fb002ae1388d0ca441c1ee6f13759949ed14e61a8c628d96f34d6d582f83a0

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/about.jpg HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debugflow.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:19 GMT
content-type: image/jpeg
last-modified: Thu, 23 Dec 2021 14:00:40 GMT
accept-ranges: bytes
content-length: 193104
date: Thu, 24 Nov 2022 15:28:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

debugflow.com/assets/vendor/bootstrap-icons/fonts/bootstrap-icons.woff2?a74547b2f0863226942ff8ded57db345

162.0.215.251

200 OK

92 kB

URL HTTP/2
debugflow.com/assets/vendor/bootstrap-icons/fonts/bootstrap-icons.woff2?a74547b2f0863226942ff8ded57db345
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 92004, version 1.0\012- data
Size
92 kB (92004 bytes)
Hash
be57951d47bc6b1635653a38cbdf30fd
e5c03fd4d0715d3a59db5fdba4a19374cf3cc9de
6e30be95c88e3acf121f68a271f54b13af21cd26e311fe37df694874edfd48c7

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/vendor/bootstrap-icons/fonts/bootstrap-icons.woff2?a74547b2f0863226942ff8ded57db345 HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://debugflow.com/assets/vendor/bootstrap-icons/bootstrap-icons.css
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:20 GMT
content-type: font/woff2
last-modified: Thu, 23 Dec 2021 14:00:40 GMT
accept-ranges: bytes
content-length: 92004
date: Thu, 24 Nov 2022 15:28:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

debugflow.com/assets/icon/favicon-16x16.png

162.0.215.251

200 OK

817 B

URL HTTP/2
debugflow.com/assets/icon/favicon-16x16.png
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
817 B (817 bytes)
Hash
8e168c64f6d469af5d35ddd1bb387afe
7b510bab387c26395db0552663ae1cf897a51a7b
f7a0008f2b992d133d5e3fa186e5fb11b70e7bb87a0767f1c114612227be4e7c

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/icon/favicon-16x16.png HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debugflow.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:21 GMT
content-type: image/png
last-modified: Fri, 24 Jun 2022 10:58:20 GMT
accept-ranges: bytes
content-length: 817
date: Thu, 24 Nov 2022 15:28:21 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

debugflow.com/assets/icon/android-icon-192x192.png

162.0.215.251

200 OK

6.9 kB

URL HTTP/2
debugflow.com/assets/icon/android-icon-192x192.png
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
6.9 kB (6948 bytes)
Hash
417ad3d6dcddf2ed19d4c3f8ece0c0e7
37f3a6adaeef2d6e0ebbb02d8ee7db1537589a22
610454bb6f947bc25e6ea6e08f91fba4e6efef95d5d9c66a93af837c548a124e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/icon/android-icon-192x192.png HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debugflow.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:21 GMT
content-type: image/png
last-modified: Fri, 24 Jun 2022 10:58:20 GMT
accept-ranges: bytes
content-length: 6948
date: Thu, 24 Nov 2022 15:28:21 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

debugflow.com/assets/img/web.jpg

162.0.215.251

200 OK

0 B

URL HTTP/2
debugflow.com/assets/img/web.jpg
IP
162.0.215.251:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/web.jpg HTTP/1.1
Host: debugflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debugflow.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im85dWpwNEtoa21qRHA5NC9ObVRVbWc9PSIsInZhbHVlIjoiVjFEQlc4Wmcyd01PMkx1QnJ6L3g5Mjd6S1NXQnI0YkxsT0tVbDJGL0dSZ2FOYktJUURFOVh6THZ4Wnlmck5qaVh2WmV2ck9GVUl4ZVE3eDdUSWhvWVIxcHBycDEvL3R1Y1RFeDdWUk91TFRyakZEd1BBbDRySnlMMGZKUW1DMDMiLCJtYWMiOiI4MmM5YjNhMzA5YjZlMDgwYzY1NDBjNWE5YmE2NzgwYTk5OWNjZGIxZDk5YmNhNDg2NWEzZDgxZWRjZjMyZDQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjdlRUd0aFAvNFViZnRHQmczMTRrMEE9PSIsInZhbHVlIjoiYWtjam1ubzlwc01ZK0RHdFVQWG9zb0RLZGpOVjMvTjF3dXRFNUpCVzNONEZ3L0g5T2tqTUJEUVR2Ymwrcmx1ci9zbWd0bGlYUU96UG1Jcmh4cDBlLzN1RFk2RTAwUVZCd0VGSHZ3clh6aU5sVjJBV2syVklPWTl5bUd2dFpCaFciLCJtYWMiOiJkNzU3NDg1Njc0NDZhMWM3MzE5N2U1NjI0YjkzOGMwNmI1OGVlNjViOGY2NGFhN2YxMzRlMGQ3ZGQ0NzYwMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:28:20 GMT
content-type: image/jpeg
last-modified: Fri, 24 Jun 2022 18:52:34 GMT
accept-ranges: bytes
content-length: 60356
date: Thu, 24 Nov 2022 15:28:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations