| stingray-app-r6lj5.ondigitalocean.app/ | 104.16.244.78 | 301 Moved Permanently | 0 B |
URL HTTP/1.1stingray-app-r6lj5.ondigitalocean.app/ IP104.16.244.78:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | fortinet | Malware | |
GET / HTTP/1.1
Host: stingray-app-r6lj5.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 11 Oct 2022 04:31:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 11 Oct 2022 05:31:23 GMT
Location: https://stingray-app-r6lj5.ondigitalocean.app/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7584ddad3f6eb515-OSL
|
|
| firefox.settings.services.mozilla.com/v1/ | 18.164.68.15 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP18.164.68.15:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash3f17af4e8a1739eda4a518039f4892f9 c3feba08ae7e8f57e0fe9bcd2ebedea6bda67cbb c485b09cad08b5233fe8753682faf59219fe0d18fcc34d90dc88fb0971295f5f
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 11 Oct 2022 04:08:14 GMT
Expires: Tue, 11 Oct 2022 04:29:18 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 35f1076ba1ff613e428e9cf6a2f57580.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: sTKNkms36Ajijb3ocfQxcDjm7jwxRVmW2_KdYejGYyWZnE_f2bmDFQ==
Age: 1389
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashef6d323da0ad155f526b4a57c2e46ccc 71686b19b3ca049b9b66f8740284c552a3f61a20 99e2f56075a08f133a9d1d0122ab9ef2d9eaa61e18f46994e52e21a8a53203f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "99E2F56075A08F133A9D1D0122AB9EF2D9EAA61E18F46994E52E21A8A53203F3"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14096
Expires: Tue, 11 Oct 2022 08:26:19 GMT
Date: Tue, 11 Oct 2022 04:31:23 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash3d0ffae9abfdf558a6286013a0201c8b 2dc8ea0000a1b0c0f849611fdd73429bca51bfad 8e19eab9b6d16819f9ef3920971542cbcf5dd18280617e2de1a3827f0c149398
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E19EAB9B6D16819F9EF3920971542CBCF5DD18280617E2DE1A3827F0C149398"
Last-Modified: Sun, 09 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8739
Expires: Tue, 11 Oct 2022 06:57:02 GMT
Date: Tue, 11 Oct 2022 04:31:23 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TnFCk8bacjhuUSXJHdiil68IiW3Yuj81yHUpmqfxNIRXlWG98O2PTemhAFoOqVMpa/8GQIyOzx+3953Qev4CDA==
x-amz-request-id: 4KYP65PCCPJYVYYV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 11 Oct 2022 03:32:46 GMT
age: 3517
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 11 Oct 2022 04:31:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 18.164.68.15 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP18.164.68.15:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 11 Oct 2022 03:41:37 GMT
Expires: Tue, 11 Oct 2022 04:38:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d7a09e17a9797d15006b403215eeebe6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: tNK_gWrAwZqzOJ39Ho8x6YMkKDzfGDn-gnxocQhgtUpTyOrA072IcQ==
Age: 2987
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashd545bc725dcd5d6f1dfc10a8b35aeb3a 82d92587953dac8a05d691730b8318719328de6b 9d1e6f1bf4b1c138d9e07e67264cb9ac5090a1c338ff72c87e1758e187cccb24
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1886
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 04:31:24 GMT
Last-Modified: Tue, 11 Oct 2022 03:59:58 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js | 104.17.24.14 | 200 OK | 27 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js IP104.17.24.14:0
File typeASCII text, with very long lines (32180) Hashb1e4b2a99336201b37fb8cea5d57abb9 d57980f0d0eaaf57ec33ddc9ed027274cfa86027 c805bfd991983f57b5b7878b998f7529e9b7e2df4bc2d39ba493934e23ba3f8a
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 11 Oct 2022 04:31:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 26660
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14983"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10909472
expires: Sun, 01 Oct 2023 04:31:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Mw3ab905j83C7XfEWRc2%2BGZoMGkhPHmJdI%2BRYRyBmCd%2Fpy%2BzyDp8tEv5rXtRRF8PDVnV%2Bzi7J%2FESJVsJENwX5OXoOcTAMKrO8YB2YxRHGITXX9XuqCQKxYHE7uK6De8L%2F2fa18p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7584ddb2f9410b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js | 104.17.24.14 | 200 OK | 4.0 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js IP104.17.24.14:0
File typeHTML document, ASCII text, with very long lines (11084), with no line terminators Hasha5775b673c18ffa903cd1a6129ce5f87 ee2569b285a7dbc4ccc95b01a16f06943fade768 ab8ad2f07d5214be2ade4edcd295d5fb8f8aa60971b3ec1348063a8a19659fc9
GET /ajax/libs/modernizr/2.8.3/modernizr.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 11 Oct 2022 04:31:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 3980
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f26-2b4c"
last-modified: Mon, 04 May 2020 16:13:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1575051
expires: Sun, 01 Oct 2023 04:31:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJw63UNYSQMypoGV78pYLiknc75ypJAjc5UJ51Feu01aQ1a0op2440w1nw11YnoVserF9Pm9eBQ7iyq7rTuHFvi05Eoc%2BmpxGtrFy4AVDBadIYn7uCkCl4Tade7tMb6aiT70K%2FQK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7584ddb2f9420b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css | 151.101.85.229 | 200 OK | 24 kB |
URL HTTP/2cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css IP151.101.85.229:0
File typeASCII text, with very long lines (65326) Hash849f3e827da80e4e4c6a8c49689f057d 035d81aaaf6da3ffa5ce241179a9e14d533e7a3b 9546dbb82c3facf833e4adb713ce7e57a34dd53f6b55697ef1e1877bdbd8bb73
GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://stingray-app-r6lj5.ondigitalocean.app
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 11 Oct 2022 04:31:24 GMT
age: 1919460
x-served-by: cache-fra19147-FRA, cache-bma1647-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24100
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js | 151.101.85.229 | 200 OK | 22 kB |
URL HTTP/2cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js IP151.101.85.229:0
File typeASCII text, with very long lines (65299) Hasha5cbb97cf034dd181106adecdafe3035 5fca1af6c76dd3e609f7f92841e564df1281927a 5ae018daf5df2cd903f80162efbaa3e138e0ed47ff90a315f2e2c497dc88a890
GET /npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://stingray-app-r6lj5.ondigitalocean.app
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 11 Oct 2022 04:31:24 GMT
age: 11151327
x-served-by: cache-fra19162-FRA, cache-bma1647-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21830
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash2c08f85bd74f5c0456761cd4180e3d1b 1fb1ed9973e481092ae4e51e7277e7e58144f994 e5e5d24ca076fb29f70c900432ad20cc1c838d61924c257d2fe01e898a76ecad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 04:31:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1 | 104.18.21.226 | 200 OK | 1.5 kB |
URL HTTP/1.1ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1 IP104.18.21.226:0
Hash360488bab1e0c14852eb7f63fe70a459 260b7a9407f69e3a2ddb23769a493983f7dfb8ec 1d8fdb112d1d57c7476898959dda106535eab8960a288faeab8b42cae9c1cfa0
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 04:31:24 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "57E651E2AD81DF59077201BDB741B6F877DBA4D1"
Expires: Tue, 11 Oct 2022 15:00:00 GMT
Last-Modified: Tue, 11 Oct 2022 03:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1160
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7584ddb35926b4fa-OSL
|
|
| stingray-app-r6lj5.ondigitalocean.app/werrx01/microsoft.png | 104.16.244.78 | 200 OK | 1.0 kB |
URL HTTP/2stingray-app-r6lj5.ondigitalocean.app/werrx01/microsoft.png IP104.16.244.78:0
File typePNG image data, 47 x 46, 8-bit/color RGBA, non-interlaced\012- data Hashbf2b460590fbb9d8e9611a6e9006b816 561e1dab259d61e798b3ce380527b71b61074ff3 ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03
Analyzer | Verdict | Alert | urlquery | | Scam / Fake AntiVirus |
GET /werrx01/microsoft.png HTTP/1.1
Host: stingray-app-r6lj5.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/werrx01/?phone=+&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 11 Oct 2022 04:31:24 GMT
content-type: image/png
content-length: 1045
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: "415-11ef9b484c240"
x-do-app-origin: bdf7eefb-06f3-4792-a478-420d5ad4fc85
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7584ddb2ba9ab4fd-OSL
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-217279329-52 | 142.250.74.168 | 200 OK | 42 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=UA-217279329-52 IP142.250.74.168:0
File typeASCII text, with very long lines (1969) Hash15b13fb7246e7f97a1836921e04a3bf1 8868a871e9b47918e5c4d682b61b5d357b3dfd05 61b23e47638de4d0dc5e0a97e78ebe23dad20a20294e8007ad0a5bc3d482a887
GET /gtag/js?id=UA-217279329-52 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 11 Oct 2022 04:31:24 GMT
expires: Tue, 11 Oct 2022 04:31:24 GMT
cache-control: private, max-age=900
last-modified: Tue, 11 Oct 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42418
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| stingray-app-r6lj5.ondigitalocean.app/werrx01/minimize.jpg | 104.16.244.78 | 200 OK | 2.2 kB |
URL HTTP/2stingray-app-r6lj5.ondigitalocean.app/werrx01/minimize.jpg IP104.16.244.78:0
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 180x39, components 3\012- data Hash1ba392dce74f8987dca48bf65d817c8f db0b8444c46125105b52f272bd422a7f52da1f72 a05245b6f7fd752af4a7b0131bbdfdf3eaee6c5a25a81cb498e0f0759189473c
Analyzer | Verdict | Alert | urlquery | | Scam / Fake AntiVirus |
GET /werrx01/minimize.jpg HTTP/1.1
Host: stingray-app-r6lj5.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/werrx01/?phone=+&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 11 Oct 2022 04:31:24 GMT
content-type: image/jpeg
content-length: 2247
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: "8c7-11ef9b484c240"
x-do-app-origin: bdf7eefb-06f3-4792-a478-420d5ad4fc85
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7584ddb2ba99b4fd-OSL
X-Firefox-Spdy: h2
|
|
| stingray-app-r6lj5.ondigitalocean.app/werrx01/setting.png | 104.16.244.78 | 200 OK | 364 B |
URL HTTP/2stingray-app-r6lj5.ondigitalocean.app/werrx01/setting.png IP104.16.244.78:0
File typePNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data Hashe144c3378090087c8ce129a30cb6cb4e 59da5466551de941d0215e45c54aa2ceaf436be1 b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
Analyzer | Verdict | Alert | urlquery | | Scam / Fake AntiVirus |
GET /werrx01/setting.png HTTP/1.1
Host: stingray-app-r6lj5.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/werrx01/?phone=+&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 11 Oct 2022 04:31:24 GMT
content-type: image/png
content-length: 364
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: "16c-11ef9b484c240"
x-do-app-origin: bdf7eefb-06f3-4792-a478-420d5ad4fc85
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7584ddb2ba9db4fd-OSL
X-Firefox-Spdy: h2
|
|
| stingray-app-r6lj5.ondigitalocean.app/werrx01/virus-images.jpg | 104.16.244.78 | 200 OK | 8.2 kB |
URL HTTP/2stingray-app-r6lj5.ondigitalocean.app/werrx01/virus-images.jpg IP104.16.244.78:0
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 254x71, components 3\012- data Hash5fc559a242f0ea0a023f10830887d2af 9d744c2f3a6bf5b715496350c8de7124cdd7ddc8 3b531d403dc8ce7cbb0efb1a0c307cfb2bbaaf21feaff9f3546f13bebda71887
Analyzer | Verdict | Alert | urlquery | | Scam / Fake AntiVirus |
GET /werrx01/virus-images.jpg HTTP/1.1
Host: stingray-app-r6lj5.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/werrx01/?phone=+&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 11 Oct 2022 04:31:24 GMT
content-type: image/jpeg
content-length: 8196
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: "2004-11ef9b484c240"
x-do-app-origin: bdf7eefb-06f3-4792-a478-420d5ad4fc85
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7584ddb2dac1b4fd-OSL
X-Firefox-Spdy: h2
|
|
| stingray-app-r6lj5.ondigitalocean.app/werrx01/pc.png | 104.16.244.78 | 200 OK | 4.9 kB |
URL HTTP/2stingray-app-r6lj5.ondigitalocean.app/werrx01/pc.png IP104.16.244.78:0
File typePNG image data, 166 x 92, 8-bit/color RGBA, non-interlaced\012- data Hashcc5132b56ba46b03dd998aa1fe220106 403e007a0b17d76a9945fa5ec46a9d01733b3040 598699133be5eef63e3b9b5540609ec0dc91d7af9c7f70a3b890e57491a70ae0
Analyzer | Verdict | Alert | urlquery | | Scam / Fake AntiVirus |
GET /werrx01/pc.png HTTP/1.1
Host: stingray-app-r6lj5.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/werrx01/?phone=+&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 11 Oct 2022 04:31:24 GMT
content-type: image/png
content-length: 4949
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: "1355-11ef9b484c240"
x-do-app-origin: bdf7eefb-06f3-4792-a478-420d5ad4fc85
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7584ddb2dabdb4fd-OSL
X-Firefox-Spdy: h2
|
|
| stingray-app-r6lj5.ondigitalocean.app/werrx01/bell.png | 104.16.244.78 | 200 OK | 1.1 kB |
URL HTTP/2stingray-app-r6lj5.ondigitalocean.app/werrx01/bell.png IP104.16.244.78:0
File typePNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced\012- data Hasha3555871399f1f67bfacaf437974b03a b6337de87cd7a75a73cd804774651d14c83fe76a 2e48fef820929c21295e13444901f60e3aed61ba6f8c773ff1466e6843e76b49
Analyzer | Verdict | Alert | urlquery | | Scam / Fake AntiVirus |
GET /werrx01/bell.png HTTP/1.1
Host: stingray-app-r6lj5.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/werrx01/?phone=+&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 11 Oct 2022 04:31:24 GMT
content-type: image/png
content-length: 1108
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: "454-11ef9b484c240"
x-do-app-origin: bdf7eefb-06f3-4792-a478-420d5ad4fc85
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7584ddb2dabbb4fd-OSL
X-Firefox-Spdy: h2
|
|
| stingray-app-r6lj5.ondigitalocean.app/werrx01/virus-scan.png | 104.16.244.78 | 200 OK | 26 kB |
URL HTTP/2stingray-app-r6lj5.ondigitalocean.app/werrx01/virus-scan.png IP104.16.244.78:0
File typePNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data Hash2c497dfff84bd8c5af9254c9d6278ce1 667e72e7ba6f00a54629e28133317022d4b59af6 b2dc4153ee7019c70a1095d5d1304d540e3bba045d99e141f63e5b13362e5a4e
Analyzer | Verdict | Alert | urlquery | | Scam / Fake AntiVirus |
GET /werrx01/virus-scan.png HTTP/1.1
Host: stingray-app-r6lj5.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/werrx01/?phone=+&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 11 Oct 2022 04:31:24 GMT
content-type: image/png
content-length: 25871
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: "650f-11ef9b484c240"
x-do-app-origin: bdf7eefb-06f3-4792-a478-420d5ad4fc85
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7584ddb2dabab4fd-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash2c08f85bd74f5c0456761cd4180e3d1b 1fb1ed9973e481092ae4e51e7277e7e58144f994 e5e5d24ca076fb29f70c900432ad20cc1c838d61924c257d2fe01e898a76ecad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 04:31:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| stingray-app-r6lj5.ondigitalocean.app/werrx01/que.png | 104.16.244.78 | 200 OK | 349 B |
URL HTTP/2stingray-app-r6lj5.ondigitalocean.app/werrx01/que.png IP104.16.244.78:0
File typePNG image data, 13 x 13, 8-bit/color RGB, non-interlaced\012- data Hash7454c652e0733d92de6c920c2d646ae0 34a5bd8c7401f95e346895b0e5ccffbf0e9ad638 44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
Analyzer | Verdict | Alert | urlquery | | Scam / Fake AntiVirus |
GET /werrx01/que.png HTTP/1.1
Host: stingray-app-r6lj5.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/werrx01/?phone=+&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 11 Oct 2022 04:31:24 GMT
content-type: image/png
content-length: 349
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: "15d-11ef9b484c240"
x-do-app-origin: bdf7eefb-06f3-4792-a478-420d5ad4fc85
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7584ddb2dab9b4fd-OSL
X-Firefox-Spdy: h2
|
|
| stingray-app-r6lj5.ondigitalocean.app/werrx01/def.png | 104.16.244.78 | 200 OK | 3.8 kB |
URL HTTP/2stingray-app-r6lj5.ondigitalocean.app/werrx01/def.png IP104.16.244.78:0
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data Hash77a2ffc5545f87551d74781201de9b3b c9c3798afd2ae95aa3bba3c428335d49c8255b06 316e6a6737bd296ab30aca2ef7fa36f119d15786a2432d01e31fdc130272f15c
Analyzer | Verdict | Alert | urlquery | | Scam / Fake AntiVirus |
GET /werrx01/def.png HTTP/1.1
Host: stingray-app-r6lj5.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/werrx01/?phone=+&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 11 Oct 2022 04:31:24 GMT
content-type: image/png
content-length: 3834
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: "efa-11ef9b484c240"
x-do-app-origin: bdf7eefb-06f3-4792-a478-420d5ad4fc85
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7584ddb2dabeb4fd-OSL
X-Firefox-Spdy: h2
|
|
| stingray-app-r6lj5.ondigitalocean.app/werrx01/bg2.jpg | 104.16.244.78 | 200 OK | 101 kB |
URL HTTP/2stingray-app-r6lj5.ondigitalocean.app/werrx01/bg2.jpg IP104.16.244.78:0
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x1080, components 3\012- data Size101 kB (101218 bytes) Hash21e2ac3edb976d4b8c2018eff70f084d 8891207a1729c77c4be38ee3dae75bb240c8a92b d442ddd2a4f0354eff40d09b4e54d0fa27580e9cbe17afffa8c70a5f496cd92a
Analyzer | Verdict | Alert | urlquery | | Scam / Fake AntiVirus |
GET /werrx01/bg2.jpg HTTP/1.1
Host: stingray-app-r6lj5.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/werrx01/?phone=+&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 11 Oct 2022 04:31:24 GMT
content-type: image/jpeg
content-length: 101218
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: "18b62-11ef9b484c240"
x-do-app-origin: bdf7eefb-06f3-4792-a478-420d5ad4fc85
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7584ddb2ba92b4fd-OSL
X-Firefox-Spdy: h2
|
|
| stingray-app-r6lj5.ondigitalocean.app/werrx01/cross.png | 104.16.244.78 | 200 OK | 44 kB |
URL HTTP/2stingray-app-r6lj5.ondigitalocean.app/werrx01/cross.png IP104.16.244.78:0
File typePNG image data, 2080 x 2080, 8-bit/color RGBA, non-interlaced\012- data Hash4487a588bf2a07e3d1936d705c5ceefd db193b3e2ab9fbee6eae99ced2366b1ef5f16971 3821ef20f5904fdb993e34d87ff8fb9c5786a382efb0eeee8b4f00c91428b701
Analyzer | Verdict | Alert | urlquery | | Scam / Fake AntiVirus |
GET /werrx01/cross.png HTTP/1.1
Host: stingray-app-r6lj5.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/werrx01/?phone=+&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 11 Oct 2022 04:31:24 GMT
content-type: image/png
content-length: 44098
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: "ac42-11ef9b484c240"
x-do-app-origin: bdf7eefb-06f3-4792-a478-420d5ad4fc85
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7584ddb2dabfb4fd-OSL
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 34.218.164.174 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP34.218.164.174:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uWZuqPOmQgsAIq2Wzi0hFg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: e1wGGdAyRrsk9ErVg97mOzAwwn4=
|
|
| stingray-app-r6lj5.ondigitalocean.app/werrx01/0wa0rni0ng0.mp3 | 104.16.244.78 | 206 Partial Content | 8.4 kB |
URL HTTP/2stingray-app-r6lj5.ondigitalocean.app/werrx01/0wa0rni0ng0.mp3 IP104.16.244.78:0
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 56 kbps, 44.1 kHz, Monaural\012- data Hash8618fbb0911e3b8fc96725dee8bfd81f 1bbcb78922946d0cf18fbf3a9e092e36453eb767 0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1
Analyzer | Verdict | Alert | urlquery | | Scam / Fake AntiVirus | fortinet | Malware | |
GET /werrx01/0wa0rni0ng0.mp3 HTTP/1.1
Host: stingray-app-r6lj5.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/werrx01/?phone=+&
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
date: Tue, 11 Oct 2022 04:31:24 GMT
content-type: audio/mpeg
content-length: 8405
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: "20d5-11ef9b484c240"
x-do-app-origin: bdf7eefb-06f3-4792-a478-420d5ad4fc85
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
content-range: bytes 0-8404/8405
server: cloudflare
cf-ray: 7584ddb46be4b4fd-OSL
X-Firefox-Spdy: h2
|
|
| www.google-analytics.com/analytics.js | 142.250.74.174 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.174:0
File typeASCII text, with very long lines (1325) Hash47e6f374ca946fddd5b59871b325736c baa9282efc8785e84d247c3bff518eaa45f101c4 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 11 Oct 2022 02:41:09 GMT
expires: Tue, 11 Oct 2022 04:41:09 GMT
cache-control: public, max-age=7200
age: 6616
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| stingray-app-r6lj5.ondigitalocean.app/favicon.ico | 104.16.244.78 | 404 Not Found | 192 B |
URL HTTP/2stingray-app-r6lj5.ondigitalocean.app/favicon.ico IP104.16.244.78:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hash7288ba09edf0f6bed3ae589e5b20d1b6 8678f103b0295f8880b689700dc3d397a3f4d9e4 5bdfe9e7c4e8e0bde2d8f4c3fc161541010486d65f34ca534d97e26ef2972d94
GET /favicon.ico HTTP/1.1
Host: stingray-app-r6lj5.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/werrx01/?phone=+&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Tue, 11 Oct 2022 04:31:25 GMT
content-type: text/html; charset=iso-8859-1
x-do-app-origin: bdf7eefb-06f3-4792-a478-420d5ad4fc85
cache-control: private
x-do-orig-status: 404
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 7584ddb5cd5ab4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.google-analytics.com/j/collect?v=1&_v=j98&a=382461395&t=pageview&_s=1&dl=https%3A%2F%2Fstingray-app-r6lj5.ondigitalocean.app%2Fwerrx01%2F%3Fphone%3D%2B%26&ul=en-us&de=UTF-8&dt=Security%20Center%20Code0x268d3%20Services&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1498577155&gjid=2022859828&cid=1571840432.1665462685&tid=UA-217279329-52&_gid=353516036.1665462685&_r=1>m=2ouaa0&z=371569946 | 142.250.74.174 | 200 OK | 1 B |
URL HTTP/2www.google-analytics.com/j/collect?v=1&_v=j98&a=382461395&t=pageview&_s=1&dl=https%3A%2F%2Fstingray-app-r6lj5.ondigitalocean.app%2Fwerrx01%2F%3Fphone%3D%2B%26&ul=en-us&de=UTF-8&dt=Security%20Center%20Code0x268d3%20Services&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1498577155&gjid=2022859828&cid=1571840432.1665462685&tid=UA-217279329-52&_gid=353516036.1665462685&_r=1>m=2ouaa0&z=371569946 IP142.250.74.174:0
File typevery short file (no magic) Hashc4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=382461395&t=pageview&_s=1&dl=https%3A%2F%2Fstingray-app-r6lj5.ondigitalocean.app%2Fwerrx01%2F%3Fphone%3D%2B%26&ul=en-us&de=UTF-8&dt=Security%20Center%20Code0x268d3%20Services&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1498577155&gjid=2022859828&cid=1571840432.1665462685&tid=UA-217279329-52&_gid=353516036.1665462685&_r=1>m=2ouaa0&z=371569946 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://stingray-app-r6lj5.ondigitalocean.app
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://stingray-app-r6lj5.ondigitalocean.app
date: Tue, 11 Oct 2022 04:31:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf97cde01f1afd5ed30319169445ec773 1cb25a8da62cdf1f9ab1b2b35d03163037691b33 1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13948
Expires: Tue, 11 Oct 2022 08:23:54 GMT
Date: Tue, 11 Oct 2022 04:31:26 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf97cde01f1afd5ed30319169445ec773 1cb25a8da62cdf1f9ab1b2b35d03163037691b33 1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13948
Expires: Tue, 11 Oct 2022 08:23:54 GMT
Date: Tue, 11 Oct 2022 04:31:26 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf97cde01f1afd5ed30319169445ec773 1cb25a8da62cdf1f9ab1b2b35d03163037691b33 1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13948
Expires: Tue, 11 Oct 2022 08:23:54 GMT
Date: Tue, 11 Oct 2022 04:31:26 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf97cde01f1afd5ed30319169445ec773 1cb25a8da62cdf1f9ab1b2b35d03163037691b33 1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13948
Expires: Tue, 11 Oct 2022 08:23:54 GMT
Date: Tue, 11 Oct 2022 04:31:26 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F091cb024-57dd-4874-9dc1-d75a60e4678e.jpeg | 34.120.237.76 | 200 OK | 14 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F091cb024-57dd-4874-9dc1-d75a60e4678e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash85a9fd509ca7e74239b01f4dbe2ecd96 e52e8499848f150588f045759a58b48b065c4828 eac89a20cdd81d3adcdf320ea13fa08058a372c3b8c43dd36ad806510c29617f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F091cb024-57dd-4874-9dc1-d75a60e4678e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13946
x-amzn-requestid: b9d7a6c3-9574-4bf1-bfc9-7b9faccc876f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZnSMfFCzoAMFf1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f971c-3b6e91a12688f5883758d639;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 03:03:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: d6hiffbEGNHAvX9qLb8xRoognAqxh2ZR5uQflwOkCkE1EaIURGJMSg==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 06:01:49 GMT
age: 80977
etag: "e52e8499848f150588f045759a58b48b065c4828"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css | 104.18.11.207 | 200 OK | 18 kB |
URL HTTP/2maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css IP104.18.11.207:0
File typeASCII text, with very long lines (27303) Hashf27d7c8fc5d43e31d0f20539653b4cb6 2da85522852baa47516de954115617de32d73d54 e14e8859761fd1f9fbfbea65f4349cfbd1ea9e26f59aea4f3cfd3cbd04b7c8fb
GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 11 Oct 2022 04:31:24 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 19:04:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 10906932
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7584ddb2fdceb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F39026cbd-0662-4b73-93fd-a3f5e4bce045.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F39026cbd-0662-4b73-93fd-a3f5e4bce045.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash447cd44b9b9df4a33eb46770b3949297 ac8e62c08fd514bb00e872d7cd3de4640c5f227b 968edd8b5e6d25f120ac1d8b50dd0ae1a6c540619597061c30d5f432f212fee1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F39026cbd-0662-4b73-93fd-a3f5e4bce045.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10387
x-amzn-requestid: 75fddd85-9afb-4285-b411-0005ecf35f46
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZkLO_GnvIAMF9mA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e58c6-5917be9c1a1ec59c702a417d;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 04:25:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gRgq4-CjBaNicjY06m8tR09_DHnuv0eYzjs71c1kJwARrsB63FJHwQ==
via: 1.1 1570d93226c1bbca2ebaad510cff3e0c.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 19:15:28 GMT
age: 33358
etag: "ac8e62c08fd514bb00e872d7cd3de4640c5f227b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| stingray-app-r6lj5.ondigitalocean.app/werrx01/fullscreen.js | 104.16.244.78 | 200 OK | 4.0 kB |
URL HTTP/2stingray-app-r6lj5.ondigitalocean.app/werrx01/fullscreen.js IP104.16.244.78:0
File typeASCII text, with CRLF line terminators Hashfd6fe09fa1bfc1a1821be251a89393a8 81e453f5ca7b1357ca2664125aff3295d3bf0cf0 152faf344c8830ba99429eec8c1395714beb1782822c6f7caab3362ab7d5b357
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /werrx01/fullscreen.js HTTP/1.1
Host: stingray-app-r6lj5.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/werrx01/?phone=+&
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 11 Oct 2022 04:31:24 GMT
content-type: application/javascript
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"f5-11ef9b484c240"
x-do-app-origin: bdf7eefb-06f3-4792-a478-420d5ad4fc85
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 7584ddb2eac9b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| stingray-app-r6lj5.ondigitalocean.app/werrx01/before.js | 104.16.244.78 | 200 OK | 6.1 kB |
URL HTTP/2stingray-app-r6lj5.ondigitalocean.app/werrx01/before.js IP104.16.244.78:0
File typeASCII text, with CRLF line terminators Hash974d513f49e0515204dd900c9c1f7bf2 292f9f9a1f6ecd6f28451747d33eee7c24ff76f6 012fb1d0d9bdfac0a6b0e1836c4f66164cd79887583edc94a187e066e28093f8
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /werrx01/before.js HTTP/1.1
Host: stingray-app-r6lj5.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/werrx01/?phone=+&
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 11 Oct 2022 04:31:24 GMT
content-type: application/javascript
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"16e-11ef9b484c240"
x-do-app-origin: bdf7eefb-06f3-4792-a478-420d5ad4fc85
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 7584ddb2faccb4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf363159-c109-46fe-bd9b-9134e7b048c3.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf363159-c109-46fe-bd9b-9134e7b048c3.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe3c99f149a624060a36dd392ac0d5ef4 ccbb22ad9c30baa4e3f013dfc60195400f469dc0 3f9dc61fff639b4b8aa778630e8009c190e804b8d58684e9244cef8419a61c00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf363159-c109-46fe-bd9b-9134e7b048c3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11239
x-amzn-requestid: 9f628fab-edd5-425d-add3-31beea676070
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZzuvOGzhoAMFd0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63449194-48cae2de0a5968fb46772067;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 21:41:40 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7i8fLObJFEx_Y_7k2gRtapXCaDgMWiAlHD3cnxuNlNWGz-HGH1T1wQ==
via: 1.1 332ef4544bd8b531e8f11abaa4197c08.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 22:17:11 GMT
age: 22455
etag: "ccbb22ad9c30baa4e3f013dfc60195400f469dc0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 | 104.18.11.207 | 200 OK | 67 kB |
URL HTTP/2maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 IP104.18.11.207:0
File typeWeb Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data Hashdb812d8a70a4e88e888744c1c9a27e89 638c652d623280a58144f93e7b552c66d1667a11 ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
GET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://stingray-app-r6lj5.ondigitalocean.app
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 11 Oct 2022 04:31:27 GMT
content-type: font/woff2
content-length: 66624
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "db812d8a70a4e88e888744c1c9a27e89"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 08/15/2022 13:52:58
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 0267bf2cbbcbd7554f34ff2a312ef3e3
cdn-cache: HIT
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7584ddc43d4a0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe577330b-a644-4321-9e63-e29b1c776335.jpeg | 34.120.237.76 | 200 OK | 6.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe577330b-a644-4321-9e63-e29b1c776335.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashcb36aa8278a4cc50f976846ebd761720 4bec83cb13a6400527ce15dcfc0db98f90b3ab29 eb2720f1aad4b238cb1a3ec05978580f20e65b66b2baca513d1621d33542a586
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe577330b-a644-4321-9e63-e29b1c776335.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6683
x-amzn-requestid: b3242600-6706-4e7f-b511-59747ce318c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZzuvXFmPIAMF0RQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63449195-3db530107195e4e64b50a7f5;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 21:41:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _AKI47VlrnSn3hA-hp22GBxyf1v7p5ZWMxXZFoBzNMlhnLRUo5s3CQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 22:08:05 GMT
age: 23007
etag: "4bec83cb13a6400527ce15dcfc0db98f90b3ab29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| stingray-app-r6lj5.ondigitalocean.app/ | 104.16.244.78 | 200 OK | 0 B |
URL HTTP/2stingray-app-r6lj5.ondigitalocean.app/ IP104.16.244.78:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET / HTTP/1.1
Host: stingray-app-r6lj5.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 11 Oct 2022 04:31:24 GMT
content-type: text/html; charset=UTF-8
x-do-app-origin: bdf7eefb-06f3-4792-a478-420d5ad4fc85
cache-control: private
x-do-orig-status: 200
last-modified: Tue, 11 Oct 2022 04:31:24 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 7584ddae9f1eb4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| stingray-app-r6lj5.ondigitalocean.app/werrx01/main.css | 104.16.244.78 | 200 OK | 0 B |
URL HTTP/2stingray-app-r6lj5.ondigitalocean.app/werrx01/main.css IP104.16.244.78:0
GET /werrx01/main.css HTTP/1.1
Host: stingray-app-r6lj5.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/werrx01/?phone=+&
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 11 Oct 2022 04:31:24 GMT
content-type: text/css
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"2f41-11ef9b484c240"
x-do-app-origin: bdf7eefb-06f3-4792-a478-420d5ad4fc85
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 7584ddb2aa90b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| stingray-app-r6lj5.ondigitalocean.app/werrx01/main.js | 104.16.244.78 | 200 OK | 0 B |
URL HTTP/2stingray-app-r6lj5.ondigitalocean.app/werrx01/main.js IP104.16.244.78:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /werrx01/main.js HTTP/1.1
Host: stingray-app-r6lj5.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/werrx01/?phone=+&
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 11 Oct 2022 04:31:24 GMT
content-type: application/javascript
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"563-11ef9b484c240"
x-do-app-origin: bdf7eefb-06f3-4792-a478-420d5ad4fc85
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 7584ddb2facdb4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| stingray-app-r6lj5.ondigitalocean.app/werrx01/alertmicrosoft.mp3 | 104.16.244.78 | 206 Partial Content | 0 B |
URL HTTP/2stingray-app-r6lj5.ondigitalocean.app/werrx01/alertmicrosoft.mp3 IP104.16.244.78:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /werrx01/alertmicrosoft.mp3 HTTP/1.1
Host: stingray-app-r6lj5.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/werrx01/?phone=+&
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
date: Tue, 11 Oct 2022 04:31:25 GMT
content-type: audio/mpeg
content-length: 200832
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: "31080-11ef9b484c240"
x-do-app-origin: bdf7eefb-06f3-4792-a478-420d5ad4fc85
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
content-range: bytes 0-200831/200832
server: cloudflare
cf-ray: 7584ddb47c0db4fd-OSL
X-Firefox-Spdy: h2
|
|
| stingray-app-r6lj5.ondigitalocean.app/werrx01/?phone=+& | 104.16.244.78 | 200 OK | 0 B |
URL HTTP/2stingray-app-r6lj5.ondigitalocean.app/werrx01/?phone=+& IP104.16.244.78:0
Analyzer | Verdict | Alert | urlquery | | Scam / Cryptowall detected |
GET /werrx01/?phone=+& HTTP/1.1
Host: stingray-app-r6lj5.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 11 Oct 2022 04:31:24 GMT
content-type: text/html
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
x-do-app-origin: bdf7eefb-06f3-4792-a478-420d5ad4fc85
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 7584ddb12915b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| stingray-app-r6lj5.ondigitalocean.app/werrx01/light.js | 104.16.244.78 | 200 OK | 0 B |
URL HTTP/2stingray-app-r6lj5.ondigitalocean.app/werrx01/light.js IP104.16.244.78:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /werrx01/light.js HTTP/1.1
Host: stingray-app-r6lj5.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stingray-app-r6lj5.ondigitalocean.app/werrx01/?phone=+&
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 11 Oct 2022 04:31:24 GMT
content-type: application/javascript
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"1f7-11ef9b484c240"
x-do-app-origin: bdf7eefb-06f3-4792-a478-420d5ad4fc85
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 7584ddb2fad2b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|