| cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js | 104.17.24.14 | 200 OK | 28 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP104.17.24.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://op.buuda.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 07:01:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 562960
expires: Sun, 27 Apr 2025 07:01:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i9FcCFJRiX8TIsSoxwyJIG1ISssgZEzHioLyOQe3Yi5YIVlI2kioLVdZGCYLhR8IS4ymRQHzgMDiT2bc765Ca6IvfOVyT5JEu2Mnl3ChsXHEmonBtIfE%2BanamZfRhyHQLcEdCaLF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ff56158c950afa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css | 104.17.24.14 | 200 OK | 2.1 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css IP104.17.24.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
Hash582a1f76889553869a19d492c7728242 7d0ac85f92401984088d1c79d2a8d91b00e16a8a c9ae063d7bf400c91d4056a69889903b54205f2efd6cb224d6041eca58b92cca
GET /ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://op.buuda.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 07:01:00 GMT
content-type: text/css; charset=utf-8
content-length: 2139
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65a3eb4d-85b"
last-modified: Sun, 14 Jan 2024 14:10:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 466093
expires: Sun, 27 Apr 2025 07:01:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tGvHKkohFHL6%2FjHPx3uKCw9pOz7FJXXjb9RGPcwzNISHbmqQYR1LhxzZ5Y%2B2Gdwcap9dy7cokwI39Eg%2FibO1ov6ismDfJUPbORv6uYuiJyGiPqqDhiBJRNSuCPkjg80Q2fZN%2FBcC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ff56158ca30afa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/intlTelInput.min.js | 104.17.24.14 | 200 OK | 8.8 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/intlTelInput.min.js IP104.17.24.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (27324) Hashddc9d20a5dc24ff745358bba80eea1f3 c569c6d9f50923de1753da1f2c090132fa455f55 54bc983ea406933001939caacb25ec98a9f633b8f2d54aa5ca3180948d6fe389
GET /ajax/libs/intl-tel-input/18.5.0/js/intlTelInput.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://op.buuda.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 07:01:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 8765
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65a3eb4d-223d"
last-modified: Sun, 14 Jan 2024 14:10:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 566696
expires: Sun, 27 Apr 2025 07:01:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V2WypCaKLM5ITyT8DOaRH5KXTmbr7ZSZ%2B%2BR%2FkqAj8qKvbEU7rckcEOFumtNZVTNQa9zToMPI8tTx0FRz42ku%2Bwgcvx2HYqOCAFSJ5h6GxpyEoYQIi4jRHt%2FZK26PK9L0166j265h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ff56158ca60afa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Inter:wght@400;500;700;800&family=Jost:wght@500;900&display=swap | 142.250.74.74 | 200 OK | 1.3 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Inter:wght@400;500;700;800&family=Jost:wght@500;900&display=swap IP142.250.74.74:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hashc16eb2681cef54c115db548f6b2a1ce1 9f4b89ebeba947a4a450cf1844d0f1df461fb5ad 49141dbc7e4bbb90489d278f1fa57e44782d73b8cf1bee01bee11a2d9efbc238
GET /css2?family=Inter:wght@400;500;700;800&family=Jost:wght@500;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://op.buuda.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 07:01:00 GMT
date: Tue, 07 May 2024 07:01:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/jost/v15/92zatBhPNqw73oTd4g.woff2 | 216.58.207.227 | 200 OK | 27 kB |
URL GET HTTP/2fonts.gstatic.com/s/jost/v15/92zatBhPNqw73oTd4g.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 26620, version 1.0 Hash8851189b303b4d03a80b8243a4fac433 2a04886958dd3f8fc11562db9b3281699475aad3 1e3ceb99e33b0f3d149b7d617b24a487d07fe7595aa24d04a7f45a0312b0654c
GET /s/jost/v15/92zatBhPNqw73oTd4g.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://op.buuda.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 18:17:38 GMT
expires: Fri, 02 May 2025 18:17:38 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 22:39:33 GMT
content-type: font/woff2
age: 391402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 | 216.58.207.227 | 200 OK | 47 kB |
URL GET HTTP/2fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 46704, version 1.0 Hash30a274cd01b6eeb0b082c918b0697f1e 393311bde26b99a4ad935fa55bad1dce7994388b 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://op.buuda.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 10:54:17 GMT
expires: Tue, 06 May 2025 10:54:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 72403
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| op.buuda.xyz/js/main.js | 172.245.112.197 | 200 OK | 81 kB |
IP172.245.112.197:443 ASN#36352 AS-COLOCROSSING
CertificateIssuerLet's Encrypt Subjectop.buuda.xyz Fingerprint00:7E:F3:74:C1:DA:7F:FA:63:B5:0A:B6:81:B6:2F:CA:09:2E:49:D4 ValiditySat, 23 Mar 2024 16:33:14 GMT - Fri, 21 Jun 2024 16:33:13 GMT
File typegzip compressed data, from Unix Hash3fa1bb76a45c7765be09bc251524de6d 5b7beb3496baac84eb476df09354a5d353835399 91e44e084e91616f3b7b86c6e307316052089c6b45011caa5d2dc999c07bfb0a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/main.js HTTP/1.1
Host: op.buuda.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://op.buuda.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 07 May 2024 07:01:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 | 216.58.207.227 | 200 OK | 47 kB |
URL GET HTTP/2fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 46704, version 1.0 Hash30a274cd01b6eeb0b082c918b0697f1e 393311bde26b99a4ad935fa55bad1dce7994388b 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://op.buuda.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 10:54:17 GMT
expires: Tue, 06 May 2025 10:54:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 72403
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| op.buuda.xyz/css/style.css | 172.245.112.197 | 200 OK | 82 kB |
URL GET HTTP/2op.buuda.xyz/css/style.css IP172.245.112.197:443 ASN#36352 AS-COLOCROSSING
CertificateIssuerLet's Encrypt Subjectop.buuda.xyz Fingerprint00:7E:F3:74:C1:DA:7F:FA:63:B5:0A:B6:81:B6:2F:CA:09:2E:49:D4 ValiditySat, 23 Mar 2024 16:33:14 GMT - Fri, 21 Jun 2024 16:33:13 GMT
File typegzip compressed data, from Unix Hashf291f9178e2b8b82615ff591aaad3764 0f3b99d6eb87debcd00fe563108cfc946b6fa98d d6b661a439edb1df2a5292221601dea5f9251f319a701af9319ef8e002de15d0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/style.css HTTP/1.1
Host: op.buuda.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://op.buuda.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 07 May 2024 07:01:00 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2 | 216.58.207.227 | 200 OK | 80 kB |
URL GET HTTP/2fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 79940, version 1.0 Hash26859342514946edd3e8dceb17f55c92 34ee9d842c0d0e46325ae608fcd75929e7b27269 a2bfd9fe607d28fd07b05046e622818b8b5b94a358d53853a0d3f03e597cdc71
GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://op.buuda.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 79940
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 22:08:44 GMT
expires: Fri, 02 May 2025 22:08:44 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:22:52 GMT
content-type: font/woff2
age: 377536
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| op.buuda.xyz/js/modal.js | 172.245.112.197 | 200 OK | 48 kB |
IP172.245.112.197:443 ASN#36352 AS-COLOCROSSING
CertificateIssuerLet's Encrypt Subjectop.buuda.xyz Fingerprint00:7E:F3:74:C1:DA:7F:FA:63:B5:0A:B6:81:B6:2F:CA:09:2E:49:D4 ValiditySat, 23 Mar 2024 16:33:14 GMT - Fri, 21 Jun 2024 16:33:13 GMT
File typegzip compressed data, from Unix Hash7e22dadfd699b94ff60dc849d4925f94 17a3436d24a5f32f344e0b49322ae63e2d390e13 7151ee2cb5109fa36ea3e765918e2bf3bdfea9d5fdd28be4f2781f754178779f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/modal.js HTTP/1.1
Host: op.buuda.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://op.buuda.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 07 May 2024 07:01:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2 | 216.58.207.227 | 200 OK | 80 kB |
URL GET HTTP/2fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 79940, version 1.0 Hash26859342514946edd3e8dceb17f55c92 34ee9d842c0d0e46325ae608fcd75929e7b27269 a2bfd9fe607d28fd07b05046e622818b8b5b94a358d53853a0d3f03e597cdc71
GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://op.buuda.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 79940
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 22:08:44 GMT
expires: Fri, 02 May 2025 22:08:44 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:22:52 GMT
content-type: font/woff2
age: 377536
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 | 216.58.207.227 | 200 OK | 47 kB |
URL GET HTTP/2fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 46704, version 1.0 Hash30a274cd01b6eeb0b082c918b0697f1e 393311bde26b99a4ad935fa55bad1dce7994388b 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://op.buuda.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 10:54:17 GMT
expires: Tue, 06 May 2025 10:54:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 72404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/jost/v15/92zatBhPNqw73oTd4g.woff2 | 216.58.207.227 | 200 OK | 27 kB |
URL GET HTTP/2fonts.gstatic.com/s/jost/v15/92zatBhPNqw73oTd4g.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 26620, version 1.0 Hash8851189b303b4d03a80b8243a4fac433 2a04886958dd3f8fc11562db9b3281699475aad3 1e3ceb99e33b0f3d149b7d617b24a487d07fe7595aa24d04a7f45a0312b0654c
GET /s/jost/v15/92zatBhPNqw73oTd4g.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://op.buuda.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 18:17:38 GMT
expires: Fri, 02 May 2025 18:17:38 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 22:39:33 GMT
content-type: font/woff2
age: 391403
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| getyourapi.site/api/geolocation | 3.122.218.248 | 200 OK | 107 B |
URL GET HTTP/2getyourapi.site/api/geolocation IP3.122.218.248:443
CertificateIssuerLet's Encrypt Subjectgetyourapi.site Fingerprint5E:24:43:8B:8E:E3:57:4A:19:01:E0:C3:8C:45:B8:23:F5:E0:AD:F6 ValidityFri, 08 Mar 2024 09:11:52 GMT - Thu, 06 Jun 2024 09:11:51 GMT
Hash196ae9d75b3b48187796b56466008bdb b76f0883cd023711c45f6f54b8e2eeeb19179718 6f0b827bf18c093069d5b91458b89408c601c22a6c75139e3dc5fcf030ad2163
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /api/geolocation HTTP/1.1
Host: getyourapi.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://op.buuda.xyz
DNT: 1
Connection: keep-alive
Referer: https://op.buuda.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty
date: Tue, 07 May 2024 07:01:01 GMT
content-type: application/json; charset=utf-8
content-length: 107
x-powered-by: Express
access-control-allow-origin: https://op.buuda.xyz
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 600
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
access-control-expose-headers: content-type, authorization, x-request-id
x-request-id: 917b20cb-aed1-4770-af3a-616ed06124a5
etag: W/"6b-t28Ig80CNxHEX29UuOLu6xkXlxg"
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/img/flags.png?1 | 104.17.24.14 | | 67 kB |
URL GET cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/img/flags.png?1 IP104.17.24.14:0
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typePNG image data, 5762 x 15, 8-bit/color RGBA, non-interlaced Hash8ec9f8e2915d6bf684abf7629a1b3df0 00e80b4f1321a71de50ade6eaea01eb1713c5ce3 3af394920236bdcab19b5514b8f67e06b194e29017368d6a9d83d598947f203b
GET /ajax/libs/intl-tel-input/18.5.0/img/flags.png?1 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 07:01:01 GMT
content-type: image/png; charset=utf-8
content-length: 67119
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65a3eb4d-1062f"
last-modified: Sun, 14 Jan 2024 14:10:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 567796
expires: Sun, 27 Apr 2025 07:01:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MAzDTjKPv%2BURRtHY5bd4pKQO0pmwx8swiMlQYtvOkT7qt66MBuEzlbdZqPPXl4hvFF9B2GP7JSUNnBSrSUP711UgUMTsPlqJGETf7mzVxN3NrJYROITQeoy4cRhEJdoxjvXVelKG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ff561b3ff45691-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/utils.min.js | 104.17.24.14 | 200 OK | 46 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/utils.min.js IP104.17.24.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashb34007e0189bdb6d937004b2d35dc0d8 4836255d80bf984e066263a2bffaa1467cfc4cb5 b35c83e4dc3713230edfbda43508fb2fb92d8e07c4189f19d201ba199ef810a2
GET /ajax/libs/intl-tel-input/18.5.0/js/utils.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://op.buuda.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 07:01:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 46045
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65a3eb4d-b3dd"
last-modified: Sun, 14 Jan 2024 14:10:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 559226
expires: Sun, 27 Apr 2025 07:01:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BN2art33Q%2BTDhrreGDVwvFUySHHc9o73igdilpvbKlGy%2FqMdRRT7fbWTLZ9V3Tx%2F7JnPlNCS50xdm8Kya1PABqdbReY4HK9HN4UDk953rcS19P2vsPi84o%2Fqug1PTzZAT9GD71VQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ff561b3ffc5691-OSL
alt-svc: h3=":443"; ma=86400
|
|
| op.buuda.xyz/favicon.ico | 172.245.112.197 | 200 OK | 9.8 kB |
IP172.245.112.197:443 ASN#36352 AS-COLOCROSSING
CertificateIssuerLet's Encrypt Subjectop.buuda.xyz Fingerprint00:7E:F3:74:C1:DA:7F:FA:63:B5:0A:B6:81:B6:2F:CA:09:2E:49:D4 ValiditySat, 23 Mar 2024 16:33:14 GMT - Fri, 21 Jun 2024 16:33:13 GMT
File typegzip compressed data, from Unix Hash080d72fc2c38907fae47955a5ddb05b2 e7264b3c671d57ecfb7460ab168ee186e357b9cb e123676185101a8574a2a37acc0c9d924731392893bec542f6059ca92cd12be1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: op.buuda.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://op.buuda.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 07 May 2024 07:01:01 GMT
content-type: image/x-icon
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| op.buuda.xyz/img/1.jpg | 172.245.112.197 | 200 OK | 121 kB |
IP172.245.112.197:443 ASN#36352 AS-COLOCROSSING
CertificateIssuerLet's Encrypt Subjectop.buuda.xyz Fingerprint00:7E:F3:74:C1:DA:7F:FA:63:B5:0A:B6:81:B6:2F:CA:09:2E:49:D4 ValiditySat, 23 Mar 2024 16:33:14 GMT - Fri, 21 Jun 2024 16:33:13 GMT
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 960x250, components 3 Size121 kB (120652 bytes) Hash95999167f875f5b1fca7ea5caf5f15a4 7b1f26bb1e3761605dc22b0fd938a6e5ace58934 4140c1621aa8d82f5c6d1eb3266b72adc7db86f2e14401d9844211b41f4f2e7f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/1.jpg HTTP/1.1
Host: op.buuda.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://op.buuda.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty
date: Tue, 07 May 2024 07:01:00 GMT
content-type: image/jpeg
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| | 172.245.112.197 | 200 OK | 107 kB |
URL User Request GET HTTP/2IP172.245.112.197:443 ASN#36352 AS-COLOCROSSING
CertificateIssuerLet's Encrypt Subjectop.buuda.xyz Fingerprint00:7E:F3:74:C1:DA:7F:FA:63:B5:0A:B6:81:B6:2F:CA:09:2E:49:D4 ValiditySat, 23 Mar 2024 16:33:14 GMT - Fri, 21 Jun 2024 16:33:13 GMT
Size107 kB (106641 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: op.buuda.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty
date: Tue, 07 May 2024 07:00:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| op.buuda.xyz/css/form.css | 172.245.112.197 | 200 OK | 5.4 kB |
URL GET HTTP/2op.buuda.xyz/css/form.css IP172.245.112.197:443 ASN#36352 AS-COLOCROSSING
CertificateIssuerLet's Encrypt Subjectop.buuda.xyz Fingerprint00:7E:F3:74:C1:DA:7F:FA:63:B5:0A:B6:81:B6:2F:CA:09:2E:49:D4 ValiditySat, 23 Mar 2024 16:33:14 GMT - Fri, 21 Jun 2024 16:33:13 GMT
File typeASCII text, with very long lines (5948), with no line terminators Hash69ac8cd7806e92d5ca6503371f399f87 7868f777ca2315ab78b7358e985a4cd579f4c3a4 53a087927c793748a3eb251c040e69c4b81870bb37e3aee80d5d12b9f3ceae61
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/form.css HTTP/1.1
Host: op.buuda.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://op.buuda.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty
date: Tue, 07 May 2024 07:01:00 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| op.buuda.xyz/img/2.jpg | 172.245.112.197 | 200 OK | 107 kB |
IP172.245.112.197:443 ASN#36352 AS-COLOCROSSING
CertificateIssuerLet's Encrypt Subjectop.buuda.xyz Fingerprint00:7E:F3:74:C1:DA:7F:FA:63:B5:0A:B6:81:B6:2F:CA:09:2E:49:D4 ValiditySat, 23 Mar 2024 16:33:14 GMT - Fri, 21 Jun 2024 16:33:13 GMT
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 360x388, components 3 Size107 kB (106929 bytes) Hasha36d3a52481762ac525994b55c2b07c9 73af687a72a73c1252b9739bbb83280419f90419 8e84417e03cc433cee17fb9f174cb60a066afd80ace76dfd4d3226edd4ed51b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/2.jpg HTTP/1.1
Host: op.buuda.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://op.buuda.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty
date: Tue, 07 May 2024 07:01:00 GMT
content-type: image/jpeg
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|