| | 37.252.1.216 | 301 Moved Permanently | 178 B |
URL User Request GET HTTP/1.1IP37.252.1.216:80
File typeHTML document, ASCII text, with CRLF line terminators Hashbd2695f4b079c71dbddde3436286fb9c 733c05da132193d6cf1d8e242d12e2525c03bab4 2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /auth HTTP/1.1
Host: 37.252.1.216
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 17 Apr 2024 13:40:22 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://it-geek.pro/auth
|
|
| | 37.252.1.216 | 404 Not Found | 1.5 kB |
URL User Request GET HTTP/1.1IP37.252.1.216:443
CertificateIssuerLet's Encrypt Subjectit-geek.pro Fingerprint6B:FA:F6:52:4B:51:FF:22:8C:38:55:C2:7D:B3:26:5E:53:07:9E:D5 ValiditySun, 03 Mar 2024 12:18:05 GMT - Sat, 01 Jun 2024 12:18:04 GMT
File typeHTML document, Unicode text, UTF-8 text Hash10a4f9ea1e9f33b3368f87c120b7ab90 266af7839406e6e386f003be1b313f6149380023 d0750cd008e832a7550de3726364c4cf7b3085ab54ebde91252019820c673e07
GET /auth HTTP/1.1
Host: it-geek.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 17 Apr 2024 13:40:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=4tuj2enbvecdr2g36op8bl3lrp; expires=Wed, 24-Apr-2024 13:40:22 GMT; Max-Age=604800; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js | 142.250.74.138 | 200 OK | 31 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js IP142.250.74.138:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it-geek.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 18:59:06 GMT
expires: Tue, 15 Apr 2025 18:59:06 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 153676
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css | 104.16.87.20 | 200 OK | 25 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css IP104.16.87.20:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintDD:2E:D1:50:F1:3B:79:16:36:22:E7:0A:FD:E6:E7:35:C7:1A:42:6E ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (65306) Hashabe91756d18b7cd60871a2f47c1e8192 7c1c9e0573e5cea8bad3733be2fc63aa8c68ea8d 7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://it-geek.pro
DNT: 1
Connection: keep-alive
Referer: https://it-geek.pro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 13:40:22 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
x-served-by: cache-fra-eddf8230097-FRA, cache-lga21934-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 4105441
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HXwEwwpiKhdYBLkqTxNntltly5yn%2BjDIp6zpEhf01kpYBocFCwDL7Dhzh2T%2FY8iPglVtxzUhonfvLJEsbV8JyTA1Qf5Ip0%2B5JYdNb3rQCRG6XQbZDIylBhCQqImJ2j42sbs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875cd399abbebe3d-CPH
content-encoding: br
X-Firefox-Spdy: h2
|
|
| it-geek.pro/favicon.ico | 37.252.1.216 | 404 Not Found | 1.5 kB |
IP37.252.1.216:443
CertificateIssuerLet's Encrypt Subjectit-geek.pro Fingerprint6B:FA:F6:52:4B:51:FF:22:8C:38:55:C2:7D:B3:26:5E:53:07:9E:D5 ValiditySun, 03 Mar 2024 12:18:05 GMT - Sat, 01 Jun 2024 12:18:04 GMT
File typeHTML document, Unicode text, UTF-8 text Hash10a4f9ea1e9f33b3368f87c120b7ab90 266af7839406e6e386f003be1b313f6149380023 d0750cd008e832a7550de3726364c4cf7b3085ab54ebde91252019820c673e07
GET /favicon.ico HTTP/1.1
Host: it-geek.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it-geek.pro/auth
Cookie: PHPSESSID=4tuj2enbvecdr2g36op8bl3lrp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 17 Apr 2024 13:40:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
|
|
| fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap | 142.250.147.95 | 200 OK | 28 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap IP142.250.147.95:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hash7b1884acc9afa1fbd97c1e3e29d13b55 c4b4171b50d3f29d7af642875e63d8427d0067aa 7e7fd9f1e6fd2387dc2a5bb83cb72a1c44206347ad8ffde69bcab829cf88b1ff
GET /css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it-geek.pro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 17 Apr 2024 13:40:22 GMT
date: Wed, 17 Apr 2024 13:40:22 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js | 104.16.87.20 | 200 OK | 79 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js IP104.16.87.20:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintDD:2E:D1:50:F1:3B:79:16:36:22:E7:0A:FD:E6:E7:35:C7:1A:42:6E ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65299) Hash0aa8d64e726c4a57adb5c88f9115996b 901169527507ff9e662cf64d8e361f359308970d 7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
GET /npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://it-geek.pro
DNT: 1
Connection: keep-alive
Referer: https://it-geek.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 13:40:22 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
x-served-by: cache-fra-eddf8230080-FRA, cache-lga21961-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 4103267
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fcxBtnv6yBNSN737NOhrNni3xAUNkG7ET1jkUpMIHu8zkw%2BvRzMZHh%2FpKNMH%2Fc0sqNYIuA4V0P%2FfDjkMJhyp60tQFzSBhtTYvBfdDYXcI618hJnPonvZvnfE4KahxSwY9aA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875cd399abb4be3d-CPH
content-encoding: br
X-Firefox-Spdy: h2
|
|