Report - 13.124.54.105

Report Overview

Visited public
2025-06-14 09:50:52
Tags
URL
13.124.54.105
Finishing URL
13.124.54.105/
IP / ASN
13.124.54.105
#16509 AMAZON-02
Title
Stylish Portfolio - Start Bootstrap Template

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-06-11	488 B	15 kB	142.250.74.10
www.google.com	7	1997-09-15	2015-05-10	2025-06-11	623 B	3.4 kB	142.250.178.100
maps.googleapis.com	33876	2005-01-25	2012-05-22	2025-06-11	5.0 kB	843 kB	142.250.178.74
13.124.54.105	unknown	unknown	No data	No data	4.9 kB	5.0 MB	13.124.54.105
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2025-06-11	453 B	79 kB	104.16.175.226
192.168.0.191	unknown	unknown	No data	No data	549 B	0 B	0.0.0.0
maps.google.com	1899	1997-09-15	2012-09-10	2025-06-13	751 B	3.2 kB	142.250.178.46
maps.gstatic.com	unknown	2008-02-11	2012-05-22	2025-06-11	444 B	242 kB	142.250.178.67
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-06-11	2.8 kB	77 kB	142.250.74.35
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-06-11	1.0 kB	43 kB	104.17.24.14
use.fontawesome.com	942	2012-10-18	2017-01-30	2025-06-11	458 B	1.2 MB	104.21.27.152

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-14	medium	13.124.54.105	Sinkholed
2025-06-14	medium	13.124.54.105	Sinkholed
2025-06-14	medium	13.124.54.105	Sinkholed
2025-06-14	medium	13.124.54.105	Sinkholed
2025-06-14	medium	13.124.54.105	Sinkholed
2025-06-14	medium	13.124.54.105	Sinkholed
2025-06-14	medium	192.168.0.191	Sinkholed
2025-06-14	medium	13.124.54.105	Sinkholed
2025-06-14	medium	13.124.54.105	Sinkholed
2025-06-14	medium	13.124.54.105	Sinkholed
2025-06-14	medium	13.124.54.105	Sinkholed
2025-06-14	medium	13.124.54.105	Sinkholed
2025-06-14	medium	13.124.54.105	Sinkholed
2025-06-14	medium	13.124.54.105	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	From	Size	First Seen	Last Seen
	maps.googleapis.com/maps-api-v3/api/js/61/4a/geometry.js	ScriptElement	2.9 kB	2025-06-11	2025-06-14
Pretty URL maps.googleapis.com/maps-api-v3/api/js/61/4a/geometry.js IP 142.250.178.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 18:00 Last Seen2025-06-14 23:33 Times Seen90 Hash 0616724e47598a3457b3e6b7e0f1b934 41dd303f46dcbe30cad986cee96d251a47f75663 bdda75fc885f1f16f1b579fb28d87f858cbb6375f4d833d22d1d5af85df5e667 Loading...

	maps.googleapis.com/maps-api-v3/api/js/61/4a/common.js	ScriptElement	114 kB	2025-06-11	2025-06-14
Pretty URL maps.googleapis.com/maps-api-v3/api/js/61/4a/common.js IP 142.250.178.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 18:05 Last Seen2025-06-14 23:33 Times Seen199 Hash 52f5433c0595229b16d52fee0ab4b8d0 f313695fb86ae7efd86e64f93131bde6fe211778 15fe58bb4c9c3bf8f6756c5f09315b9113433e23bf2b152829e22082732793eb Loading...

	cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js	ScriptElement	78 kB	2023-03-07	2025-06-14
Pretty URL cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js IP 104.16.175.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-06-14 21:50 Times Seen5144 Hash 7ccd9d390d31af98110f74f842ea9b32 a85e681624c91a106a514c31eacf80de817b2cc3 f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3 Loading...

	maps.googleapis.com/maps-api-v3/api/js/61/4a/util.js	ScriptElement	330 kB	2025-06-11	2025-06-14
Pretty URL maps.googleapis.com/maps-api-v3/api/js/61/4a/util.js IP 142.250.178.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 18:05 Last Seen2025-06-14 23:33 Times Seen199 Hash 23961072769f98c32c584ef0ea65c686 e42e255f5db176d59987fd1a0b5e3b704cc4ee01 10cc47d911c907c7b6a94d0997e7b212bedabd566f613920828fe50789bc58e8 Loading...

	maps.googleapis.com/maps-api-v3/api/js/61/4a/search.js	ScriptElement	2.6 kB	2025-06-11	2025-06-14
Pretty URL maps.googleapis.com/maps-api-v3/api/js/61/4a/search.js IP 142.250.178.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 18:54 Last Seen2025-06-14 23:33 Times Seen63 Hash 8d3b3defe140fb335e61c5c91cbb3b9b 562c3de0966c5c0adddf9e07b8d20a9ee2acdf9f 39fd6cbac35170df80378f9b386a5ae217c64bb7e38c6a03bb431cd14a6bdb76 Loading...

	13.124.54.105/js/scripts.js	ScriptElement	2.8 kB	2025-02-07	2025-06-14
Pretty URL 13.124.54.105/js/scripts.js IP 13.124.54.105 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-07 03:40 Last Seen2025-06-14 09:50 Times Seen6 Hash 20c08410f5b120f4ee531a4df642f693 1a8475fce690f60e9ea6e2c5f79ba4888ef3f42e c7f3a235b31640234e4bec8d4e48f51f55936312c3add34b940ae387b232d278 Loading...

	maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=weekly&loading=async&language=en&callback=onApiLoad	ScriptElement	12 kB	2025-06-14	2025-06-14
Pretty URL maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=weekly&loading=async&language=en&callback=onApiLoad IP 142.250.178.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-14 09:50 Last Seen2025-06-14 09:50 Times Seen1 Hash f93b5033bd09f3d07a885cb53fbadafa 315361b1249fd5b3213ab7471d13749c6d2bf5eb 6b1ee1a3f18a762aaac9e5ef93cac6052394e4a4b795bf99585018a2707d2adf Loading...

	maps.gstatic.com/maps-api-v3/embed/js/61/4a/init_embed.js	ScriptElement	241 kB	2025-06-11	2025-06-14
Pretty URL maps.gstatic.com/maps-api-v3/embed/js/61/4a/init_embed.js IP 142.250.178.67 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 18:54 Last Seen2025-06-14 23:33 Times Seen63 Hash 0f2bb42baf5f5adefda698225f96039c f85ca144a9a4e37310bb8d9a27afb67fe0bfd27e a11bbe2b2504d0acd4daa8615f8e0b1cc2c25074d26540b70dd3b7a2a6bd29a4 Loading...

	maps.googleapis.com/maps-api-v3/api/js/61/4a/onion.js	ScriptElement	31 kB	2025-06-11	2025-06-14
Pretty URL maps.googleapis.com/maps-api-v3/api/js/61/4a/onion.js IP 142.250.178.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 18:54 Last Seen2025-06-14 23:33 Times Seen78 Hash 6d451dcee87d476bd817b79539c8c00e e8c5c9a1c42ba772a87fb83c51ddd030c0ac28a5 bc535e5707c8c83cf42357dd9b48a6cdf2dff87d4003aa59ba50886b05ab4a49 Loading...

	use.fontawesome.com/releases/v5.15.4/js/all.js	ScriptElement	1.2 MB	2023-03-07	2025-06-14
Pretty URL use.fontawesome.com/releases/v5.15.4/js/all.js IP 104.21.27.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-14 19:02 Times Seen1164 Hash 5e29440867fdb02a48dffded02338c31 c8bfbbfca7eb327e2e98caf637d6de05e5ee737a 812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf Loading...

	maps.googleapis.com/maps-api-v3/api/js/61/4a/main.js	ScriptElement	251 kB	2025-06-11	2025-06-14
Pretty URL maps.googleapis.com/maps-api-v3/api/js/61/4a/main.js IP 142.250.178.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 18:28 Last Seen2025-06-14 23:33 Times Seen75 Hash 677160989ac301de57ef5fb3b909d28a 3f2e7dd5996e34fb8a4756603a03ac7aff055866 c4c7412b84c74d2c32f5952873ddd76b222a0087f3ea687ab3f64076a002ffeb Loading...

	maps.googleapis.com/maps-api-v3/api/js/61/4a/search_impl.js	ScriptElement	3.5 kB	2025-06-11	2025-06-14
Pretty URL maps.googleapis.com/maps-api-v3/api/js/61/4a/search_impl.js IP 142.250.178.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 18:54 Last Seen2025-06-14 23:33 Times Seen62 Hash 279f13d6e3658937fe2fb620c760c599 bd42da9ee07ec0df2eb0ea8211ff51c630054c65 e3e58098d976bf10ba17985df9dec59fac2122e250a4863c43c63b5bbef8f286 Loading...

	maps.googleapis.com/maps-api-v3/api/js/61/4a/overlay.js	ScriptElement	3.5 kB	2025-06-11	2025-06-14
Pretty URL maps.googleapis.com/maps-api-v3/api/js/61/4a/overlay.js IP 142.250.178.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 18:54 Last Seen2025-06-14 23:33 Times Seen66 Hash dd6e7deed00792e64ee612596d690fc3 ff6c5f48b1bb2f1ffa7d87443628317654692028 c49dd327b81b5f80b0542e6788404b0550c3d675e4d3673d52bde873393c8e5d Loading...

	maps.googleapis.com/maps-api-v3/api/js/61/4a/map.js	ScriptElement	84 kB	2025-06-11	2025-06-14
Pretty URL maps.googleapis.com/maps-api-v3/api/js/61/4a/map.js IP 142.250.178.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 18:54 Last Seen2025-06-14 23:33 Times Seen86 Hash 7c8232f00ff8619c75a609298240aedf e6937798c0c5bf444072a2327c7891586b35b651 494375a45b86343882eb214511b7a8f9574ff0c827057191e23b6781917516a4 Loading...

	www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sTwitter,+Inc.,+Market+Street,+San+Francisco,+CA!5e0!6i15!3m1!1sen!5m1!1sen	ScriptElement	2.0 kB	2025-06-14	2025-06-14
Pretty URL www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sTwitter,+Inc.,+Market+Street,+San+Francisco,+CA!5e0!6i15!3m1!1sen!5m1!1sen IP 142.250.178.100 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-14 09:50 Last Seen2025-06-14 09:50 Times Seen1 Hash b2b8d61b354199e2db36d44fefbec485 5ee8d1ffa4d19d09a44820f7c79fe0691abc7f47 672842cc94881a288058449046ebe39962af4eab73fe9976af3a46adb0547d68 Loading...

HTTP Transactions (38)

URL IP Response Size

maps.googleapis.com/maps-api-v3/api/js/61/4a/util.js

142.250.178.74

200 OK

330 kB

URL GET
maps.googleapis.com/maps-api-v3/api/js/61/4a/util.js
IP
142.250.178.74:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sTwitter,+Inc.,+Market+Street,+San+Francisco,+CA!5e0!6i15!3m1!1sen!5m1!1sen
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintFF:78:1F:2C:E7:6A:27:90:8B:25:07:97:DD:25:4A:FA:6F:1F:0F:31
ValidityMon, 19 May 2025 08:42:52 GMT - Mon, 11 Aug 2025 08:42:51 GMT

File type
JavaScript source, ASCII text, with very long lines (524)
Size
330 kB (330123 bytes)
Hash
23961072769f98c32c584ef0ea65c686
e42e255f5db176d59987fd1a0b5e3b704cc4ee01
10cc47d911c907c7b6a94d0997e7b212bedabd566f613920828fe50789bc58e8

HTTP Headers

GET /maps-api-v3/api/js/61/4a/util.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
timing-allow-origin: *
content-length: 75482
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jun 2025 17:46:10 GMT
expires: Thu, 11 Jun 2026 17:46:10 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Jun 2025 08:13:53 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 230672
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/61/4a/common.js

142.250.178.74

200 OK

114 kB

URL GET
maps.googleapis.com/maps-api-v3/api/js/61/4a/common.js
IP
142.250.178.74:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sTwitter,+Inc.,+Market+Street,+San+Francisco,+CA!5e0!6i15!3m1!1sen!5m1!1sen
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintFF:78:1F:2C:E7:6A:27:90:8B:25:07:97:DD:25:4A:FA:6F:1F:0F:31
ValidityMon, 19 May 2025 08:42:52 GMT - Mon, 11 Aug 2025 08:42:51 GMT

File type
JavaScript source, ASCII text, with very long lines (4821)
Size
114 kB (113624 bytes)
Hash
52f5433c0595229b16d52fee0ab4b8d0
f313695fb86ae7efd86e64f93131bde6fe211778
15fe58bb4c9c3bf8f6756c5f09315b9113433e23bf2b152829e22082732793eb

HTTP Headers

GET /maps-api-v3/api/js/61/4a/common.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
timing-allow-origin: *
content-length: 33737
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jun 2025 17:46:09 GMT
expires: Thu, 11 Jun 2026 17:46:09 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Jun 2025 08:13:53 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 230673
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/61/4a/overlay.js

142.250.178.74

200 OK

3.5 kB

URL GET
maps.googleapis.com/maps-api-v3/api/js/61/4a/overlay.js
IP
142.250.178.74:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sTwitter,+Inc.,+Market+Street,+San+Francisco,+CA!5e0!6i15!3m1!1sen!5m1!1sen
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintFF:78:1F:2C:E7:6A:27:90:8B:25:07:97:DD:25:4A:FA:6F:1F:0F:31
ValidityMon, 19 May 2025 08:42:52 GMT - Mon, 11 Aug 2025 08:42:51 GMT

File type
ASCII text, with very long lines (608)
Size
3.5 kB (3460 bytes)
Hash
dd6e7deed00792e64ee612596d690fc3
ff6c5f48b1bb2f1ffa7d87443628317654692028
c49dd327b81b5f80b0542e6788404b0550c3d675e4d3673d52bde873393c8e5d

HTTP Headers

GET /maps-api-v3/api/js/61/4a/overlay.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
timing-allow-origin: *
content-length: 1264
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jun 2025 17:48:56 GMT
expires: Thu, 11 Jun 2026 17:48:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Jun 2025 08:13:53 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 230506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

13.124.54.105/assets/img/portfolio-1.jpg

13.124.54.105

200 OK

255 kB

URL GET
13.124.54.105/assets/img/portfolio-1.jpg
IP
13.124.54.105:80
ASN
#16509 AMAZON-02

Requested by
http://13.124.54.105/

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 700x467, components 3
Size
255 kB (254993 bytes)
Hash
a82133a16e78bae323fd01974de658e9
9aab76cb81f714bc794eb1b93c34de6ada660450
760d7400d048a7dd3fa45a02eda4a27add41016c19a5cafedf6d886e8c82f6ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/portfolio-1.jpg HTTP/1.1
Host: 13.124.54.105
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://13.124.54.105/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 254993
Content-Type: image/jpeg
Last-Modified: Wed, 01 Dec 2021 02:11:17 GMT
Date: Sat, 14 Jun 2025 09:50:40 GMT

fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

142.250.74.35

200 OK

15 kB

URL GET
fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
http://13.124.54.105/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
ValidityMon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14712, version 1.0
Size
15 kB (14712 bytes)
Hash
3afeae0d768769f5e5f30ac9805c5b70
3ada17c2b462db3e7a1fd85c3f4670dfe7704f4d
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

HTTP Headers

GET /s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://13.124.54.105
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14712
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jun 2025 02:49:23 GMT
expires: Wed, 10 Jun 2026 02:49:23 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
content-type: font/woff2
age: 370877
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

142.250.178.74

200 OK

3 B

URL GET
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP
142.250.178.74:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sTwitter,+Inc.,+Market+Street,+San+Francisco,+CA!5e0!6i15!3m1!1sen!5m1!1sen
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintFF:78:1F:2C:E7:6A:27:90:8B:25:07:97:DD:25:4A:FA:6F:1F:0F:31
ValidityMon, 19 May 2025 08:42:52 GMT - Mon, 11 Aug 2025 08:42:51 GMT

File type
JSON text data
Size
3 B (3 bytes)
Hash
8a80554c91d9fca8acb82f023de02f11
5f36b2ea290645ee34d943220a14b54ee5ea5be5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

HTTP Headers

GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 14 Jun 2025 09:50:41 GMT
server: scaffolding on HTTPServer2
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.google.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/61/4a/map.js

142.250.178.74

200 OK

84 kB

URL GET
maps.googleapis.com/maps-api-v3/api/js/61/4a/map.js
IP
142.250.178.74:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sTwitter,+Inc.,+Market+Street,+San+Francisco,+CA!5e0!6i15!3m1!1sen!5m1!1sen
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintFF:78:1F:2C:E7:6A:27:90:8B:25:07:97:DD:25:4A:FA:6F:1F:0F:31
ValidityMon, 19 May 2025 08:42:52 GMT - Mon, 11 Aug 2025 08:42:51 GMT

File type
JavaScript source, ASCII text, with very long lines (3328)
Size
84 kB (83715 bytes)
Hash
7c8232f00ff8619c75a609298240aedf
e6937798c0c5bf444072a2327c7891586b35b651
494375a45b86343882eb214511b7a8f9574ff0c827057191e23b6781917516a4

HTTP Headers

GET /maps-api-v3/api/js/61/4a/map.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
timing-allow-origin: *
content-length: 26603
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jun 2025 17:48:56 GMT
expires: Thu, 11 Jun 2026 17:48:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Jun 2025 08:13:53 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 230506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

13.124.54.105/assets/img/bg-masthead.jpg

13.124.54.105

200 OK

1.7 MB

URL GET
13.124.54.105/assets/img/bg-masthead.jpg
IP
13.124.54.105:80
ASN
#16509 AMAZON-02

Requested by
http://13.124.54.105/

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1900x1268, components 3
Size
1.7 MB (1687843 bytes)
Hash
c934a8a6d299bfa55c48589e25982a8c
8a01b953fccfac3e62d986d81e899ca13e5e884a
b5b8853a2ace8c201a982c9bc1666f611402284755833dd5617e894092770c35

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/bg-masthead.jpg HTTP/1.1
Host: 13.124.54.105
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://13.124.54.105/css/styles.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 1687843
Content-Type: image/jpeg
Last-Modified: Wed, 01 Dec 2021 02:11:15 GMT
Date: Sat, 14 Jun 2025 09:50:40 GMT

cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/fonts/Simple-Line-Icons.woff2?v=2.4.0

104.17.24.14

200 OK

30 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/fonts/Simple-Line-Icons.woff2?v=2.4.0
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
http://13.124.54.105/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 30064, version 1.0
Size
30 kB (30064 bytes)
Hash
0cb0b9c589c0624c9c78dd3d83e946f6
5da603104d4d6e362824ec9e7db32eb2d617949a
104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a

HTTP Headers

GET /ajax/libs/simple-line-icons/2.5.5/fonts/Simple-Line-Icons.woff2?v=2.4.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://13.124.54.105
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 14 Jun 2025 09:50:40 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 30064
cf-ray: 94f8ecbdcba1b4f4-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5f316e72-7570"
last-modified: Mon, 10 Aug 2020 15:57:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Thu, 04 Jun 2026 09:50:40 GMT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BDRAgtyH9xrtteQqN92ByqCglNU%2FcVmNKPyg7zpjGDvODNk9lZlSqC%2F6aMC5xSqav%2B%2FUDyDsHjkyfR7QZiGh1hxgbEeWqzXN3pQQVGGLXHvZVA0P3iHVrzeUhFTUcYIIob%2BDLM0p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

maps.googleapis.com/maps-api-v3/api/js/61/4a/onion.js

142.250.178.74

200 OK

31 kB

URL GET
maps.googleapis.com/maps-api-v3/api/js/61/4a/onion.js
IP
142.250.178.74:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sTwitter,+Inc.,+Market+Street,+San+Francisco,+CA!5e0!6i15!3m1!1sen!5m1!1sen
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintFF:78:1F:2C:E7:6A:27:90:8B:25:07:97:DD:25:4A:FA:6F:1F:0F:31
ValidityMon, 19 May 2025 08:42:52 GMT - Mon, 11 Aug 2025 08:42:51 GMT

File type
JavaScript source, ASCII text, with very long lines (1805)
Size
31 kB (31005 bytes)
Hash
6d451dcee87d476bd817b79539c8c00e
e8c5c9a1c42ba772a87fb83c51ddd030c0ac28a5
bc535e5707c8c83cf42357dd9b48a6cdf2dff87d4003aa59ba50886b05ab4a49

HTTP Headers

GET /maps-api-v3/api/js/61/4a/onion.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
timing-allow-origin: *
content-length: 10143
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jun 2025 17:48:56 GMT
expires: Thu, 11 Jun 2026 17:48:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Jun 2025 08:13:53 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 230506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2

142.250.74.35

200 OK

14 kB

URL GET
fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
http://13.124.54.105/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
ValidityMon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14200, version 1.0
Size
14 kB (14200 bytes)
Hash
8189fc633208846686eec91ea316d6fe
ce99a5d3a3e51ea1166de5e664265db6f7783449
fae9ee8da96ba004f96a5719e3cd323b3248c49a28e56777ce829900d50929ed

HTTP Headers

GET /s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://13.124.54.105
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14200
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jun 2025 10:15:03 GMT
expires: Fri, 12 Jun 2026 10:15:03 GMT
cache-control: public, max-age=31536000
age: 171337
last-modified: Thu, 01 Jun 2023 22:52:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

13.124.54.105/js/scripts.js

13.124.54.105

200 OK

2.8 kB

URL GET
13.124.54.105/js/scripts.js
IP
13.124.54.105:80
ASN
#16509 AMAZON-02

Requested by
http://13.124.54.105/

File type
JavaScript source, ASCII text
Size
2.8 kB (2757 bytes)
Hash
20c08410f5b120f4ee531a4df642f693
1a8475fce690f60e9ea6e2c5f79ba4888ef3f42e
c7f3a235b31640234e4bec8d4e48f51f55936312c3add34b940ae387b232d278

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/scripts.js HTTP/1.1
Host: 13.124.54.105
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://13.124.54.105/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 2757
Content-Type: application/javascript
Last-Modified: Mon, 13 Jan 2025 04:41:18 GMT
Date: Sat, 14 Jun 2025 09:50:29 GMT

13.124.54.105/assets/img/portfolio-4.jpg

13.124.54.105

200 OK

240 kB

URL GET
13.124.54.105/assets/img/portfolio-4.jpg
IP
13.124.54.105:80
ASN
#16509 AMAZON-02

Requested by
http://13.124.54.105/

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 700x467, components 3
Size
240 kB (240136 bytes)
Hash
0ad30b5d8140942cb056dd4f3752456c
b41846b9c6bcf97ada48c1a48949b18c748634f2
3d542c0c6f0119d83ccc79aa94c7aeae07edbbd1ac52f20431d17bc8ff646ff6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/portfolio-4.jpg HTTP/1.1
Host: 13.124.54.105
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://13.124.54.105/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 240136
Content-Type: image/jpeg
Last-Modified: Wed, 01 Dec 2021 02:11:20 GMT
Date: Sat, 14 Jun 2025 09:50:40 GMT

cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js

104.16.175.226

200 OK

78 kB

URL GET
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
IP
104.16.175.226:443
ASN
#13335 CLOUDFLARENET

Requested by
http://13.124.54.105/
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
FingerprintA6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F
ValidityFri, 25 Apr 2025 00:00:00 GMT - Mon, 04 May 2026 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65299)
Size
78 kB (78129 bytes)
Hash
7ccd9d390d31af98110f74f842ea9b32
a85e681624c91a106a514c31eacf80de817b2cc3
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

HTTP Headers

GET /npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://13.124.54.105/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 09:50:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 22075
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.1.3
x-jsd-version-type: version
etag: W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
content-encoding: br
x-served-by: cache-fra-etou8220091-FRA, cache-lga21955-LGA
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 616140
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U1PbPtIpYi3k9lPVvire3E5lNeULYAPE4aoLP5fM%2BQf4d8E0mYXmJM77sNe7S3gmi2mLTVAFeeb9iJULnG%2BbcR29Bj1EHYN5lx2COTtKzhWi9r3e6L7X5bGqu75VV8HO1IA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 94f8ec79bbc75684-OSL
X-Firefox-Spdy: h2

13.124.54.105/assets/img/portfolio-2.jpg

13.124.54.105

200 OK

248 kB

URL GET
13.124.54.105/assets/img/portfolio-2.jpg
IP
13.124.54.105:80
ASN
#16509 AMAZON-02

Requested by
http://13.124.54.105/

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 700x467, components 3
Size
248 kB (247590 bytes)
Hash
5912919eb3290b9e8a98c73dd3d5bc45
e48fe5de1d345e16dd04851ba60370daec507694
3a07fb6859a7cf8a54ea2150876603e6aef52d69f9368d4c851d5dbf4e3e0f91

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/portfolio-2.jpg HTTP/1.1
Host: 13.124.54.105
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://13.124.54.105/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 247590
Content-Type: image/jpeg
Last-Modified: Wed, 01 Dec 2021 02:11:18 GMT
Date: Sat, 14 Jun 2025 09:50:40 GMT

13.124.54.105/assets/img/pikachu.png

13.124.54.105

200 OK

45 kB

URL GET
13.124.54.105/assets/img/pikachu.png
IP
13.124.54.105:80
ASN
#16509 AMAZON-02

Requested by
http://13.124.54.105/

File type
PNG image data, 1191 x 1254, 8-bit colormap, non-interlaced
Size
45 kB (44715 bytes)
Hash
76f027c1d8ea2170cedd976017330331
c1ee7f39a52bf162ac759194caaefca60ff94b06
9719375f9bac9bad8f7cd3eb8ee5cc7c1679718a46b17b054fc6bf7fea137120

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/pikachu.png HTTP/1.1
Host: 13.124.54.105
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://13.124.54.105/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 44715
Content-Type: image/png
Last-Modified: Mon, 15 Jul 2024 01:48:12 GMT
Date: Sat, 14 Jun 2025 09:50:40 GMT

maps.googleapis.com/maps-api-v3/api/js/61/4a/search_impl.js

142.250.178.74

200 OK

3.5 kB

URL GET
maps.googleapis.com/maps-api-v3/api/js/61/4a/search_impl.js
IP
142.250.178.74:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sTwitter,+Inc.,+Market+Street,+San+Francisco,+CA!5e0!6i15!3m1!1sen!5m1!1sen
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintFF:78:1F:2C:E7:6A:27:90:8B:25:07:97:DD:25:4A:FA:6F:1F:0F:31
ValidityMon, 19 May 2025 08:42:52 GMT - Mon, 11 Aug 2025 08:42:51 GMT

File type
ASCII text, with very long lines (863)
Size
3.5 kB (3479 bytes)
Hash
279f13d6e3658937fe2fb620c760c599
bd42da9ee07ec0df2eb0ea8211ff51c630054c65
e3e58098d976bf10ba17985df9dec59fac2122e250a4863c43c63b5bbef8f286

HTTP Headers

GET /maps-api-v3/api/js/61/4a/search_impl.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
timing-allow-origin: *
content-length: 1314
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jun 2025 17:48:56 GMT
expires: Thu, 11 Jun 2026 17:48:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Jun 2025 08:13:53 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 230506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

use.fontawesome.com/releases/v5.15.4/js/all.js

104.21.27.152

200 OK

1.2 MB

URL GET
use.fontawesome.com/releases/v5.15.4/js/all.js
IP
104.21.27.152:443
ASN
#13335 CLOUDFLARENET

Requested by
http://13.124.54.105/
Certificate
IssuerGoogle Trust Services
Subjectuse.fontawesome.com
Fingerprint2F:A0:71:2B:C1:50:E8:B9:6E:F6:46:C3:85:EA:4E:30:ED:94:CB:C6
ValiditySun, 04 May 2025 00:52:35 GMT - Sat, 02 Aug 2025 01:52:29 GMT

File type
JavaScript source, ASCII text, with very long lines (65350)
Size
1.2 MB (1196706 bytes)
Hash
5e29440867fdb02a48dffded02338c31
c8bfbbfca7eb327e2e98caf637d6de05e5ee737a
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf

HTTP Headers

GET /releases/v5.15.4/js/all.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://13.124.54.105
DNT: 1
Connection: keep-alive
Referer: http://13.124.54.105/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 09:50:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
etag: W/"5e29440867fdb02a48dffded02338c31"
last-modified: Fri, 22 Sep 2023 01:45:24 GMT
vary: Origin, Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AJOxJ9GwaooVAlEccVefnAXQWsrNnHWI5cHhq6tUeMxURwiaHVSreWtxqXgu9ex465CmgWFttTavMjDlvBLb0hAn5sEC7Sg79d7ZfRT4X%2B6v94v1e%2BLsFbiMabpp9ts3HcCJseqp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 94f8ec798f5056b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1930&min_rtt=498&rtt_var=2503&sent=8&recv=10&lost=0&retrans=0&sent_bytes=3274&recv_bytes=1230&delivery_rate=7438356&cwnd=254&unsent_bytes=0&cid=38f6100c9703c0bb&ts=227&x=0"
X-Firefox-Spdy: h2

192.168.0.191:37443/wms-util/malware/screen_switching/script.js?key=5323C02E889A4ABAF5182DD1AAB22CEFDAAE7DD22C613E2343B683124650F5697ADEA0F7A7D6D8723480002F204C3DEF

0.0.0.0

0 B

URL GET
192.168.0.191:37443/wms-util/malware/screen_switching/script.js?key=5323C02E889A4ABAF5182DD1AAB22CEFDAAE7DD22C613E2343B683124650F5697ADEA0F7A7D6D8723480002F204C3DEF
IP
0.0.0.0:0
ASN
#0

Requested by
http://13.124.54.105/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wms-util/malware/screen_switching/script.js?key=5323C02E889A4ABAF5182DD1AAB22CEFDAAE7DD22C613E2343B683124650F5697ADEA0F7A7D6D8723480002F204C3DEF HTTP/1.1
Host: 192.168.0.191:37443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://13.124.54.105/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700,300italic,400italic,700italic

142.250.74.10

200 OK

15 kB

URL GET
fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700,300italic,400italic,700italic
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
http://13.124.54.105/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintFF:78:1F:2C:E7:6A:27:90:8B:25:07:97:DD:25:4A:FA:6F:1F:0F:31
ValidityMon, 19 May 2025 08:42:52 GMT - Mon, 11 Aug 2025 08:42:51 GMT

File type
ASCII text
Size
15 kB (14665 bytes)
Hash
375d4dad80ac17233f43b4b4a691f6c6
c3c0236bfa2ea7b7beb31f5dfe35233e582620ed
b90a32ffcb51cd7c2b60439393152fcfa4204cbcb6fd51cf82ba44f1a7ccde76

HTTP Headers

GET /css?family=Source+Sans+Pro:300,400,700,300italic,400italic,700italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://13.124.54.105/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 14 Jun 2025 09:50:29 GMT
date: Sat, 14 Jun 2025 09:50:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=Twitter,+Inc.,+Market+Street,+San+Francisco,+CA&aq=0&oq=twitter&sll=28.659344,-81.187888&sspn=0.128789,0.264187&ie=UTF8&hq=Twitter,+Inc.,+Market+Street,+San+Francisco,+CA&t=m&z=15&iwloc=A&output=embed

142.250.178.46

301 Moved Permanently

2.7 kB

URL GET
maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=Twitter,+Inc.,+Market+Street,+San+Francisco,+CA&aq=0&oq=twitter&sll=28.659344,-81.187888&sspn=0.128789,0.264187&ie=UTF8&hq=Twitter,+Inc.,+Market+Street,+San+Francisco,+CA&t=m&z=15&iwloc=A&output=embed
IP
142.250.178.46:443
ASN
#15169 GOOGLE

Requested by
http://13.124.54.105/
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint09:73:D4:56:AF:03:7E:40:3B:60:95:56:66:8D:E9:27:E0:DA:EC:DA
ValidityMon, 19 May 2025 08:41:43 GMT - Mon, 11 Aug 2025 08:41:42 GMT

File type

Size
2.7 kB (2721 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /maps?f=q&source=s_q&hl=en&geocode=&q=Twitter,+Inc.,+Market+Street,+San+Francisco,+CA&aq=0&oq=twitter&sll=28.659344,-81.187888&sspn=0.128789,0.264187&ie=UTF8&hq=Twitter,+Inc.,+Market+Street,+San+Francisco,+CA&t=m&z=15&iwloc=A&output=embed HTTP/1.1
Host: maps.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://13.124.54.105/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sTwitter,+Inc.,+Market+Street,+San+Francisco,+CA!5e0!6i15!3m1!1sen!5m1!1sen
vary: Origin, X-Origin, Referer
date: Sat, 14 Jun 2025 09:50:40 GMT
content-type: text/html
server: scaffolding on HTTPServer2
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

142.250.74.35

200 OK

15 kB

URL GET
fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
http://13.124.54.105/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
ValidityMon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14892, version 1.0
Size
15 kB (14892 bytes)
Hash
9ec6deaf6bada919e20b98f9f7b718b1
501d36403ad8205e4644532600019ecb10f5cb0a
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

HTTP Headers

GET /s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://13.124.54.105
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jun 2025 02:40:12 GMT
expires: Wed, 10 Jun 2026 02:40:12 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
age: 371428
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=weekly&loading=async&language=en&callback=onApiLoad

142.250.178.74

200 OK

12 kB

URL GET
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=weekly&loading=async&language=en&callback=onApiLoad
IP
142.250.178.74:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sTwitter,+Inc.,+Market+Street,+San+Francisco,+CA!5e0!6i15!3m1!1sen!5m1!1sen
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintFF:78:1F:2C:E7:6A:27:90:8B:25:07:97:DD:25:4A:FA:6F:1F:0F:31
ValidityMon, 19 May 2025 08:42:52 GMT - Mon, 11 Aug 2025 08:42:51 GMT

File type
JavaScript source, ASCII text, with very long lines (11354)
Size
12 kB (12507 bytes)
Hash
f93b5033bd09f3d07a885cb53fbadafa
315361b1249fd5b3213ab7471d13749c6d2bf5eb
6b1ee1a3f18a762aaac9e5ef93cac6052394e4a4b795bf99585018a2707d2adf

HTTP Headers

GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=weekly&loading=async&language=en&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
etag: 0428a191
cache-control: public, max-age=1800, stale-while-revalidate=12600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 14 Jun 2025 09:50:41 GMT
server: scaffolding on HTTPServer2
content-length: 2539
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maps.googleapis.com/maps-api-v3/api/js/61/4a/search.js

142.250.178.74

200 OK

2.6 kB

URL GET
maps.googleapis.com/maps-api-v3/api/js/61/4a/search.js
IP
142.250.178.74:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sTwitter,+Inc.,+Market+Street,+San+Francisco,+CA!5e0!6i15!3m1!1sen!5m1!1sen
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintFF:78:1F:2C:E7:6A:27:90:8B:25:07:97:DD:25:4A:FA:6F:1F:0F:31
ValidityMon, 19 May 2025 08:42:52 GMT - Mon, 11 Aug 2025 08:42:51 GMT

File type
ASCII text, with very long lines (845)
Size
2.6 kB (2641 bytes)
Hash
8d3b3defe140fb335e61c5c91cbb3b9b
562c3de0966c5c0adddf9e07b8d20a9ee2acdf9f
39fd6cbac35170df80378f9b386a5ae217c64bb7e38c6a03bb431cd14a6bdb76

HTTP Headers

GET /maps-api-v3/api/js/61/4a/search.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
timing-allow-origin: *
content-length: 1108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jun 2025 17:48:56 GMT
expires: Thu, 11 Jun 2026 17:48:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Jun 2025 08:13:53 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 230505
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maps.googleapis.com/maps-api-v3/api/js/61/4a/main.js

142.250.178.74

200 OK

251 kB

URL GET
maps.googleapis.com/maps-api-v3/api/js/61/4a/main.js
IP
142.250.178.74:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sTwitter,+Inc.,+Market+Street,+San+Francisco,+CA!5e0!6i15!3m1!1sen!5m1!1sen
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintFF:78:1F:2C:E7:6A:27:90:8B:25:07:97:DD:25:4A:FA:6F:1F:0F:31
ValidityMon, 19 May 2025 08:42:52 GMT - Mon, 11 Aug 2025 08:42:51 GMT

File type
JavaScript source, ASCII text, with very long lines (532)
Size
251 kB (251239 bytes)
Hash
677160989ac301de57ef5fb3b909d28a
3f2e7dd5996e34fb8a4756603a03ac7aff055866
c4c7412b84c74d2c32f5952873ddd76b222a0087f3ea687ab3f64076a002ffeb

HTTP Headers

GET /maps-api-v3/api/js/61/4a/main.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
timing-allow-origin: *
content-length: 72833
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jun 2025 17:48:56 GMT
expires: Thu, 11 Jun 2026 17:48:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Jun 2025 08:13:53 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 230505
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

13.124.54.105/

13.124.54.105

200 OK

11 kB

URL User Request GET
13.124.54.105/
IP
13.124.54.105:80
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with very long lines (353)
Size
11 kB (11307 bytes)
Hash
fcb3931961b847caec4440454f220df3
4397d4a9e3b27cf2634920736482fb97544e1cb0
e574827c11d59b3ef1e6ce62ff5764f1e104ecbb1f64444d41797a596701c915

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 13.124.54.105
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Date: Sat, 14 Jun 2025 09:50:28 GMT
Transfer-Encoding: chunked

13.124.54.105/css/styles.css

13.124.54.105

200 OK

213 kB

URL GET
13.124.54.105/css/styles.css
IP
13.124.54.105:80
ASN
#16509 AMAZON-02

Requested by
http://13.124.54.105/

File type
Unicode text, UTF-8 text, with very long lines (560)
Size
213 kB (212707 bytes)
Hash
8798c51f4d73572741f3f05ecc03163f
0c92563a642adbeeca345746b02ae7f45992451d
00c4e9b8411477f92628a6179d03f47fbc4d93f072a31a4cbe5601ab962042bf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/styles.css HTTP/1.1
Host: 13.124.54.105
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://13.124.54.105/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 212707
Content-Type: text/css; charset=utf-8
Last-Modified: Thu, 04 Jul 2024 00:53:01 GMT
Date: Sat, 14 Jun 2025 09:50:29 GMT

13.124.54.105/assets/img/portfolio-3.jpg

13.124.54.105

200 OK

300 kB

URL GET
13.124.54.105/assets/img/portfolio-3.jpg
IP
13.124.54.105:80
ASN
#16509 AMAZON-02

Requested by
http://13.124.54.105/

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 700x467, components 3
Size
300 kB (299484 bytes)
Hash
fc64f4276a162fca55edbf4eb508184d
33b79b21f7ff4d0a4d8132367ce1e7224c95b39e
9d6013b78c0861d449c919397bb2699e5ef11e88589a46a3c609306d6ac52785

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/portfolio-3.jpg HTTP/1.1
Host: 13.124.54.105
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://13.124.54.105/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 299484
Content-Type: image/jpeg
Last-Modified: Wed, 01 Dec 2021 02:11:19 GMT
Date: Sat, 14 Jun 2025 09:50:40 GMT

13.124.54.105/assets/favicon.ico

13.124.54.105

200 OK

24 kB

URL GET
13.124.54.105/assets/favicon.ico
IP
13.124.54.105:80
ASN
#16509 AMAZON-02

Requested by
http://13.124.54.105/

File type
MS Windows icon resource - 1 icon, 75x75, 32 bits/pixel
Size
24 kB (23462 bytes)
Hash
556f31acd686989b1afcf382c05846aa
122f443e27953c1fda437a6a0db20a990ee543d4
8b1060f193768c55bc48dede8ba8da9be6c93f8e6dcae946e36f1a8956b7269b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/favicon.ico HTTP/1.1
Host: 13.124.54.105
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://13.124.54.105/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 23462
Content-Type: image/vnd.microsoft.icon
Last-Modified: Wed, 01 Dec 2021 02:10:49 GMT
Date: Sat, 14 Jun 2025 09:50:40 GMT

13.124.54.105/assets/img/bg-callout.jpg

13.124.54.105

200 OK

1.8 MB

URL GET
13.124.54.105/assets/img/bg-callout.jpg
IP
13.124.54.105:80
ASN
#16509 AMAZON-02

Requested by
http://13.124.54.105/

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1900x1268, components 3
Size
1.8 MB (1829666 bytes)
Hash
31f926ac134297d62f4ef885ff83c526
d4202ea486bbba8f6ed9f811f734fe4f0c4db477
d656370d2fce9104825a959df08066d1c29b4dd471a3b0782bb730d9de17c00b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/bg-callout.jpg HTTP/1.1
Host: 13.124.54.105
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://13.124.54.105/css/styles.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 1829666
Content-Type: image/jpeg
Last-Modified: Wed, 01 Dec 2021 02:11:14 GMT
Date: Sat, 14 Jun 2025 09:50:41 GMT

fonts.gstatic.com/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2

142.250.74.35

200 OK

14 kB

URL GET
fonts.gstatic.com/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
http://13.124.54.105/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
ValidityMon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14160, version 1.0
Size
14 kB (14160 bytes)
Hash
6caf2b9a15e4ae129857767920794068
dc6946a2c472822bc25b5fad19587b998a62b07e
500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9

HTTP Headers

GET /s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://13.124.54.105
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14160
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jun 2025 02:37:42 GMT
expires: Wed, 10 Jun 2026 02:37:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
content-type: font/woff2
age: 371578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sTwitter,+Inc.,+Market+Street,+San+Francisco,+CA!5e0!6i15!3m1!1sen!5m1!1sen

142.250.178.100

200 OK

2.7 kB

URL GET
www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sTwitter,+Inc.,+Market+Street,+San+Francisco,+CA!5e0!6i15!3m1!1sen!5m1!1sen
IP
142.250.178.100:443
ASN
#15169 GOOGLE

Requested by
http://13.124.54.105/
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
Fingerprint5F:D0:77:0B:35:28:63:FA:F1:E5:B7:91:23:84:B9:89:D3:5B:66:F3
ValidityMon, 19 May 2025 08:43:37 GMT - Mon, 11 Aug 2025 08:43:36 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1761)
Size
2.7 kB (2721 bytes)
Hash
4a1171892688a4a2d496a99339d23521
c412113191e1cbbe63249d831dd87fe5fa81888d
6a7dabab4ce660a2cbd9ddcc808a29223446ab3706e422b8f9543198b60b0afe

HTTP Headers

GET /maps/embed?origin=mfe&pb=!1m4!2m1!1sTwitter,+Inc.,+Market+Street,+San+Francisco,+CA!5e0!6i15!3m1!1sen!5m1!1sen HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://13.124.54.105/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-rMxrFQ7yZZzPKUMiJKeOGw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
x-robots-tag: noindex,nofollow
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-type: text/html; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 14 Jun 2025 09:50:41 GMT
server: scaffolding on HTTPServer2
content-length: 1189
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

13.124.54.105/assets/video/sample_mp4.mp4

13.124.54.105

206 Partial Content

101 kB

URL GET
13.124.54.105/assets/video/sample_mp4.mp4
IP
13.124.54.105:80
ASN
#16509 AMAZON-02

Requested by
http://13.124.54.105/

File type
ISO Media, MP4 v2 [ISO 14496-14]
Size
101 kB (100885 bytes)
Hash
5c75548fb84897e9c3fbf876d6bf5e49
95b4c2ce5a5c9d7e857908f0d0e59a38eecc4666
9495b9cd55834bb4ff29ef917746b7bf7e77c6ccffc649016a5e5fc5de71833a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/video/sample_mp4.mp4 HTTP/1.1
Host: 13.124.54.105
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://13.124.54.105/
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Accept-Ranges: bytes
Content-Length: 1570024
Content-Range: bytes 0-1570023/1570024
Content-Type: video/mp4
Last-Modified: Thu, 21 Dec 2023 06:04:40 GMT
Date: Sat, 14 Jun 2025 09:50:41 GMT

maps.gstatic.com/maps-api-v3/embed/js/61/4a/init_embed.js

142.250.178.67

200 OK

241 kB

URL GET
maps.gstatic.com/maps-api-v3/embed/js/61/4a/init_embed.js
IP
142.250.178.67:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sTwitter,+Inc.,+Market+Street,+San+Francisco,+CA!5e0!6i15!3m1!1sen!5m1!1sen
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
ValidityMon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT

File type
JavaScript source, ASCII text, with very long lines (2520)
Size
241 kB (240884 bytes)
Hash
0f2bb42baf5f5adefda698225f96039c
f85ca144a9a4e37310bb8d9a27afb67fe0bfd27e
a11bbe2b2504d0acd4daa8615f8e0b1cc2c25074d26540b70dd3b7a2a6bd29a4

HTTP Headers

GET /maps-api-v3/embed/js/61/4a/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
timing-allow-origin: *
content-length: 63324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jun 2025 17:49:14 GMT
expires: Thu, 11 Jun 2026 17:49:14 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Jun 2025 08:13:36 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 230487
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maps.googleapis.com/maps-api-v3/api/js/61/4a/geometry.js

142.250.178.74

200 OK

2.9 kB

URL GET
maps.googleapis.com/maps-api-v3/api/js/61/4a/geometry.js
IP
142.250.178.74:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sTwitter,+Inc.,+Market+Street,+San+Francisco,+CA!5e0!6i15!3m1!1sen!5m1!1sen
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintFF:78:1F:2C:E7:6A:27:90:8B:25:07:97:DD:25:4A:FA:6F:1F:0F:31
ValidityMon, 19 May 2025 08:42:52 GMT - Mon, 11 Aug 2025 08:42:51 GMT

File type
ASCII text, with very long lines (1087)
Size
2.9 kB (2946 bytes)
Hash
0616724e47598a3457b3e6b7e0f1b934
41dd303f46dcbe30cad986cee96d251a47f75663
bdda75fc885f1f16f1b579fb28d87f858cbb6375f4d833d22d1d5af85df5e667

HTTP Headers

GET /maps-api-v3/api/js/61/4a/geometry.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
timing-allow-origin: *
content-length: 1283
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jun 2025 17:48:56 GMT
expires: Thu, 11 Jun 2026 17:48:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Jun 2025 08:13:53 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 230505
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

13.124.54.105/

0.0.0.0

0 B

URL User Request GET
13.124.54.105/
IP
0.0.0.0:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 13.124.54.105
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/css/simple-line-icons.min.css

104.17.24.14

200 OK

11 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/css/simple-line-icons.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
http://13.124.54.105/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
ASCII text, with very long lines (10943), with no line terminators
Size
11 kB (10943 bytes)
Hash
336ffc2dfeee89defa0db3883c05bcc7
2d2240cbae8d6e49c569f57370787fd8441d4383
06723045419949302e1d4abe65cb4a535582e60d1a53645ab838b06079d98eb0

HTTP Headers

GET /ajax/libs/simple-line-icons/2.5.5/css/simple-line-icons.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://13.124.54.105/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 09:50:29 GMT
content-type: text/css; charset=utf-8
content-length: 2006
cf-ray: 94f8ec798e820b61-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f316e72-2abf"
last-modified: Mon, 10 Aug 2020 15:57:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 622662
expires: Thu, 04 Jun 2026 09:50:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F6qjCDOE%2B%2FGRJEdOFAylFRBGLav81dy0Z%2FuuZ%2BnbGPjJCou2JDYnmyrcxhmvtCYXkVC9CkonhAubDVK6QNA53t8xBnPSUh7kk4GiMYDxHbMcg8G5A9wAtSUNAXN1dhmgnH%2BaXsQC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

142.250.74.35

200 OK

15 kB

URL GET
fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
http://13.124.54.105/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
ValidityMon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14780, version 1.0
Size
15 kB (14780 bytes)
Hash
8dae809192c44690275a3624133293e7
969c98c4d7eb00386ebbd61a63288972d138ecb8
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8

HTTP Headers

GET /s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://13.124.54.105
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jun 2025 02:54:48 GMT
expires: Wed, 10 Jun 2026 02:54:48 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:52:58 GMT
content-type: font/woff2
age: 370552
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML