Report - piport.net

Report Overview

Visited public
2025-06-07 16:14:45
Tags
Submit Tags
URL
piport.net
Finishing URL
piport.net/
IP / ASN
212.232.23.204
#215381 Rockhoster Private Limited
Title
Pi Network Rewards

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-06-04	4.9 kB	339 kB	142.250.74.35
img.upanh.tv	unknown	unknown	2022-01-07	2025-06-01	910 B	24 kB	188.114.97.1
piport.net	unknown	2025-05-28	2025-06-07	2025-06-07	1.3 kB	159 kB	212.232.23.204
app.piegift.com	unknown	2025-04-05	2025-06-07	2025-06-07	458 B	257 kB	212.232.23.140
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-06-04	1.0 kB	254 kB	104.17.25.14
freeipapi.com	unknown	2021-11-04	2021-11-05	2025-06-06	1.0 kB	1.8 kB	104.21.64.1
static.vecteezy.com	44978	2007-04-27	2012-10-01	2025-06-02	527 B	7.8 kB	172.64.152.224
wws.piegift.com	unknown	2025-04-05	2025-06-07	2025-06-07	690 B	243 B	212.232.23.140
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-06-04	2.7 kB	1.9 MB	142.250.74.168
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-06-04	508 B	36 kB	142.250.74.10
images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com	13747	2014-10-29	2018-10-30	2025-06-02	1.1 kB	58 kB	54.240.174.66
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2025-06-04	458 B	2.9 MB	104.16.175.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-07	medium	piport.net	Sinkholed
2025-06-07	medium	piport.net	Sinkholed
2025-06-07	medium	piport.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (10)

	URL	From	Size	First Seen	Last Seen
	piport.net/	ScriptElement	350 B	2025-06-07	2025-07-02
Pretty URL piport.net/ IP 212.232.23.204 ASN #215381 Rockhoster Private Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-07 16:14 Last Seen2025-07-02 11:05 Times Seen15 Hash 2e38fca3e461d5a17b2b607d110dda1b 1e7092fec6ad98d3e48f606051a3312e3ef76e82 8357ed78b47e34b9733019e06642c6ac9da66eee66978004385bb6f2301b6f9a Loading...

	www.googletagmanager.com/gtm.js?id=GTM-MMXD7N7V	ScriptElement	289 kB	2025-06-07	2025-06-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-MMXD7N7V IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 16:14 Last Seen2025-06-07 16:14 Times Seen1 Hash 40abe3b942ecf87b3f667d63d8cd866b 6ef6509bbc4c0f84508ac3983ed03210dd36f2cb f710e72cd3bf611e96ac3d4eb7fe6263fc73a968416dd200b36c2b1002ff427c Loading...

	www.googletagmanager.com/gtag/js?id=G-02Y0YQS4ZW&cx=c&gtm=45He5641v9186427567za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104653070~104653072~104661466~104661468~104698127~104698129	ScriptElement	396 kB	2025-06-07	2025-06-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-02Y0YQS4ZW&cx=c&gtm=45He5641v9186427567za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104653070~104653072~104661466~104661468~104698127~104698129 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 16:14 Last Seen2025-06-07 16:14 Times Seen1 Hash bf88fae85aaf3447d36d3efe0705fd35 711097fe9c7de1463160e1257deb1ad5f702d4cc 060b0e0bb5dbf41d896df20eca64911b54cee38112cef559d625134c4b0eac7b Loading...

	piport.net/	ScriptElement	440 B	2025-06-07	2025-07-02
Pretty URL piport.net/ IP 212.232.23.204 ASN #215381 Rockhoster Private Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-07 16:14 Last Seen2025-07-02 11:05 Times Seen10 Hash f8ac974df1b324116eac755b44397d32 cf3767e521e9857d0084dc2b9dacf6f09d976364 391356f5497344f98d869ea7c22ea8af9ea9e0e5ac455abb1470da630ef3b77a Loading...

	piport.net/	ScriptElement	57 kB	2025-06-07	2025-06-07
Pretty URL piport.net/ IP 212.232.23.204 ASN #215381 Rockhoster Private Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-07 16:14 Last Seen2025-06-07 16:14 Times Seen1 Hash e4171b5f9f511fe70cc5eb188ff46a1f 7152b8ac8de086d6be3d7a350c2c2b03e8174428 03c2ccc5ec23b30a792b62a3f7efed61a3dcc00960d66523342d88cbf5c9c4a6 Loading...

	piport.net/	ScriptElement	130 B	2025-06-07	2025-07-02
Pretty URL piport.net/ IP 212.232.23.204 ASN #215381 Rockhoster Private Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 16:14 Last Seen2025-07-02 11:05 Times Seen23 Hash c4a57a3bd30e35b9ac0ec31ef2f02e19 5f02f5f87c50ebfc981fd60ec36bdd57c2018e4f 1ed75531b61d2fca7236ea7cc4c0f79cd5bb8e502366404dac0d61079e0d7ddb Loading...

	app.piegift.com/vdweb.min.js?public_id=315e2fc1-cc34-44c7-b529-379372a04b42	ScriptElement	257 kB	2025-06-07	2025-06-19
Pretty URL app.piegift.com/vdweb.min.js?public_id=315e2fc1-cc34-44c7-b529-379372a04b42 IP 212.232.23.140 ASN #215381 Rockhoster Private Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 16:14 Last Seen2025-06-19 19:50 Times Seen25 Hash 3171635a635b92546a4f4115c8068357 f8f700f67ffc0f0b0fc1c99ee14efe78f3be5787 23efdd3dd50e61d2537ad8ec2146f61221527934f90a723201b3a442c5110309 Loading...

	www.googletagmanager.com/gtag/js?id=G-02Y0YQS4ZW	ScriptElement	396 kB	2025-06-07	2025-06-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-02Y0YQS4ZW IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 16:14 Last Seen2025-06-07 16:14 Times Seen1 Hash 8a42618673b09e682d4d0b9fc505dc07 ad3886a193d5e25036663bd9ba128e7b8deeb23d 0fe51bc7c0b26e10796ff34424e832eb57a79006b4e4b02bc1c12f4e886a94fc Loading...

	www.googletagmanager.com/gtag/js?id=G-LQ67Y8S7CP&cx=c&gtm=45He5641v9186427567za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104653070~104653072~104661466~104661468~104698127~104698129	ScriptElement	391 kB	2025-06-07	2025-06-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-LQ67Y8S7CP&cx=c&gtm=45He5641v9186427567za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104653070~104653072~104661466~104661468~104698127~104698129 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 16:14 Last Seen2025-06-07 16:14 Times Seen1 Hash 8bbd9df3e3cb7e58779407bb93fa0edf e486717312c83add5140d8904ac81e0d533eb23d 6d02a42cf762e468903fd443637732c70b4cbeeec2dba255ceceb5612e4d3ec0 Loading...

	www.googletagmanager.com/gtag/js?id=G-F9BPK75RK3&cx=c&gtm=45He5641v9186427567za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104653070~104653072~104661466~104661468~104698127~104698129	ScriptElement	391 kB	2025-06-07	2025-06-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-F9BPK75RK3&cx=c&gtm=45He5641v9186427567za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104653070~104653072~104661466~104661468~104698127~104698129 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 16:14 Last Seen2025-06-07 16:14 Times Seen1 Hash a9d69264c70874f5720dcb78b8db0a31 cdfeb3fd79ef76c74ce052e37e479060893f4347 54328ce1012aa7fd583f5be0cdf7cb16ee3684cfc5f86f92c8c7055957219114 Loading...

HTTP Transactions (29)

URL IP Response Size

GET wss://wws.piegift.com/events?public_id=315e2fc1-cc34-44c7-b529-379372a04b42&sessionId=17fb8f51-1e1e-4f5c-8dd4-10a75c5758d8&url=https://piport.net/&referrer=Unknown

212.232.23.140

101 Switching Protocols

0 B

URL GET
wss://wws.piegift.com/events?public_id=315e2fc1-cc34-44c7-b529-379372a04b42&sessionId=17fb8f51-1e1e-4f5c-8dd4-10a75c5758d8&url=https://piport.net/&referrer=Unknown
IP
212.232.23.140:443
ASN
#215381 Rockhoster Private Limited

Requested by
https://piport.net/
Certificate
IssuerLet's Encrypt
Subjectwws.piegift.com
FingerprintB8:3B:5D:ED:56:9F:4B:55:02:DE:10:B0:01:E0:72:D3:B3:1D:72:4E
ValidityFri, 30 May 2025 20:14:32 GMT - Thu, 28 Aug 2025 20:14:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /events?public_id=315e2fc1-cc34-44c7-b529-379372a04b42&sessionId=17fb8f51-1e1e-4f5c-8dd4-10a75c5758d8&url=https://piport.net/&referrer=Unknown HTTP/1.1
Host: wws.piegift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://piport.net
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0TNLnzbknY3aLUna5awgQw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 07 Jun 2025 16:14:30 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hU1Gc1W2iLH5iSseco97+pXY9Bc=
Sec-WebSocket-Extensions: permessage-deflate

GET fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1pL7W0I5nvwUgHU.woff2

142.250.74.35

200 OK

19 kB

URL GET
fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1pL7W0I5nvwUgHU.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://piport.net/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19024, version 1.0
Size
19 kB (19024 bytes)
Hash
84fbfa558f579ed430e2642137bb6bc4
f05ddd8977a4395526c0b7e505f9472285df17df
c62fdc39dd21670d196fb5e4a67542459e52790a56a4222c8dbf827aa07d7989

HTTP Headers

GET /s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1pL7W0I5nvwUgHU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://piport.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19024
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jun 2025 17:19:19 GMT
expires: Fri, 05 Jun 2026 17:19:19 GMT
cache-control: public, max-age=31536000
age: 168904
last-modified: Wed, 28 May 2025 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET img.upanh.tv/2025/03/11/favicon42527eabc5bda97a.png

188.114.97.1

200 OK

11 kB

URL GET
img.upanh.tv/2025/03/11/favicon42527eabc5bda97a.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://piport.net/
Certificate
IssuerGoogle Trust Services
Subjectupanh.tv
Fingerprint50:96:5F:6E:35:D8:FB:63:B4:4E:03:EF:9A:85:59:84:FE:6A:B5:6D
ValidityThu, 29 May 2025 16:39:39 GMT - Wed, 27 Aug 2025 17:37:16 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Size
11 kB (11040 bytes)
Hash
0919853f2afc9e17b68600e811a3b90b
adb6b29b379d3142420576c6c078e55b6fe6ebfa
bea4c8405d71d83ec632dd9cf74b8601cc0b36974963946a034295fee8fabe8e

HTTP Headers

GET /2025/03/11/favicon42527eabc5bda97a.png HTTP/1.1
Host: img.upanh.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piport.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:14:23 GMT
content-type: image/png
content-length: 11040
accept-ranges: bytes
cache-control: public, max-age=31536000
etag: "0919853f2afc9e17b68600e811a3b90b"
last-modified: Tue, 11 Mar 2025 02:45:56 GMT
server: cloudflare
x-amz-id-2: iTlrLykhoOLnbRcLbDCOzuQceIRlQC5IR7zZLVSkOowcBVMTelRxhTLvlNRoa837bdcH03rLckFB
x-amz-request-id: 2447823EE2C5012B:B
x-wasabi-cm-reference-id: 1749209649552 219.164.248.231 ConID:1041150222/EngineConID:10245973/Core:9
age: 103213
cf-cache-status: HIT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=15BWymBBd%2F9TLk8cfrF8hUDdTZwKeVCIX588mHFY%2BmLXdrRzxMA0skgNc5xY0QFPe9cNQ4ruAUy2OjT77C5lP2bQRnutEeka9vE%3D"}]}
cf-ray: 94c171357a7556c3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2

142.250.74.35

200 OK

48 kB

URL GET
fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://piport.net/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48532, version 1.0
Size
48 kB (48532 bytes)
Hash
225835e6e0496c54dc2aca9f3d533892
942ef5298bbe74bfe44e445def5f2bfc94027fa8
acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087

HTTP Headers

GET /s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://piport.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48532
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jun 2025 13:23:43 GMT
expires: Fri, 05 Jun 2026 13:23:43 GMT
cache-control: public, max-age=31536000
age: 183040
last-modified: Wed, 28 May 2025 18:51:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2

142.250.74.35

200 OK

48 kB

URL GET
fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://piport.net/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48532, version 1.0
Size
48 kB (48532 bytes)
Hash
225835e6e0496c54dc2aca9f3d533892
942ef5298bbe74bfe44e445def5f2bfc94027fa8
acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087

HTTP Headers

GET /s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://piport.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48532
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jun 2025 13:23:43 GMT
expires: Fri, 05 Jun 2026 13:23:43 GMT
cache-control: public, max-age=31536000
age: 183040
last-modified: Wed, 28 May 2025 18:51:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET piport.net/

212.232.23.204

200 OK

128 kB

URL User Request GET
piport.net/
IP
212.232.23.204:443
ASN
#215381 Rockhoster Private Limited

Certificate
IssuerLet's Encrypt
Subjectpiport.net
FingerprintA3:2F:CF:B2:38:A8:B8:05:45:7C:EE:85:98:E5:F8:29:6B:9B:31:CA
ValidityTue, 03 Jun 2025 15:15:17 GMT - Mon, 01 Sep 2025 15:15:16 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1211)
Size
128 kB (127996 bytes)
Hash
5e0c40af0a20e5d8023a9f251dc0eb40
3e47cc228669ffb1592c00b79607ddb4dc25dd56
1f1d732bcf6f0af03f7891d5a3458aa4da5e45fef1fef551f01395ac6761e21c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: piport.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 07 Jun 2025 16:14:21 GMT
Content-Type: text/html
Last-Modified: Fri, 30 May 2025 21:15:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"683a1fda-1f3fc"
Content-Encoding: gzip

GET app.piegift.com/vdweb.min.js?public_id=315e2fc1-cc34-44c7-b529-379372a04b42

212.232.23.140

200 OK

257 kB

URL GET
app.piegift.com/vdweb.min.js?public_id=315e2fc1-cc34-44c7-b529-379372a04b42
IP
212.232.23.140:443
ASN
#215381 Rockhoster Private Limited

Requested by
https://piport.net/
Certificate
IssuerLet's Encrypt
Subjectapp.piegift.com
FingerprintEE:A9:77:F9:51:A6:6F:0E:B9:6D:DC:31:8D:9D:00:31:6D:57:3E:12
ValidityFri, 30 May 2025 20:09:16 GMT - Thu, 28 Aug 2025 20:09:15 GMT

File type
JavaScript source, ASCII text
Size
257 kB (256695 bytes)
Hash
3171635a635b92546a4f4115c8068357
f8f700f67ffc0f0b0fc1c99ee14efe78f3be5787
23efdd3dd50e61d2537ad8ec2146f61221527934f90a723201b3a442c5110309

HTTP Headers

GET /vdweb.min.js?public_id=315e2fc1-cc34-44c7-b529-379372a04b42 HTTP/1.1
Host: app.piegift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piport.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 07 Jun 2025 16:14:23 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 30 May 2025 21:21:52 GMT
ETag: W/"3eab7-1972312a06f"
Vary: Accept-Encoding
Content-Encoding: gzip

GET www.googletagmanager.com/gtm.js?id=GTM-MMXD7N7V

142.250.74.168

200 OK

289 kB

URL GET
www.googletagmanager.com/gtm.js?id=GTM-MMXD7N7V
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://piport.net/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint10:76:57:2F:C3:21:F2:5F:71:E4:85:A5:DB:F7:65:3F:51:03:55:07
ValidityMon, 12 May 2025 08:42:57 GMT - Mon, 04 Aug 2025 08:42:56 GMT

File type
JavaScript source, ASCII text, with very long lines (4947)
Size
289 kB (289448 bytes)
Hash
40abe3b942ecf87b3f667d63d8cd866b
6ef6509bbc4c0f84508ac3983ed03210dd36f2cb
f710e72cd3bf611e96ac3d4eb7fe6263fc73a968416dd200b36c2b1002ff427c

HTTP Headers

GET /gtm.js?id=GTM-MMXD7N7V HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piport.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 07 Jun 2025 16:14:23 GMT
expires: Sat, 07 Jun 2025 16:14:23 GMT
cache-control: private, max-age=900
last-modified: Sat, 07 Jun 2025 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1319:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1319:0
report-to: {"group":"ascgcycc:1319:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1319:0"}],}
server: Google Tag Manager
content-length: 98533
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=G-02Y0YQS4ZW

142.250.74.168

200 OK

396 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-02Y0YQS4ZW
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://piport.net/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint10:76:57:2F:C3:21:F2:5F:71:E4:85:A5:DB:F7:65:3F:51:03:55:07
ValidityMon, 12 May 2025 08:42:57 GMT - Mon, 04 Aug 2025 08:42:56 GMT

File type
JavaScript source, ASCII text, with very long lines (6004)
Size
396 kB (395577 bytes)
Hash
8a42618673b09e682d4d0b9fc505dc07
ad3886a193d5e25036663bd9ba128e7b8deeb23d
0fe51bc7c0b26e10796ff34424e832eb57a79006b4e4b02bc1c12f4e886a94fc

HTTP Headers

GET /gtag/js?id=G-02Y0YQS4ZW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piport.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 07 Jun 2025 16:14:23 GMT
expires: Sat, 07 Jun 2025 16:14:23 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
server: Google Tag Manager
content-length: 131561
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://piport.net/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://piport.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jun 2025 00:24:14 GMT
expires: Sat, 06 Jun 2026 00:24:14 GMT
cache-control: public, max-age=31536000
age: 143409
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=G-LQ67Y8S7CP&cx=c&gtm=45He5641v9186427567za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104653070~104653072~104661466~104661468~104698127~104698129

142.250.74.168

200 OK

391 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-LQ67Y8S7CP&cx=c&gtm=45He5641v9186427567za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104653070~104653072~104661466~104661468~104698127~104698129
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://piport.net/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint10:76:57:2F:C3:21:F2:5F:71:E4:85:A5:DB:F7:65:3F:51:03:55:07
ValidityMon, 12 May 2025 08:42:57 GMT - Mon, 04 Aug 2025 08:42:56 GMT

File type
JavaScript source, ASCII text, with very long lines (6079)
Size
391 kB (390927 bytes)
Hash
8bbd9df3e3cb7e58779407bb93fa0edf
e486717312c83add5140d8904ac81e0d533eb23d
6d02a42cf762e468903fd443637732c70b4cbeeec2dba255ceceb5612e4d3ec0

HTTP Headers

GET /gtag/js?id=G-LQ67Y8S7CP&cx=c&gtm=45He5641v9186427567za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104653070~104653072~104661466~104661468~104698127~104698129 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piport.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 07 Jun 2025 16:14:23 GMT
expires: Sat, 07 Jun 2025 16:14:23 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
server: Google Tag Manager
content-length: 130022
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.googletagmanager.com/gtag/js?id=G-02Y0YQS4ZW&cx=c&gtm=45He5641v9186427567za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104653070~104653072~104661466~104661468~104698127~104698129

142.250.74.168

200 OK

396 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-02Y0YQS4ZW&cx=c&gtm=45He5641v9186427567za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104653070~104653072~104661466~104661468~104698127~104698129
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://piport.net/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint10:76:57:2F:C3:21:F2:5F:71:E4:85:A5:DB:F7:65:3F:51:03:55:07
ValidityMon, 12 May 2025 08:42:57 GMT - Mon, 04 Aug 2025 08:42:56 GMT

File type
JavaScript source, ASCII text, with very long lines (6079)
Size
396 kB (395488 bytes)
Hash
bf88fae85aaf3447d36d3efe0705fd35
711097fe9c7de1463160e1257deb1ad5f702d4cc
060b0e0bb5dbf41d896df20eca64911b54cee38112cef559d625134c4b0eac7b

HTTP Headers

GET /gtag/js?id=G-02Y0YQS4ZW&cx=c&gtm=45He5641v9186427567za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104653070~104653072~104661466~104661468~104698127~104698129 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piport.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 07 Jun 2025 16:14:23 GMT
expires: Sat, 07 Jun 2025 16:14:23 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
server: Google Tag Manager
content-length: 131492
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1pL7W0I5nvwUgHU.woff2

142.250.74.35

200 OK

19 kB

URL GET
fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1pL7W0I5nvwUgHU.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://piport.net/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19024, version 1.0
Size
19 kB (19024 bytes)
Hash
84fbfa558f579ed430e2642137bb6bc4
f05ddd8977a4395526c0b7e505f9472285df17df
c62fdc39dd21670d196fb5e4a67542459e52790a56a4222c8dbf827aa07d7989

HTTP Headers

GET /s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1pL7W0I5nvwUgHU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://piport.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19024
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jun 2025 17:19:19 GMT
expires: Fri, 05 Jun 2026 17:19:19 GMT
cache-control: public, max-age=31536000
age: 168904
last-modified: Wed, 28 May 2025 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1pL7W0I5nvwUgHU.woff2

142.250.74.35

200 OK

19 kB

URL GET
fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1pL7W0I5nvwUgHU.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://piport.net/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19024, version 1.0
Size
19 kB (19024 bytes)
Hash
84fbfa558f579ed430e2642137bb6bc4
f05ddd8977a4395526c0b7e505f9472285df17df
c62fdc39dd21670d196fb5e4a67542459e52790a56a4222c8dbf827aa07d7989

HTTP Headers

GET /s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1pL7W0I5nvwUgHU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://piport.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19024
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jun 2025 17:19:19 GMT
expires: Fri, 05 Jun 2026 17:19:19 GMT
cache-control: public, max-age=31536000
age: 168904
last-modified: Wed, 28 May 2025 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=G-F9BPK75RK3&cx=c&gtm=45He5641v9186427567za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104653070~104653072~104661466~104661468~104698127~104698129

142.250.74.168

200 OK

391 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-F9BPK75RK3&cx=c&gtm=45He5641v9186427567za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104653070~104653072~104661466~104661468~104698127~104698129
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://piport.net/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint10:76:57:2F:C3:21:F2:5F:71:E4:85:A5:DB:F7:65:3F:51:03:55:07
ValidityMon, 12 May 2025 08:42:57 GMT - Mon, 04 Aug 2025 08:42:56 GMT

File type
JavaScript source, ASCII text, with very long lines (6079)
Size
391 kB (391234 bytes)
Hash
a9d69264c70874f5720dcb78b8db0a31
cdfeb3fd79ef76c74ce052e37e479060893f4347
54328ce1012aa7fd583f5be0cdf7cb16ee3684cfc5f86f92c8c7055957219114

HTTP Headers

GET /gtag/js?id=G-F9BPK75RK3&cx=c&gtm=45He5641v9186427567za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104653070~104653072~104661466~104661468~104698127~104698129 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piport.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 07 Jun 2025 16:14:23 GMT
expires: Sat, 07 Jun 2025 16:14:23 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
server: Google Tag Manager
content-length: 130104
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800&family=Roboto:wght@400;500;700;900&display=swap

142.250.74.10

200 OK

35 kB

URL GET
fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800&family=Roboto:wght@400;500;700;900&display=swap
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://piport.net/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint1C:09:46:89:AD:F3:B6:3E:B4:89:F7:49:AC:15:E7:4E:A6:D2:AA:73
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
ASCII text, with very long lines (1572)
Size
35 kB (34975 bytes)
Hash
34f01f155baf5994b5a87abb37c674c1
de61629e21f9eb0e814e41afbe4f2193bd472dd8
465e8545992cbb4c72685ab1e4bf01753ac586df00189b16a63b7378041975b3

HTTP Headers

GET /css2?family=Inter:wght@400;500;600;700;800&family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piport.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 07 Jun 2025 16:14:22 GMT
date: Sat, 07 Jun 2025 16:14:22 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/9a411426-3711-47d4-9c1a-dcf72973ddfc/dfj37e6-d8b49926-d115-4368-9de8-09a80077fb4f.png/v1/fill/w_1280,h_1280/okx_okb_logo_by_saphyl_dfj37e6-fullview.png?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwiaXNzIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsIm9iaiI6W1t7ImhlaWdodCI6Ijw9MTI4MCIsInBhdGgiOiJcL2ZcLzlhNDExNDI2LTM3MTEtNDdkNC05YzFhLWRjZjcyOTczZGRmY1wvZGZqMzdlNi1kOGI0OTkyNi1kMTE1LTQzNjgtOWRlOC0wOWE4MDA3N2ZiNGYucG5nIiwid2lkdGgiOiI8PTEyODAifV1dLCJhdWQiOlsidXJuOnNlcnZpY2U6aW1hZ2Uub3BlcmF0aW9ucyJdfQ.kH6v6nu55xLephOzAFFhD2uCYkmFdLsBoTkSuQvtBpo

54.240.174.66

200 OK

57 kB

URL GET
images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/9a411426-3711-47d4-9c1a-dcf72973ddfc/dfj37e6-d8b49926-d115-4368-9de8-09a80077fb4f.png/v1/fill/w_1280,h_1280/okx_okb_logo_by_saphyl_dfj37e6-fullview.png?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwiaXNzIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsIm9iaiI6W1t7ImhlaWdodCI6Ijw9MTI4MCIsInBhdGgiOiJcL2ZcLzlhNDExNDI2LTM3MTEtNDdkNC05YzFhLWRjZjcyOTczZGRmY1wvZGZqMzdlNi1kOGI0OTkyNi1kMTE1LTQzNjgtOWRlOC0wOWE4MDA3N2ZiNGYucG5nIiwid2lkdGgiOiI8PTEyODAifV1dLCJhdWQiOlsidXJuOnNlcnZpY2U6aW1hZ2Uub3BlcmF0aW9ucyJdfQ.kH6v6nu55xLephOzAFFhD2uCYkmFdLsBoTkSuQvtBpo
IP
54.240.174.66:443
ASN
#16509 AMAZON-02

Requested by
https://piport.net/
Certificate
IssuerLet's Encrypt
Subject*.wixmp.com
Fingerprint53:93:AE:B3:7B:15:46:DB:1E:5B:E9:96:2E:82:F2:8F:7F:6E:62:4D
ValidityMon, 19 May 2025 18:10:49 GMT - Sun, 17 Aug 2025 18:10:48 GMT

File type
PNG image data, 1280 x 1280, 8-bit/color RGBA, non-interlaced
Size
57 kB (57218 bytes)
Hash
72202b4690f134b2507b02a494459fc6
66468cbac1e5f88431b24f8549b4dfde6490f0ae
b9bb3bf614a29ade2890717ceab0e880592feebc4025264c3f2433e93f206fe4

HTTP Headers

GET /f/9a411426-3711-47d4-9c1a-dcf72973ddfc/dfj37e6-d8b49926-d115-4368-9de8-09a80077fb4f.png/v1/fill/w_1280,h_1280/okx_okb_logo_by_saphyl_dfj37e6-fullview.png?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwiaXNzIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsIm9iaiI6W1t7ImhlaWdodCI6Ijw9MTI4MCIsInBhdGgiOiJcL2ZcLzlhNDExNDI2LTM3MTEtNDdkNC05YzFhLWRjZjcyOTczZGRmY1wvZGZqMzdlNi1kOGI0OTkyNi1kMTE1LTQzNjgtOWRlOC0wOWE4MDA3N2ZiNGYucG5nIiwid2lkdGgiOiI8PTEyODAifV1dLCJhdWQiOlsidXJuOnNlcnZpY2U6aW1hZ2Uub3BlcmF0aW9ucyJdfQ.kH6v6nu55xLephOzAFFhD2uCYkmFdLsBoTkSuQvtBpo HTTP/1.1
Host: images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piport.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 57218
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-seen-by: image-manipulator-85664758-dj2vk
x-wixmp-trace: projects/wix-media-infrastructure/traces/2yBLeUQ4gQJHMGBbeDmDCsBeQIa
date: Sat, 07 Jun 2025 13:31:54 GMT
via: 1.1 google, 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3BIwoiyvVJqyw3fpvPrYsGBoa1oO4rdyvex-U5RIAapjtRQKNknbSA==
age: 9748
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2

104.17.25.14

200 OK

150 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://piport.net/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 150124, version 772.256
Size
150 kB (150124 bytes)
Hash
c64278386c2bbb5e293e11b94ca2f6d1
6b99aa650bd12a36caa14e0127435d8f4cd3ba73
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880

HTTP Headers

GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://piport.net
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Jun 2025 16:14:23 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150124
cf-ray: 94c17134292d56c3-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6421d693-24a6c"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 228012
expires: Thu, 28 May 2026 16:14:23 GMT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=InEldRiXdc%2FQD%2FVpztc%2BnuldGxUdixruQf6vQayYxmWFmJ%2BK4cWRmr8D2NTHm9tZu4otqI3CBRwoTBIATGC4mnSYrhE7EmGE2qJBUOdntQUlIvy%2FV7onfBK0bLfZusEMXji5yB1y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET piport.net/favicon.ico

212.232.23.204

200 OK

17 kB

URL GET
piport.net/favicon.ico
IP
212.232.23.204:443
ASN
#215381 Rockhoster Private Limited

Requested by
https://piport.net/
Certificate
IssuerLet's Encrypt
Subjectpiport.net
FingerprintA3:2F:CF:B2:38:A8:B8:05:45:7C:EE:85:98:E5:F8:29:6B:9B:31:CA
ValidityTue, 03 Jun 2025 15:15:17 GMT - Mon, 01 Sep 2025 15:15:16 GMT

File type
MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel
Size
17 kB (16958 bytes)
Hash
855a95e46815c69e39c88c7b59b1e409
b2bde67597e7bbb3bfdfa2b0038f4f47b760d1f4
2a13600cbe32b594f29c4291f935802f7110f97c1c243f601edf9c6c9a5a2daf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: piport.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piport.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 07 Jun 2025 16:14:24 GMT
Content-Type: image/x-icon
Content-Length: 16958
Last-Modified: Mon, 17 Mar 2025 13:56:01 GMT
Connection: keep-alive
ETag: "67d829f1-423e"
Accept-Ranges: bytes

OPTIONS freeipapi.com/api/json/

104.21.64.1

204 No Content

0 B

URL OPTIONS
freeipapi.com/api/json/
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://piport.net/
Certificate
IssuerGoogle Trust Services
Subjectfreeipapi.com
FingerprintE6:45:EB:A7:4C:BB:F7:E4:1D:75:33:EC:14:BD:9A:51:30:EA:10:15
ValidityTue, 27 May 2025 09:58:42 GMT - Mon, 25 Aug 2025 10:55:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/json/ HTTP/1.1
Host: freeipapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://piport.net/
Origin: https://piport.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 07 Jun 2025 16:14:23 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
access-control-allow-headers: authorization
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
cache-control: no-cache, private
vary: Access-Control-Request-Method, Access-Control-Request-Headers
x-powered-by: PHP/8.3.11
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=qPBlOm5aDBeP0AMrDNECE1qSW5iDdVEe4YoGCFKJ%2Fjm9AbTgfGslUNNOanyKJoYmYXb2wHBcHDHFM2omvwyCN7jvNEjbm7Y4Z77A"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 94c1713569aa56ab-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET freeipapi.com/api/json/

104.21.64.1

200 OK

383 B

URL GET
freeipapi.com/api/json/
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://piport.net/
Certificate
IssuerGoogle Trust Services
Subjectfreeipapi.com
FingerprintE6:45:EB:A7:4C:BB:F7:E4:1D:75:33:EC:14:BD:9A:51:30:EA:10:15
ValidityTue, 27 May 2025 09:58:42 GMT - Mon, 25 Aug 2025 10:55:57 GMT

File type
JSON text data
Size
383 B (383 bytes)
Hash
e489dbe5c06cdf07efa8c0a77458d62e
c789bd02a0cc9b3e3fd9afeacf369563c6ce0602
7d7b31b79e5e5d86a099443c50f4b54c4a72fe6bf3a518106a01e2cf6be1e7c4

HTTP Headers

GET /api/json/ HTTP/1.1
Host: freeipapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://piport.net/
Authorization: Bearer 145e8aecea2cae5c7002ec10d217c2b04fa68a27ff6f3a8383c9aaea623c77b0
Origin: https://piport.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:14:23 GMT
content-type: application/json
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, private
x-powered-by: PHP/8.3.11
x-ratelimit-limit: 60
x-ratelimit-remaining: 52
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=j%2FnK1nlxWxYg0P22lUz0zN9Sv1HopbgbbHZDncZ%2F10sxgW0h%2BhgrpnWZDe1wyJYo8lpTdu1CiHs1GQV3SnUtTjX3tpwtVczeUOtG"}]}
content-encoding: br
cf-ray: 94c17136ab0f56ab-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET img.upanh.tv/2025/03/11/favicon42527eabc5bda97a.png

188.114.97.1

200 OK

11 kB

URL GET
img.upanh.tv/2025/03/11/favicon42527eabc5bda97a.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://piport.net/
Certificate
IssuerGoogle Trust Services
Subjectupanh.tv
Fingerprint50:96:5F:6E:35:D8:FB:63:B4:4E:03:EF:9A:85:59:84:FE:6A:B5:6D
ValidityThu, 29 May 2025 16:39:39 GMT - Wed, 27 Aug 2025 17:37:16 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Size
11 kB (11040 bytes)
Hash
0919853f2afc9e17b68600e811a3b90b
adb6b29b379d3142420576c6c078e55b6fe6ebfa
bea4c8405d71d83ec632dd9cf74b8601cc0b36974963946a034295fee8fabe8e

HTTP Headers

GET /2025/03/11/favicon42527eabc5bda97a.png HTTP/1.1
Host: img.upanh.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piport.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Jun 2025 16:14:24 GMT
content-type: image/png
content-length: 11040
accept-ranges: bytes
cache-control: public, max-age=31536000
etag: "0919853f2afc9e17b68600e811a3b90b"
last-modified: Tue, 11 Mar 2025 02:45:56 GMT
server: cloudflare
x-amz-id-2: iTlrLykhoOLnbRcLbDCOzuQceIRlQC5IR7zZLVSkOowcBVMTelRxhTLvlNRoa837bdcH03rLckFB
x-amz-request-id: 2447823EE2C5012B:B
x-wasabi-cm-reference-id: 1749209649552 219.164.248.231 ConID:1041150222/EngineConID:10245973/Core:9
age: 103213
cf-cache-status: HIT
priority: u=6,i=?0
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=j%2FkOkjWEwz92UfytjEIk7%2Bumtdxg43dsraAfVE1hrk9iyXLTqahydIhXOraWg%2FYfFg7JQBINA%2BFZSYDNI%2F3WT9HQtKCxHLWmK0c%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 94c171380816b4eb-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

104.17.25.14

200 OK

102 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://piport.net/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
ASCII text, with very long lines (52276)
Size
102 kB (102025 bytes)
Hash
ded1c367363e8b20bdc6a19b8350a737
8c06d82739d14b094ff6d9036021a252bd1d985d
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf

HTTP Headers

GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piport.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:14:22 GMT
content-type: text/css; charset=utf-8
content-length: 18752
cf-ray: 94c1712ecbac7128-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6421d693-4940"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 311527
expires: Thu, 28 May 2026 16:14:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UjcC9ruvn%2F6LiaMvXsx8cqNiqU6ZNZa3f99%2BGiZQOD%2BJdcJf5zSCTxHMC%2BtmE2TCYdguVqrSeCIOjqci%2Bn4vREvvFq07xU6mDwaTH%2F7IvSwZaXk8H8%2BLR%2BgtFk5BLwuKu2vxljpv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2

142.250.74.35

200 OK

48 kB

URL GET
fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://piport.net/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48532, version 1.0
Size
48 kB (48532 bytes)
Hash
225835e6e0496c54dc2aca9f3d533892
942ef5298bbe74bfe44e445def5f2bfc94027fa8
acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087

HTTP Headers

GET /s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://piport.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48532
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jun 2025 13:23:43 GMT
expires: Fri, 05 Jun 2026 13:23:43 GMT
cache-control: public, max-age=31536000
age: 183040
last-modified: Wed, 28 May 2025 18:51:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET static.vecteezy.com/system/resources/thumbnails/055/688/542/small/isolated-purple-balloon-no-background-with-ribbon-png.png

172.64.152.224

200 OK

6.3 kB

URL GET
static.vecteezy.com/system/resources/thumbnails/055/688/542/small/isolated-purple-balloon-no-background-with-ribbon-png.png
IP
172.64.152.224:443
ASN
#13335 CLOUDFLARENET

Requested by
https://piport.net/
Certificate
IssuerGoogle Trust Services
Subjectvecteezy.com
FingerprintF9:66:AD:30:E3:2E:81:80:D1:A7:CD:B9:15:05:FD:4D:9E:D3:0F:7A
ValidityTue, 27 May 2025 00:28:18 GMT - Mon, 25 Aug 2025 01:28:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
6.3 kB (6306 bytes)
Hash
e24027a47721f7028dd8bde7948b8ede
858de3f2483dd0e5da6d3d828338ae6b3e3fd943
1eede7285bebba2c3d0c6f9885c4ff55b7550dc43b7caeb028d18c8982644879

HTTP Headers

GET /system/resources/thumbnails/055/688/542/small/isolated-purple-balloon-no-background-with-ribbon-png.png HTTP/1.1
Host: static.vecteezy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piport.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:14:23 GMT
content-type: image/webp
content-length: 6306
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=12429
content-disposition: inline; filename="isolated-purple-balloon-no-background-with-ribbon-png.webp"
vary: Accept
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
etag: "b99867a640491e9faafdde9943625c97"
last-modified: Tue, 04 Feb 2025 09:47:28 GMT
via: 1.1 bc2ad79bb70175937978804970010644.cloudfront.net (CloudFront)
x-amz-cf-id: YqpccH5bFmIKLNUW1xuFtYKEh50CVeT4sb-_Pns1jMucXGkWlBmbjg==
x-amz-cf-pop: ARN53-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: PuUAYoH5AT4VsbGcOk2bYcUl9fIxKtdE
x-cache: Hit from cloudfront
cf-cache-status: HIT
age: 714653
expires: Sun, 07 Jun 2026 16:14:23 GMT
accept-ranges: bytes
strict-transport-security: max-age=15552000; preload
speculation-rules: "/cdn-cgi/speculation"
set-cookie: __cf_bm=Z81U.Z_TD4.DuDD8RJA.qgAvPN7Zu7T9.MDuXKgfKAg-1749312863-1.0.1.1-Pq5AfQKPPvW3TiBcw5ce5arqiPmQBc4O3viIBTODCh1q6EYKPv9OhoQwdAkaMgz1KbgqwASKSj1DBLgEEq8cFOYtGYWYwwG7vdsOKUD4X.s; path=/; expires=Sat, 07-Jun-25 16:44:23 GMT; domain=.vecteezy.com; HttpOnly; Secure; SameSite=None
_cfuvid=_2o5flLcxQXsPqQmmJ5swRwXjag1sTFYHvZxaYiNva4-1749312863928-0.0.1.1-604800000; path=/; domain=.vecteezy.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 94c171376a05b4fd-OSL
X-Firefox-Spdy: h2

GET piport.net/english.txt

212.232.23.204

200 OK

13 kB

URL GET
piport.net/english.txt
IP
212.232.23.204:443
ASN
#215381 Rockhoster Private Limited

Requested by
https://piport.net/
Certificate
IssuerLet's Encrypt
Subjectpiport.net
FingerprintA3:2F:CF:B2:38:A8:B8:05:45:7C:EE:85:98:E5:F8:29:6B:9B:31:CA
ValidityTue, 03 Jun 2025 15:15:17 GMT - Mon, 01 Sep 2025 15:15:16 GMT

File type
ASCII text
Size
13 kB (13116 bytes)
Hash
f23506956964fa69c98fa3fb5c8823b5
b2d5241ae027a0e40f06a33d909809a190f210fe
2f5eed53a4727b4bf8880d8f3f199efc90e58503646d9ff8eff3a2ed3b24dbda

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /english.txt HTTP/1.1
Host: piport.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://piport.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 07 Jun 2025 16:14:23 GMT
Content-Type: text/plain
Content-Length: 13116
Last-Modified: Thu, 13 Mar 2025 05:37:11 GMT
Connection: keep-alive
ETag: "67d26f07-333c"
Accept-Ranges: bytes

GET cdn.jsdelivr.net/npm/tailwindcss@2.2.19/dist/tailwind.min.css

104.16.175.226

200 OK

2.9 MB

URL GET
cdn.jsdelivr.net/npm/tailwindcss@2.2.19/dist/tailwind.min.css
IP
104.16.175.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://piport.net/
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
FingerprintA6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F
ValidityFri, 25 Apr 2025 00:00:00 GMT - Mon, 04 May 2026 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
2.9 MB (2934019 bytes)
Hash
e35af4d8ceb624072098fa9a3d970aaa
7324cf2b8b3bad7f5a0b763734d6872318d5d5f4
b6ad97402eddb903e7a5d7a73ee47a679204efbdda4521a391cbad9df509b932

HTTP Headers

GET /npm/tailwindcss@2.2.19/dist/tailwind.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piport.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:14:22 GMT
content-type: text/css; charset=utf-8
content-length: 154109
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 2.2.19
x-jsd-version-type: version
etag: W/"2cc503-cyTPK4s7rX9aC3Y3NNaHIxjV1fQ"
content-encoding: br
x-served-by: cache-fra-eddf8230029-FRA, cache-lga21962-LGA
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 2716511
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=46Wx8aRlk6KIRatTy35AWCGCNjYPAi%2FjIt6cgnWIXayS%2FOrDYb9xUt6enRDI2Fwbbs1BJDKvLAJDKfZX%2B04MBu%2BqyfDVQZblvrkPNwcGk%2Bhho9UiiiReaOeLxVCNPCYgCbs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 94c1712ebdc65695-OSL
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2

142.250.74.35

200 OK

48 kB

URL GET
fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://piport.net/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48532, version 1.0
Size
48 kB (48532 bytes)
Hash
225835e6e0496c54dc2aca9f3d533892
942ef5298bbe74bfe44e445def5f2bfc94027fa8
acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087

HTTP Headers

GET /s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://piport.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48532
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jun 2025 13:23:43 GMT
expires: Fri, 05 Jun 2026 13:23:43 GMT
cache-control: public, max-age=31536000
age: 183040
last-modified: Wed, 28 May 2025 18:51:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://piport.net/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://piport.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jun 2025 00:24:14 GMT
expires: Sat, 06 Jun 2026 00:24:14 GMT
cache-control: public, max-age=31536000
age: 143409
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML