Report - eur01.safelinks.protection.outlook.com/?url=https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/&data=05|01|ugyfelszolgalat@simple.hu|6682bf84709d4597eb7408dbefdce998|60c1c779933642ce8e98772a5e8de926|0|0|638367504321831679|Unknown|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=|1000|||&sdata=ONEvuX5fHKnXgE8YbP49ejleUyaqVbJZ6PqJMXhJjuQ=&reserved=0

Report Overview

Visited public
2023-11-28 09:12:06
Tags
URL
eur01.safelinks.protection.outlook.com/?url=https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/&data=05|01|ugyfelszolgalat@simple.hu|6682bf84709d4597eb7408dbefdce998|60c1c779933642ce8e98772a5e8de926|0|0|638367504321831679|Unknown|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=|1000|||&sdata=ONEvuX5fHKnXgE8YbP49ejleUyaqVbJZ6PqJMXhJjuQ=&reserved=0
Finishing URL
weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
IP / ASN
52.102.18.44
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Title
Indy | Your Tool for Clients, Proposals, Contracts & Invoices

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

136

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
api-sc53gwjr.weareindy.com	unknown	unknown	2022-06-08 23:39:45	2022-06-08 23:39:45	4.7 kB	5.6 kB	52.89.160.54
nexus-websocket-a.intercom.io	2137	2011-08-15	2015-06-26 12:17:57	2023-11-27 18:13:37	1.5 kB	564 B	34.237.73.95
logs-sc53gwjr.weareindy.com	unknown	unknown	No data	No data	1.1 kB	874 B	44.236.110.136
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-11-28 07:52:06	640 B	45 kB	142.250.74.106
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-11-28 07:59:41	893 B	193 kB	142.250.74.168
bat.bing.com	387	1996-01-29	2014-04-08 11:23:16	2023-11-28 05:11:27	1.8 kB	15 kB	13.107.21.200
js.intercomcdn.com	2440	2013-04-25	2020-02-19 12:43:00	2023-11-28 05:11:55	841 B	372 kB	54.230.111.118
assets.calendly.com	15697	2013-02-26	2018-10-07 06:01:58	2023-11-27 11:24:10	431 B	55 kB	172.64.146.81
log.pinterest.com	3464	2009-11-26	2014-02-24 22:34:32	2023-11-27 18:32:31	746 B	559 B	151.101.192.84
canny.io	23838	2017-01-20	2018-11-08 16:12:08	2023-11-24 08:03:03	401 B	98 kB	143.204.55.84
weareindy.com	58254	unknown	No data	No data	51 kB	2.7 MB	143.204.55.35
assets.pinterest.com	2560	2009-11-26	2012-05-21 17:53:26	2023-11-27 10:36:26	870 B	20 kB	151.101.84.84
accounts.google.com	81	1997-09-15	2016-03-20 13:44:49	2023-11-28 08:10:31	416 B	204 kB	142.250.74.13
widget.intercom.io	2417	2011-08-15	2020-07-20 14:16:46	2023-11-27 22:12:51	446 B	3.5 kB	143.204.55.14
93704e94940a410d8638ca93bae94cd2.apm.us-west-2.aws.found.io	unknown	unknown	No data	No data	1.7 kB	1.2 kB	52.26.59.44
api-iam.intercom.io	2892	2011-08-15	2018-08-02 22:07:54	2023-11-27 14:24:22	522 B	5.3 kB	18.210.132.136
eur01.safelinks.protection.outlook.com	51790	1994-08-18	2017-01-29 18:48:59	2023-11-28 02:37:13	920 B	926 B	104.47.0.28
maps.googleapis.com	33876	2005-01-25	2019-10-17 17:56:16	2023-11-28 09:10:44	2.8 kB	426 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed
2023-11-28	medium	weareindy.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (68)

	URL	From	Size	First Seen	Last Seen
	weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/	ScriptElement	333 B	2023-11-20	2024-08-20
Pretty URL weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/ IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-20 15:49 Last Seen2024-08-20 18:38 Times Seen3 Hash d6f90607b6f821b6569ead66fc575ea9 d0f69ba6020b45afdd7aebbaf1b2332b500889fd d884c8f54f2cd2c07a4e67ce9c1bac1f95d0a8fe087e23dd82ec40e5ad579cf1 Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.27876.ddfcf7b7c5e61c500e41.js	ScriptElement	9.6 kB	2023-11-20	2024-08-20
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.27876.ddfcf7b7c5e61c500e41.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2024-08-20 18:38 Times Seen2 Hash fd6105eaf6125d9703f06d170b6ec5c2 1b55785c4369065f75e75be63e933a7c5dfbf8c4 db0881374fdda3edd8db7319674655ec483c5111651fd54a18dbcff0125a93e3 Loading...

	weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/	ScriptElement	564 B	2023-11-20	2024-08-20
Pretty URL weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/ IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-20 15:49 Last Seen2024-08-20 18:38 Times Seen3 Hash f235e51dc58e3ba4c281636de7b8e0e3 f35d53a3fcbf756319646de20571917fb76df145 2ab8e89e05523dca2ea4f74ae344eaf4d25fbcf88d2ab44346aef8e9dc165a1d Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.822.dc9d79b3329487700902.js	ScriptElement	27 kB	2023-11-20	2023-11-28
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.822.dc9d79b3329487700902.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2023-11-28 10:12 Times Seen2 Hash 0934fe7443eb1124450b31fedcb9d3a3 ab4716187b2cd005cff29f02b78027741571e0b1 1505e7005ab681b2fecf7626495b61e17b4bd4bd94e545c8415c24d4f2f377b5 Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.87041.c94678789a6608c1729f.js	ScriptElement	11 kB	2023-11-20	2024-08-20
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.87041.c94678789a6608c1729f.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2024-08-20 18:38 Times Seen2 Hash 0250fe95b010e403da306cc485fe45f5 c28938bcf2bf08152fdc1d10e8fbe291dca4d6ab 0a6a74d37c5e44e96d988e177b871f027478427008b5dce82f9921d3c20eb928 Loading...

	assets.pinterest.com/js/pinit_main.js?0.7849956957079369	ScriptElement	68 kB	2023-03-07	2024-12-05
Pretty URL assets.pinterest.com/js/pinit_main.js?0.7849956957079369 IP 151.101.84.84 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2024-12-05 16:46 Times Seen1501 Hash 980b58b2bf6b18e45583fc3d1d05e145 90fd7a45d8ab0672d45ecaa9a4b7f430ffe1d149 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.90750.7477daec09d4992662c2.js	ScriptElement	11 kB	2023-11-20	2023-11-28
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.90750.7477daec09d4992662c2.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2023-11-28 10:12 Times Seen2 Hash c03056d4ec2d2d7f2f86e3277cfec700 0e3189f3b8acc83332d1cd509d046051708014ab c22739d0dda96ab95002affbd2b758182462a868bd12dbaaeeec208db58b450a Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.6234.6a02117409c94a88e2c1.js	ScriptElement	50 kB	2023-11-20	2024-08-20
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.6234.6a02117409c94a88e2c1.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2024-08-20 18:38 Times Seen2 Hash 278d2239ed2d87aa7a59a6874d54435a d633cef40abee25c8bf09c8c6bbee2efb023adea 4344b64952e193e8f035c065fc2d65d94ca359e9e7ded5bbead16c5367733b2e Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.90481.962f5b861ae1c2fd2b13.js	ScriptElement	11 kB	2023-11-20	2024-08-20
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.90481.962f5b861ae1c2fd2b13.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2024-08-20 18:38 Times Seen2 Hash 984ea750da0327e0827b5d1d098eba3d ecf27fdfcb2488a057e2d974621bfe3f250c0a19 9c57f98f6d71e5858356305c87f7eae682e65e6ff4ceea0818a7e8c032071da3 Loading...

	weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/	ScriptElement	355 B	2023-11-20	2024-08-20
Pretty URL weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/ IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-20 15:49 Last Seen2024-08-20 18:38 Times Seen3 Hash dab21238cb362e01c59cb02dca9d4927 845836b3466f216dffa764f018f8a4671cd5619c d50c8891d9eb0710ccd47c575920f4269e65ea1ca9188c3a8627bbc2d2547d06 Loading...

	weareindy.com/app/cdn/v4.0.194/js/app.d748c4fbe4d49c9ad6ff.js	ScriptElement	310 kB	2024-08-20	2024-08-20
Pretty URL weareindy.com/app/cdn/v4.0.194/js/app.d748c4fbe4d49c9ad6ff.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:37 Last Seen2024-08-20 17:37 Times Seen1 Hash 686f7501187bb5b8e97487e55ee6286a ad773f49398e89f5b775314a12629a055023b541 55543102a32975a7df0299eb445b426daa8aac77b28f9cec0663fa0b874e1edc Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.47478.fe6c27ad411ce0eb481a.js	ScriptElement	110 kB	2023-11-20	2023-11-28
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.47478.fe6c27ad411ce0eb481a.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2023-11-28 10:12 Times Seen2 Hash af5d81e800fe1564068830db00f177e6 83274ef82e3be009afa864642e07ebfc90df7edc 094a446e63fba5cde8576ec0bbed69b5d3e45b0ac393098e43011c621a6d00bc Loading...

	bat.bing.com/bat.js	ScriptElement	46 kB	2023-11-10	2024-09-19
Pretty URL bat.bing.com/bat.js IP 13.107.21.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-10 23:20 Last Seen2024-09-19 20:57 Times Seen11863 Hash 7f75f159026f3a2c8cccda487b43157b 021cf5c854db063cd79bf0394c24eb994e095640 5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214 Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/2/util.js	ScriptElement	177 kB	2023-11-21	2023-11-29
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/2/util.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-21 21:08 Last Seen2023-11-29 22:31 Times Seen791 Hash 2bd2d553bca8f4e18ea4c10d6303b1a3 c2c4bdd6639ded6b5d9e7c197ac8e589dfaf8f27 fa53e5e405cdb88eee49c98c9d36b038378e23cb991051ffba64bc70ef06e020 Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/2/controls.js	ScriptElement	93 kB	2023-11-21	2023-11-29
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/2/controls.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-21 22:04 Last Seen2023-11-29 12:49 Times Seen148 Hash bb830df9aba393b26e45a03cbf3329bf 1cf6cd115e5f4edbdb264b169264671fe56eef92 ed98b373a2f07449b55782ce711e921530448624ec51e31dc27f707610243715 Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.84687.f03ef4359e9b7d4b1816.js	ScriptElement	17 kB	2023-11-28	2023-11-28
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.84687.f03ef4359e9b7d4b1816.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 10:12 Last Seen2023-11-28 10:12 Times Seen1 Hash 19f19c3911f90d61a75b17e92fac6ea7 db2178825641b430ebe5e8a7a563d2c9c9fe498b a343a957fcd453e95cbe52f5fe771733b3f9d3d9cccc1342ed8a945d5ba34f0e Loading...

	maps.googleapis.com/maps/api/js?key=AIzaSyCjEB7AjVweq4Flysqgx67UjWO26SeYfxA&libraries=places&callback=initPlaces	ScriptElement	198 kB	2023-11-28	2023-11-28
Pretty URL maps.googleapis.com/maps/api/js?key=AIzaSyCjEB7AjVweq4Flysqgx67UjWO26SeYfxA&libraries=places&callback=initPlaces IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 10:12 Last Seen2023-11-28 10:12 Times Seen1 Hash a1f208597379f131d1ef96dd59963e00 d5fd2afed01a399246a2049c8e08580a2c9bad96 900e0cec6cab4424036ac2c7606cb640875ddb640bc1a869b90d257e35cd6164 Loading...

	js.intercomcdn.com/frame.62d7371b.js	ScriptElement	901 kB	2023-11-27	2023-11-28
Pretty URL js.intercomcdn.com/frame.62d7371b.js IP 54.230.111.118 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-27 21:15 Last Seen2023-11-28 10:24 Times Seen13 Hash 6dd0f03de271844876d5109dac20ccb6 f2cf7caaee06649467e52e9523ac6f98b749725f b85c9f77944e962983461d13544f0fa748d76b8d33204ee68e1735b5c5477fac Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.6828.dfb4d5fe03113b84f41b.js	ScriptElement	605 kB	2024-08-20	2024-08-20
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.6828.dfb4d5fe03113b84f41b.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:37 Last Seen2024-08-20 17:37 Times Seen1 Hash ddc05f087a866fd9fd312d4d7177c3a2 902bd705c24cf987d469beaf6ae6126ef5fbb233 1b43e7cd3b9bb7b69aafdab0b8851fcd429fc732b4e6c21bfea26aab4a0edecd Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.23659.5c41bc68960b149dcede.js	ScriptElement	16 kB	2023-11-20	2023-11-28
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.23659.5c41bc68960b149dcede.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2023-11-28 10:12 Times Seen2 Hash 276abc210ac28bde3ec0b97b0f481191 169f4d923a6d5300c3b68780a8d1efbdb5456c5d 756658380d852fd5d990891a8884510011853c03f6cc1a11a8fdf56e9e546ffb Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.7695.2f74dcf799811f437e57.js	ScriptElement	76 kB	2023-11-20	2024-08-20
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.7695.2f74dcf799811f437e57.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2024-08-20 18:38 Times Seen2 Hash ed06da488fcb609f8b3f15f0021a7113 2572e28e1cbb9153bda85dd906e7cc763f59e247 f00e753adb473d0f4aca36aae63a31a70f9ff23ba9bcf3b0351ea42d9dd97656 Loading...

	weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/	ScriptElement	458 B	2023-11-20	2024-08-20
Pretty URL weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/ IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-20 15:49 Last Seen2024-08-20 18:38 Times Seen3 Hash 22d534b6f5e0673fc5507ece3e9abd78 0cdb334e9529dd8295e5d9ec9b24d52d66030560 61a677c0731bfbe79a6321982fe0a74a8ba8a5fa5f05e0d7dc326b8d6d3d57da Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.18671.67a3ad33121e7070d63a.js	ScriptElement	15 kB	2023-11-20	2024-08-20
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.18671.67a3ad33121e7070d63a.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2024-08-20 18:38 Times Seen3 Hash d5559023dc6b7a41dbea550fa52997b3 10aa06883f4af89aac64459b3043aacc8f068cb3 6108600db8a1fc84b0ce541b556cce3e4e7aba80ed77000904251c229d96e7af Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/2/places_impl.js	ScriptElement	49 kB	2023-11-22	2023-11-29
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/2/places_impl.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-22 00:36 Last Seen2023-11-29 05:23 Times Seen56 Hash 1e0a7d61a5199a1a7a1841fb7b559658 5dce0624c61d1383b75dfe0269e55aa81593305e 93c29495b506208c97e8692bb8f288f570f85ac9a4746d650f9bf450b991fee3 Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.18885.68ecdf186c13b6f417ca.js	ScriptElement	39 kB	2023-11-20	2023-11-28
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.18885.68ecdf186c13b6f417ca.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2023-11-28 10:12 Times Seen2 Hash 5b7c91f5cc79f94f39f1220d956b4da2 d37a5440478dc346fa7e059628b1a3d1fb899e8b d3e4757905e662b2c32879ba0c2204dfa8985f6d6ebafae707a4e9af699ebeb1 Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.97751.8c82b6894918f13bad57.js	ScriptElement	14 kB	2023-11-20	2023-11-28
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.97751.8c82b6894918f13bad57.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2023-11-28 10:12 Times Seen2 Hash b6cc6e74e47556f9d398577dd46fc75e 24a684b0f068dd4b5b59048cb8d2c1b93bc6d568 3b7c930a09190b9969b8585e301f5fd40f368d46385ce2498adc4041bdf26132 Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.43410.7a747328b2dc7a639c1f.js	ScriptElement	20 kB	2023-11-20	2023-11-28
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.43410.7a747328b2dc7a639c1f.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2023-11-28 10:12 Times Seen2 Hash f3bc5a9b3589335d03f778409b0c7f81 d96bdd31e8c4ebae700fbcaf88736d030be40ce6 bbe6f70a46aa4d5edad22a3b1a05f0ae86d5de024f991e0961fc9ff66366fa40 Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.47174.8ed4faaedce6fd47df86.js	ScriptElement	12 kB	2023-11-20	2023-11-28
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.47174.8ed4faaedce6fd47df86.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2023-11-28 10:12 Times Seen2 Hash 08496e9534dc8d497734ae6cd17c782d 5213a8375e6b310fc8335627daf1d235e7d43087 ff4bd4303ed589ea8f3c056a05ebd0d41de9f5e1b5b3b9c33b2d4283d6211960 Loading...

	unknown	ScriptElement	423 B	2023-11-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2024-08-20 18:38 Times Seen3 Hash 9ba83331a8bb17c01b48109e7d080236 e94dc5502d24b001ce87d44fd8ad8564308b0ad2 4b37395ddf7588d48e3d3055f82e493736d06f3653848bb74b63ed735648aca9 Loading...

	assets.calendly.com/assets/external/widget.js	ScriptElement	54 kB	2023-10-16	2024-08-21
Pretty URL assets.calendly.com/assets/external/widget.js IP 172.64.146.81 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-16 17:35 Last Seen2024-08-21 04:31 Times Seen844 Hash 3be18f0a18cf9980a421cf1577f639f4 d866cd293f8a5a1b8e2a8d3ebe9904743fbc3bcb 3eb9b294b344cf47c2af14fafe8528fccc545cb25b9325802a3bd1b0696171b6 Loading...

	widget.intercom.io/widget/cf5b8qu0	ScriptElement	7.0 kB	2023-11-27	2023-11-28
Pretty URL widget.intercom.io/widget/cf5b8qu0 IP 143.204.55.14 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-27 21:15 Last Seen2023-11-28 10:24 Times Seen13 Hash a711a0d6f65a21ba4568515659ec9568 7dfeacd47a86794aedfb9d12c3cd079e709e36d8 3c2cd49e20ee9fad1d452cd42f86dab821efdb33d382f74d516d01deaa9b5f5b Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.48601.d82b50e4b4f1e7a97744.js	ScriptElement	41 kB	2023-11-20	2024-08-20
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.48601.d82b50e4b4f1e7a97744.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2024-08-20 18:38 Times Seen3 Hash 94c293764bdd0d31dcb9af720bc1623d 98a3f56a3a8580e76d19d360fe4585ca6d1f2d26 a26d77019c903c1083630d08b9bba91ebcd2a42694cbd65e4be6cd65c3946042 Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.71804.8eb02e8e72ad2af294b7.js	ScriptElement	78 kB	2023-11-20	2024-08-20
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.71804.8eb02e8e72ad2af294b7.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2024-08-20 18:38 Times Seen2 Hash 5eb21ff12ff1e048b02208667ed82263 b7b07457df84a8b82051174c70cd9dd9b5b0e5cd e56369a14c5a29ae4f3be5a0c79c8a480b873ed3089280a341a78c427dce5421 Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.84658.79ffb0d6a9890557f16e.js	ScriptElement	1.0 kB	2023-11-28	2023-11-28
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.84658.79ffb0d6a9890557f16e.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 10:12 Last Seen2023-11-28 10:12 Times Seen1 Hash 097f8479d5ed005b488f29123a8dc305 64a1975630b0517486eb23ef76cf153d32cfb84e 298bb99552ae6fa3f68661c9fb87fda37c9e376159b80af9302139166246e1de Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.18637.b388bc4d6e7e4b958372.js	ScriptElement	49 kB	2023-11-20	2023-11-28
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.18637.b388bc4d6e7e4b958372.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2023-11-28 10:12 Times Seen2 Hash 407388c4fcfa3af27782debd5763a85a b789602405d312473f7a30c110640845ee782527 8bdbde4529ed2b73dcd11c8b2051310eae4d14a86c4b47e8d23843de072c7a98 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-09
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 04:58 Times Seen340549 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.googletagmanager.com/gtag/js?id=G-RMV9CT6PH6&l=dataLayer&cx=c	ScriptElement	290 kB	2023-11-28	2023-11-28
Pretty URL www.googletagmanager.com/gtag/js?id=G-RMV9CT6PH6&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 10:12 Last Seen2023-11-28 10:12 Times Seen1 Hash c7ddc9a54f3f9ce8914307cac92c432c 608b031d6caa3a62696a374bdef0ed25a1068003 c92f21619111bc0797186d848bb16dc8287943fe0e3a75e1e3a761697f8b9aeb Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.59364.c03f3aece98a38eb3539.js	ScriptElement	25 kB	2023-11-20	2023-11-28
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.59364.c03f3aece98a38eb3539.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2023-11-28 10:12 Times Seen2 Hash 0ade5edd2913f8e23e93ea5a45b7d961 4911608a74a9d99088c547b8c26e654a746d92af 05583c5bab263967f529bab86333491fcae5c42c48c8f07fba9beb69e050a652 Loading...

	js.intercomcdn.com/vendor.74ba73cb.js	ScriptElement	585 kB	2023-11-21	2023-12-18
Pretty URL js.intercomcdn.com/vendor.74ba73cb.js IP 54.230.111.118 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-21 17:48 Last Seen2023-12-18 09:46 Times Seen483 Hash 9c0b57ad24bdaa7c3854575035d6b58f 03394651b12c578815b29e7ad53628e16fb5eef9 d760bccbacc8c1c19e3420c4770bdd1fa0b13dd6989ef4e2c08e6813e27cfe14 Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.70098.96845616bf5cf8f7dba5.js	ScriptElement	11 kB	2023-11-20	2023-11-28
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.70098.96845616bf5cf8f7dba5.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2023-11-28 10:12 Times Seen2 Hash 9780ff39eb669197e4c18f53ac00ee47 cfd720c60f8d2a3af0e586095db3abd36158deb5 34fe3dca9c36a9f1cd08e35817cd012965e49ec92fb52066a42da960acb08ba5 Loading...

	weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/	ScriptElement	244 B	2023-11-20	2024-08-20
Pretty URL weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/ IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-20 15:49 Last Seen2024-08-20 18:38 Times Seen3 Hash 1790e5d439bba1e87196faf98fff696a 1df12b997c13d61080c0f5fbba4127e5ea7de3e6 1720aaab9a8d99178e016ae07109b764431a7c87c3da169bc2c696da1b10ad62 Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.28279.6f13c610717c1637cf3e.js	ScriptElement	15 kB	2023-11-28	2023-11-28
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.28279.6f13c610717c1637cf3e.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 10:12 Last Seen2023-11-28 10:12 Times Seen1 Hash 28ccc1b47acddb2d1de584cc2bdc7f21 6ff2ae94f40bf655a2148b899effffea69e954e3 635a31c90b52d2c18faffb14822087304cac63a8edd6e81cd9f127739af65b50 Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.54148.f4855180b64c74662d41.js	ScriptElement	10 kB	2023-11-20	2024-08-20
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.54148.f4855180b64c74662d41.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2024-08-20 18:38 Times Seen2 Hash 1d6255afccfdfcb03402b8dfd4a9eea6 81ed5b792aa1546d8ed256fcd9a8bd600130301c 291d634d1aeec45c0b41acee52acc2fff86865afce58a5ac581e4d2edb93a48f Loading...

	unknown	EventHandler	38 B	2023-04-17	2025-05-09
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-17 00:16 Last Seen2025-05-09 04:57 Times Seen2006 Hash d313558795d5a89ada9c73c4e7c6d37d c66fa2f3b1a23d8b43d20357d6e391dfc18f492a baafb89d4a9938d8004739b2da4475c3d102f907a283f4b2774f752f24fcbce9 Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.91061.768aa40bbdba7be5a0e6.js	ScriptElement	46 kB	2023-11-20	2024-08-20
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.91061.768aa40bbdba7be5a0e6.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2024-08-20 18:38 Times Seen2 Hash 9119e1935811ebcf176adb53604518dc 81a61c1b579a9e374f1bcfd9f986c6b92fe569b7 af5f8c33286cac914b9d5b1e5b43860916176e1a6dd2bdbb95b45c2fa897822b Loading...

	bat.bing.com/p/action/137021070.js	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL bat.bing.com/p/action/137021070.js IP 13.107.21.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 05:00 Times Seen4634064 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	canny.io/sdk.js	ScriptElement	98 kB	2023-05-11	2024-08-21
Pretty URL canny.io/sdk.js IP 143.204.55.84 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-11 04:37 Last Seen2024-08-21 06:46 Times Seen7 Hash 1e365fd6f751ea1b9e83b83aa791c368 1731a1a5fb2bc608c0ba4a3454e243e91c0e2301 469cafc076cc2c1d6edfce6ac1afdb2741251e39daae89493c85298f758047a3 Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.93676.89567ae9c76163524d3b.js	ScriptElement	39 kB	2023-11-20	2024-08-20
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.93676.89567ae9c76163524d3b.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2024-08-20 18:38 Times Seen3 Hash 3d16744164fbc258f00e369734e1a330 8db67f787ae838ac4968575b77974a3e07d5ee21 acd0867f7d48170e38682dff2a5b62b3b8fea3c8d80f41f9341ea76ca134303b Loading...

	weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/ IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 05:00 Times Seen4634064 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.60652.3a4d3c79b80624bc65a8.js	ScriptElement	49 kB	2023-11-20	2024-08-20
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.60652.3a4d3c79b80624bc65a8.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2024-08-20 18:38 Times Seen3 Hash 82a4fa53ee0e2bf3f7771c3c98ba9e6d 45a03a840459e11f72c12476a273120f9a3cc2d8 d902726ff910bca44b88b096943127ded2287ee6e3dd866f3f71a927e4e2ef8d Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/2/common.js	ScriptElement	260 kB	2023-11-21	2023-11-29
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/2/common.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-21 21:08 Last Seen2023-11-29 22:31 Times Seen784 Hash ba872858f8a01277e4a99c48b5b1597c 8ebf8bb0bc7b7f33416dfd486edf6b88113a1cd7 7341563f731cd05c3188a8e9a27e0656eed5f3ed4c710cd7cba40b6b53fd849a Loading...

	weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/sandbox%20eval%20code		147 B	2023-04-11	2025-05-09
Pretty URL weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 04:58 Times Seen341349 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	accounts.google.com/gsi/client	ScriptElement	203 kB	2023-11-14	2023-12-01
Pretty URL accounts.google.com/gsi/client IP 142.250.74.13 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 23:35 Last Seen2023-12-01 01:00 Times Seen801 Hash c3380c070ac1310e24173b87bb4a694c d14f8e5389ed23aab49e62e5835486d84a7b8624 0435416104a28587f4dd1363390ae564b1734d4dac040dcc9df69a78945c8473 Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.57253.7d4605ecf13b1670d583.js	ScriptElement	342 kB	2023-11-20	2023-11-28
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.57253.7d4605ecf13b1670d583.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2023-11-28 10:12 Times Seen2 Hash eec40a00606efe61ec502ac99ea24923 f68986053d37e0e98aab7489db9870fc1d0f34cf 98e1a92c7730c4f088e0358b9e22c6c0fb76d2a9a6021ec0e3e49409bfcb989b Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.18231.15ff137fd67b97d03bbb.js	ScriptElement	260 kB	2023-11-20	2023-11-28
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.18231.15ff137fd67b97d03bbb.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2023-11-28 10:12 Times Seen2 Hash 1cd321d66a8739317a2c399b63cd8f87 e5668bf2acc5f4eb3873417d6e2fb044d924c94c f2ab8aebad0930ac29158d729177f34bf518c7f7dd58e6ad1c4ceeb14c25d96d Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.37987.dab09a83f5e4b428bc32.js	ScriptElement	240 kB	2023-11-20	2023-11-28
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.37987.dab09a83f5e4b428bc32.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2023-11-28 10:12 Times Seen2 Hash a8b79dbd6f9aa72c5290f8859f9303a9 bba27976cdb3d77986cd1b64fb19bf80da290328 2a73ac488a1de4e203cea46d49270843b69eb22f7caa24bc078fb211cb13fa2b Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.52180.0dad90d31f89115696ff.js	ScriptElement	37 kB	2024-08-20	2024-08-20
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.52180.0dad90d31f89115696ff.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:37 Last Seen2024-08-20 17:37 Times Seen1 Hash 702c52c33b52903ca370cdf572f85c0a 490a145cb02edda6b60b489aa2afb433a0553565 877e6fb5200ebc5d1d6fccccf19b52b4e4d9c4bf0082e8b8a74fdaeff27d9ba3 Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.85166.8a22a54d99f85534ffb9.js	ScriptElement	10 kB	2023-11-20	2024-08-20
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.85166.8a22a54d99f85534ffb9.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2024-08-20 18:38 Times Seen2 Hash d86ed2c1b51b96fefcddec5f978913a1 ccb644983919262737dde1cd23c442fb0f15bf2a bd331d20520e7657a8a3dce2dc4b46b4f7b05cc7f55d3885b009efe3f599c424 Loading...

	weareindy.com/app/env.js?version=5	ScriptElement	1.6 kB	2023-11-20	2024-08-20
Pretty URL weareindy.com/app/env.js?version=5 IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2024-08-20 18:38 Times Seen3 Hash c3cade31751348be81cf085f89aab454 0ed4c4b7428635b400a700af8e04e660fa2b2159 ca03f8c8001400f2c586b8f12003f8b082bbc9886be679374c934eac37912f69 Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.19680.371796b616fda680e01b.js	ScriptElement	6.4 kB	2023-11-20	2024-08-20
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.19680.371796b616fda680e01b.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2024-08-20 18:38 Times Seen2 Hash b19fd3fbe7700c968e78a1cbb18033a2 c815e48ac01b75f61559564e53f6514487a6d00f 2914ea1269c335273a25fd541f503cf24914ab03c1c77454026f55096e03d360 Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.47986.322a182619b9e4d2cd08.js	ScriptElement	6.5 kB	2024-08-20	2024-08-20
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.47986.322a182619b9e4d2cd08.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:37 Last Seen2024-08-20 17:37 Times Seen1 Hash 86ce525365076f16aa6becfb0057b332 b3ae5b7edbfa6f5bf64f5469e97a01e9bfb5e0e7 5e39505b7e33a2a5ec389318339de2d76a6ed37ab7733a05e7b8337070769947 Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.30547.ecea691bd2dfc2fd6196.js	ScriptElement	15 kB	2023-11-20	2023-11-28
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.30547.ecea691bd2dfc2fd6196.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2023-11-28 10:12 Times Seen2 Hash b796a3df0a7973e680f6862f007a02b3 20b070fed802d836ce8140a1c52476f2360e817e da55518fb692a3bcfcc2d2dd1e871c1b9ae46eb6c46ad0c89ddbc74bdbcd4fa3 Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.33807.7029391e3f49738dab33.js	ScriptElement	26 kB	2023-11-20	2023-11-28
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.33807.7029391e3f49738dab33.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 15:49 Last Seen2023-11-28 10:12 Times Seen2 Hash fece2ccc73290ddf7255b08a995465d7 8430b35ebfc2545d1c65d2d7803c0670eecf2f30 343b95ad4b40a5f4f5ddb6f08bc1c60bcede5e804e11c03efd96026dfba1ebf5 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-PNJR6BG	ScriptElement	283 kB	2023-11-28	2023-11-28
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-PNJR6BG IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 10:12 Last Seen2023-11-28 10:12 Times Seen1 Hash bb9ac3e574031439370992da8d7e239a 07037f18f576574702531e0d52f88eb5963bc383 1371f684c3ad35980f7041f3254fa8863b04e1d9bc8e4ba211663457430c7c5f Loading...

	assets.pinterest.com/js/pinit.js	ScriptElement	361 B	2023-03-07	2025-05-09
Pretty URL assets.pinterest.com/js/pinit.js IP 151.101.84.84 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2025-05-09 04:00 Times Seen2284 Hash 9e724ccab52ce087d92250b1e06ef0ee 8000043a1fb8735345f8b27c65b85331099aed8d 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de Loading...

	weareindy.com/app/cdn/v4.0.194/js/chunk.7993.39829be92a4a9cffa730.js	ScriptElement	23 kB	2023-11-28	2023-11-28
Pretty URL weareindy.com/app/cdn/v4.0.194/js/chunk.7993.39829be92a4a9cffa730.js IP 143.204.55.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 10:12 Last Seen2023-11-28 10:12 Times Seen1 Hash 1ddbb447010245ccd8036ea72cb102ad 5a69c1ca43a907ac92107c681a2b35db37ff2189 40a75f0801ac737feaf67c3416e195204d7d69075337f6e686a3f713eb6b0493 Loading...

		Size	First Seen	Last Seen
	#1 Eval - b61af669ba0af54b318506d3459f6055	135 B	2023-11-20 15:49	2024-08-20 18:38
Pretty Observations First Seen2023-11-20 15:49 Last Seen2024-08-20 18:38 Times Seen3 Hash b61af669ba0af54b318506d3459f6055 dce9bb83981e89e46162eb1ab9ebb6fd48dc2d1d c85ecbf647ca10c2283fca7f02ffed68e610c83a36eb30aa96a535933dc8a35d Loading...

		Size	First Seen	Last Seen
	#1 Write - fe364450e1391215f596d043488f989f	15 B	2023-03-07 01:02	2025-05-08 21:05
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-05-08 21:05 Times Seen21066 Hash fe364450e1391215f596d043488f989f d1848aa7b5cfd853609db178070771ad67d351e9 c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e Loading...

HTTP Transactions (96)

URL IP Response Size

eur01.safelinks.protection.outlook.com/?url=https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/&data=05|01|ugyfelszolgalat@simple.hu|6682bf84709d4597eb7408dbefdce998|60c1c779933642ce8e98772a5e8de926|0|0|638367504321831679|Unknown|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=|1000|||&sdata=ONEvuX5fHKnXgE8YbP49ejleUyaqVbJZ6PqJMXhJjuQ=&reserved=0

104.47.0.28

302 Found

246 B

URL User Request GET HTTP/1.1
eur01.safelinks.protection.outlook.com/?url=https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/&data=05|01|ugyfelszolgalat@simple.hu|6682bf84709d4597eb7408dbefdce998|60c1c779933642ce8e98772a5e8de926|0|0|638367504321831679|Unknown|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=|1000|||&sdata=ONEvuX5fHKnXgE8YbP49ejleUyaqVbJZ6PqJMXhJjuQ=&reserved=0
IP
104.47.0.28:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerDigiCert Inc
Subject*.safelinks.protection.outlook.com
FingerprintAC:D5:5A:BD:B6:35:63:20:02:15:3D:7B:3F:ED:0E:3F:7F:A6:48:EB
ValidityMon, 08 May 2023 00:00:00 GMT - Tue, 07 May 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
246 B (246 bytes)
Hash
e14d68c7f0b3832abd27802d94316e59
36515133b261b01144ba71a0b88934a5e63aec0c
d477ec3d6eacf9334d73c37738be943ee3d1014f2a17f01ae1caf152a8b8a867

HTTP Headers

GET /?url=https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/&data=05|01|ugyfelszolgalat@simple.hu|6682bf84709d4597eb7408dbefdce998|60c1c779933642ce8e98772a5e8de926|0|0|638367504321831679|Unknown|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=|1000|||&sdata=ONEvuX5fHKnXgE8YbP49ejleUyaqVbJZ6PqJMXhJjuQ=&reserved=0 HTTP/1.1
Host: eur01.safelinks.protection.outlook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 4.0
X-SL-GetUrlReputation-Verdict: Good
X-Robots-Tag: noindex, nofollow
X-AspNet-Version: 4.0.30319
X-ServerName: HE1EUR01WS082
X-ServerVersion: 15.20.7046.019
X-ServerLat: 686
X-SafeLinks-Tracking-Id: b8b51052-797b-4730-aeeb-08dbeff20965
X-Powered-By: ASP.NET
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
Date: Tue, 28 Nov 2023 09:11:41 GMT
Connection: close
Content-Length: 246

www.googletagmanager.com/gtm.js?id=GTM-PNJR6BG

142.250.74.168

200 OK

97 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-PNJR6BG
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (14697)
Size
97 kB (96714 bytes)
Hash
bb9ac3e574031439370992da8d7e239a
07037f18f576574702531e0d52f88eb5963bc383
1371f684c3ad35980f7041f3254fa8863b04e1d9bc8e4ba211663457430c7c5f

HTTP Headers

GET /gtm.js?id=GTM-PNJR6BG HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 28 Nov 2023 09:11:43 GMT
expires: Tue, 28 Nov 2023 09:11:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 96714
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-RMV9CT6PH6&l=dataLayer&cx=c

142.250.74.168

200 OK

95 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-RMV9CT6PH6&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (7711)
Size
95 kB (95126 bytes)
Hash
c7ddc9a54f3f9ce8914307cac92c432c
608b031d6caa3a62696a374bdef0ed25a1068003
c92f21619111bc0797186d848bb16dc8287943fe0e3a75e1e3a761697f8b9aeb

HTTP Headers

GET /gtag/js?id=G-RMV9CT6PH6&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 28 Nov 2023 09:11:43 GMT
expires: Tue, 28 Nov 2023 09:11:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 95126
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

weareindy.com/app/cdn/v4.0.194/css/19680.bce454fc4da47067469e.css

143.204.55.35

200 OK

61 B

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/css/19680.bce454fc4da47067469e.css
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
61 B (61 bytes)
Hash
22a9aaa9e38bf19d93d8ab2cd46e0ae2
2dd8c41c4187644402dbc227c5d7161ca0024155
7567a469803bc8e5b7e0f1e71919c318e24aea44e1b3c697d4a58f1a97dc8dd5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/css/19680.bce454fc4da47067469e.css HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=UTF-8
content-length: 61
date: Tue, 28 Nov 2023 09:11:45 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
accept-ranges: bytes
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
etag: W/"3d-18c129cfb18"
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: as1HOW_tMxT0qihK4q0RiE4a3P4shn1zjHf6qwmrM9VBaQGgz-hmDA==
X-Firefox-Spdy: h2

assets.pinterest.com/js/pinit.js

151.101.84.84

200 OK

203 B

URL GET HTTP/2
assets.pinterest.com/js/pinit.js
IP
151.101.84.84:443
ASN
#54113 FASTLY

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerDigiCert Inc
Subject*.pinterest.com
Fingerprint4D:02:6D:A8:DF:FA:2E:1C:D3:43:46:EF:CF:92:F1:7A:41:8F:BA:0B
ValidityMon, 31 Jul 2023 00:00:00 GMT - Wed, 07 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (361), with no line terminators
Size
203 B (203 bytes)
Hash
9e724ccab52ce087d92250b1e06ef0ee
8000043a1fb8735345f8b27c65b85331099aed8d
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

HTTP Headers

GET /js/pinit.js HTTP/1.1
Host: assets.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
etag: "62d32c28f14783b94192cd8d35bc010d"
content-encoding: br
content-type: application/javascript; charset=utf-8
x-cdn: fastly
alt-svc: h3=":443";ma=600
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 86400
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
date: Tue, 28 Nov 2023 09:11:46 GMT
content-length: 203
X-Firefox-Spdy: h2

bat.bing.com/bat.js

13.107.21.200

200 OK

13 kB

URL GET HTTP/2
bat.bing.com/bat.js
IP
13.107.21.200:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT

File type
Unicode text, UTF-8 text, with very long lines (46103), with no line terminators
Size
13 kB (13175 bytes)
Hash
7f75f159026f3a2c8cccda487b43157b
021cf5c854db063cd79bf0394c24eb994e095640
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

HTTP Headers

GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 13175
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ranges: bytes
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 304754401C9B4008AA19D87A461C0BB2 Ref B: OSL30EDGE0521 Ref C: 2023-11-28T09:11:46Z
date: Tue, 28 Nov 2023 09:11:45 GMT
X-Firefox-Spdy: h2

maps.googleapis.com/maps/api/js?key=AIzaSyCjEB7AjVweq4Flysqgx67UjWO26SeYfxA&libraries=places&callback=initPlaces

142.250.74.106

200 OK

66 kB

URL GET HTTP/3
maps.googleapis.com/maps/api/js?key=AIzaSyCjEB7AjVweq4Flysqgx67UjWO26SeYfxA&libraries=places&callback=initPlaces
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (2928)
Size
66 kB (66426 bytes)
Hash
a1f208597379f131d1ef96dd59963e00
d5fd2afed01a399246a2049c8e08580a2c9bad96
900e0cec6cab4424036ac2c7606cb640875ddb640bc1a869b90d257e35cd6164

HTTP Headers

GET /maps/api/js?key=AIzaSyCjEB7AjVweq4Flysqgx67UjWO26SeYfxA&libraries=places&callback=initPlaces HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
timing-allow-origin: *
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
vary: Accept-Language, Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 28 Nov 2023 09:11:46 GMT
server: scaffolding on HTTPServer2
content-length: 66426
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

weareindy.com/app/cdn/v4.0.194/js/chunk.59364.c03f3aece98a38eb3539.js

143.204.55.35

200 OK

64 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.59364.c03f3aece98a38eb3539.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (24887), with no line terminators
Size
64 kB (63528 bytes)
Hash
0ade5edd2913f8e23e93ea5a45b7d961
4911608a74a9d99088c547b8c26e654a746d92af
05583c5bab263967f529bab86333491fcae5c42c48c8f07fba9beb69e050a652

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.59364.c03f3aece98a38eb3539.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:45 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"6137-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FYuSyag14-6BDb1_m3MKbcsxpAszHBR7SdZLxdXvP7-FXG_KA6Zizw==
X-Firefox-Spdy: h2

maps.googleapis.com/maps-api-v3/api/js/55/2/places_impl.js

142.250.74.106

200 OK

16 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/2/places_impl.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (3135)
Size
16 kB (16301 bytes)
Hash
1e0a7d61a5199a1a7a1841fb7b559658
5dce0624c61d1383b75dfe0269e55aa81593305e
93c29495b506208c97e8692bb8f288f570f85ac9a4746d650f9bf450b991fee3

HTTP Headers

GET /maps-api-v3/api/js/55/2/places_impl.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 16301
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Nov 2023 19:45:49 GMT
expires: Wed, 20 Nov 2024 19:45:49 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Nov 2023 19:44:48 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 566757
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

142.250.74.106

200 OK

23 B

URL GET HTTP/3
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
JSON data\012- , ASCII text
Size
23 B (23 bytes)
Hash
8a80554c91d9fca8acb82f023de02f11
5f36b2ea290645ee34d943220a14b54ee5ea5be5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

HTTP Headers

GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://weareindy.com
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 28 Nov 2023 09:11:46 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://weareindy.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/55/2/controls.js

142.250.74.106

200 OK

24 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/2/controls.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (1732)
Size
24 kB (24447 bytes)
Hash
bb830df9aba393b26e45a03cbf3329bf
1cf6cd115e5f4edbdb264b169264671fe56eef92
ed98b373a2f07449b55782ce711e921530448624ec51e31dc27f707610243715

HTTP Headers

GET /maps-api-v3/api/js/55/2/controls.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 24447
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Nov 2023 19:45:49 GMT
expires: Wed, 20 Nov 2024 19:45:49 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Nov 2023 19:44:48 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 566757
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/55/2/util.js

142.250.74.106

200 OK

55 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/2/util.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (562)
Size
55 kB (54873 bytes)
Hash
2bd2d553bca8f4e18ea4c10d6303b1a3
c2c4bdd6639ded6b5d9e7c197ac8e589dfaf8f27
fa53e5e405cdb88eee49c98c9d36b038378e23cb991051ffba64bc70ef06e020

HTTP Headers

GET /maps-api-v3/api/js/55/2/util.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 54873
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Nov 2023 19:45:35 GMT
expires: Wed, 20 Nov 2024 19:45:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Nov 2023 19:44:48 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 566771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

weareindy.com/app/meta/favicon-16x16.png

143.204.55.35

200 OK

858 B

URL GET HTTP/2
weareindy.com/app/meta/favicon-16x16.png
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
858 B (858 bytes)
Hash
29d551835f09c09c6040f0576423c297
f2aa1055ed475ed17b4a82890d545d23081aba22
541716a2c33076d2f4afc23a032ed6202e9f2957abab254dec26af9a434a1999

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/meta/favicon-16x16.png HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 858
date: Tue, 28 Nov 2023 09:11:46 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
accept-ranges: bytes
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
etag: W/"35a-18c129cfb18"
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Ki8RPzFJX5BMhvdpEKK3VXOPY5zKl7rmROWuiYhI_KoYikMDI4JtVw==
X-Firefox-Spdy: h2

weareindy.com/app/meta/apple-touch-icon.png

143.204.55.35

200 OK

9.3 kB

URL GET HTTP/2
weareindy.com/app/meta/apple-touch-icon.png
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
9.3 kB (9261 bytes)
Hash
76fad76c942ff76bbfe2a01ba39e4557
09c2937f3b8f3c8b0203a98b11c4efda96e63124
3a692a74db8ba1fcf82e19b7818dc180dad4ac7b24774ee5e9400cf5b6b9aba6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/meta/apple-touch-icon.png HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 9261
date: Tue, 28 Nov 2023 09:11:46 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
accept-ranges: bytes
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
etag: W/"242d-18c129cfb18"
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oynmF7Tnthr6mvYTdRvnQE1GG8VCMqe5M0JhNJ-Mrr2DTuVh6fL4Nw==
X-Firefox-Spdy: h2

assets.pinterest.com/js/pinit_main.js?0.7849956957079369

151.101.84.84

200 OK

19 kB

URL GET HTTP/3
assets.pinterest.com/js/pinit_main.js?0.7849956957079369
IP
151.101.84.84:443
ASN
#54113 FASTLY

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerDigiCert Inc
Subject*.pinterest.com
Fingerprint4D:02:6D:A8:DF:FA:2E:1C:D3:43:46:EF:CF:92:F1:7A:41:8F:BA:0B
ValidityMon, 31 Jul 2023 00:00:00 GMT - Wed, 07 Aug 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (32016)
Size
19 kB (18679 bytes)
Hash
980b58b2bf6b18e45583fc3d1d05e145
90fd7a45d8ab0672d45ecaa9a4b7f430ffe1d149
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

HTTP Headers

GET /js/pinit_main.js?0.7849956957079369 HTTP/1.1
Host: assets.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 18679
etag: "3725764cf05d1a0938de73d398772331"
content-encoding: br
content-type: application/javascript; charset=utf-8
x-cdn: fastly
alt-svc: h3=":443";ma=600
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 86400
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
date: Tue, 28 Nov 2023 09:11:46 GMT

weareindy.com/app/fonts/GreycliffCF-Regular.woff2

143.204.55.35

200 OK

41 kB

URL GET HTTP/2
weareindy.com/app/fonts/GreycliffCF-Regular.woff2
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40652, version 2.-32768\012- data
Size
41 kB (40652 bytes)
Hash
0176124e7a4f7ab1436ebac023e59288
4a8e4c0129e4188035ad29a1f79bf921351a488f
57b8f6adc0bfc03a382b30203774ba2497d21b8836c89b5132ed76dae6a765bb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/fonts/GreycliffCF-Regular.woff2 HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/fonts/fonts.css?version=2
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: font/woff2
content-length: 40652
date: Tue, 28 Nov 2023 09:11:46 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
accept-ranges: bytes
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
etag: W/"9ecc-18c129cfb18"
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sawM0IgCS-p4HEDYcJGHR8S59ZV0VRbUbE92Se7uxTqgfAcWHQEhtA==
X-Firefox-Spdy: h2

bat.bing.com/action/0?ti=137021070&tm=gtm002&Ver=2&mid=156c8f9c-454b-4f39-8598-bc01dece2ae1&sid=2a1551208dce11ee9dd63bbcbb7a2965&vid=2a1588f08dce11eeba0c8fdc08de6c36&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Indy%20%7C%20Your%20Tool%20for%20Clients,%20Proposals,%20Contracts%20%26%20Invoices&p=https%3A%2F%2Fweareindy.com%2Fapp%2Fshared%2Fforms%2F6564ff87160cedf27fb2da13%2FmBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg%2F&r=&lt=3333&evt=pageLoad&sv=1&rn=983249

13.107.21.200

204 No Content

0 B

URL GET HTTP/2
bat.bing.com/action/0?ti=137021070&tm=gtm002&Ver=2&mid=156c8f9c-454b-4f39-8598-bc01dece2ae1&sid=2a1551208dce11ee9dd63bbcbb7a2965&vid=2a1588f08dce11eeba0c8fdc08de6c36&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Indy%20%7C%20Your%20Tool%20for%20Clients,%20Proposals,%20Contracts%20%26%20Invoices&p=https%3A%2F%2Fweareindy.com%2Fapp%2Fshared%2Fforms%2F6564ff87160cedf27fb2da13%2FmBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg%2F&r=&lt=3333&evt=pageLoad&sv=1&rn=983249
IP
13.107.21.200:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /action/0?ti=137021070&tm=gtm002&Ver=2&mid=156c8f9c-454b-4f39-8598-bc01dece2ae1&sid=2a1551208dce11ee9dd63bbcbb7a2965&vid=2a1588f08dce11eeba0c8fdc08de6c36&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Indy%20%7C%20Your%20Tool%20for%20Clients,%20Proposals,%20Contracts%20%26%20Invoices&p=https%3A%2F%2Fweareindy.com%2Fapp%2Fshared%2Fforms%2F6564ff87160cedf27fb2da13%2FmBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg%2F&r=&lt=3333&evt=pageLoad&sv=1&rn=983249 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1E4C4847FEC56E570E0C5B90FF306FE5; domain=.bing.com; expires=Sun, 22-Dec-2024 09:11:46 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 527ECA38E9614338A9D467E79BCB5818 Ref B: OSL30EDGE0521 Ref C: 2023-11-28T09:11:46Z
date: Tue, 28 Nov 2023 09:11:46 GMT
X-Firefox-Spdy: h2

bat.bing.com/p/action/137021070.js

13.107.21.200

204 No Content

0 B

URL GET HTTP/2
bat.bing.com/p/action/137021070.js
IP
13.107.21.200:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/action/137021070.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BCEC0F4E1AE04F2B83FE04E91AAE36E2 Ref B: OSL30EDGE0521 Ref C: 2023-11-28T09:11:46Z
date: Tue, 28 Nov 2023 09:11:46 GMT
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.47478.fe6c27ad411ce0eb481a.js

143.204.55.35

200 OK

36 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.47478.fe6c27ad411ce0eb481a.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65446)
Size
36 kB (36469 bytes)
Hash
af5d81e800fe1564068830db00f177e6
83274ef82e3be009afa864642e07ebfc90df7edc
094a446e63fba5cde8576ec0bbed69b5d3e45b0ac393098e43011c621a6d00bc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.47478.fe6c27ad411ce0eb481a.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:45 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"1ae9f-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: g5qQ90y1K62IBlCkT9HqcfUyz01m5tUkdBPurEcpwAwxCWgOPN9cRg==
X-Firefox-Spdy: h2

widget.intercom.io/widget/cf5b8qu0

143.204.55.14

200 OK

2.7 kB

URL GET HTTP/2
widget.intercom.io/widget/cf5b8qu0
IP
143.204.55.14:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subject*.intercom.com
Fingerprint27:36:75:E6:21:EC:FC:7E:08:BC:C4:6B:91:C8:C1:2C:22:70:F7:34
ValidityTue, 14 Feb 2023 00:00:00 GMT - Thu, 14 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (6952), with no line terminators
Size
2.7 kB (2705 bytes)
Hash
a711a0d6f65a21ba4568515659ec9568
7dfeacd47a86794aedfb9d12c3cd079e709e36d8
3c2cd49e20ee9fad1d452cd42f86dab821efdb33d382f74d516d01deaa9b5f5b

HTTP Headers

GET /widget/cf5b8qu0 HTTP/1.1
Host: widget.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://weareindy.com
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 2705
last-modified: Tue, 28 Nov 2023 08:20:22 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: IUBovRvmR7gpfBu4jyT51fv.Uw9DTYaI
accept-ranges: bytes
server: AmazonS3
date: Tue, 28 Nov 2023 09:06:52 GMT
cache-control: max-age=300, s-maxage=300, public
etag: "22bf7f045c349abd42d35b6bc8d9f903"
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: XPCyi5VPVioibDtO-7Hk5tJ2cWQmfpE4mm5kZxxN1plAjjD_9fOZeg==
age: 298
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
X-Firefox-Spdy: h2

js.intercomcdn.com/frame.62d7371b.js

54.230.111.118

200 OK

189 kB

URL GET HTTP/2
js.intercomcdn.com/frame.62d7371b.js
IP
54.230.111.118:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subject*.intercomcdn.com
FingerprintDB:6C:E3:A6:F4:D6:1C:A4:BF:10:A4:E7:D0:68:FD:26:75:25:70:F4
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 29 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65464)
Size
189 kB (188998 bytes)
Hash
6dd0f03de271844876d5109dac20ccb6
f2cf7caaee06649467e52e9523ac6f98b749725f
b85c9f77944e962983461d13544f0fa748d76b8d33204ee68e1735b5c5477fac

HTTP Headers

GET /frame.62d7371b.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 188998
last-modified: Mon, 27 Nov 2023 17:01:01 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: D.ghWc3GjmreY2ksvrIJitpL6KCkwtQi
accept-ranges: bytes
server: AmazonS3
date: Tue, 28 Nov 2023 09:03:45 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "9cc058e9ac2b9ebabd3ba9fdfef00940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: M01vMZ_Re6ap72KbXCnSx_qbyIo6SQLD_FgQFEpXmKK4IrELNPYa4Q==
age: 483
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2

js.intercomcdn.com/vendor.74ba73cb.js

54.230.111.118

200 OK

182 kB

URL GET HTTP/2
js.intercomcdn.com/vendor.74ba73cb.js
IP
54.230.111.118:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subject*.intercomcdn.com
FingerprintDB:6C:E3:A6:F4:D6:1C:A4:BF:10:A4:E7:D0:68:FD:26:75:25:70:F4
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 29 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65463)
Size
182 kB (181453 bytes)
Hash
9c0b57ad24bdaa7c3854575035d6b58f
03394651b12c578815b29e7ad53628e16fb5eef9
d760bccbacc8c1c19e3420c4770bdd1fa0b13dd6989ef4e2c08e6813e27cfe14

HTTP Headers

GET /vendor.74ba73cb.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 181453
last-modified: Tue, 21 Nov 2023 15:41:26 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: AotlJBEWVhxz974nMUShoTI7jBaL9M.Z
accept-ranges: bytes
server: AmazonS3
date: Tue, 28 Nov 2023 07:43:52 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "bc01597a46274ebf9a4c1a3dd6531fb5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: xODPTO1_UP27vCXS5IgqP1eKT-NzuOX-lHe-bc-dOQJnLrp2Ra4fIQ==
age: 5276
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2

api-sc53gwjr.weareindy.com/api/SystemConfigs?filter=%7B%22where%22%3A%7B%22label%22%3A%22deployment_banner%22%7D%7D

52.89.160.54

200 OK

467 B

URL GET HTTP/2
api-sc53gwjr.weareindy.com/api/SystemConfigs?filter=%7B%22where%22%3A%7B%22label%22%3A%22deployment_banner%22%7D%7D
IP
52.89.160.54:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint81:72:7F:9F:A8:4D:B1:2E:E4:79:02:44:34:F4:3E:1B:DB:F2:23:F9
ValiditySat, 09 Sep 2023 00:00:00 GMT - Mon, 07 Oct 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with very long lines (467), with no line terminators
Size
467 B (467 bytes)
Hash
57e131edc6c9bd338490f0de3c2b4460
43857e56a56f509fa02e8805785a7790c833dc4b
286071c59564eca3d20496015cca2f2b69351dc2cc054501e2930cce31ee9dad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/SystemConfigs?filter=%7B%22where%22%3A%7B%22label%22%3A%22deployment_banner%22%7D%7D HTTP/1.1
Host: api-sc53gwjr.weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Time-Zone: UTC
Origin: https://weareindy.com
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:11:47 GMT
content-type: application/json; charset=utf-8
content-length: 467
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Accept-Encoding
access-control-expose-headers: Set-Cookie
x-ratelimit-remaining: 999
x-ratelimit-requested-tokens: 1
x-ratelimit-burst-capacity: 1000
x-ratelimit-replenish-rate: 1000
x-ratelimit-key: systemconfigs_ip_91_90_42_154
x-ratelimit-service: systemconfigs
x-ratelimit-identity: ip
etag: W/"1d3-Q4V+VqVvUJ+gLogFeFp3kMgz3Es"
access-control-allow-origin: https://weareindy.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2

api-sc53gwjr.weareindy.com/socket.io/?EIO=4&transport=websocket

52.89.160.54

0 B

URL
api-sc53gwjr.weareindy.com/socket.io/?EIO=4&transport=websocket
IP
52.89.160.54:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint81:72:7F:9F:A8:4D:B1:2E:E4:79:02:44:34:F4:3E:1B:DB:F2:23:F9
ValiditySat, 09 Sep 2023 00:00:00 GMT - Mon, 07 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /socket.io/?EIO=4&transport=websocket HTTP/1.1
Host: api-sc53gwjr.weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://weareindy.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: c2dBZCt6Xle0Sfuh69LsQA==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Tue, 28 Nov 2023 09:11:47 GMT
Connection: upgrade
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://weareindy.com
Access-Control-Expose-Headers: Set-Cookie
Access-Control-Allow-Credentials: true
X-RateLimit-Remaining: 999
X-RateLimit-Requested-Tokens: 1
X-RateLimit-Burst-Capacity: 1000
X-RateLimit-Replenish-Rate: 1000
X-RateLimit-Key: _ip_91_90_42_154
X-RateLimit-Service: 
X-RateLimit-Identity: ip
upgrade: websocket
sec-websocket-accept: u0W1NPcSkichReV/Z5WSqXUkYhQ=

weareindy.com/app/cdn/v4.0.194/js/chunk.822.dc9d79b3329487700902.js

143.204.55.35

200 OK

7.5 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.822.dc9d79b3329487700902.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (27211), with no line terminators
Size
7.5 kB (7458 bytes)
Hash
0934fe7443eb1124450b31fedcb9d3a3
ab4716187b2cd005cff29f02b78027741571e0b1
1505e7005ab681b2fecf7626495b61e17b4bd4bd94e545c8415c24d4f2f377b5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.822.dc9d79b3329487700902.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:47 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"6a4c-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gFRA0e_YSTsPwwzri94K6qKPZ0grFvc6Y69CYX4a2XWvioF39Fenkw==
X-Firefox-Spdy: h2

nexus-websocket-a.intercom.io/pubsub/5-DeVu8YIaMriBB-foEw_t4eDohsGowEOcuwVTj1QITuWVW6nIpoXn2TVOXDaI-cHrCU2C7Jpnh9QScnTxUJoyLnpvAFm4Sli8no0a?X-Nexus-New-Client=true&X-Nexus-Version=0.12.9&user_role=undefined

34.237.73.95

0 B

URL
nexus-websocket-a.intercom.io/pubsub/5-DeVu8YIaMriBB-foEw_t4eDohsGowEOcuwVTj1QITuWVW6nIpoXn2TVOXDaI-cHrCU2C7Jpnh9QScnTxUJoyLnpvAFm4Sli8no0a?X-Nexus-New-Client=true&X-Nexus-Version=0.12.9&user_role=undefined
IP
34.237.73.95:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pubsub/5-DeVu8YIaMriBB-foEw_t4eDohsGowEOcuwVTj1QITuWVW6nIpoXn2TVOXDaI-cHrCU2C7Jpnh9QScnTxUJoyLnpvAFm4Sli8no0a?X-Nexus-New-Client=true&X-Nexus-Version=0.12.9&user_role=undefined HTTP/1.1
Host: nexus-websocket-a.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://weareindy.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 109ZtvOY5lLMY5bkUhDwBA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Tue, 28 Nov 2023 09:11:48 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ItQiNKcYO9WlSoPqe4A9R4oDTkA=
Sec-WebSocket-Extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover

93704e94940a410d8638ca93bae94cd2.apm.us-west-2.aws.found.io/intake/v2/rum/events

52.26.59.44

202 Accepted

0 B

URL POST HTTP/2
93704e94940a410d8638ca93bae94cd2.apm.us-west-2.aws.found.io/intake/v2/rum/events
IP
52.26.59.44:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerLet's Encrypt
Subject*.us-west-2.aws.elastic-cloud.com
Fingerprint7F:85:06:27:3B:95:51:B2:C7:74:31:D7:3D:00:33:03:E5:66:8D:28
ValiditySun, 26 Nov 2023 00:15:06 GMT - Sat, 24 Feb 2024 00:15:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /intake/v2/rum/events HTTP/1.1
Host: 93704e94940a410d8638ca93bae94cd2.apm.us-west-2.aws.found.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://weareindy.com/
Origin: https://weareindy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-headers: Content-Type, Content-Encoding, Accept
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://weareindy.com
access-control-expose-headers: Etag
access-control-max-age: 3600
date: Tue, 28 Nov 2023 09:11:48 GMT
vary: Origin
x-cloud-request-id: HXk_HMy0R7ybr3Pf3Wutgg
x-content-type-options: nosniff
x-found-handling-cluster: ae126fd2c13a4604b252af7f14b33415
x-found-handling-instance: instance-0000000021
content-length: 0
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.37987.dab09a83f5e4b428bc32.js

143.204.55.35

200 OK

60 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.37987.dab09a83f5e4b428bc32.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65446)
Size
60 kB (60181 bytes)
Hash
a8b79dbd6f9aa72c5290f8859f9303a9
bba27976cdb3d77986cd1b64fb19bf80da290328
2a73ac488a1de4e203cea46d49270843b69eb22f7caa24bc078fb211cb13fa2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.37987.dab09a83f5e4b428bc32.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:47 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"3a960-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MiuD9vFdHcC4Y687CJXy_q48JHJk6BPYAfTZgG5F2Ol7SiOAp46vow==
X-Firefox-Spdy: h2

93704e94940a410d8638ca93bae94cd2.apm.us-west-2.aws.found.io/intake/v2/rum/events

52.26.59.44

202 Accepted

0 B

URL POST HTTP/2
93704e94940a410d8638ca93bae94cd2.apm.us-west-2.aws.found.io/intake/v2/rum/events
IP
52.26.59.44:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerLet's Encrypt
Subject*.us-west-2.aws.elastic-cloud.com
Fingerprint7F:85:06:27:3B:95:51:B2:C7:74:31:D7:3D:00:33:03:E5:66:8D:28
ValiditySun, 26 Nov 2023 00:15:06 GMT - Sat, 24 Feb 2024 00:15:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /intake/v2/rum/events HTTP/1.1
Host: 93704e94940a410d8638ca93bae94cd2.apm.us-west-2.aws.found.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-ndjson
Content-Length: 20104
Origin: https://weareindy.com
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 202 Accepted
access-control-allow-origin: https://weareindy.com
date: Tue, 28 Nov 2023 09:11:49 GMT
x-cloud-request-id: JocV54HsQlWKg43LYk1a-g
x-content-type-options: nosniff
x-found-handling-cluster: ae126fd2c13a4604b252af7f14b33415
x-found-handling-instance: instance-0000000021
content-length: 0
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.18231.15ff137fd67b97d03bbb.js

143.204.55.35

200 OK

72 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.18231.15ff137fd67b97d03bbb.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65446)
Size
72 kB (72258 bytes)
Hash
1cd321d66a8739317a2c399b63cd8f87
e5668bf2acc5f4eb3873417d6e2fb044d924c94c
f2ab8aebad0930ac29158d729177f34bf518c7f7dd58e6ad1c4ceeb14c25d96d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.18231.15ff137fd67b97d03bbb.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:47 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"3f8db-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yB3sfVV5xzV1hoHRxAR1iH-yqAXJcZPSdJbXtoYHs3z5LmYUuZsZbw==
X-Firefox-Spdy: h2

api-sc53gwjr.weareindy.com/api/SystemConfigs?

52.89.160.54

200 OK

675 B

URL GET HTTP/2
api-sc53gwjr.weareindy.com/api/SystemConfigs?
IP
52.89.160.54:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint81:72:7F:9F:A8:4D:B1:2E:E4:79:02:44:34:F4:3E:1B:DB:F2:23:F9
ValiditySat, 09 Sep 2023 00:00:00 GMT - Mon, 07 Oct 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with very long lines (675), with no line terminators
Size
675 B (675 bytes)
Hash
3327405ecbc09f584aa0194b230741b4
e0cf80975c150f16a8935acde7e8b403703cf7d6
6a7abd4902943ec410159355369b7b0fbf9974c7a3e1cc7cd1a56aa9ba68b5d4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/SystemConfigs? HTTP/1.1
Host: api-sc53gwjr.weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://weareindy.com/
Content-Type: application/json
Time-Zone: UTC
authorization: undefined
Origin: https://weareindy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:11:49 GMT
content-type: application/json; charset=utf-8
content-length: 675
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Accept-Encoding
access-control-expose-headers: Set-Cookie
x-ratelimit-remaining: 999
x-ratelimit-requested-tokens: 1
x-ratelimit-burst-capacity: 1000
x-ratelimit-replenish-rate: 1000
x-ratelimit-key: systemconfigs_ip_91_90_42_154
x-ratelimit-service: systemconfigs
x-ratelimit-identity: ip
etag: W/"2a3-4M+Al1wVDxaok1rN5+i0A3A899Y"
access-control-allow-origin: https://weareindy.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.84658.79ffb0d6a9890557f16e.js

143.204.55.35

200 OK

645 B

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.84658.79ffb0d6a9890557f16e.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (1020), with no line terminators
Size
645 B (645 bytes)
Hash
097f8479d5ed005b488f29123a8dc305
64a1975630b0517486eb23ef76cf153d32cfb84e
298bb99552ae6fa3f68661c9fb87fda37c9e376159b80af9302139166246e1de

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.84658.79ffb0d6a9890557f16e.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:49 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"400-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8TeIKn-AXSv7ZuFAr4tFYQieKF4NMt1LLr1TZ7SpgwibNhtHZs8t8Q==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/css/51435.7dbaca2d54358665e06b.css

143.204.55.35

200 OK

44 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/css/51435.7dbaca2d54358665e06b.css
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (21831), with no line terminators
Size
44 kB (44298 bytes)
Hash
67008e2d0cad80dab081885f7ff66d6b
3b4e5e826688aaa35d17be703338ad1568465993
c426e8e21352863477ac72e8d7f0ac5a2687d8fddfb3e0bb829ebf2a03612988

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/css/51435.7dbaca2d54358665e06b.css HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:49 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"5547-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vUJG-d7T5AbcMJTsbdq4vy-EeAr8CcJzvW5HSqBmZcwA8k4YHBgyhw==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/css/28279.0365719004ccf13f9c28.css

143.204.55.35

200 OK

7.4 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/css/28279.0365719004ccf13f9c28.css
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (8407), with no line terminators
Size
7.4 kB (7446 bytes)
Hash
da5fad285a94fbb15167ea3d0e4134d3
77ff90d67a81ad69bf75522773425c2bcc7fbdd9
87f40e08dcec8206564d1d29b5549596be98493452812e5a82526a2ca5c53b77

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/css/28279.0365719004ccf13f9c28.css HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:50 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"20d7-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hd5p0oxOWReaE-sHNkfUcKyd7aa-EMTvHsRT3qDc0CgcNMRugQS0TA==
X-Firefox-Spdy: h2

api-sc53gwjr.weareindy.com/api/Participants/authorize

52.89.160.54

401 Unauthorized

126 B

URL POST HTTP/2
api-sc53gwjr.weareindy.com/api/Participants/authorize
IP
52.89.160.54:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint81:72:7F:9F:A8:4D:B1:2E:E4:79:02:44:34:F4:3E:1B:DB:F2:23:F9
ValiditySat, 09 Sep 2023 00:00:00 GMT - Mon, 07 Oct 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
126 B (126 bytes)
Hash
53dd905e98213d162f6493e1003e1bd4
f2cdff3d62504a629ddfd170e502ef28cd8cc848
148d92a425de464445e35d9404c273b1244bcebf4a9cff6b2d56adfa29b20e29

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /api/Participants/authorize HTTP/1.1
Host: api-sc53gwjr.weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Time-Zone: UTC
Content-Length: 79
Origin: https://weareindy.com
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 401 Unauthorized
date: Tue, 28 Nov 2023 09:11:51 GMT
content-type: application/json; charset=utf-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Accept-Encoding
access-control-expose-headers: Set-Cookie
x-ratelimit-remaining: 999
x-ratelimit-requested-tokens: 1
x-ratelimit-burst-capacity: 1000
x-ratelimit-replenish-rate: 1000
x-ratelimit-key: participants_ip_91_90_42_154
x-ratelimit-service: participants
x-ratelimit-identity: ip
x-content-type-options: nosniff
access-control-allow-origin: https://weareindy.com
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.90750.7477daec09d4992662c2.js

143.204.55.35

200 OK

3.4 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.90750.7477daec09d4992662c2.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (11075), with no line terminators
Size
3.4 kB (3422 bytes)
Hash
c03056d4ec2d2d7f2f86e3277cfec700
0e3189f3b8acc83332d1cd509d046051708014ab
c22739d0dda96ab95002affbd2b758182462a868bd12dbaaeeec208db58b450a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.90750.7477daec09d4992662c2.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:50 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"2b43-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UbJXvXQuOfl2SmRtqjpUvB-FZBzr6crWHuCyW1cQe2BXcRzaVkrPjQ==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.23659.5c41bc68960b149dcede.js

143.204.55.35

200 OK

4.4 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.23659.5c41bc68960b149dcede.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (16086), with no line terminators
Size
4.4 kB (4398 bytes)
Hash
276abc210ac28bde3ec0b97b0f481191
169f4d923a6d5300c3b68780a8d1efbdb5456c5d
756658380d852fd5d990891a8884510011853c03f6cc1a11a8fdf56e9e546ffb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.23659.5c41bc68960b149dcede.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:51 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"3ed6-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: x7EAZWm2bB1s3Z2kpuL5s7IVkL-DnmB34uTjq1fOk7xABf9bvn_7Pw==
X-Firefox-Spdy: h2

logs-sc53gwjr.weareindy.com/logs/prod

44.236.110.136

200 OK

0 B

URL POST HTTP/1.1
logs-sc53gwjr.weareindy.com/logs/prod
IP
44.236.110.136:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.dev
Fingerprint17:BD:5E:0C:AD:4F:D8:EA:B0:57:DE:A7:86:12:64:C3:54:67:71:C7
ValidityThu, 20 Jul 2023 00:00:00 GMT - Sun, 18 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /logs/prod HTTP/1.1
Host: logs-sc53gwjr.weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 9699
Origin: https://weareindy.com
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 09:11:52 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://weareindy.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT, POST, OPTIONS
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Access-Control-Max-Age: 1728000

logs-sc53gwjr.weareindy.com/logs/prod

44.236.110.136

200 OK

0 B

URL POST HTTP/1.1
logs-sc53gwjr.weareindy.com/logs/prod
IP
44.236.110.136:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.dev
Fingerprint17:BD:5E:0C:AD:4F:D8:EA:B0:57:DE:A7:86:12:64:C3:54:67:71:C7
ValidityThu, 20 Jul 2023 00:00:00 GMT - Sun, 18 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /logs/prod HTTP/1.1
Host: logs-sc53gwjr.weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 9181
Origin: https://weareindy.com
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 09:11:52 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://weareindy.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT, POST, OPTIONS
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Access-Control-Max-Age: 1728000

weareindy.com/app/cdn/v4.0.194/css/75639.63050d8e9df114d8661e.css

143.204.55.35

200 OK

60 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/css/75639.63050d8e9df114d8661e.css
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (56271), with no line terminators
Size
60 kB (60417 bytes)
Hash
4da83318143cb127f6e44c655745ab81
722720aa5a507e09066117141bf7469383936970
71fb64a2ba142c033e133b69d76e27ff13d6909324e39820e816d37356ed878a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/css/75639.63050d8e9df114d8661e.css HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:50 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"dc11-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Pcdd6yAGnI5BGUTSSDQX0ku8CwbUf_4Ro4AhCyr4af7dEfx7YBd_aA==
X-Firefox-Spdy: h2

93704e94940a410d8638ca93bae94cd2.apm.us-west-2.aws.found.io/intake/v2/rum/events

52.26.59.44

202 Accepted

0 B

URL POST HTTP/2
93704e94940a410d8638ca93bae94cd2.apm.us-west-2.aws.found.io/intake/v2/rum/events
IP
52.26.59.44:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerLet's Encrypt
Subject*.us-west-2.aws.elastic-cloud.com
Fingerprint7F:85:06:27:3B:95:51:B2:C7:74:31:D7:3D:00:33:03:E5:66:8D:28
ValiditySun, 26 Nov 2023 00:15:06 GMT - Sat, 24 Feb 2024 00:15:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /intake/v2/rum/events HTTP/1.1
Host: 93704e94940a410d8638ca93bae94cd2.apm.us-west-2.aws.found.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-ndjson
Content-Length: 15602
Origin: https://weareindy.com
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 202 Accepted
access-control-allow-origin: https://weareindy.com
date: Tue, 28 Nov 2023 09:11:53 GMT
x-cloud-request-id: cvRvuyFsRB2DHY4wyi1PaQ
x-content-type-options: nosniff
x-found-handling-cluster: ae126fd2c13a4604b252af7f14b33415
x-found-handling-instance: instance-0000000021
content-length: 0
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.27876.ddfcf7b7c5e61c500e41.js

143.204.55.35

200 OK

9.6 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.27876.ddfcf7b7c5e61c500e41.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (9813), with no line terminators
Size
9.6 kB (9579 bytes)
Hash
b5552f1d61757729ab9ced58b11cb11c
9fb24966e5f5dc913d2b188ab15f0c690c40ad6e
9f6483e0a0390d87ef1004fd7563a6eb181c0a711dcac1b5b0921eda34b4d0e5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.27876.ddfcf7b7c5e61c500e41.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:49 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"256b-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: S5OkHkg1x6TyaHq_aySv8mmLazOUpk2wJTB3ZFAlCCLROIOTwA1rQg==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.87041.c94678789a6608c1729f.js

143.204.55.35

200 OK

11 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.87041.c94678789a6608c1729f.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type

Size
11 kB (10754 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.87041.c94678789a6608c1729f.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:50 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"2a02-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RF1kf4MR7I8uaaxUSL9G11maWncEIjcw_9_JUzPX4R7_pNoUmaY2TQ==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.43410.7a747328b2dc7a639c1f.js

143.204.55.35

200 OK

20 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.43410.7a747328b2dc7a639c1f.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (20023), with no line terminators
Size
20 kB (20023 bytes)
Hash
f3bc5a9b3589335d03f778409b0c7f81
d96bdd31e8c4ebae700fbcaf88736d030be40ce6
bbe6f70a46aa4d5edad22a3b1a05f0ae86d5de024f991e0961fc9ff66366fa40

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.43410.7a747328b2dc7a639c1f.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:51 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"4e37-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3y9DFvrNYgCnltETTqlNWrRiymDjSU5z0qw5EZDQCFUcmMa2ClPE7A==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.84687.f03ef4359e9b7d4b1816.js

143.204.55.35

200 OK

17 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.84687.f03ef4359e9b7d4b1816.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (16668), with no line terminators
Size
17 kB (16668 bytes)
Hash
19f19c3911f90d61a75b17e92fac6ea7
db2178825641b430ebe5e8a7a563d2c9c9fe498b
a343a957fcd453e95cbe52f5fe771733b3f9d3d9cccc1342ed8a945d5ba34f0e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.84687.f03ef4359e9b7d4b1816.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:49 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"411c-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fil_I96KA0jfhGGOk6aLgX9YkMDmaYOutTrJP1D9LqRIXN55P_pCUQ==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.18637.b388bc4d6e7e4b958372.js

143.204.55.35

200 OK

49 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.18637.b388bc4d6e7e4b958372.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (49035), with no line terminators
Size
49 kB (49035 bytes)
Hash
407388c4fcfa3af27782debd5763a85a
b789602405d312473f7a30c110640845ee782527
8bdbde4529ed2b73dcd11c8b2051310eae4d14a86c4b47e8d23843de072c7a98

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.18637.b388bc4d6e7e4b958372.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:51 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"bf8b-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _IomUtb3rbpfm0HyrWqdY14ZXRygMp-AXGFY9dFF6rPaHdnGSC9HLA==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.47986.322a182619b9e4d2cd08.js

143.204.55.35

200 OK

6.5 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.47986.322a182619b9e4d2cd08.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (6562), with no line terminators
Size
6.5 kB (6504 bytes)
Hash
74c52e13b020ac37112a88c341f0f519
1caf04e02dc03963e70befc423f0d9dfb5ba7237
11275b474f725e7a75dae47b87f4834276cea7c1151ec001f75b24bacac6ceb7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.47986.322a182619b9e4d2cd08.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:50 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"1968-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zmqotE0qgT-D5npaFEk8o0CsYzFYEfKMkBQDiEMpH_vOUyCVpFGyTQ==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.52180.0dad90d31f89115696ff.js

143.204.55.35

200 OK

37 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.52180.0dad90d31f89115696ff.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type

Size
37 kB (36845 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.52180.0dad90d31f89115696ff.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:50 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"8fed-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AwFHC7cWSw9XPi98LwHrS1QdUd1mVKDB4_8xrbygsmNB0SnhZvoizw==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/css/7695.3f1df5c6fc9677c9ce74.css

143.204.55.35

200 OK

27 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/css/7695.3f1df5c6fc9677c9ce74.css
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (27263), with no line terminators
Size
27 kB (27263 bytes)
Hash
07c348c46061e130c169c2136631a34e
c916796d1a9a1dff0bca78cf9675c302326d19cd
b0baa347624628198da56afde1852367528802581815202a67ede805860a999f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/css/7695.3f1df5c6fc9677c9ce74.css HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:51 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"6a7f-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5A89vc_K1I5MO9cBX9cd85hZAwqrpteuj1I4NLjeoAKa5xESn2-Wxw==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.6828.dfb4d5fe03113b84f41b.js

143.204.55.35

200 OK

605 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.6828.dfb4d5fe03113b84f41b.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type

Size
605 kB (605292 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.6828.dfb4d5fe03113b84f41b.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:47 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"93c6c-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VizHNUxRaBtZttAe0coCFJ-nmF9IRMgeEyRQG6X1BdHdYdetxCv6yw==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.71804.8eb02e8e72ad2af294b7.js

143.204.55.35

200 OK

79 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.71804.8eb02e8e72ad2af294b7.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type

Size
79 kB (78551 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.71804.8eb02e8e72ad2af294b7.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:47 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"132d7-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ut0vnmsVcQlYYNtnhiT3UG8mRPcOHbE0SFt54SwhFFRdgyBpvrVB-Q==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.54148.f4855180b64c74662d41.js

143.204.55.35

200 OK

10 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.54148.f4855180b64c74662d41.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (10242), with no line terminators
Size
10 kB (9988 bytes)
Hash
36cfbac9ac96467ffd2ec7777ff256b2
b42f70f33ad04b2d66dd7d92873d48eeb1f87154
3a745f0f1a5e062930581fdb88969a9b7fd26d205b82d69e0b707ff617c96215

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.54148.f4855180b64c74662d41.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:50 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"2704-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ToLpiKCHWyOZQ6uLoBMkGsFGZXHztcDlmGD_tEG5iE4VV6oXWiUQxg==
X-Firefox-Spdy: h2

weareindy.com/app/fonts/fonts.css?version=2

143.204.55.35

200 OK

2.6 kB

URL GET HTTP/2
weareindy.com/app/fonts/fonts.css?version=2
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2596), with no line terminators
Size
2.6 kB (2556 bytes)
Hash
c033c1ab37abbd2e2470de73002d72ee
c4877860fd873392d4a432311b33c4034ec37f80
da152d760eb40381055f6d5de71c79d6dec08290294c2873c85b4b03042ffda2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/fonts/fonts.css?version=2 HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:44 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"9fc-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VvCJD7TLhnREXNpxtx7Pj4OA3jwzAOrpmQmUfJaPwzcrh3BvmSoSGg==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.93676.89567ae9c76163524d3b.js

143.204.55.35

200 OK

39 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.93676.89567ae9c76163524d3b.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (39223), with no line terminators
Size
39 kB (39223 bytes)
Hash
3d16744164fbc258f00e369734e1a330
8db67f787ae838ac4968575b77974a3e07d5ee21
acd0867f7d48170e38682dff2a5b62b3b8fea3c8d80f41f9341ea76ca134303b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.93676.89567ae9c76163524d3b.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:51 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"9937-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GvxHur1AeIC8dn21W6UoFwfT4JKNnmCtSRtXNetnjyQ5ndizriKCzA==
X-Firefox-Spdy: h2

assets.calendly.com/assets/external/widget.js

172.64.146.81

200 OK

54 kB

URL GET HTTP/2
assets.calendly.com/assets/external/widget.js
IP
172.64.146.81:443
ASN
#13335 CLOUDFLARENET

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerCloudflare, Inc.
Subjectcalendly.com
FingerprintB3:3F:C9:C0:36:14:83:8F:9D:C5:51:9E:75:28:8C:F1:8D:92:93:F1
ValiditySun, 09 Apr 2023 00:00:00 GMT - Mon, 08 Apr 2024 23:59:59 GMT

File type

Size
54 kB (54465 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/external/widget.js HTTP/1.1
Host: assets.calendly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:11:43 GMT
content-type: application/javascript
cf-ray: 82d17c329af80b55-OSL
cf-cache-status: HIT
age: 195
cache-control: public, max-age=300
etag: W/"3be18f0a18cf9980a421cf1577f639f4"
expires: Wed, 29 Nov 2023 09:11:43 GMT
last-modified: Mon, 27 Nov 2023 22:54:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-bgj: minify
x-content-type-options: nosniff
set-cookie: __cf_bm=8dv1D1RTq87oPF5Z6IWWp16K4NFDEYDy577Ag5y5X8g-1701162703-0-AWOURouTmgj53zdrtjs3M4+Hf8ujr+jL2EGu1q99a8VH152qcuM9gNuj4Qko+ZPSt7Ze1iELEQRW5eT2xoLauzw=; path=/; expires=Tue, 28-Nov-23 09:41:43 GMT; domain=.calendly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

log.pinterest.com/?type=pidget&guid=XJFA5zT7vS_W&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fweareindy.com%2Fapp%2Fshared%2Fforms%2F6564ff87160cedf27fb2da13%2FmBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg%2F

151.101.192.84

400 Bad Request

0 B

URL GET HTTP/2
log.pinterest.com/?type=pidget&guid=XJFA5zT7vS_W&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fweareindy.com%2Fapp%2Fshared%2Fforms%2F6564ff87160cedf27fb2da13%2FmBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg%2F
IP
151.101.192.84:443
ASN
#54113 FASTLY

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerDigiCert Inc
Subject*.pinterest.com
Fingerprint4D:02:6D:A8:DF:FA:2E:1C:D3:43:46:EF:CF:92:F1:7A:41:8F:BA:0B
ValidityMon, 31 Jul 2023 00:00:00 GMT - Wed, 07 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?type=pidget&guid=XJFA5zT7vS_W&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fweareindy.com%2Fapp%2Fshared%2Fforms%2F6564ff87160cedf27fb2da13%2FmBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg%2F HTTP/1.1
Host: log.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 400 Bad Request
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-envoy-upstream-service-time: 3
server: envoy
x-pinterest-rid: 3271694741268331
accept-ranges: bytes
date: Tue, 28 Nov 2023 09:11:48 GMT
via: 1.1 varnish
x-served-by: cache-bma1643-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701162709.618716,VS0,VE42
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
content-length: 0
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.6234.6a02117409c94a88e2c1.js

143.204.55.35

200 OK

50 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.6234.6a02117409c94a88e2c1.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type

Size
50 kB (49509 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.6234.6a02117409c94a88e2c1.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:50 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"c165-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2OMyJ5H_EkxZ-bHz5C0PZOI2sGW7TElha3eJKKHaK1wNpYPM8_IP7A==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.90481.962f5b861ae1c2fd2b13.js

143.204.55.35

200 OK

11 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.90481.962f5b861ae1c2fd2b13.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type

Size
11 kB (11128 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.90481.962f5b861ae1c2fd2b13.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:51 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"2b78-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rpKpJiYWW5CnNuHiZ9Ek7Ep6q2zoWpCEne1zC37XQwFko7z-cVu_TA==
X-Firefox-Spdy: h2

api-sc53gwjr.weareindy.com/api/Forms/6564ff87160cedf27fb2da13?accessId=mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg&filter=%7B%22include%22%3A%5B%22project%22%5D%7D

52.89.160.54

401 Unauthorized

110 B

URL GET HTTP/2
api-sc53gwjr.weareindy.com/api/Forms/6564ff87160cedf27fb2da13?accessId=mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg&filter=%7B%22include%22%3A%5B%22project%22%5D%7D
IP
52.89.160.54:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint81:72:7F:9F:A8:4D:B1:2E:E4:79:02:44:34:F4:3E:1B:DB:F2:23:F9
ValiditySat, 09 Sep 2023 00:00:00 GMT - Mon, 07 Oct 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
110 B (110 bytes)
Hash
8221b2126e003569e1429d09a90ccf96
c2ecc2092f9b9cb8f7e00a2bda4f1e17e21ed642
ad403e1823450ab2a83756073b479bcc1bf9f2bca1eb8fa29434054a42c63b4b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/Forms/6564ff87160cedf27fb2da13?accessId=mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg&filter=%7B%22include%22%3A%5B%22project%22%5D%7D HTTP/1.1
Host: api-sc53gwjr.weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Time-Zone: UTC
Origin: https://weareindy.com
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 401 Unauthorized
date: Tue, 28 Nov 2023 09:11:52 GMT
content-type: application/json; charset=utf-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Accept-Encoding
access-control-expose-headers: Set-Cookie
x-ratelimit-remaining: 999
x-ratelimit-requested-tokens: 1
x-ratelimit-burst-capacity: 1000
x-ratelimit-replenish-rate: 1000
x-ratelimit-key: forms_ip_91_90_42_154
x-ratelimit-service: forms
x-ratelimit-identity: ip
x-content-type-options: nosniff
access-control-allow-origin: https://weareindy.com
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2

accounts.google.com/gsi/client

142.250.74.13

200 OK

203 kB

URL GET HTTP/2
accounts.google.com/gsi/client
IP
142.250.74.13:443
ASN
#15169 GOOGLE

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint1E:A9:E1:96:78:1D:08:FC:96:C8:C2:34:4F:02:D3:3D:FA:9A:D2:6B
ValidityMon, 23 Oct 2023 11:25:04 GMT - Mon, 15 Jan 2024 11:25:03 GMT

File type
ASCII text, with very long lines (3006)
Size
203 kB (203215 bytes)
Hash
c3380c070ac1310e24173b87bb4a694c
d14f8e5389ed23aab49e62e5835486d84a7b8624
0435416104a28587f4dd1363390ae564b1734d4dac040dcc9df69a78945c8473

HTTP Headers

GET /gsi/client HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
expires: Tue, 28 Nov 2023 09:11:46 GMT
date: Tue, 28 Nov 2023 09:11:46 GMT
cache-control: private, max-age=1800
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'nonce-spjEAIR_WkMKdp5yjr5WLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

weareindy.com/app/fonts/GreycliffCF-Medium.woff2

143.204.55.35

200 OK

41 kB

URL GET HTTP/2
weareindy.com/app/fonts/GreycliffCF-Medium.woff2
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40932, version 2.-32768\012- data
Size
41 kB (40932 bytes)
Hash
16d3c8d67d264fd788fe857be5978095
0db2a02702fcbde06b2145d6888c216649393030
a387097bb2b385b169e144909013757d49e29bf03a92908f6baf8822c59018d9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/fonts/GreycliffCF-Medium.woff2 HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/fonts/fonts.css?version=2
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: font/woff2
content-length: 40932
date: Tue, 28 Nov 2023 09:11:52 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
accept-ranges: bytes
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
etag: W/"9fe4-18c129cfb18"
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9b7H_bQCTjYnBraYtrkQmK4pdrNC0mYitPmyooHmiUR3jss52KdFoA==
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&family=Caveat:wght@400;500;600;700&family=Redacted+Script:wght@300;400;700&family=Inconsolata:wght@600&display=swap

142.250.74.106

200 OK

45 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&family=Caveat:wght@400;500;600;700&family=Redacted+Script:wght@300;400;700&family=Inconsolata:wght@600&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text
Size
45 kB (44666 bytes)
Hash
b810b4e87d78f4edd18bd53c7e9508bd
e17e87d3f9c362addb4804b7279ee126e0afac10
1f1d81a128f410f5373563d74a3956315d26335e04d01ecffb1d94a2e1d2e137

HTTP Headers

GET /css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&family=Caveat:wght@400;500;600;700&family=Redacted+Script:wght@300;400;700&family=Inconsolata:wght@600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 28 Nov 2023 09:11:43 GMT
date: Tue, 28 Nov 2023 09:11:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.91061.768aa40bbdba7be5a0e6.js

143.204.55.35

200 OK

46 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.91061.768aa40bbdba7be5a0e6.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type

Size
46 kB (45581 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.91061.768aa40bbdba7be5a0e6.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:51 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"b20d-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QDDDQf-w-oky987thzVFz1pzrYw2C-THEoFTvbYkHxVMMMDHqmpqWg==
X-Firefox-Spdy: h2

canny.io/sdk.js

143.204.55.84

200 OK

98 kB

URL GET HTTP/2
canny.io/sdk.js
IP
143.204.55.84:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectcanny.io
Fingerprint33:DC:78:08:76:52:3B:8E:9A:D5:AD:FD:6D:A1:AF:DF:C0:05:7A:AA
ValiditySat, 26 Aug 2023 00:00:00 GMT - Tue, 24 Sep 2024 23:59:59 GMT

File type

Size
98 kB (97696 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sdk.js HTTP/1.1
Host: canny.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript
last-modified: Tue, 09 May 2023 17:55:47 GMT
x-amz-version-id: cECg9kp3aGN47Qxez69enx_d_kw7IiPP
server: AmazonS3
content-encoding: gzip
date: Thu, 23 Nov 2023 01:29:22 GMT
cache-control: public, max-age=3600
etag: W/"1e365fd6f751ea1b9e83b83aa791c368"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Pv-tO1q7za1yLgR39E3HnJXRx26WystSLozjogIbZYh1rucrQagEhg==
age: 459752
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.97751.8c82b6894918f13bad57.js

143.204.55.35

200 OK

14 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.97751.8c82b6894918f13bad57.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (14370), with no line terminators
Size
14 kB (14370 bytes)
Hash
b6cc6e74e47556f9d398577dd46fc75e
24a684b0f068dd4b5b59048cb8d2c1b93bc6d568
3b7c930a09190b9969b8585e301f5fd40f368d46385ce2498adc4041bdf26132

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.97751.8c82b6894918f13bad57.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:51 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"3822-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CO0DhAjS0yOR_Fwj2ih6zSy7Jub7G3WK7rF4uAzbb0zft93SbtTWYw==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.85166.8a22a54d99f85534ffb9.js

143.204.55.35

200 OK

10 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.85166.8a22a54d99f85534ffb9.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type

Size
10 kB (10280 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.85166.8a22a54d99f85534ffb9.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:51 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"2828-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 76haciD75pgWz0J6zLIlKbF26AwZYTa1rwdeBmulP2LqdhqlJSb65g==
X-Firefox-Spdy: h2

weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/

143.204.55.35

200 OK

7.1 kB

URL User Request GET HTTP/2
weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7387), with no line terminators
Size
7.1 kB (7064 bytes)
Hash
0c9ff333df6afbc2a8b840118566eec9
0a45052c7f5ef4dca8c8288252c31f9f12f2d347
6a6381a6f1c1f34000f242c8ba529d8d29eafb6718e2c9ef46421ddd2496043f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/ HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Tue, 28 Nov 2023 09:11:43 GMT
x-frame-options: DENY
content-encoding: br
etag: W/"1b98-AvhMw8r9gRjtfGzaqZuFa2b//ds"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BkYmfx7uzRC8GqdaOXtAPxXhc82QzWyeijB4ADegYh7iXPPvBRVSIA==
X-Firefox-Spdy: h2

weareindy.com/app/env.js?version=5

143.204.55.35

200 OK

1.6 kB

URL GET HTTP/2
weareindy.com/app/env.js?version=5
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1720), with no line terminators
Size
1.6 kB (1579 bytes)
Hash
204309cd12de4df315a0dc6526970bbb
4b63875f23abbb95a5ca4af108dd87bacda29912
863075b861e3cc624ed3fd93818525a143bf26ad35d6e49ece3e142261e9cce0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/env.js?version=5 HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:44 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:19:27 GMT
content-encoding: br
etag: W/"62b-18c12a6c154"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cP8ksXOX9HTYH_sACjiUdY4LjYrvlqzqhCZhelxfx2mOVsZ5WoMEQA==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.18885.68ecdf186c13b6f417ca.js

143.204.55.35

200 OK

39 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.18885.68ecdf186c13b6f417ca.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (38592)
Size
39 kB (38682 bytes)
Hash
5b7c91f5cc79f94f39f1220d956b4da2
d37a5440478dc346fa7e059628b1a3d1fb899e8b
d3e4757905e662b2c32879ba0c2204dfa8985f6d6ebafae707a4e9af699ebeb1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.18885.68ecdf186c13b6f417ca.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:51 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"971a-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 93DT6A5_ia2VoeQUSwRR5bePjWcMnUJl2fWQKocPF-taUipf5DoAxQ==
X-Firefox-Spdy: h2

maps.googleapis.com/maps-api-v3/api/js/55/2/common.js

142.250.74.106

200 OK

260 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/2/common.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (5883)
Size
260 kB (260086 bytes)
Hash
ba872858f8a01277e4a99c48b5b1597c
8ebf8bb0bc7b7f33416dfd486edf6b88113a1cd7
7341563f731cd05c3188a8e9a27e0656eed5f3ed4c710cd7cba40b6b53fd849a

HTTP Headers

GET /maps-api-v3/api/js/55/2/common.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 57023
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Nov 2023 19:45:35 GMT
expires: Wed, 20 Nov 2024 19:45:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Nov 2023 19:44:48 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 566771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

weareindy.com/app/cdn/v4.0.194/js/chunk.28279.6f13c610717c1637cf3e.js

143.204.55.35

200 OK

15 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.28279.6f13c610717c1637cf3e.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (14745), with no line terminators
Size
15 kB (14745 bytes)
Hash
28ccc1b47acddb2d1de584cc2bdc7f21
6ff2ae94f40bf655a2148b899effffea69e954e3
635a31c90b52d2c18faffb14822087304cac63a8edd6e81cd9f127739af65b50

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.28279.6f13c610717c1637cf3e.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:50 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"3999-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sy9RPY-R0tXC1DtU5JLw7FaqXx12ZWa9w-_inqDfG74yiaQpC5vQYQ==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.33807.7029391e3f49738dab33.js

143.204.55.35

200 OK

26 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.33807.7029391e3f49738dab33.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (26280), with no line terminators
Size
26 kB (26280 bytes)
Hash
fece2ccc73290ddf7255b08a995465d7
8430b35ebfc2545d1c65d2d7803c0670eecf2f30
343b95ad4b40a5f4f5ddb6f08bc1c60bcede5e804e11c03efd96026dfba1ebf5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.33807.7029391e3f49738dab33.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:51 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"66a8-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gUH-B-1EwvEcDd0K6-fGpiS1YWtcDll-k0gca8FfC-LvvXRp3kIprg==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.7993.39829be92a4a9cffa730.js

143.204.55.35

200 OK

23 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.7993.39829be92a4a9cffa730.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (23167), with no line terminators
Size
23 kB (23167 bytes)
Hash
1ddbb447010245ccd8036ea72cb102ad
5a69c1ca43a907ac92107c681a2b35db37ff2189
40a75f0801ac737feaf67c3416e195204d7d69075337f6e686a3f713eb6b0493

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.7993.39829be92a4a9cffa730.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:51 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"5a7f-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PoGntj0zXC1Axse1aNG1q--nD8B27nsQSmdkeR9M3ZOSzxL8bjyiFQ==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.47174.8ed4faaedce6fd47df86.js

143.204.55.35

200 OK

12 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.47174.8ed4faaedce6fd47df86.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (11557), with no line terminators
Size
12 kB (11557 bytes)
Hash
08496e9534dc8d497734ae6cd17c782d
5213a8375e6b310fc8335627daf1d235e7d43087
ff4bd4303ed589ea8f3c056a05ebd0d41de9f5e1b5b3b9c33b2d4283d6211960

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.47174.8ed4faaedce6fd47df86.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:51 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"2d25-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eMqoU0J_lmY8GxgOFW1qmcChxa_7NKRrY_FMKYXdCdCZKeuDSum-9g==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.30547.ecea691bd2dfc2fd6196.js

143.204.55.35

200 OK

15 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.30547.ecea691bd2dfc2fd6196.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (14803), with no line terminators
Size
15 kB (14803 bytes)
Hash
b796a3df0a7973e680f6862f007a02b3
20b070fed802d836ce8140a1c52476f2360e817e
da55518fb692a3bcfcc2d2dd1e871c1b9ae46eb6c46ad0c89ddbc74bdbcd4fa3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.30547.ecea691bd2dfc2fd6196.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:51 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"39d3-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fnzR8GvUjzlNtq0uZ7OP0QAR0NEalERsvaLouSj6TdAdKGZH6gkz1A==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.48601.d82b50e4b4f1e7a97744.js

143.204.55.35

200 OK

41 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.48601.d82b50e4b4f1e7a97744.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type

Size
41 kB (41035 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.48601.d82b50e4b4f1e7a97744.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:51 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"a04b-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qAVtMRDjOQQadkXBFvNvXDTRj2cqR35enNgYq_DqXEar18m-hAYjVg==
X-Firefox-Spdy: h2

api-iam.intercom.io/messenger/web/ping

18.210.132.136

200 OK

4.4 kB

URL POST HTTP/2
api-iam.intercom.io/messenger/web/ping
IP
18.210.132.136:443
ASN
#14618 AMAZON-AES

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subject*.intercom.com
Fingerprint27:36:75:E6:21:EC:FC:7E:08:BC:C4:6B:91:C8:C1:2C:22:70:F7:34
ValidityTue, 14 Feb 2023 00:00:00 GMT - Thu, 14 Mar 2024 23:59:59 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (4828), with no line terminators
Size
4.4 kB (4420 bytes)
Hash
69d73a1f6272f61acd6c64aa8c12fcf6
4a3aba31fd688c696265b472e409484d65a4e6c2
d8f270624fd58297bd7fc542ec33e4329bd3608f593af7550d02802305885dc2

HTTP Headers

POST /messenger/web/ping HTTP/1.1
Host: api-iam.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 605
Origin: https://weareindy.com
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:11:48 GMT
content-type: application/json; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
access-control-allow-origin: https://weareindy.com
vary: Accept,Accept-Encoding
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-intercom-version: 0cdfb66c435d167ec3bd9531eb3a3181a213c48e
content-encoding: gzip
x-xss-protection: 1; mode=block
x-request-queueing: 0
x-request-id: 00019972jjjc9460rqm0
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
etag: W/"5b8afb40d9ff3e0d40be0ac8ce9d8df1"
x-runtime: 0.282938
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server: nginx
x-ami-version: ami-04a854e2814815766
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.70098.96845616bf5cf8f7dba5.js

143.204.55.35

200 OK

11 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.70098.96845616bf5cf8f7dba5.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (11167), with no line terminators
Size
11 kB (11167 bytes)
Hash
9780ff39eb669197e4c18f53ac00ee47
cfd720c60f8d2a3af0e586095db3abd36158deb5
34fe3dca9c36a9f1cd08e35817cd012965e49ec92fb52066a42da960acb08ba5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.70098.96845616bf5cf8f7dba5.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:51 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"2b9f-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CP0alOVoSFkTZMWsCHAlSbWIF0kcFkGti41NZkuJrx050ffUblfeow==
X-Firefox-Spdy: h2

weareindy.com/app/meta/favicon-32x32.png

143.204.55.35

200 OK

1.3 kB

URL GET HTTP/2
weareindy.com/app/meta/favicon-32x32.png
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Size
1.3 kB (1326 bytes)
Hash
b749963d5371cea83f45679cf0aad164
503ce5b73f404f051579a6d0d243f6d8dcb28dc4
08a74c52875380f25c1a830eb44013db814439dbcd57ce177224b295a5a59ce4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/meta/favicon-32x32.png HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 1326
date: Tue, 28 Nov 2023 09:11:49 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
accept-ranges: bytes
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
etag: W/"52e-18c129cfb18"
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ChtkaG27ImB_0qDKxEfwBEyqeZIgGdsl1KO7OjhKINsxtsD1yjg1Jg==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/css/85166.492db54f9d2262e92c63.css

143.204.55.35

200 OK

22 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/css/85166.492db54f9d2262e92c63.css
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (20395)
Size
22 kB (21616 bytes)
Hash
c0e2a7e1ab1b7d1147f7407ff5835389
d63a52de33ff0bbbfbef31ca6935f6f8062668d9
4d675a6b0f2e8ded83ec32fed2de1d75357f19f65e98ce3e4765a7567e073cee

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/css/85166.492db54f9d2262e92c63.css HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:51 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"5470-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iczZW6oQEVml6ewWmf8HdWy3_hIcVnEjsk14AUHRIq2_0ou04Jbudw==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/css/18637.2f7cc8e21318e9ba88f4.css

143.204.55.35

200 OK

3.3 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/css/18637.2f7cc8e21318e9ba88f4.css
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (3313), with no line terminators
Size
3.3 kB (3311 bytes)
Hash
f5e8094926accb9edd31f07b100f8b40
2e832344d65c9861905f1dead42ab58bc57da362
88e266b3680175092a9897ac7f5c72ea31ae6a50117cdff2187f9062b5c4f67b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/css/18637.2f7cc8e21318e9ba88f4.css HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:51 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"cef-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aWd1Xyx16GKEphbJQyEez5k8gQq4sQFcMIDkOK3Li2fwHMNnIeW9xw==
X-Firefox-Spdy: h2

api-sc53gwjr.weareindy.com/socket.io/?EIO=4&transport=websocket

52.89.160.54

101 Switching Protocols

0 B

URL GET HTTP/1.1
api-sc53gwjr.weareindy.com/socket.io/?EIO=4&transport=websocket
IP
52.89.160.54:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint81:72:7F:9F:A8:4D:B1:2E:E4:79:02:44:34:F4:3E:1B:DB:F2:23:F9
ValiditySat, 09 Sep 2023 00:00:00 GMT - Mon, 07 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /socket.io/?EIO=4&transport=websocket HTTP/1.1
Host: api-sc53gwjr.weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://weareindy.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: c2dBZCt6Xle0Sfuh69LsQA==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Tue, 28 Nov 2023 09:11:47 GMT
Connection: upgrade
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://weareindy.com
Access-Control-Expose-Headers: Set-Cookie
Access-Control-Allow-Credentials: true
X-RateLimit-Remaining: 999
X-RateLimit-Requested-Tokens: 1
X-RateLimit-Burst-Capacity: 1000
X-RateLimit-Replenish-Rate: 1000
X-RateLimit-Key: _ip_91_90_42_154
X-RateLimit-Service: 
X-RateLimit-Identity: ip
upgrade: websocket
sec-websocket-accept: u0W1NPcSkichReV/Z5WSqXUkYhQ=

weareindy.com/app/cdn/v4.0.194/css/85068.9a423b304c571ea0df2e.css

143.204.55.35

200 OK

113 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/css/85068.9a423b304c571ea0df2e.css
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (60176)
Size
113 kB (113198 bytes)
Hash
bd38d07cba3e18a8d12ddee1775e7cbd
839c840d812d2d97ee46f15b7426e22c27c299be
faafed647f07ce5120b096c6e1097221eef993351a12c2a9aa148a7ff863c9f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/css/85068.9a423b304c571ea0df2e.css HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:45 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"1ba2e-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cl6H4qg1qdohMC2CzAzFwzdA_PRt02NIl3MN1CpBiB8hKWpRmD_3Ww==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/css/87041.5e3e5072ff08d13fdd66.css

143.204.55.35

200 OK

3.3 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/css/87041.5e3e5072ff08d13fdd66.css
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3347), with no line terminators
Size
3.3 kB (3345 bytes)
Hash
eb4d777d359ea49c9062ef16da5d5fdf
d530c058ba7bde4489cbc342bc4e4b1c60a76ef1
f4dad5d21203da7a3434ed05abda57d9122db7247f97fd86e98bdaca07335b3e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/css/87041.5e3e5072ff08d13fdd66.css HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:50 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"d11-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jiKIMgDeN6h2m25E2nO2Yd1pW6oeoxwEZyUE7Ryhs4mIorJDBKyGnw==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/app.d748c4fbe4d49c9ad6ff.js

143.204.55.35

200 OK

310 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/app.d748c4fbe4d49c9ad6ff.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type

Size
310 kB (310521 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/app.d748c4fbe4d49c9ad6ff.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:44 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"4bcf9-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: k8Y1tsqpPQLlPuuP7Md0MAPXaDTAkvX0dPOBjVLDk2psQkjR9fVirw==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/css/72014.9b25ca9360bd7cfba145.css

143.204.55.35

200 OK

20 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/css/72014.9b25ca9360bd7cfba145.css
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type

Size
20 kB (19510 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/css/72014.9b25ca9360bd7cfba145.css HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:47 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"4c36-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZsmvoyFqu4rql_5KXrDBCOd9Elu7eGyEG7x0uMpPcl4vuNPR4vgzYA==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/media/not-found.7752f171.svg

143.204.55.35

200 OK

15 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/media/not-found.7752f171.svg
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2016)
Size
15 kB (14605 bytes)
Hash
831aa36cea219ea279801e85dd3c6e8d
da8a1b7c2dffd968b4b71fc451511498978a4db5
1f89640ad2953c520972494fb429ce193cebe4dd21a818457534e6697001f6b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/media/not-found.7752f171.svg HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 28 Nov 2023 09:11:52 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"390d-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QfH5_XJSrR-G9eD83fbAkpqpjEyUoTHgtQyM2z9rjIKzazyhMzbDag==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.19680.371796b616fda680e01b.js

143.204.55.35

200 OK

6.4 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.19680.371796b616fda680e01b.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (6498), with no line terminators
Size
6.4 kB (6353 bytes)
Hash
620592346b816f9135cd026ddb1b09cf
5d20cc3f64bf7bd5fb900782f68e1ae512467a4b
6eb3ce741c3b64fe65eae0eb6ce95dc5ce90701b862daf740c2642878b229fc5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.19680.371796b616fda680e01b.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:45 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"18d1-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BP8zTmIbSDtKIs7lgPTr3mM5RKBtswOgfQS0gMyN4OH8UG947gcYHw==
X-Firefox-Spdy: h2

api-sc53gwjr.weareindy.com/api/Forms/6564ff87160cedf27fb2da13?accessId=mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg&filter=%7B%22include%22%3A%5B%22project%22%5D%7D

52.89.160.54

200 OK

0 B

URL OPTIONS HTTP/2
api-sc53gwjr.weareindy.com/api/Forms/6564ff87160cedf27fb2da13?accessId=mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg&filter=%7B%22include%22%3A%5B%22project%22%5D%7D
IP
52.89.160.54:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint81:72:7F:9F:A8:4D:B1:2E:E4:79:02:44:34:F4:3E:1B:DB:F2:23:F9
ValiditySat, 09 Sep 2023 00:00:00 GMT - Mon, 07 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /api/Forms/6564ff87160cedf27fb2da13?accessId=mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg&filter=%7B%22include%22%3A%5B%22project%22%5D%7D HTTP/1.1
Host: api-sc53gwjr.weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: time-zone
Referer: https://weareindy.com/
Origin: https://weareindy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:11:52 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://weareindy.com
access-control-allow-methods: GET
access-control-allow-headers: time-zone
access-control-expose-headers: Set-Cookie
access-control-allow-credentials: true
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.60652.3a4d3c79b80624bc65a8.js

143.204.55.35

200 OK

49 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.60652.3a4d3c79b80624bc65a8.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type

Size
49 kB (49398 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.60652.3a4d3c79b80624bc65a8.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:45 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"c0f6-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3EoAD7YudFykkrNuoMF-VswBkR-C231u12EMtBVhwAp_Q91NIIrIRA==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.57253.7d4605ecf13b1670d583.js

143.204.55.35

200 OK

342 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.57253.7d4605ecf13b1670d583.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
342 kB (341493 bytes)
Hash
eec40a00606efe61ec502ac99ea24923
f68986053d37e0e98aab7489db9870fc1d0f34cf
98e1a92c7730c4f088e0358b9e22c6c0fb76d2a9a6021ec0e3e49409bfcb989b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.57253.7d4605ecf13b1670d583.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:50 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"535f5-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eV8TGNaw457XLI3iM4qpxH6wtRVeKYJ_2Z8eeo6HDNHLXoP0WPGb6A==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/css/50873.cd1bbcc47a856365928e.css

143.204.55.35

200 OK

5.3 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/css/50873.cd1bbcc47a856365928e.css
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (5262), with no line terminators
Size
5.3 kB (5262 bytes)
Hash
00bcb7b065a125c32a97b3cc7b35c891
aea17eb64baf874fb235d4a54f1d80f39ba9e1b1
c081aebe25f9e769da0e817c5ebd4eaa7cca5bf6edbe840b6e91943972f78648

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/css/50873.cd1bbcc47a856365928e.css HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:50 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"148e-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rRHlQ9juyaXA2-iLRYRity1wlElcmOiwdQXzq_xGQZLxrloZyorA6g==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.18671.67a3ad33121e7070d63a.js

143.204.55.35

200 OK

15 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.18671.67a3ad33121e7070d63a.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (15094), with no line terminators
Size
15 kB (15094 bytes)
Hash
d5559023dc6b7a41dbea550fa52997b3
10aa06883f4af89aac64459b3043aacc8f068cb3
6108600db8a1fc84b0ce541b556cce3e4e7aba80ed77000904251c229d96e7af

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.18671.67a3ad33121e7070d63a.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:45 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"3af6-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: R2y4vnFDuf_PH-dMneZsuboJWVS-sBCkQVQpce1CvoE7TOsKzkBVcQ==
X-Firefox-Spdy: h2

34.237.73.95

101 Switching Protocols

0 B

URL GET HTTP/1.1
nexus-websocket-a.intercom.io/pubsub/5-DeVu8YIaMriBB-foEw_t4eDohsGowEOcuwVTj1QITuWVW6nIpoXn2TVOXDaI-cHrCU2C7Jpnh9QScnTxUJoyLnpvAFm4Sli8no0a?X-Nexus-New-Client=true&X-Nexus-Version=0.12.9&user_role=undefined
IP
34.237.73.95:443
ASN
#14618 AMAZON-AES

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerDigiCert Inc
Subject*.intercom.io
Fingerprint3D:91:3E:2A:5D:80:08:D2:F0:DB:C3:9B:89:90:85:AA:FA:31:B2:DE
ValidityTue, 07 Nov 2023 00:00:00 GMT - Sat, 07 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pubsub/5-DeVu8YIaMriBB-foEw_t4eDohsGowEOcuwVTj1QITuWVW6nIpoXn2TVOXDaI-cHrCU2C7Jpnh9QScnTxUJoyLnpvAFm4Sli8no0a?X-Nexus-New-Client=true&X-Nexus-Version=0.12.9&user_role=undefined HTTP/1.1
Host: nexus-websocket-a.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://weareindy.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 109ZtvOY5lLMY5bkUhDwBA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Tue, 28 Nov 2023 09:11:48 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ItQiNKcYO9WlSoPqe4A9R4oDTkA=
Sec-WebSocket-Extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover

weareindy.com/app/cdn/v4.0.194/css/84687.ef40bc31e28a5da693d4.css

143.204.55.35

200 OK

5.4 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/css/84687.ef40bc31e28a5da693d4.css
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (5394), with no line terminators
Size
5.4 kB (5392 bytes)
Hash
d48bb3708f154bd2e13ddcc810a5af73
3d303621ba24769fd5f620ad16e810115ab472b4
018d77dda7c9c8b268ad020aa8a9de1d244d074a1ac3ea93cddf483776f3695a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/css/84687.ef40bc31e28a5da693d4.css HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:49 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"1510-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WqhIPRx6d7Q6BWCBCyrrRqZKDdUiqysBha0s0ChNDslCIRb8zhBtbA==
X-Firefox-Spdy: h2

weareindy.com/app/cdn/v4.0.194/js/chunk.7695.2f74dcf799811f437e57.js

143.204.55.35

200 OK

76 kB

URL GET HTTP/2
weareindy.com/app/cdn/v4.0.194/js/chunk.7695.2f74dcf799811f437e57.js
IP
143.204.55.35:443
ASN
#16509 AMAZON-02

Requested by
https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Certificate
IssuerAmazon
Subjectweareindy.com
Fingerprint27:B3:5A:19:13:E5:BD:9D:6B:AB:CB:72:5E:74:F3:27:C9:D2:4E:A3
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type

Size
76 kB (75920 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/cdn/v4.0.194/js/chunk.7695.2f74dcf799811f437e57.js HTTP/1.1
Host: weareindy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareindy.com/app/shared/forms/6564ff87160cedf27fb2da13/mBrhRbYddWQeRK6XoGvuIgkA45E7kQCGDObZA9YaB3aU33ANiRjZ3rKaZuB1jKTg/
Cookie: _gcl_au=1.1.304225274.1701162708; _ga_RMV9CT6PH6=GS1.1.1701162708.1.0.1701162708.0.0.0; _ga=GA1.1.486500548.1701162708; checkout_plan=annual; _uetsid=2a1551208dce11ee9dd63bbcbb7a2965; _uetvid=2a1588f08dce11eeba0c8fdc08de6c36; intercom-id-cf5b8qu0=307899af-9851-4782-8ea7-1f70abc4f17d; intercom-session-cf5b8qu0=; intercom-device-id-cf5b8qu0=01191af5-c881-4783-a682-7ccb24198994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Nov 2023 09:11:51 GMT
cache-control: public, max-age=31536000
x-frame-options: DENY
last-modified: Mon, 27 Nov 2023 21:08:47 GMT
content-encoding: br
etag: W/"12890-18c129cfb18"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LmOfzAHV_crRZzyR5SwF0ovsuhDKvUfwZ8joofV0AhG3IHcwu8WEbA==
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (68)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by