Report - 1337x.dirproxy.blue/

Report Overview

Visited public
2024-02-05 03:55:37
Tags
URL
1337x.dirproxy.blue/
Finishing URL
1337x.dirproxy.blue/?__cf_chl_rt_tk=fifGsBt8B67.IxksT1X22lxspMFrvzNrnnKwQvksvnw-1707095280-0-gaNycGzNDlA
IP / ASN
104.21.61.152
#13335 CLOUDFLARENET
Title
Just a moment...

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
metrica-yandex.com	783336	2021-09-14	2021-09-19 06:17:37	2024-02-04 18:33:42	418 B	61 kB	188.114.97.1
i.ibb.co	13485	2010-07-20	2018-11-25 11:13:48	2024-02-04 20:59:40	429 B	5.9 kB	162.19.58.157
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-02-04 18:15:12	522 B	17 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-02-04 18:15:57	453 B	9.0 kB	142.250.74.138
heartilyscales.com	unknown	2022-12-16	2022-12-16 09:32:11	2024-02-04 18:33:43	441 B	16 kB	172.240.108.76
theusualsuspectz.biz	unknown	2023-01-27	2023-01-27 02:27:31	2024-02-04 18:33:43	412 B	49 kB	188.114.96.1
1337x.dirproxy.blue	unknown	2021-04-10	2021-08-27 14:25:17	2023-06-22 00:18:00	4.6 kB	433 kB	172.67.211.123
matomo.hellohi.me	545402	2019-07-03	2019-07-03 22:13:04	2024-02-04 18:33:43	407 B	67 kB	188.114.97.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-02-05 03:55:11	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-02-04	medium	heartilyscales.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (6)

	URL	From	Size	First Seen	Last Seen
	1337x.dirproxy.blue/app/apx14.js	ScriptElement	7.7 kB	2023-03-07	2025-05-30
Pretty URL 1337x.dirproxy.blue/app/apx14.js IP 172.67.211.123 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:40 Last Seen2025-05-30 20:28 Times Seen843 Hash dfb1f327618e201778f2de85cfbcd173 fceb89a2221463e5bc5a71feff1247683ab08cc5 dc03bc8b63938916a73dd976e186d05559ddc61da2725e1063b7936fa9f0fc33 Loading...

	unknown	Function	34 B	2023-04-11	2025-05-30
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:16 Last Seen2025-05-30 20:33 Times Seen67090 Hash 572cb94037fffc2a0a53b465972e15f1 0d679b041a7c1ca45cc99e2d229fc2b86762838d 6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35 Loading...

	1337x.dirproxy.blue/	ScriptElement	26 B	2023-03-07	2025-05-30
Pretty URL 1337x.dirproxy.blue/ IP 172.67.211.123 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:40 Last Seen2025-05-30 20:28 Times Seen808 Hash 5779365b0a28c08298ca5847c65b769d 3076ad9e094690cd6c4ee200ae254e6e7260fd30 57c620405714b8baa51067e0ca9bc9a9b252985292b857360aec8a9936688709 Loading...

	1337x.dirproxy.blue/?__cf_chl_rt_tk=fifGsBt8B67.IxksT1X22lxspMFrvzNrnnKwQvksvnw-1707095280-0-gaNycGzNDlA	ScriptElement	0 B	0001-01-01	2025-05-30
Pretty URL 1337x.dirproxy.blue/?__cf_chl_rt_tk=fifGsBt8B67.IxksT1X22lxspMFrvzNrnnKwQvksvnw-1707095280-0-gaNycGzNDlA IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-30 23:18 Times Seen4799587 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	1337x.dirproxy.blue/app/apx19.js	ScriptElement	9.2 kB	2023-03-07	2025-05-30
Pretty URL 1337x.dirproxy.blue/app/apx19.js IP 172.67.211.123 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:40 Last Seen2025-05-30 20:28 Times Seen839 Hash 2344c3f05f624d595f6fb920e4d74ded eb4d1404ac2d5eecd307f4588aeeab5c8ef463f1 3a28fe59e4a2af96d8edeeb12d7040c574cf71fa88fccb5cf49e9c0a1d4e4c7a Loading...

	1337x.dirproxy.blue/	ScriptElement	6.0 kB	2024-08-20	2024-08-20
Pretty URL 1337x.dirproxy.blue/ IP 172.67.211.123 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 10:17 Last Seen2024-08-20 10:17 Times Seen1 Hash 5df7e73e07ad99c3255a5684928c2085 40d8243fbf08d8dcc68205b2f372946f1fa77ecc 75c433851d2866190b5d567beefa423b6f9745a96e2d8437d3609efe82c41cdd Loading...

HTTP Transactions (16)

URL IP Response Size

i.ibb.co/pyC2VvJ/alert-xxl.png

162.19.58.157

200 OK

5.6 kB

URL GET HTTP/2
i.ibb.co/pyC2VvJ/alert-xxl.png
IP
162.19.58.157:443
ASN
#16276 OVH SAS

Requested by
https://1337x.dirproxy.blue/
Certificate
IssuerLet's Encrypt
Subjectibb.co
FingerprintFC:63:8C:C6:92:83:4E:13:94:18:9A:03:C2:BB:CC:F0:23:97:AA:8C
ValiditySat, 09 Dec 2023 13:40:45 GMT - Fri, 08 Mar 2024 13:40:44 GMT

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
Size
5.6 kB (5554 bytes)
Hash
8d0eed07b450044fdca282d1daf8a58c
794e1284cdf81fd60154955c1805282ae21240cd
baac89456a2d4dfdcdc14244fbe50a04ade7a401c82de605938a92e16f35c1af

HTTP Headers

GET /pyC2VvJ/alert-xxl.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x.dirproxy.blue/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 05 Feb 2024 03:55:11 GMT
content-type: image/png
content-length: 5554
last-modified: Mon, 07 Aug 2023 04:09:39 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://1337x.dirproxy.blue/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint9D:25:7E:5C:DF:C3:E5:5B:00:4F:04:97:A3:48:A3:30:60:9A:DB:48
ValidityTue, 09 Jan 2024 06:30:50 GMT - Tue, 02 Apr 2024 06:30:49 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1337x.dirproxy.blue
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Feb 2024 03:01:35 GMT
expires: Sat, 01 Feb 2025 03:01:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 262417
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:wght@400&display=swap

142.250.74.138

200 OK

8.4 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@400&display=swap
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://1337x.dirproxy.blue/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint6F:81:CD:1A:A2:80:8C:76:2C:D8:63:D0:74:1B:DD:35:C8:79:84:20
ValidityTue, 09 Jan 2024 06:30:50 GMT - Tue, 02 Apr 2024 06:30:49 GMT

File type
gzip compressed data, max compression
Size
8.4 kB (8380 bytes)
Hash
2b47963c579efafe75486b0a5cce1c3a
8ba3ca36c1f3e8f0c6aa871b49e453bf9ae1d2b4
11df34b07ecf398fc2984dff43467438dc4f64d1a8b29ad132aad091fa50cf88

HTTP Headers

GET /css2?family=Roboto:wght@400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x.dirproxy.blue/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Feb 2024 03:55:11 GMT
date: Mon, 05 Feb 2024 03:55:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js

172.240.108.76

200 OK

15 kB

URL GET HTTP/1.1
heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://1337x.dirproxy.blue/
Certificate
IssuerLet's Encrypt
Subjectheartilyscales.com
Fingerprint23:E8:9C:3B:65:9E:0E:40:38:6B:05:60:33:60:67:1F:47:1B:AE:CA
ValidityTue, 12 Dec 2023 06:46:41 GMT - Mon, 11 Mar 2024 06:46:40 GMT

File type
JavaScript source, ASCII text, with very long lines (42844), with no line terminators
Size
15 kB (15284 bytes)
Hash
41172b72b7c4e14a5e7ae3b25731ac8e
786250a8bbce531af7e3e525c0f1d5dc31cbb2c2
cf067a48988c90cfdfc1b469eba1a0fff2b3476cd082f14d870f8ba1a3f39da1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /a2/86/90/a286902791a7f4c98bcb1e812322cd78.js HTTP/1.1
Host: heartilyscales.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x.dirproxy.blue/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 05 Feb 2024 03:55:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 98d3962c4f4c51dce0a740c8a88215d2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

theusualsuspectz.biz/j/m/qqqq.js

188.114.96.1

200 OK

48 kB

URL GET HTTP/2
theusualsuspectz.biz/j/m/qqqq.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://1337x.dirproxy.blue/
Certificate
IssuerGoogle Trust Services LLC
Subjecttheusualsuspectz.biz
FingerprintFA:DB:F4:92:9B:AC:6B:09:63:48:5A:A7:A1:A9:FC:F7:DA:5F:A2:E6
ValidityTue, 16 Jan 2024 02:50:00 GMT - Mon, 15 Apr 2024 02:49:59 GMT

File type
JavaScript source, ASCII text, with very long lines (48351), with no line terminators
Size
48 kB (48351 bytes)
Hash
febd5bfc829d7c8aa363e93e2e61f414
10d66213a9249bea47b15acf295323f01d217ef0
ff391f38fc73325f58d0626b9415ac121f1461407d74e86ebddefd8180050d76

HTTP Headers

GET /j/m/qqqq.js HTTP/1.1
Host: theusualsuspectz.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x.dirproxy.blue/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 05 Feb 2024 03:55:11 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 02 Mar 2021 03:16:06 GMT
etag: W/"603dadf6-bcdf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 5796399
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGCropUUOMlL%2B3GToi5RbkoWZZqNx4v0b%2FHQdsmSMeS4Rsnu68U0YSzCFDMQGjrXz1BYmkxwXilwzPFUfkt05kSszugNt%2BUKUNdClxRYoOpoug3Y5Xj15N369BEGRh5YbjW1zi6mYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 850837674d70b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

1337x.dirproxy.blue/user.php

172.67.211.123

200 OK

0 B

URL POST HTTP/3
1337x.dirproxy.blue/user.php
IP
172.67.211.123:443
ASN
#13335 CLOUDFLARENET

Requested by
https://1337x.dirproxy.blue/
Certificate
IssuerGoogle Trust Services LLC
Subjectdirproxy.blue
FingerprintE4:A3:4D:DC:3B:73:38:09:7E:07:C7:64:20:87:A4:98:F2:46:28:6D
ValidityMon, 08 Jan 2024 23:39:39 GMT - Sun, 07 Apr 2024 23:39:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /user.php HTTP/1.1
Host: 1337x.dirproxy.blue
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 39
Origin: https://1337x.dirproxy.blue
DNT: 1
Connection: keep-alive
Referer: https://1337x.dirproxy.blue/?__cf_chl_rt_tk=fifGsBt8B67.IxksT1X22lxspMFrvzNrnnKwQvksvnw-1707095280-0-gaNycGzNDlA
Cookie: view=1; PHPSESSID=b3hs8v4q1hpe8dssaqmtltm5jh
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 05 Feb 2024 03:55:12 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aDuQ3ePuwhgkcLdEoOnDh31Tdo9zbTHPFktsLv5nnhXMsBa3BDLevZ7UiCu6WKq3MlkcAJeRp7jxKrM5lh%2FKIBeqLe47PNJlteOysdi0ypYGopgtZA92CCC2t2mKS2bo%2FnoilRGf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 850837689aeb0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

1337x.dirproxy.blue/app/apx19.js

172.67.211.123

200 OK

9.2 kB

URL GET HTTP/3
1337x.dirproxy.blue/app/apx19.js
IP
172.67.211.123:443
ASN
#13335 CLOUDFLARENET

Requested by
https://1337x.dirproxy.blue/
Certificate
IssuerGoogle Trust Services LLC
Subjectdirproxy.blue
FingerprintE4:A3:4D:DC:3B:73:38:09:7E:07:C7:64:20:87:A4:98:F2:46:28:6D
ValidityMon, 08 Jan 2024 23:39:39 GMT - Sun, 07 Apr 2024 23:39:38 GMT

File type
JavaScript source, ASCII text, with very long lines (10516), with no line terminators
Size
9.2 kB (9183 bytes)
Hash
d26dea46bd49f9297502159ed377f84c
2da344f74215617efd03c4805e5e15d7d8039515
77d7964a36f5c3105bc99271b3ffe2d4ebc5541e4acd38def734b3eaea38fd38

HTTP Headers

GET /app/apx19.js HTTP/1.1
Host: 1337x.dirproxy.blue
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x.dirproxy.blue/
Cookie: view=1; PHPSESSID=b3hs8v4q1hpe8dssaqmtltm5jh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 05 Feb 2024 03:55:11 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 15 Sep 2020 18:46:59 GMT
etag: W/"5f610c23-23df"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCbNwyMNfcUkxkUud3CTSQ5c4a%2FppknFyRqd0WClfzouDpqkjuOJyklFMq118dXNPFWHRmtnz63oyqcXVt6cCMGh51wKUe5FlTgOEn3p2ghlOMyl9hamfji2jiveHaep%2FZYEcqtX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 850837670a6b0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

1337x.dirproxy.blue/zpp/zpp4.js?q22q2q2

172.67.211.123

200 OK

39 kB

URL GET HTTP/3
1337x.dirproxy.blue/zpp/zpp4.js?q22q2q2
IP
172.67.211.123:443
ASN
#13335 CLOUDFLARENET

Requested by
https://1337x.dirproxy.blue/
Certificate
IssuerGoogle Trust Services LLC
Subjectdirproxy.blue
FingerprintE4:A3:4D:DC:3B:73:38:09:7E:07:C7:64:20:87:A4:98:F2:46:28:6D
ValidityMon, 08 Jan 2024 23:39:39 GMT - Sun, 07 Apr 2024 23:39:38 GMT

File type
JavaScript source, ASCII text, with very long lines (38995), with no line terminators
Size
39 kB (38995 bytes)
Hash
7dc63553536847077855df4f82f1ec18
146c3aac34cb4e7e1e9c692ccd0161b2e4f018de
3a18b1964d1d209c46d754459b9ef98d4a9a85065e245f8311be727ffee3f960

HTTP Headers

GET /zpp/zpp4.js?q22q2q2 HTTP/1.1
Host: 1337x.dirproxy.blue
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x.dirproxy.blue/
Cookie: view=1; PHPSESSID=b3hs8v4q1hpe8dssaqmtltm5jh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 05 Feb 2024 03:55:11 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 02 Mar 2021 05:54:38 GMT
etag: W/"603dd31e-9853"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBbddDBz8YuVxL8jEzm8wLIgwuUhLAVkhKWqGUDDGmnosB7IbS4ghvZ3XfsWKqTtl16B857T2l9hajWF2w0wOXx9GcBy6CVwRQstit07Q6DfendSBMvt%2FinyL%2B3Zoj16TqdayroQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 850837670a6e0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

1337x.dirproxy.blue/hy.js?q22q2q2

172.67.211.123

200 OK

56 kB

URL GET HTTP/3
1337x.dirproxy.blue/hy.js?q22q2q2
IP
172.67.211.123:443
ASN
#13335 CLOUDFLARENET

Requested by
https://1337x.dirproxy.blue/
Certificate
IssuerGoogle Trust Services LLC
Subjectdirproxy.blue
FingerprintE4:A3:4D:DC:3B:73:38:09:7E:07:C7:64:20:87:A4:98:F2:46:28:6D
ValidityMon, 08 Jan 2024 23:39:39 GMT - Sun, 07 Apr 2024 23:39:38 GMT

File type
JavaScript source, ASCII text, with very long lines (56131), with no line terminators
Size
56 kB (56131 bytes)
Hash
667d77da844b6d5ad62b2f26e77b4b12
01ae61192a38af73a93c67468fb8271d7bbfa4f6
f240ce7fa62cd81d92f29081815f2cd2376ea6867887d17d5625009ebdf355b1

HTTP Headers

GET /hy.js?q22q2q2 HTTP/1.1
Host: 1337x.dirproxy.blue
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x.dirproxy.blue/
Cookie: view=1; PHPSESSID=b3hs8v4q1hpe8dssaqmtltm5jh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 05 Feb 2024 03:55:11 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 02 Mar 2021 05:54:35 GMT
etag: W/"603dd31b-db43"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7%2BNRnXPUVeVqCrkyo%2BYX4HWxOpfBO2tkYGwh9p%2B6%2FJ1XCW%2FdeaG9gIry3hsliLilrQRmz%2FZzdce4fsF6q5hSSHqGXYO%2Bt9LMgpu31OOtXUv8YckYWds9KYfxCiFC8gtfrbLjTYj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 850837670a6c0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

1337x.dirproxy.blue/app/apx14.js

172.67.211.123

200 OK

7.7 kB

URL GET HTTP/3
1337x.dirproxy.blue/app/apx14.js
IP
172.67.211.123:443
ASN
#13335 CLOUDFLARENET

Requested by
https://1337x.dirproxy.blue/
Certificate
IssuerGoogle Trust Services LLC
Subjectdirproxy.blue
FingerprintE4:A3:4D:DC:3B:73:38:09:7E:07:C7:64:20:87:A4:98:F2:46:28:6D
ValidityMon, 08 Jan 2024 23:39:39 GMT - Sun, 07 Apr 2024 23:39:38 GMT

File type
JavaScript source, ASCII text, with very long lines (8720), with no line terminators
Size
7.7 kB (7663 bytes)
Hash
3db7729f5768690d08cfbb852bda88b3
29d50e49674a25263da47dec24318c1a68f003e0
997dcda1cc75d9821ee6a9b2dba6fff73b5f104ed1a49792f998d7fe70d24893

HTTP Headers

GET /app/apx14.js HTTP/1.1
Host: 1337x.dirproxy.blue
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x.dirproxy.blue/
Cookie: view=1; PHPSESSID=b3hs8v4q1hpe8dssaqmtltm5jh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 05 Feb 2024 03:55:11 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 15 Sep 2020 18:26:19 GMT
etag: W/"5f61074b-1def"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYh3NknF0Pp4AmPFct0l%2BrjQaPjsQ7c%2F%2Br%2F5jNUJYPKuyvbveAGovevRCyGZ%2Bew0xnf%2FaaGXlB0HDpGOoo8UGisuXWkAp3cT%2FKRPpNgowDpnbo1PIIIhUTSVA%2BNnINB%2FUIAcuiJj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 850837670a6f0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

1337x.dirproxy.blue/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=85074281fa152a6e

172.67.211.123

200 OK

179 kB

URL GET HTTP/3
1337x.dirproxy.blue/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=85074281fa152a6e
IP
172.67.211.123:443
ASN
#13335 CLOUDFLARENET

Requested by
https://1337x.dirproxy.blue/
Certificate
IssuerGoogle Trust Services LLC
Subjectdirproxy.blue
FingerprintE4:A3:4D:DC:3B:73:38:09:7E:07:C7:64:20:87:A4:98:F2:46:28:6D
ValidityMon, 08 Jan 2024 23:39:39 GMT - Sun, 07 Apr 2024 23:39:38 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
179 kB (179139 bytes)
Hash
ab4fb143c25abc83d54f28ea08e0c4c1
9b6c8b39ece6f9b6d1a77a4fdf10f557b9f72077
7ec1cd9d52038683c8a837b3f6a427b31ef0a793a8e5d210d9126f1936ac762e

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=85074281fa152a6e HTTP/1.1
Host: 1337x.dirproxy.blue
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x.dirproxy.blue/?__cf_chl_rt_tk=fifGsBt8B67.IxksT1X22lxspMFrvzNrnnKwQvksvnw-1707095280-0-gaNycGzNDlA
Cookie: view=1; PHPSESSID=b3hs8v4q1hpe8dssaqmtltm5jh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 05 Feb 2024 03:55:12 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BxZ49QsOgUDDY%2F46582OpNPBav9iF8PVgecEX2Kf%2FZ50GnZPgJ%2FNGbXiOLWLpajcHKBLOfJ3vM%2Bk5pe8EsuMK5T6BLCjl4j9mxjfejSrn5QPIbf3yEG51tC1rD%2BIrEJZSovpQE%2BV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 850837689ae90b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

matomo.hellohi.me/matomo.js

188.114.97.1

200 OK

66 kB

URL GET HTTP/2
matomo.hellohi.me/matomo.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://1337x.dirproxy.blue/
Certificate
IssuerGoogle Trust Services LLC
Subjecthellohi.me
Fingerprint20:B9:84:70:94:CC:19:B8:30:57:F2:C4:78:C7:33:8D:BF:70:AA:85
ValidityTue, 30 Jan 2024 00:16:24 GMT - Mon, 29 Apr 2024 00:16:23 GMT

File type
JavaScript source, ASCII text, with very long lines (1601)
Size
66 kB (65842 bytes)
Hash
a3a7245d6daf7d31d2069c0ba05879dd
ec1bf464889e71aec1ced6d8361a26c76e4a1460
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

HTTP Headers

GET /matomo.js HTTP/1.1
Host: matomo.hellohi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x.dirproxy.blue/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 05 Feb 2024 03:55:12 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 19 Oct 2023 04:58:52 GMT
etag: W/"6530b78c-10132"
expires: Mon, 05 Feb 2024 04:24:25 GMT
cache-control: public, max-age=14400
pragma: public
cf-cache-status: HIT
age: 1847
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHy05aXBGqxD4DmHpiJItAuHMup24blXncgPXJFALAs7FjoY6cOOm0qUlyHy6M3r4sMf8e%2BMiE%2FWi9WnftkVfPy%2Fu3ALTKJl7Rm08itli70mKGeUg7eOuHeSKUZH4jg%2BDCv49w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85083768e9aa1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

1337x.dirproxy.blue/favicon.ico

172.67.211.123

200 OK

1.2 kB

URL GET HTTP/3
1337x.dirproxy.blue/favicon.ico
IP
172.67.211.123:443
ASN
#13335 CLOUDFLARENET

Requested by
https://1337x.dirproxy.blue/
Certificate
IssuerGoogle Trust Services LLC
Subjectdirproxy.blue
FingerprintE4:A3:4D:DC:3B:73:38:09:7E:07:C7:64:20:87:A4:98:F2:46:28:6D
ValidityMon, 08 Jan 2024 23:39:39 GMT - Sun, 07 Apr 2024 23:39:38 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
769362362d52b0cfc3271ecb6dec43fb
9df2439bce4e08d28c14c37cd2f74fc678465b23
7d524db2f0ca2d20b89f7f197110cb9a5bbaea45b19939dc6e30dc366d20eb61

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 1337x.dirproxy.blue
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x.dirproxy.blue/
Cookie: view=1; PHPSESSID=b3hs8v4q1hpe8dssaqmtltm5jh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 05 Feb 2024 03:55:13 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Tue, 06-Feb-2024 03:55:13 GMT; Max-Age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tY3VU6OVuuYVBREVljCO9fz4NUyVX7xHNan3rndx8O8lxwAO%2F%2Fu7fTMRQVifCkXDVFV2b8bU%2FnUWcy3bMBmIOworDVL135VKvf4DpczVv77vgGw4FgNphhzP2iHUrPeQ56bslTU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8508376fccd20b65-OSL
alt-svc: h3=":443"; ma=86400

1337x.dirproxy.blue/

172.67.211.123

200 OK

123 kB

URL User Request GET HTTP/2
1337x.dirproxy.blue/
IP
172.67.211.123:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectdirproxy.blue
FingerprintE4:A3:4D:DC:3B:73:38:09:7E:07:C7:64:20:87:A4:98:F2:46:28:6D
ValidityMon, 08 Jan 2024 23:39:39 GMT - Sun, 07 Apr 2024 23:39:38 GMT

File type
HTML document, ASCII text, with very long lines (42723)
Size
123 kB (123358 bytes)
Hash
598a15f99b671e1734956952e8b24af7
c88d5f82704cf61f9e9bddc0aaf43f1ff0a9fa72
c5b9de6e95ace8150008678effab0b346eea65fca85052923b7726a24d2100ec

HTTP Headers

GET / HTTP/1.1
Host: 1337x.dirproxy.blue
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 05 Feb 2024 03:55:11 GMT
set-cookie: view=1; expires=Tue, 06-Feb-2024 03:55:11 GMT; Max-Age=86400
PHPSESSID=b3hs8v4q1hpe8dssaqmtltm5jh; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SrZYynTjclEMYCd7o3%2Bp%2BuXKoNwfpFsN4pbIVbkzSsXMWFF3oK0mDeD5sWWq70fzt%2BPlmaWBPWiUJ6qqsx%2B1a5stJCNE%2FJlSP1cE%2BUClns7t1jLzDpMA5RCVFkWEw8pOP2BaaDxz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 850837659dfe712f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

metrica-yandex.com/metrika/tag.js?1001

188.114.97.1

200 OK

60 kB

URL GET HTTP/2
metrica-yandex.com/metrika/tag.js?1001
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://1337x.dirproxy.blue/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetrica-yandex.com
FingerprintE2:76:38:E7:71:A4:73:C7:0B:ED:FE:19:0D:51:10:1B:69:49:E1:25
ValiditySat, 13 Jan 2024 10:45:37 GMT - Fri, 12 Apr 2024 10:45:36 GMT

File type
JavaScript source, ASCII text, with very long lines (60271), with no line terminators
Size
60 kB (60271 bytes)
Hash
ea67b2343fc359662afdae5d4c8c8e03
7f07219a8cd9d6d5c17e20bd7e80fac0281c2b18
5e31460a6eacabdc5895ad2ad898a4a570ac88f2794c61ddce6b0beee304eb11

HTTP Headers

GET /metrika/tag.js?1001 HTTP/1.1
Host: metrica-yandex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x.dirproxy.blue/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 05 Feb 2024 03:55:11 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 30 Sep 2021 23:00:22 GMT
etag: W/"61564186-eb6f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 5949790
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BYWxHNsFZbQ5RQecStEkE4m2GP4okZCWIu%2B%2BLZRdmyjMJ%2FWJwQO4VuZKOvPAgy7%2BwHsJ0AGNh7vO8o06yLTywvN7wElP4c8t1Qo5URGS5ZFdihouYoeOAo05Bt8Zwr7VuutHkWk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 850837674db85689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

1337x.dirproxy.blue/app/x12.js

172.67.211.123

200 OK

11 kB

URL GET HTTP/3
1337x.dirproxy.blue/app/x12.js
IP
172.67.211.123:443
ASN
#13335 CLOUDFLARENET

Requested by
https://1337x.dirproxy.blue/
Certificate
IssuerGoogle Trust Services LLC
Subjectdirproxy.blue
FingerprintE4:A3:4D:DC:3B:73:38:09:7E:07:C7:64:20:87:A4:98:F2:46:28:6D
ValidityMon, 08 Jan 2024 23:39:39 GMT - Sun, 07 Apr 2024 23:39:38 GMT

File type
JavaScript source, ASCII text, with very long lines (11180), with no line terminators
Size
11 kB (11180 bytes)
Hash
94efa3c05291ac5cccd32cc3a11c9724
3a033e4d6f5e5eaf76030a81c8a05c619de436c2
58c753f7ffcb584d2ed43470ec9bdd30a4cd4723f368d83de6163413d5555102

HTTP Headers

GET /app/x12.js HTTP/1.1
Host: 1337x.dirproxy.blue
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x.dirproxy.blue/
Cookie: view=1; PHPSESSID=b3hs8v4q1hpe8dssaqmtltm5jh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 05 Feb 2024 03:55:11 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 15 Sep 2020 18:26:18 GMT
etag: W/"5f61074a-2bac"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0J2Y9qu0274KKd3HEX4Kfl0ZeYV%2B3Q74yu%2Bi5%2B0zkiMQM%2BksSYYkR7M5FWKwInEeK%2B43%2BfTeZ6vmvFVYTcslEwpSIwerckn0n3lH%2FZ8ckv12bECvP3cKNkeUbgvhic4YKOOKZ%2Bq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 850837670a700b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (16)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers