Submitted URL: https://sotpwinzwernet.us-east-1.linodeobjects.com/otep.html
Effective URL: https://5tuxkgojnr.anerorigig.tech/
Submission: On December 08 via api from US — Scanned from US

Summary

This website contacted 9 IPs in 1 countries across 9 domains to perform 15 HTTP transactions. The main IP is 203.161.61.6, located in United States and belongs to NAMECHEAP-NET, US. The main domain is 5tuxkgojnr.anerorigig.tech.
TLS certificate: Issued by R3 on December 8th 2023. Valid for: 3 months.
This is the only time 5tuxkgojnr.anerorigig.tech was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2600:3c03::f0... 63949 (AKAMAI-LI...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 3.5.28.201 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 203.161.61.6 22612 (NAMECHEAP...)
2 2a04:4e42:600... 54113 (FASTLY)
15 9
Apex Domain
Subdomains
Transfer
5 qr.io
qr.io — Cisco Umbrella Rank: 162006
118 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
59 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
2 amung.us
whos.amung.us — Cisco Umbrella Rank: 17707
widgets.amung.us — Cisco Umbrella Rank: 33548
668 B
1 anerorigig.tech
5tuxkgojnr.anerorigig.tech
24 KB
1 gstatic.com
fonts.gstatic.com
31 KB
1 amazonaws.com
multiplelinks-images.s3.amazonaws.com
3 KB
1 qr.codes
qr.codes — Cisco Umbrella Rank: 599960
13 KB
1 linodeobjects.com
sotpwinzwernet.us-east-1.linodeobjects.com
3 KB
15 9
Domain Requested by
5 qr.io sotpwinzwernet.us-east-1.linodeobjects.com
2 cdn.jsdelivr.net 5tuxkgojnr.anerorigig.tech
2 fonts.googleapis.com qr.io
1 5tuxkgojnr.anerorigig.tech
1 fonts.gstatic.com fonts.googleapis.com
1 multiplelinks-images.s3.amazonaws.com sotpwinzwernet.us-east-1.linodeobjects.com
1 widgets.amung.us sotpwinzwernet.us-east-1.linodeobjects.com
1 whos.amung.us 1 redirects
1 qr.codes sotpwinzwernet.us-east-1.linodeobjects.com
1 sotpwinzwernet.us-east-1.linodeobjects.com
15 10

This site contains no links.

Subject Issuer Validity Valid
us-east-1.linodeobjects.com
R3
2023-10-11 -
2024-01-09
3 months crt.sh
qr.codes
GTS CA 1P5
2023-10-19 -
2024-01-17
3 months crt.sh
qr.io
GTS CA 1P5
2023-12-06 -
2024-03-05
3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01
2023-10-10 -
2024-07-03
9 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
5tuxkgojnr.anerorigig.tech
R3
2023-12-08 -
2024-03-07
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-09-27 -
2024-10-28
a year crt.sh

This page contains 1 frames:

Primary Page: https://5tuxkgojnr.anerorigig.tech/
Frame ID: BCA27AEF77525CC75730B91E178C7143
Requests: 15 HTTP requests in this frame

Screenshot

Page Title

Loading... Wait...

Page URL History Show full URLs

  1. https://sotpwinzwernet.us-east-1.linodeobjects.com/otep.html Page URL
  2. https://5tuxkgojnr.anerorigig.tech/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

15
Requests

93 %
HTTPS

78 %
IPv6

9
Domains

10
Subdomains

9
IPs

1
Countries

253 kB
Transfer

1143 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sotpwinzwernet.us-east-1.linodeobjects.com/otep.html Page URL
  2. https://5tuxkgojnr.anerorigig.tech/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://whos.amung.us/swidget/qriostats.png HTTP 307
  • https://widgets.amung.us/small/09/958.png

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
otep.html
sotpwinzwernet.us-east-1.linodeobjects.com/
3 KB
3 KB
Document
General
Full URL
https://sotpwinzwernet.us-east-1.linodeobjects.com/otep.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:3c03::f03c:92ff:fe6e:ce0c Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
/
Resource Hash
8c6e849cfd725bcb46107dbb7a082d61f5da0cfc8e339561607c0829b3b6a06c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
3100
Content-Type
text/html
Date
Fri, 08 Dec 2023 23:27:42 GMT
ETag
"40de54dba25922c53f6f20486ed1dfb4"
Last-Modified
Fri, 08 Dec 2023 16:40:07 GMT
x-amz-request-id
tx00000bd8e96d44269268d-006573a66f-4e4768f3-default
x-rgw-object-type
Normal
all.css
qr.codes/fontawesome-free-5.15.4-web/css/
72 KB
13 KB
Stylesheet
General
Full URL
https://qr.codes/fontawesome-free-5.15.4-web/css/all.css
Requested by
Host: sotpwinzwernet.us-east-1.linodeobjects.com
URL: https://sotpwinzwernet.us-east-1.linodeobjects.com/otep.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:babd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cb8cc3fee4275e182236ab19c3aae55274f43aa0ffde9c0510d8d59fcf8e5dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sotpwinzwernet.us-east-1.linodeobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 23:27:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 02 Sep 2022 15:54:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
116
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZIC37wWS%2BND6kz%2BQFq3k4yqVJtj%2FIcfaJbIw8Ccrr7t7QEKEDXMSsdqAdmkPlu8DOS%2BG%2B6Cg1NzZE4YWz5BX%2FRUDBdTWrtdGZwEcYem%2Boqc8Ei5cr5ph7IeWHao5tnNleyfzZ2Ajw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8328c7d62b124340-EWR
alt-svc
h3=":443"; ma=86400
prism.css
qr.io/node_modules/prismjs/themes/
2 KB
1 KB
Stylesheet
General
Full URL
https://qr.io/node_modules/prismjs/themes/prism.css
Requested by
Host: sotpwinzwernet.us-east-1.linodeobjects.com
URL: https://sotpwinzwernet.us-east-1.linodeobjects.com/otep.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565dbff14754261a039640abf421099afefb922ba1e32c4c17b80fd4e61ee840

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sotpwinzwernet.us-east-1.linodeobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 23:27:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 12 Sep 2020 18:43:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2796
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzEn6O9RczRQt7ucKEJqV7cKgmS1KsjXNJO7wFDpz%2FyHAYrHnvNw52qcqroHEr4nEE%2FXFZWCFa905D7%2F0ZwGoxAuk45xTPF64kOzIcJkmsVv0Gri9gL902azBRipzvbJfQFZLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8328c7d62e978cd6-EWR
alt-svc
h3=":443"; ma=86400
jqvmap.min.css
qr.io/node_modules/jqvmap/dist/
613 B
713 B
Stylesheet
General
Full URL
https://qr.io/node_modules/jqvmap/dist/jqvmap.min.css
Requested by
Host: sotpwinzwernet.us-east-1.linodeobjects.com
URL: https://sotpwinzwernet.us-east-1.linodeobjects.com/otep.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32d26b3f38f5adcf544dcb92bd5ef604d67ac7300a28f7f8b072ae0e9f555a3c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sotpwinzwernet.us-east-1.linodeobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 23:27:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 12 Sep 2020 18:43:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2796
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLqL0lIwVcUyy1nODeVFfE8lmrpOZiC533EE22tq9fjb4Mt5%2Bn0PSDc2sxknHrib21XKeMzo92XaTDALrTqxJSwzqio5KJ8AqIwp8YnvFJqqjUzXkXk9nfrGZqpG1V03kWb1NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8328c7d62e958cd6-EWR
alt-svc
h3=":443"; ma=86400
leaf.css
qr.io/css/
559 KB
75 KB
Stylesheet
General
Full URL
https://qr.io/css/leaf.css
Requested by
Host: sotpwinzwernet.us-east-1.linodeobjects.com
URL: https://sotpwinzwernet.us-east-1.linodeobjects.com/otep.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c25d5aea4b2c07449b8444cc969f070c795fb6ad1bdac11a6b7d16a932174ade

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sotpwinzwernet.us-east-1.linodeobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 23:27:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 08 Nov 2023 12:07:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
380
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=on2OHr1Z20bmrtDMkHPHFR2EELQD%2FwuMVrIt3cYjYhYAviQiKaC1f%2BcUUNj%2BYEDp5RCixzQ6AdGVk1fwvuwH4xXHUdVKBooA%2Bybz2nas47T93adPZXLn%2FUm0FOoiXXqmSC1HTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8328c7d62e988cd6-EWR
alt-svc
h3=":443"; ma=86400
vue@2.6.14.js
qr.io/vue-scripts/
92 KB
35 KB
Script
General
Full URL
https://qr.io/vue-scripts/vue@2.6.14.js
Requested by
Host: sotpwinzwernet.us-east-1.linodeobjects.com
URL: https://sotpwinzwernet.us-east-1.linodeobjects.com/otep.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sotpwinzwernet.us-east-1.linodeobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 23:27:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 07 Feb 2022 12:51:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2645
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F93zdjqwvzu3r2%2FFYYuZj%2B9eah1u40O4pJNR5tTxom6ciOLuaMgZHuMEJ4Qu3opIr1aIjEOiIHJfQ%2F15StWSGSDbIGoQR2OqShz2MB86pY4PNQNqG1SS0RQ4H%2FFnC6vXrRw6Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8328c7d62e998cd6-EWR
alt-svc
h3=":443"; ma=86400
axios.min.js
qr.io/vue-scripts/
18 KB
6 KB
Script
General
Full URL
https://qr.io/vue-scripts/axios.min.js
Requested by
Host: sotpwinzwernet.us-east-1.linodeobjects.com
URL: https://sotpwinzwernet.us-east-1.linodeobjects.com/otep.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b00828aa594968071f062841833553f98541845061e2d1c3144da47acce5940d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sotpwinzwernet.us-east-1.linodeobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 23:27:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 07 Feb 2022 12:51:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2645
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qB5be25GP%2F41rTxfs%2Fiz%2FVVfltvsitJSkbWyf3OjBRZ3VaJeUTAfWQP8IrT23%2BxKBDea2m%2BCDnfJq6xMpUq2H4LwSfisBB%2BnFv936iXxUTtpt%2BVbeAB1m6dSyB%2F2F4QnrxToJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8328c7d62e9b8cd6-EWR
alt-svc
h3=":443"; ma=86400
958.png
widgets.amung.us/small/09/
Redirect Chain
  • https://whos.amung.us/swidget/qriostats.png
  • https://widgets.amung.us/small/09/958.png
326 B
497 B
Image
General
Full URL
https://widgets.amung.us/small/09/958.png
Requested by
Host: sotpwinzwernet.us-east-1.linodeobjects.com
URL: https://sotpwinzwernet.us-east-1.linodeobjects.com/otep.html
Protocol
H2
Server
2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d26240cba98e0faae5a922889ebe467481d2f1c8327c5e41e43f56978475e85

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sotpwinzwernet.us-east-1.linodeobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 23:27:43 GMT
cf-cache-status
HIT
last-modified
Sun, 13 Jun 2010 09:48:30 GMT
server
cloudflare
age
836721
etag
"4c14a96e-146"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8328c7d6cdf18c48-EWR
content-length
326
expires
Thu, 30 Nov 2023 07:02:22 GMT

Redirect headers

location
https://widgets.amung.us/small/09/958.png
date
Fri, 08 Dec 2023 23:27:43 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8328c7d61d218c48-EWR
content-type
text/html; charset=UTF-8
1b81205565c64bfd340dff5aeef6dfc7.png
multiplelinks-images.s3.amazonaws.com/
2 KB
3 KB
Image
General
Full URL
https://multiplelinks-images.s3.amazonaws.com/1b81205565c64bfd340dff5aeef6dfc7.png
Requested by
Host: sotpwinzwernet.us-east-1.linodeobjects.com
URL: https://sotpwinzwernet.us-east-1.linodeobjects.com/otep.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.28.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
147c66a293f5c689f5f3026425116ae2dc07f9278c3d6bb8ce1224f02a851825

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sotpwinzwernet.us-east-1.linodeobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 23:27:44 GMT
Last-Modified
Sat, 15 Jul 2023 12:23:52 GMT
Server
AmazonS3
x-amz-request-id
F07R4ZNFF50FDMKK
ETag
"3d8348f9d44e874159cbda81629c2dce"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2382
x-amz-id-2
5SN6toKhjD3HBlC8grighigtR8X7rED1eNifRCJUCtDPfavBhgH7T3TUwSxF9cZHEkbz3weBvAAaWcTsnSh3MXZh4655FxZYmyCWeOhgB8E=
css
fonts.googleapis.com/
11 KB
824 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800&display=swap
Requested by
Host: qr.io
URL: https://qr.io/css/leaf.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1d5389c7f119dc4c74da821a932f6530191de67aa19a9274a134c0b2155f42b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qr.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 23:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 21:37:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 08 Dec 2023 23:27:43 GMT
css
fonts.googleapis.com/
2 KB
838 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Sanchez:400,400i&display=swap
Requested by
Host: qr.io
URL: https://qr.io/css/leaf.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e8b48701e04d2913c042952823f5b437b3bd6c25e66e7ddff1b7e9374ce218f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qr.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 23:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 23:27:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 08 Dec 2023 23:27:43 GMT
pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/
30 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sotpwinzwernet.us-east-1.linodeobjects.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:43:38 GMT
x-content-type-options
nosniff
age
348245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31052
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:27:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 22:43:38 GMT
Primary Request /
5tuxkgojnr.anerorigig.tech/
45 KB
24 KB
Document
General
Full URL
https://5tuxkgojnr.anerorigig.tech/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
203.161.61.6 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
svr.hostpage.host
Software
Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips / PHP/7.4.1
Resource Hash
3a8b30d1676699ace2b844563685564382c25028777b6e14a44d258bb49e8b04

Request headers

Referer
https://sotpwinzwernet.us-east-1.linodeobjects.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
24031
Content-Type
text/html; charset=UTF-8
Date
Fri, 08 Dec 2023 23:27:45 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
Vary
Accept-Encoding,User-Agent
X-Powered-By
PHP/7.4.1
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/
227 KB
35 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css
Requested by
Host: 5tuxkgojnr.anerorigig.tech
URL: https://5tuxkgojnr.anerorigig.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://5tuxkgojnr.anerorigig.tech/
Origin
https://5tuxkgojnr.anerorigig.tech
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 23:27:46 GMT
x-content-type-options
nosniff
content-encoding
br
age
4827921
x-jsd-version
5.3.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
34902
x-served-by
cache-fra-etou8220083-FRA, cache-ewr18125-EWR
x-jsd-version-type
version
etag
W/"38df4-HxOZgbm0enZu+gphu3ito1HxbEs"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/
79 KB
25 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js
Requested by
Host: 5tuxkgojnr.anerorigig.tech
URL: https://5tuxkgojnr.anerorigig.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://5tuxkgojnr.anerorigig.tech/
Origin
https://5tuxkgojnr.anerorigig.tech
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 23:27:46 GMT
x-content-type-options
nosniff
content-encoding
br
age
5705820
x-jsd-version
5.3.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25109
x-served-by
cache-fra-etou8220085-FRA, cache-ewr18125-EWR
x-jsd-version-type
version
etag
W/"13b17-9/0PPchLLPk7+B6DJQWmc/NU4KM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture number| uidEvent object| bootstrap number| Timeout function| myFunction function| goto function| setCookie

1 Cookies

Domain/Path Name / Value
5tuxkgojnr.anerorigig.tech/ Name: PHPSESSID
Value: 77fe79a7b4d86e55267c5f2b715cd067

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5tuxkgojnr.anerorigig.tech
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
multiplelinks-images.s3.amazonaws.com
qr.codes
qr.io
sotpwinzwernet.us-east-1.linodeobjects.com
whos.amung.us
widgets.amung.us
203.161.61.6
2600:3c03::f03c:92ff:fe6e:ce0c
2606:4700:10::ac43:88d
2606:4700:3030::ac43:d0e7
2606:4700:3032::ac43:babd
2607:f8b0:4006:822::2003
2607:f8b0:4006:823::200a
2a04:4e42:600::485
3.5.28.201
0cb8cc3fee4275e182236ab19c3aae55274f43aa0ffde9c0510d8d59fcf8e5dc
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
147c66a293f5c689f5f3026425116ae2dc07f9278c3d6bb8ce1224f02a851825
1d5389c7f119dc4c74da821a932f6530191de67aa19a9274a134c0b2155f42b4
2d26240cba98e0faae5a922889ebe467481d2f1c8327c5e41e43f56978475e85
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df
32d26b3f38f5adcf544dcb92bd5ef604d67ac7300a28f7f8b072ae0e9f555a3c
3a8b30d1676699ace2b844563685564382c25028777b6e14a44d258bb49e8b04
565dbff14754261a039640abf421099afefb922ba1e32c4c17b80fd4e61ee840
82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd
8c6e849cfd725bcb46107dbb7a082d61f5da0cfc8e339561607c0829b3b6a06c
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17
b00828aa594968071f062841833553f98541845061e2d1c3144da47acce5940d
c25d5aea4b2c07449b8444cc969f070c795fb6ad1bdac11a6b7d16a932174ade
e8b48701e04d2913c042952823f5b437b3bd6c25e66e7ddff1b7e9374ce218f9