georniafago-b3cd5e047bf0.herokuapp.com Open in urlscan Pro
34.241.115.67 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cite.me/m0VwMMu
Effective URL:
https://georniafago-b3cd5e047bf0.herokuapp.com/
Submission: On June 07 via manual (June 7th 2024, 3:05:29 am UTC) from US — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 19 HTTP transactions. The main IP is 34.241.115.67, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is georniafago-b3cd5e047bf0.herokuapp.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 2nd 2024. Valid for: a year.

This is the only time georniafago-b3cd5e047bf0.herokuapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: USPS (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
2 2	44.196.101.0 44.196.101.0	14618 (AMAZON-AES) (AMAZON-AES)
18	34.241.115.67 34.241.115.67	16509 (AMAZON-02) (AMAZON-02)
19	2

2 44.196.101.0 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-101-0.compute-1.amazonaws.com

cite.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.cite.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 34.241.115.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-115-67.eu-west-1.compute.amazonaws.com

georniafago-b3cd5e047bf0.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	herokuapp.com georniafago-b3cd5e047bf0.herokuapp.com	120 KB
2	cite.me 2 redirects cite.me www.cite.me	1 KB
0	ipify.org Failed api.ipify.org Failed
19	3

	Domain	Requested by
18	georniafago-b3cd5e047bf0.herokuapp.com	georniafago-b3cd5e047bf0.herokuapp.com
1	www.cite.me	1 redirects
1	cite.me	1 redirects
0	api.ipify.org Failed	georniafago-b3cd5e047bf0.herokuapp.com
19	4

This site contains no links.

Subject Issuer	Validity	Valid
*.herokuapp.com Amazon RSA 2048 M02	`2024-03-02` - `2025-03-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://georniafago-b3cd5e047bf0.herokuapp.com/
Frame ID: 828CEE7E73F18FD4EE282483A7E4AC88
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

USPS | Redelivery Request

Page URL History Show full URLs

http://cite.me/m0VwMMu HTTP 307
https://cite.me/m0VwMMu HTTP 307
http://cite.me/m0VwMMu HTTP 301
https://www.cite.me/m0VwMMu HTTP 302
https://georniafago-b3cd5e047bf0.herokuapp.com/ Page URL

Detected technologies

Heroku (PaaS) Expand

Overall confidence: 100%
Detected patterns

\.herokuapp\.com

Page Statistics

19
Requests

95 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

2
Countries

120 kB
Transfer

352 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cite.me/m0VwMMu HTTP 307
https://cite.me/m0VwMMu HTTP 307
http://cite.me/m0VwMMu HTTP 301
https://www.cite.me/m0VwMMu HTTP 302
https://georniafago-b3cd5e047bf0.herokuapp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
8 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response georniafago-b3cd5e047bf0.herokuapp.com/ Redirect Chain http://cite.me/m0VwMMu https://cite.me/m0VwMMu http://cite.me/m0VwMMu https://www.cite.me/m0VwMMu https://georniafago-b3cd5e047bf0.herokuapp.com/	21 KB 4 KB	1482ms 36ms	Document text/html	34.241.115.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://georniafago-b3cd5e047bf0.herokuapp.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.115.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-115-67.eu-west-1.compute.amazonaws.com Software Cowboy / Next.js Resource Hash `f85bb86b248511000a4c9277d370126ec2a737543ee9196d9c9d0e9bcba706da` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Fri, 07 Jun 2024 03:05:17 GMT Etag "836in2zpdygoz" Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D"}]} Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D Server Cowboy Transfer-Encoding chunked Vary Accept-Encoding Via 1.1 vegur X-Powered-By Next.js Redirect headers access-control-allow-headers X-Requested-With access-control-allow-origin * age 0 cache-control no-store, no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Fri, 07 Jun 2024 03:05:16 GMT expires Thu, 19 Nov 1981 08:52:00 GMT location https://georniafago-b3cd5e047bf0.herokuapp.com pragma no-cache server Apache/2.4.58 () OpenSSL/1.0.2k-fips via 1.1 varnish-v4 x-powered-by PHP/8.1.23 x-varnish 325976895
GET H/1.1	200 OK	cf9e927b4db45f6c.css georniafago-b3cd5e047bf0.herokuapp.com/_next/static/css/	10 KB 3 KB	35ms 34ms	Stylesheet text/css	34.241.115.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://georniafago-b3cd5e047bf0.herokuapp.com/_next/static/css/cf9e927b4db45f6c.css Requested by Host: georniafago-b3cd5e047bf0.herokuapp.com URL: https://georniafago-b3cd5e047bf0.herokuapp.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.115.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-115-67.eu-west-1.compute.amazonaws.com Software Cowboy / Resource Hash `9830f1f902a255975f9f3e90c20769c9d5b229cc1a46efe1a1c042395317ae17` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://georniafago-b3cd5e047bf0.herokuapp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 07 Jun 2024 03:05:17 GMT Content-Encoding gzip Via 1.1 vegur Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Sat, 01 Jun 2024 16:04:30 GMT Etag W/"265a-18fd48b9ab0" Vary Accept-Encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D"}]} Content-Type text/css; charset=UTF-8 Transfer-Encoding chunked Cache-Control public, max-age=31536000, immutable Connection keep-alive Accept-Ranges bytes Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D
GET H/1.1	200 OK	webpack-69bfa6990bb9e155.js Show response georniafago-b3cd5e047bf0.herokuapp.com/_next/static/chunks/	1 KB 2 KB	69ms 34ms	Script application/javascript	34.241.115.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://georniafago-b3cd5e047bf0.herokuapp.com/_next/static/chunks/webpack-69bfa6990bb9e155.js Requested by Host: georniafago-b3cd5e047bf0.herokuapp.com URL: https://georniafago-b3cd5e047bf0.herokuapp.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.115.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-115-67.eu-west-1.compute.amazonaws.com Software Cowboy / Resource Hash `f86d1dba790dc40eadb3d17edcd420e29aa9adf59b4f80cebe6719e4b67a9109` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://georniafago-b3cd5e047bf0.herokuapp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 07 Jun 2024 03:05:17 GMT Content-Encoding gzip Via 1.1 vegur Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Sat, 01 Jun 2024 16:04:30 GMT Etag W/"5bd-18fd48b9ab0" Vary Accept-Encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D"}]} Content-Type application/javascript; charset=UTF-8 Transfer-Encoding chunked Cache-Control public, max-age=31536000, immutable Connection keep-alive Accept-Ranges bytes Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D
GET H/1.1	200 OK	framework-a87821de553db91d.js Show response georniafago-b3cd5e047bf0.herokuapp.com/_next/static/chunks/	137 KB 45 KB	154ms 105ms	Script application/javascript	34.241.115.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://georniafago-b3cd5e047bf0.herokuapp.com/_next/static/chunks/framework-a87821de553db91d.js Requested by Host: georniafago-b3cd5e047bf0.herokuapp.com URL: https://georniafago-b3cd5e047bf0.herokuapp.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.115.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-115-67.eu-west-1.compute.amazonaws.com Software Cowboy / Resource Hash `1c07bdc6f339f4852b2634785c1de979ef305ecaa6cac8b66e8ee66e143ce4e1` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://georniafago-b3cd5e047bf0.herokuapp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 07 Jun 2024 03:05:17 GMT Content-Encoding gzip Via 1.1 vegur Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Sat, 01 Jun 2024 16:04:30 GMT Etag W/"225cc-18fd48b9ab0" Vary Accept-Encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D"}]} Content-Type application/javascript; charset=UTF-8 Transfer-Encoding chunked Cache-Control public, max-age=31536000, immutable Connection keep-alive Accept-Ranges bytes Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D
GET H/1.1	200 OK	main-a75cf611e061d8f8.js Show response georniafago-b3cd5e047bf0.herokuapp.com/_next/static/chunks/	104 KB 31 KB	154ms 98ms	Script application/javascript	34.241.115.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://georniafago-b3cd5e047bf0.herokuapp.com/_next/static/chunks/main-a75cf611e061d8f8.js Requested by Host: georniafago-b3cd5e047bf0.herokuapp.com URL: https://georniafago-b3cd5e047bf0.herokuapp.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.115.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-115-67.eu-west-1.compute.amazonaws.com Software Cowboy / Resource Hash `0b838b231ac19788188e3e3d935d35f6d0236e822d15baa0acd183d4938a9290` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://georniafago-b3cd5e047bf0.herokuapp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 07 Jun 2024 03:05:17 GMT Content-Encoding gzip Via 1.1 vegur Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Sat, 01 Jun 2024 16:04:30 GMT Etag W/"19e69-18fd48b9ab0" Vary Accept-Encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D"}]} Content-Type application/javascript; charset=UTF-8 Transfer-Encoding chunked Cache-Control public, max-age=31536000, immutable Connection keep-alive Accept-Ranges bytes Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D
GET H/1.1	200 OK	_app-54772c170987db80.js Show response georniafago-b3cd5e047bf0.herokuapp.com/_next/static/chunks/pages/	931 B 2 KB	154ms 95ms	Script application/javascript	34.241.115.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://georniafago-b3cd5e047bf0.herokuapp.com/_next/static/chunks/pages/_app-54772c170987db80.js Requested by Host: georniafago-b3cd5e047bf0.herokuapp.com URL: https://georniafago-b3cd5e047bf0.herokuapp.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.115.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-115-67.eu-west-1.compute.amazonaws.com Software Cowboy / Resource Hash `2bcba144d12f459483190810a92b4868e7b856a2e899c43c05b8db7e193ec654` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://georniafago-b3cd5e047bf0.herokuapp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 07 Jun 2024 03:05:17 GMT Via 1.1 vegur Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Sat, 01 Jun 2024 16:04:30 GMT Etag W/"3a3-18fd48b9ab0" Vary Accept-Encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D"}]} Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Connection keep-alive Accept-Ranges bytes Content-Length 931 Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D
GET H/1.1	200 OK	78e521c3-1947e727e698dedc.js Show response georniafago-b3cd5e047bf0.herokuapp.com/_next/static/chunks/	469 B 1 KB	180ms 108ms	Script application/javascript	34.241.115.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://georniafago-b3cd5e047bf0.herokuapp.com/_next/static/chunks/78e521c3-1947e727e698dedc.js Requested by Host: georniafago-b3cd5e047bf0.herokuapp.com URL: https://georniafago-b3cd5e047bf0.herokuapp.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.115.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-115-67.eu-west-1.compute.amazonaws.com Software Cowboy / Resource Hash `628fd29fee33a0868dbb24d56fed55b31dacd5564f877036080764d686d2905c` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://georniafago-b3cd5e047bf0.herokuapp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 07 Jun 2024 03:05:17 GMT Via 1.1 vegur Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Sat, 01 Jun 2024 16:04:30 GMT Etag W/"1d5-18fd48b9ab0" Vary Accept-Encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D"}]} Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Connection keep-alive Accept-Ranges bytes Content-Length 469 Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D
GET H/1.1	200 OK	0c428ae2-7bf239f88818b1c9.js Show response georniafago-b3cd5e047bf0.herokuapp.com/_next/static/chunks/	681 B 2 KB	163ms 35ms	Script application/javascript	34.241.115.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://georniafago-b3cd5e047bf0.herokuapp.com/_next/static/chunks/0c428ae2-7bf239f88818b1c9.js Requested by Host: georniafago-b3cd5e047bf0.herokuapp.com URL: https://georniafago-b3cd5e047bf0.herokuapp.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.115.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-115-67.eu-west-1.compute.amazonaws.com Software Cowboy / Resource Hash `d6c1086d841cbffc43f561a305c338fd92bc534712b579590a2903ea605c844a` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://georniafago-b3cd5e047bf0.herokuapp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 07 Jun 2024 03:05:17 GMT Via 1.1 vegur Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Sat, 01 Jun 2024 16:04:30 GMT Etag W/"2a9-18fd48b9ab0" Vary Accept-Encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D"}]} Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Connection keep-alive Accept-Ranges bytes Content-Length 681 Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D
GET H/1.1	200 OK	7f0c75c1-bf5d17862efe7b06.js Show response georniafago-b3cd5e047bf0.herokuapp.com/_next/static/chunks/	530 B 1 KB	128ms 36ms	Script application/javascript	34.241.115.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://georniafago-b3cd5e047bf0.herokuapp.com/_next/static/chunks/7f0c75c1-bf5d17862efe7b06.js Requested by Host: georniafago-b3cd5e047bf0.herokuapp.com URL: https://georniafago-b3cd5e047bf0.herokuapp.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.115.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-115-67.eu-west-1.compute.amazonaws.com Software Cowboy / Resource Hash `8f0b049d3e27c476da50150f7f62008ac1a0d60b26c1e43f63c76cbc50628931` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://georniafago-b3cd5e047bf0.herokuapp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 07 Jun 2024 03:05:17 GMT Via 1.1 vegur Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Sat, 01 Jun 2024 16:04:30 GMT Etag W/"212-18fd48b9ab0" Vary Accept-Encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D"}]} Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Connection keep-alive Accept-Ranges bytes Content-Length 530 Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D
GET H/1.1	200 OK	676-8ac03ac2d86cc1eb.js Show response georniafago-b3cd5e047bf0.herokuapp.com/_next/static/chunks/	17 KB 7 KB	37ms 37ms	Script application/javascript	34.241.115.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://georniafago-b3cd5e047bf0.herokuapp.com/_next/static/chunks/676-8ac03ac2d86cc1eb.js Requested by Host: georniafago-b3cd5e047bf0.herokuapp.com URL: https://georniafago-b3cd5e047bf0.herokuapp.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.115.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-115-67.eu-west-1.compute.amazonaws.com Software Cowboy / Resource Hash `0353400617c18b37b173074a3faca1c61a8b14e7162d29cf44d2d01154178ae0` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://georniafago-b3cd5e047bf0.herokuapp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 07 Jun 2024 03:05:17 GMT Content-Encoding gzip Via 1.1 vegur Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Sat, 01 Jun 2024 16:04:30 GMT Etag W/"440b-18fd48b9ab0" Vary Accept-Encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D"}]} Content-Type application/javascript; charset=UTF-8 Transfer-Encoding chunked Cache-Control public, max-age=31536000, immutable Connection keep-alive Accept-Ranges bytes Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D
GET H/1.1	200 OK	763-45fef2a85f24e21f.js Show response georniafago-b3cd5e047bf0.herokuapp.com/_next/static/chunks/	22 KB 6 KB	32ms 32ms	Script application/javascript	34.241.115.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://georniafago-b3cd5e047bf0.herokuapp.com/_next/static/chunks/763-45fef2a85f24e21f.js Requested by Host: georniafago-b3cd5e047bf0.herokuapp.com URL: https://georniafago-b3cd5e047bf0.herokuapp.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.115.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-115-67.eu-west-1.compute.amazonaws.com Software Cowboy / Resource Hash `c57707dc4e32b940c92d8dcebab9d91d06a500e59771e02b1de314b6b88b7f39` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://georniafago-b3cd5e047bf0.herokuapp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 07 Jun 2024 03:05:17 GMT Content-Encoding gzip Via 1.1 vegur Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Sat, 01 Jun 2024 16:04:30 GMT Etag W/"584f-18fd48b9ab0" Vary Accept-Encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D"}]} Content-Type application/javascript; charset=UTF-8 Transfer-Encoding chunked Cache-Control public, max-age=31536000, immutable Connection keep-alive Accept-Ranges bytes Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D
GET H/1.1	200 OK	index-c38008d9cfdd3bb5.js Show response georniafago-b3cd5e047bf0.herokuapp.com/_next/static/chunks/pages/	1 KB 1 KB	31ms 31ms	Script application/javascript	34.241.115.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://georniafago-b3cd5e047bf0.herokuapp.com/_next/static/chunks/pages/index-c38008d9cfdd3bb5.js Requested by Host: georniafago-b3cd5e047bf0.herokuapp.com URL: https://georniafago-b3cd5e047bf0.herokuapp.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.115.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-115-67.eu-west-1.compute.amazonaws.com Software Cowboy / Resource Hash `29177560480e5c4dad394889c96f5a562d5434868a10d1dd14328c68a6ebc57d` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://georniafago-b3cd5e047bf0.herokuapp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 07 Jun 2024 03:05:17 GMT Content-Encoding gzip Via 1.1 vegur Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Sat, 01 Jun 2024 16:04:30 GMT Etag W/"468-18fd48b9ab0" Vary Accept-Encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D"}]} Content-Type application/javascript; charset=UTF-8 Transfer-Encoding chunked Cache-Control public, max-age=31536000, immutable Connection keep-alive Accept-Ranges bytes Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D
GET H/1.1	200 OK	_buildManifest.js Show response georniafago-b3cd5e047bf0.herokuapp.com/_next/static/pFMje_tVjkk93ewsxUH5Y/	610 B 1 KB	35ms 34ms	Script application/javascript	34.241.115.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://georniafago-b3cd5e047bf0.herokuapp.com/_next/static/pFMje_tVjkk93ewsxUH5Y/_buildManifest.js Requested by Host: georniafago-b3cd5e047bf0.herokuapp.com URL: https://georniafago-b3cd5e047bf0.herokuapp.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.115.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-115-67.eu-west-1.compute.amazonaws.com Software Cowboy / Resource Hash `f8d282d0d2e37f8f2f532d788078c093535454e016dfda68601b8399b8e14648` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://georniafago-b3cd5e047bf0.herokuapp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 07 Jun 2024 03:05:17 GMT Via 1.1 vegur Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Sat, 01 Jun 2024 16:04:30 GMT Etag W/"262-18fd48b9ab0" Vary Accept-Encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D"}]} Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Connection keep-alive Accept-Ranges bytes Content-Length 610 Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D
GET H/1.1	200 OK	_ssgManifest.js Show response georniafago-b3cd5e047bf0.herokuapp.com/_next/static/pFMje_tVjkk93ewsxUH5Y/	77 B 932 B	33ms 33ms	Script application/javascript	34.241.115.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://georniafago-b3cd5e047bf0.herokuapp.com/_next/static/pFMje_tVjkk93ewsxUH5Y/_ssgManifest.js Requested by Host: georniafago-b3cd5e047bf0.herokuapp.com URL: https://georniafago-b3cd5e047bf0.herokuapp.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.115.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-115-67.eu-west-1.compute.amazonaws.com Software Cowboy / Resource Hash `6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://georniafago-b3cd5e047bf0.herokuapp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 07 Jun 2024 03:05:17 GMT Via 1.1 vegur Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Sat, 01 Jun 2024 16:04:30 GMT Etag W/"4d-18fd48b9ab0" Vary Accept-Encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D"}]} Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Connection keep-alive Accept-Ranges bytes Content-Length 77 Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `2036ae9204313acba59f3ac9d63a77d9a2c8b82250a461e9f2da1df44468dc34` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `462d7624b61287ce54154575cbcfdab986e52537b1e0e0579b52d4a853c33127` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `aed4ef12654b36643aaf2676aba1a593eabe215beddfa1cfe7a52488239b9fcd` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	79 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `86c0eb05841c5de43332b841db64ffa01766b61858989630cbf90cf3537e18d1` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `c73996440cac560d59be451d163a7b135c574cfa16661568c4363965945063c6` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `493657a2b64b38d24ddfbbc554ad135ff196de4819a6f1c5a834bb3365996568` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `32ba02cc5dcfeff462908b9a3cbe6c029fc6705e1f4a4d9dd3811fc1d2f353ad` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET		/ api.ipify.org/	0 0

GET H/1.1	200 OK	hamb.41e07cda.svg georniafago-b3cd5e047bf0.herokuapp.com/_next/static/media/	546 B 1 KB	35ms 35ms	Image image/svg+xml	34.241.115.67 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://georniafago-b3cd5e047bf0.herokuapp.com/_next/static/media/hamb.41e07cda.svg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.115.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-115-67.eu-west-1.compute.amazonaws.com Software Cowboy / Resource Hash `b95f434286744e3dbaf5bc56f41d4ce2640da3038461502f7ac243a5931e9435` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://georniafago-b3cd5e047bf0.herokuapp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 07 Jun 2024 03:05:17 GMT Via 1.1 vegur Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Sat, 01 Jun 2024 16:04:30 GMT Etag W/"222-18fd48b9ab0" Vary Accept-Encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D"}]} Content-Type image/svg+xml Cache-Control public, max-age=31536000, immutable Connection keep-alive Accept-Ranges bytes Content-Length 546 Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D
GET H/1.1	200 OK	logo.251215bc.svg georniafago-b3cd5e047bf0.herokuapp.com/_next/static/media/	2 KB 2 KB	34ms 34ms	Image image/svg+xml	34.241.115.67 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://georniafago-b3cd5e047bf0.herokuapp.com/_next/static/media/logo.251215bc.svg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.115.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-115-67.eu-west-1.compute.amazonaws.com Software Cowboy / Resource Hash `ae1ceb3bd082dcfc0b4987dd3d51d90bd3e4f0e52722fdfea2b4a0091379d5ba` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://georniafago-b3cd5e047bf0.herokuapp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 07 Jun 2024 03:05:17 GMT Content-Encoding gzip Via 1.1 vegur Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Sat, 01 Jun 2024 16:04:30 GMT Etag W/"7dd-18fd48b9ab0" Vary Accept-Encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D"}]} Content-Type image/svg+xml Transfer-Encoding chunked Cache-Control public, max-age=31536000, immutable Connection keep-alive Accept-Ranges bytes Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D
GET H/1.1	200 OK	search.3da24b39.svg georniafago-b3cd5e047bf0.herokuapp.com/_next/static/media/	1 KB 2 KB	31ms 31ms	Image image/svg+xml	34.241.115.67 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://georniafago-b3cd5e047bf0.herokuapp.com/_next/static/media/search.3da24b39.svg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.115.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-115-67.eu-west-1.compute.amazonaws.com Software Cowboy / Resource Hash `e394ed970fb62a3c368a806f89193eb7fb4e82119f91413e4974af555199fe06` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://georniafago-b3cd5e047bf0.herokuapp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 07 Jun 2024 03:05:17 GMT Content-Encoding gzip Via 1.1 vegur Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Sat, 01 Jun 2024 16:04:30 GMT Etag W/"59f-18fd48b9ab0" Vary Accept-Encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D"}]} Content-Type image/svg+xml Transfer-Encoding chunked Cache-Control public, max-age=31536000, immutable Connection keep-alive Accept-Ranges bytes Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D
GET H/1.1	200 OK	favicon.ico georniafago-b3cd5e047bf0.herokuapp.com/	31 KB 6 KB	33ms 33ms	Other image/x-icon	34.241.115.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://georniafago-b3cd5e047bf0.herokuapp.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.115.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-115-67.eu-west-1.compute.amazonaws.com Software Cowboy / Resource Hash `67fbe8ef9020e5c776aadf6801a1fef8dc563e2e4dc9ddc740af8010c0c38943` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://georniafago-b3cd5e047bf0.herokuapp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 07 Jun 2024 03:05:17 GMT Content-Encoding gzip Via 1.1 vegur Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Tue, 30 Apr 2024 10:00:54 GMT Etag W/"7d26-18f2e7337f0" Vary Accept-Encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D"}]} Content-Type image/x-icon Transfer-Encoding chunked Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1717729517&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=4POYDpVmFqWiSUvCnaMdmEy0A2JfeQCNPPqixqxmQhU%3D

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.ipify.org
URL: http://api.ipify.org/?format=json

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: USPS (Transportation)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cite.me/	1970-01-20 21:18:54	Name: AWSALBCORS Value: UrevdXD6CVWOUmOzspSNo4rBPkv56hky0oZRpx+F+z6cDCJBx46GtM4uQbpTuxgl0t5Sv5VI73HnOVD3UFXLc/8skgfgpFvekxOAyPp11XKpOknpGloSikSxYQH+
cite.me/	1970-01-20 21:18:54	Name: AWSALB Value: AZiyIXeZpjS0u86v/cm6Kto1r/q07QbCEYQwKrzCWnf5A4bpZfu5VyP+q4n2sGMrz+Brz0uLqAMq8uUkhtYqS1QvModZJQXv+2Yb1FBRT51X6xgzzun/DSBqjNuK
www.cite.me/	1970-01-20 21:18:54	Name: AWSALB Value: 1CBrQu5Ijb6wJEcidKXIJ678wZwQ/kMRiVHjUzrMMGqhp4s4VxDpf/5goJ5MWZRuTMbw/Nna90fGxaQJdvlNgER9NitscQKVN4EK+Rw778gzVLcbsZzNCsMMgp6k
www.cite.me/	1970-01-20 21:18:54	Name: AWSALBCORS Value: 1CBrQu5Ijb6wJEcidKXIJ678wZwQ/kMRiVHjUzrMMGqhp4s4VxDpf/5goJ5MWZRuTMbw/Nna90fGxaQJdvlNgER9NitscQKVN4EK+Rw778gzVLcbsZzNCsMMgp6k
www.cite.me/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2maen4lt564fgh9gdob18v28h1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://georniafago-b3cd5e047bf0.herokuapp.com/_next/static/chunks/763-45fef2a85f24e21f.js Message: Mixed Content: The page at 'https://georniafago-b3cd5e047bf0.herokuapp.com/' was loaded over HTTPS, but requested an insecure resource 'http://api.ipify.org/?format=json'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
cite.me
georniafago-b3cd5e047bf0.herokuapp.com
www.cite.me
api.ipify.org
34.241.115.67
44.196.101.0
0353400617c18b37b173074a3faca1c61a8b14e7162d29cf44d2d01154178ae0
0b838b231ac19788188e3e3d935d35f6d0236e822d15baa0acd183d4938a9290
1c07bdc6f339f4852b2634785c1de979ef305ecaa6cac8b66e8ee66e143ce4e1
2036ae9204313acba59f3ac9d63a77d9a2c8b82250a461e9f2da1df44468dc34
29177560480e5c4dad394889c96f5a562d5434868a10d1dd14328c68a6ebc57d
2bcba144d12f459483190810a92b4868e7b856a2e899c43c05b8db7e193ec654
32ba02cc5dcfeff462908b9a3cbe6c029fc6705e1f4a4d9dd3811fc1d2f353ad
462d7624b61287ce54154575cbcfdab986e52537b1e0e0579b52d4a853c33127
493657a2b64b38d24ddfbbc554ad135ff196de4819a6f1c5a834bb3365996568
628fd29fee33a0868dbb24d56fed55b31dacd5564f877036080764d686d2905c
67fbe8ef9020e5c776aadf6801a1fef8dc563e2e4dc9ddc740af8010c0c38943
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
86c0eb05841c5de43332b841db64ffa01766b61858989630cbf90cf3537e18d1
8f0b049d3e27c476da50150f7f62008ac1a0d60b26c1e43f63c76cbc50628931
9830f1f902a255975f9f3e90c20769c9d5b229cc1a46efe1a1c042395317ae17
ae1ceb3bd082dcfc0b4987dd3d51d90bd3e4f0e52722fdfea2b4a0091379d5ba
aed4ef12654b36643aaf2676aba1a593eabe215beddfa1cfe7a52488239b9fcd
b95f434286744e3dbaf5bc56f41d4ce2640da3038461502f7ac243a5931e9435
c57707dc4e32b940c92d8dcebab9d91d06a500e59771e02b1de314b6b88b7f39
c73996440cac560d59be451d163a7b135c574cfa16661568c4363965945063c6
d6c1086d841cbffc43f561a305c338fd92bc534712b579590a2903ea605c844a
e394ed970fb62a3c368a806f89193eb7fb4e82119f91413e4974af555199fe06
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f85bb86b248511000a4c9277d370126ec2a737543ee9196d9c9d0e9bcba706da
f86d1dba790dc40eadb3d17edcd420e29aa9adf59b4f80cebe6719e4b67a9109
f8d282d0d2e37f8f2f532d788078c093535454e016dfda68601b8399b8e14648

georniafago-b3cd5e047bf0.herokuapp.com Open in urlscan Pro 34.241.115.67 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

95 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

2 IPs

2 Countries

120 kBTransfer

352 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

georniafago-b3cd5e047bf0.herokuapp.com Open in urlscan Pro
34.241.115.67 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

95 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

2
Countries

120 kB
Transfer

352 kB
Size

5
Cookies

19 HTTP transactions
8 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!