urlscan.io logo urlscan.io
SecurityTrails logo

spanglish-academy.com Open in urlscan Pro
185.104.45.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://url1.io/s/Q9xL1
Effective URL: https://spanglish-academy.com/wp-content/mygovau.html
Submission: On January 07 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 10 HTTP transactions. The main IP is 185.104.45.11, located in Ukraine and belongs to UKRAINE-AS, UA. The main domain is spanglish-academy.com.
TLS certificate: Issued by R3 on December 25th 2023. Valid for: 3 months.
This is the only time spanglish-academy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.26.9.243 13335 (CLOUDFLAR...)
1 185.104.45.11 200000 (UKRAINE-AS)
2 5 172.67.135.105 13335 (CLOUDFLAR...)
2 142.250.67.10 15169 (GOOGLE)
3 104.17.25.14 13335 (CLOUDFLAR...)
10 5
1    104.26.9.243 (None, )

ASN13335 (CLOUDFLARENET, US)
url1.io
1    185.104.45.11 (Ukraine)

ASN200000 (UKRAINE-AS, UA)
PTR: web377.default-host.net
spanglish-academy.com
5    172.67.135.105 (United States)

ASN13335 (CLOUDFLARENET, US)
todaybagg.com
2    142.250.67.10 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f10.1e100.net
fonts.googleapis.com
3    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
Apex Domain
Subdomains		 Transfer
5 todaybagg.com
todaybagg.com
11 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 395
104 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
2 KB
1 spanglish-academy.com
spanglish-academy.com
89 KB
1 url1.io
url1.io
544 B
0 rootxone.me Failed
rootxone.me Failed
10 6
Domain Requested by
5 todaybagg.com 2 redirects spanglish-academy.com
todaybagg.com
3 cdnjs.cloudflare.com todaybagg.com
cdnjs.cloudflare.com
2 fonts.googleapis.com todaybagg.com
1 spanglish-academy.com
1 url1.io 1 redirects
0 rootxone.me Failed todaybagg.com
10 6

This site contains links to these domains. Also see Links.

Domain
www.sa.gov.au
creativecommons.org
southaustralia.com
Subject Issuer Validity Valid
www.spanglish-academy.com
R3		 2023-12-25 -
2024-03-24		 3 months crt.sh
todaybagg.com
E1		 2023-12-04 -
2024-03-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://spanglish-academy.com/wp-content/mygovau.html
Frame ID: FBD5C7261E4C3887EC82B19728B5A485
Requests: 11 HTTP requests in this frame

Frame: https://todaybagg.com/e1ddc/1/2aa9e/
Frame ID: 5200944E9F8546F7C86B4CCCC44A0B96
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SA.GOV.AU - About us

Page URL History Show full URLs

  1. https://url1.io/s/Q9xL1 HTTP 301
    https://spanglish-academy.com/wp-content/mygovau.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->

Page Statistics

10
Requests

90 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

218 kB
Transfer

517 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://url1.io/s/Q9xL1 HTTP 301
    https://spanglish-academy.com/wp-content/mygovau.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://todaybagg.com/e1ddc/index.php HTTP 302
  • https://todaybagg.com/e1ddc/1/index.php HTTP 302
  • https://todaybagg.com/e1ddc/1/2aa9e/

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mygovau.html
spanglish-academy.com/wp-content/
Redirect Chain
  • https://url1.io/s/Q9xL1
  • https://spanglish-academy.com/wp-content/mygovau.html
258 KB
89 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spanglish-academy.com/wp-content/mygovau.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.104.45.11 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web377.default-host.net
Software
nginx /
Resource Hash
f5d02cc2414c1836df7fd0f59f8458dd862c819d69d44fb9c873ceaaa2ed1a0d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
br
content-type
text/html
date
Sun, 07 Jan 2024 23:03:01 GMT
etag
W/"658fb1d2-40947"
last-modified
Sat, 30 Dec 2023 05:59:46 GMT
server
nginx
x-ray
p953:0.000/wn5687:0.000/

Redirect headers

age
1763
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
841fd4d56c555c0f-SYD
content-type
text/html; charset=UTF-8
date
Sun, 07 Jan 2024 23:02:58 GMT
location
https://spanglish-academy.com/wp-content/mygovau.html
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1iCRoVRfk%2F544Uv201EfvoXq3lS0uwP2HQIELwBszqVEkZgNw6VAUfM3z9NQvzEHzE9Jq8gRDw9dEbiFIn9Dm%2BYOKwH7ngVTp5U6ESXWnDvQnrEck%2BtnU08%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-turbo-charged-by
LiteSpeed
/
todaybagg.com/e1ddc/1/2aa9e/ Frame 5200
Redirect Chain
  • https://todaybagg.com/e1ddc/index.php
  • https://todaybagg.com/e1ddc/1/index.php
  • https://todaybagg.com/e1ddc/1/2aa9e/
17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://todaybagg.com/e1ddc/1/2aa9e/
Requested by
Host: spanglish-academy.com
URL: https://spanglish-academy.com/wp-content/mygovau.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.135.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
088fda846a5e5e5599de05b9a27655cadab74e33a7e732bcd7aef0b634bab95d

Request headers

Referer
https://spanglish-academy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
841fd4fcf916aad5-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 07 Jan 2024 23:03:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7KHxxZ%2FgqPad%2BqNp%2BfaUdYGqYB0K3IzDam6SudP51CbUiJAT2ew4KrFcmyFRAzw1FrCLudBAqMcVrzBVapkxr904Gcb9v0fPZgeZNMYHVP%2Fr7KWfZOS9Y1re7xNR1xii"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
841fd4f80cafaad5-SYD
content-type
text/html; charset=UTF-8
date
Sun, 07 Jan 2024 23:03:04 GMT
location
https://todaybagg.com/e1ddc/1/2aa9e/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBpepF%2Bf4%2FgSQk%2Fv2uvOzGD3IFfzT%2BLCPsAU5wsbFVduiYNlzUqeJjxzbaKtwzTNUl3jAI3kXD8dwK%2FRhMJpfKZs3rQg3dyYgXc3lfYT0Uw4SEjdUITfFCcY%2FoEMkuQq"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
968d967e2c2877ac277e97709aa532dfffa515e117d4419ccb5034cba9ff584c

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		697 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7709e78b7f58671495760a9d523d2a8805c1921c066906936ec1f6bc71dd2297

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		330 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be488e185fc72c6e27ad4917e69a03af7951cfd17624b4f5b324109152b8bbd3

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8b007b99197a46acd3febffe60f38056030e4a531949e0328494fd8180ad467

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0

Request headers

Referer
Origin
https://spanglish-academy.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
021ef9589824e17f835429f49bf1c8609737dbddc6dd46de7293bc2c58fcefe9

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		607 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09256ef25836349ebc57caa08878fcd7d9e2a3de61af66f87064e39e7b19a22c

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd911f29727031071f1029b674521ac8dfe244cd31e1825d2da19ab61dc758ac

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b23da2e1658c9a9282ffdcea3517a73a22fa9f5a815959748511851181778845

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58a78f39a773c0d4125c89cd4888a3e017079c81f9fb18b8cbb0779983da32dd

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
css
fonts.googleapis.com/ Frame 5200 		2 KB
847 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,100,300
Requested by
Host: todaybagg.com
URL: https://todaybagg.com/e1ddc/1/2aa9e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.10 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f10.1e100.net
Software
ESF /
Resource Hash
c2d845ac2c75798a817fd86c2f3be63e5fc503748dfae940dec92b60d2a9f18a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://todaybagg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 Jan 2024 23:03:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 Jan 2024 23:03:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Jan 2024 23:03:05 GMT
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame 5200 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Requested by
Host: todaybagg.com
URL: https://todaybagg.com/e1ddc/1/2aa9e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://todaybagg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 23:03:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3311333
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5884
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-9226"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VA3TcCpWrllcGzxQ5foO4mSFm4qmQgDL2y9u3iuNmafGYzE4oYeC6x4OZ4kmwarXEJ5KQjtGd9nf7vg7%2BRFpSJUlhjLZrFY%2FMY7pV8t0ID67lpTd5AP4chWVmgvJURCESYDFgwkS"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
841fd503297aa81a-SYD
expires
Fri, 27 Dec 2024 23:03:05 GMT
zocial.css
cdnjs.cloudflare.com/ajax/libs/css-social-buttons/1.2.0/css/ Frame 5200 		44 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/css-social-buttons/1.2.0/css/zocial.css
Requested by
Host: todaybagg.com
URL: https://todaybagg.com/e1ddc/1/2aa9e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf8d41c2e2250b2f0b431531871178d57cd9af1f42bbe121c90b51fd66a1dff2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://todaybagg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 23:03:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
67610
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
21543
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-ae99"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uO57z6Zo1IFQLO%2B0hX6u%2Bohg6rZQgvXQx5U7O8mCfbfWmGu21rvnBh5CN%2FsaxZqDhpfczHdsfK%2BPRU%2FvxJ1WiKs%2F6JdGxhRWamByQXijfOnj5OgtjpIf9zaoerYRWUnSqoBDAcra"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
841fd5032981a81a-SYD
expires
Fri, 27 Dec 2024 23:03:05 GMT
style.css
todaybagg.com/e1ddc/sourcexone/xonecss/ Frame 5200 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://todaybagg.com/e1ddc/sourcexone/xonecss/style.css
Requested by
Host: todaybagg.com
URL: https://todaybagg.com/e1ddc/1/2aa9e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.135.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a34fb4112dac269525802264dfe989c4bfce795635799fcc2f8726c0e2fb496f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://todaybagg.com/e1ddc/1/2aa9e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 23:03:05 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 17 Nov 2023 03:31:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4771-60a50c3f0b29c-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0TeMz5f5g4EDvnf%2F3MrBThSmW7E8624LPdeK%2BnDccgoF2wGgNllZ9OLcAykeT%2BLWNsEfYLd%2BU%2FjKS8jLnvw9aVVhFFwHLYfBqoBHfK%2BeMzdaqSv6wz68hGloFjuzUel"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
841fd5013e3daad5-SYD
alt-svc
h3=":443"; ma=86400
content-length
4184
wz3xIB32v8DPajHZ
rootxone.me/pixel/ Frame 5200 		0
0
stepbar.css
todaybagg.com/e1ddc/sourcexone/xonecss/ Frame 5200 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://todaybagg.com/e1ddc/sourcexone/xonecss/stepbar.css
Requested by
Host: todaybagg.com
URL: https://todaybagg.com/e1ddc/1/2aa9e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.135.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1a0917eca00cbcf2fd9f9c97031af5035645e18718f8e6ba239bf69314bc081

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://todaybagg.com/e1ddc/1/2aa9e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 23:03:05 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 17 Nov 2023 03:31:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"db8-60a50c3f0b29c-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QgBux2imQEPdC2aYYBiv6QjfP2PtRs8wjKbM5r%2FoV0PIijMewWj8OgY%2Bfmy6RMQ3BB4y5vUPrTHfyq55t69DJ5hQ%2FaaYj0oadCbjj6n2w5IhNT0QGqYaQB0bN295QDB3"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
841fd5013e3faad5-SYD
alt-svc
h3=":443"; ma=86400
content-length
994
css
fonts.googleapis.com/ Frame 5200 		17 KB
1017 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Code+Pro:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap
Requested by
Host: todaybagg.com
URL: https://todaybagg.com/e1ddc/sourcexone/xonecss/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.10 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f10.1e100.net
Software
ESF /
Resource Hash
b8172166dbe776ffa12da60505a6324a609efce59a5eff460b7b9d579e2db30b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://todaybagg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 Jan 2024 23:03:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 Jan 2024 23:03:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Jan 2024 23:03:05 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ Frame 5200 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Origin
https://todaybagg.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 23:03:06 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1564496
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmBXDfK4IybG5nL1BWXohiPJRGfH6Nkg1FimzxLooi1cYV%2F2UwW5rv7BCT0CiXZIVONti1hnnrNJDyrv1fQsWBM2OJ2D3IgNxHdnAYyjyP5VP1kOOH5CqjIQQz7QSbq1hIO%2FOC9o"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
841fd507ec3eaafb-SYD
expires
Fri, 27 Dec 2024 23:03:06 GMT
truncated
/ Frame 5200 		9 B
9 B 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9

Request headers

Referer
Origin
https://todaybagg.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rootxone.me
URL
https://rootxone.me/pixel/wz3xIB32v8DPajHZ

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| savepage_ShadowLoader

0 Cookies

6 Console Messages

Source Level URL
Text
other warning URL: https://todaybagg.com/e1ddc/1/2aa9e/
Message:
Failed to decode downloaded font: data:text/plain;base64,bm90IGZvdW5k
other warning URL: https://todaybagg.com/e1ddc/1/2aa9e/
Message:
OTS parsing error: invalid sfntVersion: 1852797984
other warning URL: https://todaybagg.com/e1ddc/1/2aa9e/
Message:
Failed to decode downloaded font: data:text/plain;base64,bm90IGZvdW5k
other warning URL: https://todaybagg.com/e1ddc/1/2aa9e/
Message:
OTS parsing error: invalid sfntVersion: 1852797984
other warning URL: https://todaybagg.com/e1ddc/1/2aa9e/
Message:
Failed to decode downloaded font: data:text/plain;base64,bm90IGZvdW5k
other warning URL: https://todaybagg.com/e1ddc/1/2aa9e/
Message:
OTS parsing error: invalid sfntVersion: 1852797984

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
rootxone.me
spanglish-academy.com
todaybagg.com
url1.io
rootxone.me
104.17.25.14
104.26.9.243
142.250.67.10
172.67.135.105
185.104.45.11
021ef9589824e17f835429f49bf1c8609737dbddc6dd46de7293bc2c58fcefe9
088fda846a5e5e5599de05b9a27655cadab74e33a7e732bcd7aef0b634bab95d
09256ef25836349ebc57caa08878fcd7d9e2a3de61af66f87064e39e7b19a22c
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
58a78f39a773c0d4125c89cd4888a3e017079c81f9fb18b8cbb0779983da32dd
7709e78b7f58671495760a9d523d2a8805c1921c066906936ec1f6bc71dd2297
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
968d967e2c2877ac277e97709aa532dfffa515e117d4419ccb5034cba9ff584c
a1a0917eca00cbcf2fd9f9c97031af5035645e18718f8e6ba239bf69314bc081
a34fb4112dac269525802264dfe989c4bfce795635799fcc2f8726c0e2fb496f
b23da2e1658c9a9282ffdcea3517a73a22fa9f5a815959748511851181778845
b8172166dbe776ffa12da60505a6324a609efce59a5eff460b7b9d579e2db30b
be488e185fc72c6e27ad4917e69a03af7951cfd17624b4f5b324109152b8bbd3
bf8d41c2e2250b2f0b431531871178d57cd9af1f42bbe121c90b51fd66a1dff2
c2d845ac2c75798a817fd86c2f3be63e5fc503748dfae940dec92b60d2a9f18a
c8b007b99197a46acd3febffe60f38056030e4a531949e0328494fd8180ad467
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
f5d02cc2414c1836df7fd0f59f8458dd862c819d69d44fb9c873ceaaa2ed1a0d
fd911f29727031071f1029b674521ac8dfe244cd31e1825d2da19ab61dc758ac