Report - dndprinting.com/new/public/ckfinder/userfiles/files/fray-roblox-hack

Report Overview

Submitted URL
dndprinting.com/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
IP
95.111.200.191
ASN
#202053 UpCloud Ltd
Submitted
2022-11-28 18:35:21
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
42

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.1 kB	93.184.220.29
www.dndprinting.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	35 kB	3.8 MB	95.111.200.191
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	44 kB	142.250.74.168
static.xx.fbcdn.net	661	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	459 B	5.7 kB	31.13.72.12
dndprinting.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	928 B	1.3 kB	95.111.200.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
oss.maxcdn.com	40605	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	768 B	4.9 kB	23.111.8.154
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	21 kB	142.250.74.174
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	632 B	3.7 kB	31.13.72.36
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	1.9 kB	172.64.155.188
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	54 kB	34.120.237.76
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	746 B	142.250.74.10
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.191.251.76
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.0 kB	142.250.74.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-28	medium	dndprinting.com/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf	Phishing
2022-11-28	medium	dndprinting.com/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf	Phishing
2022-11-28	medium	www.dndprinting.com//public/js/jquery.bxslider.js	Phishing
2022-11-28	medium	www.dndprinting.com//public/js/jquery.smartmenus.min.js	Phishing
2022-11-28	medium	www.dndprinting.com//public/js/bootstrap.js	Phishing
2022-11-28	medium	www.dndprinting.com//public/transcend/js/modernizr.js	Phishing
2022-11-28	medium	www.dndprinting.com//public/js/jquery-3.2.1.min.js	Phishing
2022-11-28	medium	www.dndprinting.com//public/transcend/js/pace.min.js	Phishing
2022-11-28	medium	www.dndprinting.com//public/js/owl.carousel.min.js	Phishing
2022-11-28	medium	www.dndprinting.com//public/transcend/js/main.js	Phishing
2022-11-28	medium	www.dndprinting.com//public/transcend/js/plugins.js	Phishing
2022-11-28	medium	www.dndprinting.com/public/css/fonts/Poppins-Regular.ttf	Phishing
2022-11-28	medium	www.dndprinting.com//public/transcend/fonts/metropolis/metropolis-semibold-webfont.woff2	Phishing
2022-11-28	medium	www.dndprinting.com//public/transcend/css/micons/fonts/icomoon.ttf?jo2z5t	Phishing
2022-11-28	medium	www.dndprinting.com//public/transcend/css/font-awesome/webfonts/fa-brands-400.woff2	Phishing
2022-11-28	medium	www.dndprinting.com//public/transcend/fonts/metropolis/metropolis-regular-webfont.woff2	Phishing
2022-11-28	medium	www.dndprinting.com//public/transcend/fonts/metropolis/metropolis-light-webfont.woff2	Phishing
2022-11-28	medium	www.dndprinting.com//public/fonts/glyphicons-halflings-regular.woff2	Phishing
2022-11-28	medium	www.dndprinting.com/public/css/fonts/Poppins-Bold.ttf	Phishing
2022-11-28	medium	www.dndprinting.com//public/transcend/images/icons/icon-arrow-down.svg	Phishing
2022-11-28	medium	www.dndprinting.com/undefined	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (25)

	URL	Size	First Seen	Last Seen
	www.dndprinting.com//public/transcend/js/modernizr.js	8.4 kB	2023-03-07	2024-03-30
Pretty URL www.dndprinting.com//public/transcend/js/modernizr.js IP 95.111.200.191 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:50 Last Seen2024-03-30 16:14:14 Times Seen31 Hash c6537b1adb7e309ed5da6b405191d3e9 a3d81ff7a2a28acef6b7e78ed62a809e5f586371 461a476f9db3123182ff2e0556a05c0bd7cd28b0d38976d94593df7e4275120a Loading...

	www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf	155 B	2023-03-07	2023-03-12
Pretty URL www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf IP 95.111.200.191 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:50 Last Seen2023-03-12 08:55:50 Times Seen1 Hash 85f717fa75288ce3a0b2e8500a7aa5b7 85e9bb51890a2ea9cdfd08e18c4873d8e3b596fc 470aebf6723b75722d0a16a0e55845dc61dc17fa65e048d1eed2922561a480ef Loading...

	www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/DND-Sablon-Printing-583072968413593/&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false	217 B	2023-03-11	2023-03-11
Pretty URL www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/DND-Sablon-Printing-583072968413593/&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:01:01 Last Seen2023-03-11 22:01:01 Times Seen1 Hash 22eb0e7a73b35f109125d209c4b317a4 2118419ce19f3fa9d0897da81862058515b95ac0 e1bf479ef666be2f083bfd01298bae670fc5d77b12c6e36b6e458f62697d5168 Loading...

	www.googletagmanager.com/gtag/js?id=UA-156275244-4	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-156275244-4 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:01:01 Last Seen2023-03-11 22:01:01 Times Seen1 Hash 39d41ef1c534b017596a80f41ec1382e 78174c7c728b1399dde5d43aaed835eab0b13cd6 6756bc80a4a7954079b2fc950a268fa648dc16bcd79fd675404b8216aed27fb2 Loading...

	www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/DND-Sablon-Printing-583072968413593/&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false	373 B	2023-03-11	2023-03-11
Pretty URL www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/DND-Sablon-Printing-583072968413593/&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:01:01 Last Seen2023-03-11 22:01:01 Times Seen1 Hash 70eae71b7a20184433da2dfadcec02d6 8d9a33b7394e0389539e20fa301ffcf012f0dc80 57ae708a2bc732b247379f35706c8da7b9853dd0a9ea461f702f41e75aab8ad4 Loading...

	www.dndprinting.com//public/js/jquery.bxslider.js	49 kB	2023-03-07	2024-01-15
Pretty URL www.dndprinting.com//public/js/jquery.bxslider.js IP 95.111.200.191 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:09 Last Seen2024-01-15 23:10:01 Times Seen88 Hash 3f6612a05317aaf468eda198256a2b09 7e244415354d5ce9f542056afcdb12267a97fbeb c88508e00768812f51e004349364887351c0139b44b126479e06c08bcd5af4fc Loading...

	www.dndprinting.com//public/js/bootstrap.js	70 kB	2023-03-07	2024-04-24
Pretty URL www.dndprinting.com//public/js/bootstrap.js IP 95.111.200.191 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:09 Last Seen2024-04-24 19:39:32 Times Seen1110 Hash fb81549ee2896513a1ed5714b1b1a0f0 3b965a36a6b08854ad6eddedf85c5319fd392b4a 0abe8deb334de1ba743b04d0399e99eba336afed9da72fc4c0a302c99f9238c8 Loading...

	www.dndprinting.com//public/js/jquery-3.2.1.min.js	87 kB	2023-03-07	2024-04-25
Pretty URL www.dndprinting.com//public/js/jquery-3.2.1.min.js IP 95.111.200.191 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-25 00:15:21 Times Seen62135 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	www.dndprinting.com//public/transcend/js/pace.min.js	12 kB	2023-03-07	2024-04-12
Pretty URL www.dndprinting.com//public/transcend/js/pace.min.js IP 95.111.200.191 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:25 Last Seen2024-04-12 16:14:56 Times Seen494 Hash 874d8be9cd6d6b72f1d63a5435edf2c3 1d6f79b5757de7cc40dcfded7cfdb067a90810d3 579a10a2485055e988338be054f866cbe713c8510442130cbda0ce11ced6c49f Loading...

	oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js	2.6 kB	2023-03-07	2024-04-07
Pretty URL oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js IP 23.111.8.154 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:49 Last Seen2024-04-07 01:47:32 Times Seen125 Hash 3044234175ac91f49b03ff999c592b85 bb51a5f6c394989bb06e4171179354c6d05ec8f8 e0eac80838c161f29e7c46d54fbc044d12cd164baae13255e562c6be3aa91809 Loading...

	oss.maxcdn.com/respond/1.4.2/respond.min.js	4.4 kB	2023-03-07	2024-04-07
Pretty URL oss.maxcdn.com/respond/1.4.2/respond.min.js IP 23.111.8.154 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:49 Last Seen2024-04-07 00:26:26 Times Seen385 Hash afc1984a3d17110449dc90cf22de0c27 b5aba40d65b0d6f85859db47f757ea971a0efd30 83a8807ef669fa70d0d9375347f5552897f76c6ae8e2e6f97ef592595462d8d1 Loading...

	www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/DND-Sablon-Printing-583072968413593/&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false	13 kB	2023-03-11	2023-03-11
Pretty URL www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/DND-Sablon-Printing-583072968413593/&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:01:01 Last Seen2023-03-11 22:01:01 Times Seen1 Hash e1ff64be5d62ef11dafffc06d9c96d86 463ccffb34b78d8a6dc80e70af4ca5bf4aaf9df4 3849740564307cf39c75e907bc44e21b21b529f1d55660b0df4bb5d9518c9802 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-24
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-24 18:41:20 Times Seen1526 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/DND-Sablon-Printing-583072968413593/&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false	10 B	2023-03-07	2024-04-24
Pretty URL www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/DND-Sablon-Printing-583072968413593/&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:18 Last Seen2024-04-24 20:57:48 Times Seen14097 Hash 91b3d54bc665b27a303ea5103da4f0b5 1ea644a3b2b1e427686c79e379e4074d576e732a 8c946addeada771d3dc6866cc23be2d1ef3f84b0ae6a98989cbf25b1a9249a61 Loading...

	www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/DND-Sablon-Printing-583072968413593/&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false	252 B	2023-03-07	2024-03-07
Pretty URL www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/DND-Sablon-Printing-583072968413593/&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-03-07 18:38:30 Times Seen2234 Hash dfc334cd5201ae3c020f43848b1646c4 b951863e53fd874757a2d5a21c8739a4d3640947 6e28b909a82bf42f6a2b51d7bbdc3ecafc47cd43cd52d1a3b584250c2ae579fe Loading...

	www.dndprinting.com//public/js/jquery.smartmenus.min.js	24 kB	2023-03-07	2024-03-12
Pretty URL www.dndprinting.com//public/js/jquery.smartmenus.min.js IP 95.111.200.191 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:08 Last Seen2024-03-12 15:28:02 Times Seen406 Hash f37878df1d94bbea0dfb7e85612888ec 19df702835ff55ce5a9b76b9974f8597cc528c6a 2fe668f50e1b19f758d3a06ac0c60b0e869c6b31fa1ab43190b6af3dd4f46b8e Loading...

	www.dndprinting.com//public/js/owl.carousel.min.js	43 kB	2023-03-07	2024-04-24
Pretty URL www.dndprinting.com//public/js/owl.carousel.min.js IP 95.111.200.191 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-24 08:26:25 Times Seen8117 Hash b7b9c97cd68ec336d01a79d5be48c58d 1a99890b57c9859a622337ed0b2f989d6e30cc0e b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43 Loading...

	www.dndprinting.com//public/transcend/js/main.js	11 kB	2023-03-07	2024-02-04
Pretty URL www.dndprinting.com//public/transcend/js/main.js IP 95.111.200.191 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:50 Last Seen2024-02-04 06:25:18 Times Seen5 Hash 5dc80d88b388a4f90350781095dfcd74 5e8da2b27dfe096ca6cf12fdfd7a311f69fe1301 be1c847f7e171492fa948badf5ff6c69731a4e5ef6bb664ef572e08450d103e0 Loading...

	www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf	371 B	2023-03-07	2023-06-20
Pretty URL www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf IP 95.111.200.191 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:09 Last Seen2023-06-20 20:27:36 Times Seen5 Hash 5000b632ab8e14c232a4a9eb7cfa06a5 29669223bcd2310c4da298fe7987e2d45bd33e86 cac4fb8edf7b74a853d372bc19f465afba32272ba2a3416b9e38608b1e8076ce Loading...

	www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf	41 B	2023-03-07	2024-04-24
Pretty URL www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf IP 95.111.200.191 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:03 Last Seen2024-04-24 16:00:19 Times Seen7144 Hash 2ec370ca0eaf3069dce13df24243d863 64c1919bbb18a6d851d1b7772f830320b8ab5cc1 6a31a3a39783d09cc53dd9e9baeb4a4fa49be602eef90f6bbb9f78af02688064 Loading...

	www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf	439 B	2023-03-07	2023-06-20
Pretty URL www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf IP 95.111.200.191 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:09 Last Seen2023-06-20 20:27:36 Times Seen5 Hash c981c08a729603816cdb54d1ebae3c66 28a83652c9353d333564e50a1d694d1aaf220e96 fc5d2b488ffb7680e755860a011d41eecc99bfb42bc3d131910a5774cc4a089e Loading...

	www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/DND-Sablon-Printing-583072968413593/&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false	341 B	2023-03-07	2023-03-17
Pretty URL www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/DND-Sablon-Printing-583072968413593/&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:04 Last Seen2023-03-17 11:38:02 Times Seen1 Hash bef278459757651eaeef3680b4612da7 490c359490369559f3510d19cd2849e7bacbf7d4 d42e4e7c2986a066af6e2cbca0324b0cf9714fdc342e32127b3c0e5079cf6022 Loading...

	www.dndprinting.com//public/transcend/js/plugins.js	165 kB	2023-03-09	2024-02-04
Pretty URL www.dndprinting.com//public/transcend/js/plugins.js IP 95.111.200.191 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 10:09:29 Last Seen2024-02-04 06:25:18 Times Seen5 Hash ec4879d651edfbe0e3bd2992c85d6a10 aedac28bdca8628ca7f45b62281c9e16a0df3969 1e105b4abe998b3d76e3d9233c4a675e6d0e23f483e0f07c5381beb88c86f98e Loading...

	www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/DND-Sablon-Printing-583072968413593/&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false	137 B	2023-03-07	2024-03-07
Pretty URL www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/DND-Sablon-Printing-583072968413593/&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:12 Last Seen2024-03-07 18:38:30 Times Seen413 Hash 63b4170abc12dfbfa38f47edf480e8b5 1008359d34a8d1e802ec0cee27996156c8baf3ac e75bda2c361ed4d81816c5e6f9b3e380786b9cbe253f62dfecc6f296d851a6ff Loading...

		Size	First Seen	Last Seen
	#1 Write - 3a824154b16ed7dab899bf000b80eeee	4 B	2023-03-07	2024-02-13
Pretty Observations First Seen2023-03-07 01:02:03 Last Seen2024-02-13 04:29:14 Times Seen34 Hash 3a824154b16ed7dab899bf000b80eeee e575dccc71140754dd85beda5965b6a358150309 b1ab1e892617f210425f658cf1d361b5489028c8771b56d845fe1c62c1fbc8b0 Loading...

HTTP Transactions (97)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8238
Expires: Mon, 28 Nov 2022 20:52:27 GMT
Date: Mon, 28 Nov 2022 18:35:09 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6532
Cache-Control: max-age=150304
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 18:35:09 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 12:20:13 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3937
Expires: Mon, 28 Nov 2022 19:40:46 GMT
Date: Mon, 28 Nov 2022 18:35:09 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 18:17:48 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1041
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: DmSnMWqx3GzDkvJvodzjlgxMr+2D/WC2x46QaVquSasoUc/BxP5+N5YnF22T87Vdqi/20Ys1shk=
x-amz-request-id: RNRRYAT40ZZXT2YF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 17:42:09 GMT
age: 3180
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

dndprinting.com/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf

95.111.200.191

301 Moved Permanently

300 B

URL HTTP/1.1
dndprinting.com/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
300 B (300 bytes)
Hash
a3a24f768568b60775621aacf1f54387
b5889c1eaac0d426d363c1a8c2c40641757c0c64
15c2c8afcfe74fa7fd31186cb7afb8e3f65b25da199a706d73ab7b99ca257d94

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf HTTP/1.1
Host: dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 28 Nov 2022 18:35:09 GMT
Server: Apache
Location: https://dndprinting.com/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Content-Length: 300
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 18:35:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 18:11:12 GMT
cache-control: public,max-age=3600
age: 1437
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4399
Cache-Control: max-age=143104
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 18:35:10 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:20:14 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

dndprinting.com/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf

95.111.200.191

301 Moved Permanently

315 B

URL HTTP/1.1
dndprinting.com/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
ef7499142c0aaa701372e1ae6824c657
8ed34fb4dd9ee7e40171720357a71883006c9f43
6785c504436c63254d76e59befe9c4de5c4a7c61cbb585ef99209b45e5266b2b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf HTTP/1.1
Host: dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 301 Moved Permanently
Date: Mon, 28 Nov 2022 18:35:09 GMT
Server: Apache
Location: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

push.services.mozilla.com/

54.191.251.76

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.191.251.76:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Umf/AirkXnCyHK7SlaiIZQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: c1wyVfb/ewdvt8dh5HZJUAVWaE0=

www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf

95.111.200.191

200 OK

7.0 kB

URL HTTP/1.1
www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (647), with CRLF, LF line terminators
Size
7.0 kB (7043 bytes)
Hash
4e2c26d1590350ed6e28ad7a2a6c4e93
79d1d6a20d605b93d5b031bd29c9fcc5c5ec17e6
d100d1424ca9250159af4c2382aae787d6601487a8b36a49d114e6278e0dc762

HTTP Headers

GET /index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:10 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; expires=Mon, 28-Nov-2022 20:35:10 GMT; Max-Age=7200; path=/
ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066; expires=Mon, 28-Nov-2022 20:35:10 GMT; Max-Age=7200; path=/; HttpOnly
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 18:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 18:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 18:35:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 18:35:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-156275244-4

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-156275244-4
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43682 bytes)
Hash
343adf3c51a808ef839366cbb2b9c9d6
4c737765ab0f5128161848bd8c122c650c1f00be
0e3fff7166940a5fdc95164cdc378f8ec381feee67a5350e1818abee207e58cc

HTTP Headers

GET /gtag/js?id=UA-156275244-4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 18:35:11 GMT
expires: Mon, 28 Nov 2022 18:35:11 GMT
cache-control: private, max-age=900
last-modified: Mon, 28 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43682
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
38da92adff43278d6dae005acc49b815
679d39e1deb9fd8ac246a9e07ebc8fc3e34c5a4a
c7556a69aee303915af8ffdba947684331a58d0bda130a0ca0d0b677897cf97d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:03:26 GMT
Expires: Fri, 02 Dec 2022 08:03:25 GMT
Etag: "679d39e1deb9fd8ac246a9e07ebc8fc3e34c5a4a"
Cache-Control: max-age=307093,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771533b268740b4d-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
38da92adff43278d6dae005acc49b815
679d39e1deb9fd8ac246a9e07ebc8fc3e34c5a4a
c7556a69aee303915af8ffdba947684331a58d0bda130a0ca0d0b677897cf97d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:03:26 GMT
Expires: Fri, 02 Dec 2022 08:03:25 GMT
Etag: "679d39e1deb9fd8ac246a9e07ebc8fc3e34c5a4a"
Cache-Control: max-age=307093,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771533b16be4b4fd-OSL

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

994 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
994 B (994 bytes)
Hash
2562709c0ae1c62002c1bb49f1c1ce2f
bfe6ab39d784d85cc72c303d412903fecea34b56
c71966da4f3f02d64c723df7d3a00051455fcfe50fa38554afa8d0022ba3c7b4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 18:35:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js

23.111.8.154

200 OK

1.4 kB

URL HTTP/1.1
oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js
IP
23.111.8.154:0
ASN
#12989 StackPath LLC

File type
HTML document, ASCII text, with very long lines (2545)
Size
1.4 kB (1363 bytes)
Hash
d6d1bace4d456e829723ac7a69f90003
cbf8d6899f5e407e2f300b9e3b9ed9409f966c5f
cc452e57ddf39e2a2ca04bdbce0caadefc569c2956c6da05f325a23dc8fc1e08

HTTP Headers

GET /html5shiv/3.7.2/html5shiv.min.js HTTP/1.1
Host: oss.maxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:11 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Timing-Allow-Origin: *
Cache-Control: max-age=31104000
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
ETag: W/"a4c-u1Gl9sOUmJuwbkFxF5NUxtBeyPg"
Age: 1211450
X-Served-By: cache-fra19122-FRA, cache-hhn4074-HHN
Vary: Accept-Encoding
Server: NetDNA-cache/2.2
Expires: Thu, 23 Nov 2023 18:35:11 GMT
X-Cache: UPDATING
Content-Encoding: gzip

oss.maxcdn.com/respond/1.4.2/respond.min.js

23.111.8.154

200 OK

2.2 kB

URL HTTP/1.1
oss.maxcdn.com/respond/1.4.2/respond.min.js
IP
23.111.8.154:0
ASN
#12989 StackPath LLC

File type
HTML document, ASCII text, with very long lines (4204)
Size
2.2 kB (2226 bytes)
Hash
e4422554e127fa187fde6ef3fda2c699
f64d64e7916365c0d75c7cd9c30861ee401af1c1
30e46086242c8252570e06574b67a3d550e77397471e52512754ea92f364cfd6

HTTP Headers

GET /respond/1.4.2/respond.min.js HTTP/1.1
Host: oss.maxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:11 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Timing-Allow-Origin: *
Cache-Control: max-age=31104000
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
ETag: W/"1119-taukDWWw1vhYWdtH91fqlxoO/TA"
Age: 0
X-Served-By: cache-fra19135-FRA
Vary: Accept-Encoding
Server: NetDNA-cache/2.2
Expires: Thu, 23 Nov 2023 18:35:11 GMT
X-Cache: UPDATING
Content-Encoding: gzip

www.dndprinting.com//public/css/materialize.css

95.111.200.191

200 OK

6.9 kB

URL HTTP/1.1
www.dndprinting.com//public/css/materialize.css
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
ASCII text, with very long lines (6894), with no line terminators
Size
6.9 kB (6894 bytes)
Hash
053bb429a7eede933e86e78ab15224fa
956a06833455cbfa5326a1bbd2f6af639b913cf8
83549f7a4c6fe8b3a98e22e78f5cd024168b967d3dce0ac3cbe9a937371de043

HTTP Headers

GET //public/css/materialize.css HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:11 GMT
Server: Apache
Last-Modified: Sat, 17 Nov 2018 03:19:28 GMT
Accept-Ranges: bytes
Content-Length: 6894
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.dndprinting.com//public/css/color.css

95.111.200.191

200 OK

3.5 kB

URL HTTP/1.1
www.dndprinting.com//public/css/color.css
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
ASCII text, with very long lines (3475), with no line terminators
Size
3.5 kB (3475 bytes)
Hash
ba61af6610ee9bb81f659e9876fd0331
1616fac2c056a6377acf645261131314001f710a
194b3c14be89cd751f973805b2ff7d9200657a1c769ad5527b62b51bd7391503

HTTP Headers

GET //public/css/color.css HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:11 GMT
Server: Apache
Last-Modified: Sat, 17 Nov 2018 03:22:34 GMT
Accept-Ranges: bytes
Content-Length: 3475
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7152
Expires: Mon, 28 Nov 2022 20:34:23 GMT
Date: Mon, 28 Nov 2022 18:35:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7152
Expires: Mon, 28 Nov 2022 20:34:23 GMT
Date: Mon, 28 Nov 2022 18:35:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7152
Expires: Mon, 28 Nov 2022 20:34:23 GMT
Date: Mon, 28 Nov 2022 18:35:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7152
Expires: Mon, 28 Nov 2022 20:34:23 GMT
Date: Mon, 28 Nov 2022 18:35:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7152
Expires: Mon, 28 Nov 2022 20:34:23 GMT
Date: Mon, 28 Nov 2022 18:35:11 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4803 bytes)
Hash
cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:46:18 GMT
age: 74933
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6376 bytes)
Hash
78b1389f425425d0450c94d900404dc4
53b12a8702f7c5b7cc697e2a24da824d9434be65
0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 74005
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7556 bytes)
Hash
7e5051d8c06f69e1842a9295ce256a36
1a542a53ba0b1cd0fb23257ebed8166555f16dfb
a7c0dbbb4d0d9138f5ca318cc2aa44e12dadf7ed6263ec204ba756da64b29c41

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7556
x-amzn-requestid: 1cda5313-2256-4830-bf84-2e6e15949d3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78KFTmoAMF4yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e7-452e36d718a298d12a2374a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 70UuQl2XCoplrZYENrKleE2mcvB-xP9zZGs8Tuh21NidSiHvA97sXw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:09 GMT
age: 74642
etag: "1a542a53ba0b1cd0fb23257ebed8166555f16dfb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.dndprinting.com//public/css/bootstrap.css

95.111.200.191

200 OK

146 kB

URL HTTP/1.1
www.dndprinting.com//public/css/bootstrap.css
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
ASCII text, with very long lines (540)
Size
146 kB (146002 bytes)
Hash
9a0f96d9dd3e2ebd9185e83b209abb07
311d7a7e7cbf441d028e4d86f156559d1404e622
eb2651ac1dff2b78c850b1dd3cb08d03bccdbeafe70fbc4a0b883c146e9c0594

HTTP Headers

GET //public/css/bootstrap.css HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:10 GMT
Server: Apache
Last-Modified: Sat, 21 Sep 2019 09:06:30 GMT
Accept-Ranges: bytes
Content-Length: 146002
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9430 bytes)
Hash
1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 74005
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.dndprinting.com//public/css/owl.carousel.min.css

95.111.200.191

200 OK

2.9 kB

URL HTTP/1.1
www.dndprinting.com//public/css/owl.carousel.min.css
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
ASCII text, with very long lines (2846)
Size
2.9 kB (2936 bytes)
Hash
de0dfbabe627afa1b718d848b6b58e97
73d8a692734089983b00005d99ef8e5e5b0dadeb
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d

HTTP Headers

GET //public/css/owl.carousel.min.css HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:11 GMT
Server: Apache
Last-Modified: Mon, 22 Jan 2018 07:28:22 GMT
Accept-Ranges: bytes
Content-Length: 2936
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10199 bytes)
Hash
2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:42:14 GMT
age: 75177
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8885 bytes)
Hash
3a1a4e00f1f15827cf651f373863c379
70c2a238f06ca7e56ef80c83738e081bf0de3330
3d936e1f0c96297f121faece12d6f8173e12eed5087165cd4eefc0fab368419f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 71b8367f-f79f-42a7-bcb8-c441a154babf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEFSeIAMF3rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-631b775d3430a8c30c3b4420;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jsmd6yxjJxLMEgv1jDa87iEoZXL2OuALsmUZ9Nxx1rUN-xOTdtN1-A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 10:13:33 GMT
age: 30098
etag: "70c2a238f06ca7e56ef80c83738e081bf0de3330"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.dndprinting.com//public/css/font-awesome.css

95.111.200.191

200 OK

35 kB

URL HTTP/1.1
www.dndprinting.com//public/css/font-awesome.css
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
troff or preprocessor input, ASCII text, with very long lines (372)
Size
35 kB (35128 bytes)
Hash
a16730221cf9c8b1bad3dd5419edf16b
b5020c3860669185ba3f316fa7332cdf5c06f393
34f195f17d62b4789625aa8cb3535024a72d40fc4d88ee1383154688b9bfaa27

HTTP Headers

GET //public/css/font-awesome.css HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:11 GMT
Server: Apache
Last-Modified: Mon, 22 Jan 2018 07:28:16 GMT
Accept-Ranges: bytes
Content-Length: 35128
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.dndprinting.com//public/css/owl.theme.default.css

95.111.200.191

200 OK

1.3 kB

URL HTTP/1.1
www.dndprinting.com//public/css/owl.theme.default.css
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
ASCII text
Size
1.3 kB (1303 bytes)
Hash
26dd7ebd96f611bff70d97bd1eb24ca1
02bab0c1adf33ee9d22d32be989513fe8464041e
ede1466795eb4042a622781a4b5f0e8e12a93257b6dc5deae7deaaf4d2b33a5e

HTTP Headers

GET //public/css/owl.theme.default.css HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:11 GMT
Server: Apache
Last-Modified: Mon, 22 Jan 2018 07:28:24 GMT
Accept-Ranges: bytes
Content-Length: 1303
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.dndprinting.com//public/css/sm-core-css.css

95.111.200.191

200 OK

887 B

URL HTTP/1.1
www.dndprinting.com//public/css/sm-core-css.css
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
troff or preprocessor input, ASCII text
Size
887 B (887 bytes)
Hash
a969035e88fe398ad70c4bc9b2cb5911
ad6788c1d0aa1b193e6d4df78ffb17f9578a96dd
979bddf384e612e43d9adf9acc93dd1aaba02cf7ea54cd0cf2ea4381e6a63ef0

HTTP Headers

GET //public/css/sm-core-css.css HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:11 GMT
Server: Apache
Last-Modified: Mon, 22 Jan 2018 07:28:30 GMT
Accept-Ranges: bytes
Content-Length: 887
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.dndprinting.com//public/css/bootstrap-social.css

95.111.200.191

200 OK

29 kB

URL HTTP/1.1
www.dndprinting.com//public/css/bootstrap-social.css
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
ASCII text, with very long lines (556)
Size
29 kB (29332 bytes)
Hash
bdafc73f770fb4ebcdb778875964cea0
2491d216e08fc65980449f1a8efa00fc4e249abd
9340df23fb6bf832202a367ab967f8b1681b9a182d7379c5d698cb4dc3771cee

HTTP Headers

GET //public/css/bootstrap-social.css HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:11 GMT
Server: Apache
Last-Modified: Thu, 01 Nov 2018 04:42:08 GMT
Accept-Ranges: bytes
Content-Length: 29332
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.dndprinting.com//public/css/sm-simple.css

95.111.200.191

200 OK

5.6 kB

URL HTTP/1.1
www.dndprinting.com//public/css/sm-simple.css
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
ASCII text
Size
5.6 kB (5602 bytes)
Hash
00fa2824aed4c1252e029b96f90773e1
7f21deb6ea72abc0995f47256e85b7c6760c3c2d
740e1c78a429750626a86f6b4663663dedf892fb5e33838f97f478024cbd9297

HTTP Headers

GET //public/css/sm-simple.css HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:11 GMT
Server: Apache
Last-Modified: Mon, 19 Nov 2018 02:58:42 GMT
Accept-Ranges: bytes
Content-Length: 5602
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.dndprinting.com//public/css/sm-blue.css

95.111.200.191

200 OK

11 kB

URL HTTP/1.1
www.dndprinting.com//public/css/sm-blue.css
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
ASCII text, with very long lines (1135)
Size
11 kB (10565 bytes)
Hash
3c19b7229613bf365f41162089be1984
51618aef3b40bb033cc58b88c4d62856e488b754
21d416e7b67790b6be7911078d0cefad3bcb8e90caddfcf8ee02002efbf737a6

HTTP Headers

GET //public/css/sm-blue.css HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:11 GMT
Server: Apache
Last-Modified: Mon, 22 Jan 2018 07:28:26 GMT
Accept-Ranges: bytes
Content-Length: 10565
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.dndprinting.com//public/css/jquery.bxslider.css

95.111.200.191

200 OK

3.6 kB

URL HTTP/1.1
www.dndprinting.com//public/css/jquery.bxslider.css
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
ASCII text
Size
3.6 kB (3608 bytes)
Hash
0e97524a87bac1c6538097eb64f64b83
368e292b5fb96862bdbdf590f28f406174a0cc54
6802933490ae324d3e3d843ee979ec9120c95ea184cedc34b6471a5d323a3847

HTTP Headers

GET //public/css/jquery.bxslider.css HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:11 GMT
Server: Apache
Last-Modified: Sat, 03 Nov 2018 05:58:18 GMT
Accept-Ranges: bytes
Content-Length: 3608
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.dndprinting.com//public/transcend/css/main.css

95.111.200.191

200 OK

66 kB

URL HTTP/1.1
www.dndprinting.com//public/transcend/css/main.css
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
ASCII text
Size
66 kB (65460 bytes)
Hash
d03212732f929aa3bc5983bc51243151
fa5b7c16b3b13fbe4e66899bb9775902af84fb5c
fa6b6aa6b9943569311653df724321a269fe50e84a45f080db5fffb5e44d613f

HTTP Headers

GET //public/transcend/css/main.css HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:11 GMT
Server: Apache
Last-Modified: Sat, 21 Sep 2019 09:11:56 GMT
Accept-Ranges: bytes
Content-Length: 65460
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

www.dndprinting.com/public/css/index.css

95.111.200.191

200 OK

11 kB

URL HTTP/1.1
www.dndprinting.com/public/css/index.css
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
ASCII text
Size
11 kB (10643 bytes)
Hash
ea82b9e9bcd47dc064c17c972ab94c25
8c1c28eaacc5775e986dd8b0fe136ffae04e980d
8ca66e1fc89b21025cdd7141104bb12f9a353aecb4e21b5174a8df41f0ca8ba9

HTTP Headers

GET /public/css/index.css HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:11 GMT
Server: Apache
Last-Modified: Thu, 15 Nov 2018 04:18:46 GMT
Accept-Ranges: bytes
Content-Length: 10643
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.dndprinting.com//public/transcend/css/base.css

95.111.200.191

200 OK

17 kB

URL HTTP/1.1
www.dndprinting.com//public/transcend/css/base.css
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
ASCII text, with CRLF line terminators
Size
17 kB (17012 bytes)
Hash
79a61fed73d0fe8808b498718b3fea7b
a2a4100a019090404e5e01bced83303685fe5c05
cb6cc8485642abe8c2824a4b9f70f14fe415623ceb57b68be558079a154fe57f

HTTP Headers

GET //public/transcend/css/base.css HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:11 GMT
Server: Apache
Last-Modified: Mon, 19 Mar 2018 05:33:28 GMT
Accept-Ranges: bytes
Content-Length: 17012
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.dndprinting.com//public/transcend/css/vendor.css

95.111.200.191

200 OK

50 kB

URL HTTP/1.1
www.dndprinting.com//public/transcend/css/vendor.css
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
ASCII text, with CRLF line terminators
Size
50 kB (50050 bytes)
Hash
599bcce0a8af8ec235ecb1f7c89c5dce
74154570d860de9838349ed3fdc9a545bc841e8f
a7b7982aac3ddc3447295ab1d846e74b71e8197319f2f045f5f69c99561b7e56

HTTP Headers

GET //public/transcend/css/vendor.css HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:11 GMT
Server: Apache
Last-Modified: Mon, 19 Mar 2018 05:37:52 GMT
Accept-Ranges: bytes
Content-Length: 50050
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.dndprinting.com//public/js/jquery.bxslider.js

95.111.200.191

200 OK

49 kB

URL HTTP/1.1
www.dndprinting.com//public/js/jquery.bxslider.js
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
ASCII text
Size
49 kB (49284 bytes)
Hash
3f6612a05317aaf468eda198256a2b09
7e244415354d5ce9f542056afcdb12267a97fbeb
c88508e00768812f51e004349364887351c0139b44b126479e06c08bcd5af4fc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/js/jquery.bxslider.js HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:11 GMT
Server: Apache
Last-Modified: Sat, 03 Nov 2018 05:41:48 GMT
Accept-Ranges: bytes
Content-Length: 49284
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

www.dndprinting.com//public/css/custom.css

95.111.200.191

200 OK

61 kB

URL HTTP/1.1
www.dndprinting.com//public/css/custom.css
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (308)
Size
61 kB (61097 bytes)
Hash
8fd7ee0834e19ce49eb08f8e5f5fdb55
2f01c048c1ca468d7618eab907961346aaee5647
7166321ee581ca27638614c454ce3c24b012471ca8933e81e2862637e5d3a769

HTTP Headers

GET //public/css/custom.css HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:11 GMT
Server: Apache
Last-Modified: Sat, 21 Sep 2019 08:45:15 GMT
Accept-Ranges: bytes
Content-Length: 61097
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.dndprinting.com//public/js/jquery.smartmenus.min.js

95.111.200.191

200 OK

24 kB

URL HTTP/1.1
www.dndprinting.com//public/js/jquery.smartmenus.min.js
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
ASCII text, with very long lines (24459)
Size
24 kB (24548 bytes)
Hash
f37878df1d94bbea0dfb7e85612888ec
19df702835ff55ce5a9b76b9974f8597cc528c6a
2fe668f50e1b19f758d3a06ac0c60b0e869c6b31fa1ab43190b6af3dd4f46b8e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/js/jquery.smartmenus.min.js HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:12 GMT
Server: Apache
Last-Modified: Mon, 22 Jan 2018 07:29:38 GMT
Accept-Ranges: bytes
Content-Length: 24548
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

www.dndprinting.com//public/js/bootstrap.js

95.111.200.191

200 OK

70 kB

URL HTTP/1.1
www.dndprinting.com//public/js/bootstrap.js
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
ASCII text
Size
70 kB (69707 bytes)
Hash
fb81549ee2896513a1ed5714b1b1a0f0
3b965a36a6b08854ad6eddedf85c5319fd392b4a
0abe8deb334de1ba743b04d0399e99eba336afed9da72fc4c0a302c99f9238c8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/js/bootstrap.js HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:11 GMT
Server: Apache
Last-Modified: Mon, 22 Jan 2018 07:30:00 GMT
Accept-Ranges: bytes
Content-Length: 69707
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

www.dndprinting.com//public/transcend/js/modernizr.js

95.111.200.191

200 OK

8.4 kB

URL HTTP/1.1
www.dndprinting.com//public/transcend/js/modernizr.js
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
ASCII text, with very long lines (8121)
Size
8.4 kB (8418 bytes)
Hash
c6537b1adb7e309ed5da6b405191d3e9
a3d81ff7a2a28acef6b7e78ed62a809e5f586371
461a476f9db3123182ff2e0556a05c0bd7cd28b0d38976d94593df7e4275120a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/transcend/js/modernizr.js HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:12 GMT
Server: Apache
Last-Modified: Thu, 30 Jun 2016 08:28:58 GMT
Accept-Ranges: bytes
Content-Length: 8418
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

www.dndprinting.com//public/js/jquery-3.2.1.min.js

95.111.200.191

200 OK

87 kB

URL HTTP/1.1
www.dndprinting.com//public/js/jquery-3.2.1.min.js
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
ASCII text, with very long lines (32058)
Size
87 kB (86659 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/js/jquery-3.2.1.min.js HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:11 GMT
Server: Apache
Last-Modified: Mon, 22 Jan 2018 07:29:44 GMT
Accept-Ranges: bytes
Content-Length: 86659
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

www.dndprinting.com//public/transcend/js/pace.min.js

95.111.200.191

200 OK

12 kB

URL HTTP/1.1
www.dndprinting.com//public/transcend/js/pace.min.js
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
ASCII text, with very long lines (12345)
Size
12 kB (12363 bytes)
Hash
874d8be9cd6d6b72f1d63a5435edf2c3
1d6f79b5757de7cc40dcfded7cfdb067a90810d3
579a10a2485055e988338be054f866cbe713c8510442130cbda0ce11ced6c49f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/transcend/js/pace.min.js HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:12 GMT
Server: Apache
Last-Modified: Mon, 29 Feb 2016 08:56:04 GMT
Accept-Ranges: bytes
Content-Length: 12363
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

www.dndprinting.com//public/js/owl.carousel.min.js

95.111.200.191

200 OK

43 kB

URL HTTP/1.1
www.dndprinting.com//public/js/owl.carousel.min.js
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
ASCII text, with very long lines (32000)
Size
43 kB (42766 bytes)
Hash
b7b9c97cd68ec336d01a79d5be48c58d
1a99890b57c9859a622337ed0b2f989d6e30cc0e
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/js/owl.carousel.min.js HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:12 GMT
Server: Apache
Last-Modified: Mon, 22 Jan 2018 07:29:48 GMT
Accept-Ranges: bytes
Content-Length: 42766
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

www.dndprinting.com//public/transcend/js/main.js

95.111.200.191

200 OK

11 kB

URL HTTP/1.1
www.dndprinting.com//public/transcend/js/main.js
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
HTML document, ASCII text, with CRLF line terminators
Size
11 kB (11377 bytes)
Hash
5dc80d88b388a4f90350781095dfcd74
5e8da2b27dfe096ca6cf12fdfd7a311f69fe1301
be1c847f7e171492fa948badf5ff6c69731a4e5ef6bb664ef572e08450d103e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/transcend/js/main.js HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:12 GMT
Server: Apache
Last-Modified: Sun, 18 Mar 2018 14:10:42 GMT
Accept-Ranges: bytes
Content-Length: 11377
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

www.dndprinting.com//public/transcend/css/font-awesome/css/fontawesome-all.css

95.111.200.191

200 OK

44 kB

URL HTTP/1.1
www.dndprinting.com//public/transcend/css/font-awesome/css/fontawesome-all.css
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
gzip compressed data, max compression\012- data
Size
44 kB (44509 bytes)
Hash
fdda354af17acaa95084b1a93d22e3ad
33fdffbeecf3b0523df9762b3b16bbe31d22edba
5112d147fa15a4e5e60195e880f4acd68bb9d1663c6ff9073582e850150fcd94

HTTP Headers

GET //public/transcend/css/font-awesome/css/fontawesome-all.css HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com//public/transcend/css/base.css
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:12 GMT
Server: Apache
Last-Modified: Wed, 28 Feb 2018 00:18:24 GMT
Accept-Ranges: bytes
Content-Length: 44007
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css

www.dndprinting.com//public/transcend/css/micons/micons.css

95.111.200.191

200 OK

12 kB

URL HTTP/1.1
www.dndprinting.com//public/transcend/css/micons/micons.css
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
ASCII text
Size
12 kB (11729 bytes)
Hash
eb3bda7a4743b56ed0035ba6643d72df
52ab086c23ec5c13e80991af543c4cc3f61ce4b6
266f19efba773108a75857e3c0227752f55e8203292c4b747b6d4c3e7fe37eaa

HTTP Headers

GET //public/transcend/css/micons/micons.css HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com//public/transcend/css/base.css
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:12 GMT
Server: Apache
Last-Modified: Thu, 24 Dec 2015 11:09:52 GMT
Accept-Ranges: bytes
Content-Length: 11729
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

www.dndprinting.com//public/transcend/css/fonts.css

95.111.200.191

200 OK

6.0 kB

URL HTTP/1.1
www.dndprinting.com//public/transcend/css/fonts.css
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
ASCII text, with CRLF line terminators
Size
6.0 kB (6046 bytes)
Hash
2d63c40ccc86c058748687f1c3b5ae0f
28f9b6bf218aca8e4a74f89b295255a7bf9f84a4
9ae0b95f3299a0dd4b1154b753455d91103eb422ca245820dd9be515062befdf

HTTP Headers

GET //public/transcend/css/fonts.css HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com//public/transcend/css/base.css
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:12 GMT
Server: Apache
Last-Modified: Mon, 19 Mar 2018 05:35:36 GMT
Accept-Ranges: bytes
Content-Length: 6046
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

www.dndprinting.com//public/css/animate.css

95.111.200.191

200 OK

7.0 kB

URL HTTP/1.1
www.dndprinting.com//public/css/animate.css
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (647), with CRLF, LF line terminators
Size
7.0 kB (7043 bytes)
Hash
4e2c26d1590350ed6e28ad7a2a6c4e93
79d1d6a20d605b93d5b031bd29c9fcc5c5ec17e6
d100d1424ca9250159af4c2382aae787d6601487a8b36a49d114e6278e0dc762

HTTP Headers

GET //public/css/animate.css HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com//public/css/custom.css
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:12 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; expires=Mon, 28-Nov-2022 20:35:12 GMT; Max-Age=7200; path=/
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

www.dndprinting.com//public/transcend/js/plugins.js

95.111.200.191

200 OK

165 kB

URL HTTP/1.1
www.dndprinting.com//public/transcend/js/plugins.js
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
Unicode text, UTF-8 text, with very long lines (23946), with CRLF line terminators
Size
165 kB (164738 bytes)
Hash
ec4879d651edfbe0e3bd2992c85d6a10
aedac28bdca8628ca7f45b62281c9e16a0df3969
1e105b4abe998b3d76e3d9233c4a675e6d0e23f483e0f07c5381beb88c86f98e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/transcend/js/plugins.js HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:12 GMT
Server: Apache
Last-Modified: Sat, 17 Mar 2018 12:08:28 GMT
Accept-Ranges: bytes
Content-Length: 164738
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

www.dndprinting.com//public/css/iconmoon.css

95.111.200.191

200 OK

7.0 kB

URL HTTP/1.1
www.dndprinting.com//public/css/iconmoon.css
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (647), with CRLF, LF line terminators
Size
7.0 kB (7043 bytes)
Hash
4e2c26d1590350ed6e28ad7a2a6c4e93
79d1d6a20d605b93d5b031bd29c9fcc5c5ec17e6
d100d1424ca9250159af4c2382aae787d6601487a8b36a49d114e6278e0dc762

HTTP Headers

GET //public/css/iconmoon.css HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com//public/css/custom.css
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:12 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; expires=Mon, 28-Nov-2022 20:35:12 GMT; Max-Age=7200; path=/
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
af25abbc1f9776cf78b07837dbea38a0
1883049bac2e92f8b3107f6435f00b83d8f4c117
663a6d77de7e3c835bcbb4b567eb28053755bf50ddab14b3f668367a85efdf17

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2773
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 18:35:12 GMT
Last-Modified: Mon, 28 Nov 2022 17:48:59 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

www.dndprinting.com/uploads/portofolio/banner_Undangan2.jpg

95.111.200.191

200 OK

193 kB

URL HTTP/1.1
www.dndprinting.com/uploads/portofolio/banner_Undangan2.jpg
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 750x750, components 3\012- data
Size
193 kB (193342 bytes)
Hash
5ee98898a3406a0c8035a233dd18669d
4978345226e966c3199be902d68feeb6361feb28
7efaed340afc1975cea1d077195b9d2457ec0c70876e77ae4bfe473ad2624efd

HTTP Headers

GET /uploads/portofolio/banner_Undangan2.jpg HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:12 GMT
Server: Apache
Last-Modified: Tue, 22 Jan 2019 07:45:09 GMT
Accept-Ranges: bytes
Content-Length: 193342
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

www.dndprinting.com/new/public/ckfinder/userfiles/images/Percetakan-Murah-DND-Printi(1).jpg

95.111.200.191

200 OK

93 kB

URL HTTP/1.1
www.dndprinting.com/new/public/ckfinder/userfiles/images/Percetakan-Murah-DND-Printi(1).jpg
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2019:09:21 16:40:06], baseline, precision 8, 927x443, components 3\012- data
Size
93 kB (93427 bytes)
Hash
ab00607b14cad87319b39686269cb4fb
51a708691626cffaa3cdc70a64e2d4be62ba1494
013e1ad054f2b9bb4b6113307e04b8d7174079875d9dc997a98930d36df76db0

HTTP Headers

GET /new/public/ckfinder/userfiles/images/Percetakan-Murah-DND-Printi(1).jpg HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:12 GMT
Server: Apache
Last-Modified: Sat, 21 Sep 2019 09:40:26 GMT
Accept-Ranges: bytes
Content-Length: 93427
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
af25abbc1f9776cf78b07837dbea38a0
1883049bac2e92f8b3107f6435f00b83d8f4c117
663a6d77de7e3c835bcbb4b567eb28053755bf50ddab14b3f668367a85efdf17

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2774
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 18:35:13 GMT
Last-Modified: Mon, 28 Nov 2022 17:48:59 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/5bdAWVPYBPC.css?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

5.0 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/5bdAWVPYBPC.css?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (4431)
Size
5.0 kB (4978 bytes)
Hash
ba954e97ec5946479be5630757b76ca8
2588e32e2022cf42d7dee40768c011769a0efb86
bf859ca7d3c40ff138c346c2c59dc17b6ccbb355c713bd6ea57e6283da459fdf

HTTP Headers

GET /rsrc.php/v3/yu/l/0,cross/5bdAWVPYBPC.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 27 Nov 2023 16:58:51 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: upVOl+xZRkeb5WMHV7dsqA==
x-fb-debug: 3JEBrRX8ZdGd0Rhj0gdXWYTFCgQhFAQRwPUwZvXGonnN9l5ntnIa81PkTJrX/SrfFEs/iwBR4zzMKY0Hw4tGgg==
priority: u=2
content-length: 4978
x-fb-trip-id: 1904183273
date: Mon, 28 Nov 2022 18:35:13 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.dndprinting.com/uploads/portofolio/banner_Menu2.jpg

95.111.200.191

200 OK

151 kB

URL HTTP/1.1
www.dndprinting.com/uploads/portofolio/banner_Menu2.jpg
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 750x750, components 3\012- data
Size
151 kB (150899 bytes)
Hash
ac363e9443de5b43707a7ffab4d95c78
6d6572875afcafce1b02bc307985ff3c6deb47da
1c5e26d31873bbf8c8f5e2d2864b7f69842c21f4a7fd88f4581c993483fd5f86

HTTP Headers

GET /uploads/portofolio/banner_Menu2.jpg HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:12 GMT
Server: Apache
Last-Modified: Tue, 22 Jan 2019 07:36:27 GMT
Accept-Ranges: bytes
Content-Length: 150899
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

www.dndprinting.com/public/css/fonts/Poppins-Regular.ttf

95.111.200.191

200 OK

257 kB

URL HTTP/1.1
www.dndprinting.com/public/css/fonts/Poppins-Regular.ttf
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 15 names, Microsoft, language 0x409, Copyright (c) 2014 Indian Type Foundry (info@indiantypefoundry.com)PoppinsRegular2.000;ITFO;Popp\012- data
Size
257 kB (256920 bytes)
Hash
e212f84086965da44a6c84f3d9a683a4
58ca484f2ec5b8817a63136af362e1db1d29d49e
4554cfac77e8cefa48f89ffcd4f1705f7c02ee34bd9b25415d1208065e4edb52

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/css/fonts/Poppins-Regular.ttf HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/public/css/index.css
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:12 GMT
Server: Apache
Last-Modified: Mon, 22 Jan 2018 07:29:16 GMT
Accept-Ranges: bytes
Content-Length: 256920
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/ttf

www.dndprinting.com//public/transcend/fonts/metropolis/metropolis-semibold-webfont.woff2

95.111.200.191

200 OK

15 kB

URL HTTP/1.1
www.dndprinting.com//public/transcend/fonts/metropolis/metropolis-semibold-webfont.woff2
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
Web Open Font Format (Version 2), TrueType, length 15092, version 1.0\012- data
Size
15 kB (15092 bytes)
Hash
954b06b72e08c11a907c8cbb3d57914a
8d7a234425bc111bcdc60f3154e795e901c98307
71a24896c65c45aff514a3815a4efbb19f72095cfb6a503eb190a0a55410e604

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/transcend/fonts/metropolis/metropolis-semibold-webfont.woff2 HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.dndprinting.com//public/transcend/css/fonts.css
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:12 GMT
Server: Apache
Last-Modified: Tue, 12 Dec 2017 22:30:24 GMT
Accept-Ranges: bytes
Content-Length: 15092
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: font/woff2

www.dndprinting.com/uploads/portofolio/banner_Nota1.jpg

95.111.200.191

200 OK

133 kB

URL HTTP/1.1
www.dndprinting.com/uploads/portofolio/banner_Nota1.jpg
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=960, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=720], progressive, precision 8, 750x750, components 3\012- data
Size
133 kB (133349 bytes)
Hash
1542062915b186c1bb88ceb3e11e5252
d985c351aa7f1cd142b60af51885f9063015af2a
0bf78fd22a3f833227bb9d4048a05e5458bb06b750727e8df2f48a0024e03763

HTTP Headers

GET /uploads/portofolio/banner_Nota1.jpg HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:12 GMT
Server: Apache
Last-Modified: Wed, 23 Jan 2019 02:10:16 GMT
Accept-Ranges: bytes
Content-Length: 133349
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

www.dndprinting.com/uploads/portofolio/banner_Brosur2.jpg

95.111.200.191

200 OK

182 kB

URL HTTP/1.1
www.dndprinting.com/uploads/portofolio/banner_Brosur2.jpg
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=960, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=540], progressive, precision 8, 750x750, components 3\012- data
Size
182 kB (181780 bytes)
Hash
1eab8928415cacb38f045940786bfe23
8e4fc10b2e44e191f78d418daadd7aeffa5444d3
8ef2113545ff79975e24eee780c5fed181ef341f1a2e5c1ce824cd2119033a0f

HTTP Headers

GET /uploads/portofolio/banner_Brosur2.jpg HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:12 GMT
Server: Apache
Last-Modified: Tue, 22 Jan 2019 07:13:39 GMT
Accept-Ranges: bytes
Content-Length: 181780
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg

www.dndprinting.com/uploads/portofolio/banner_Mug1.jpg

95.111.200.191

200 OK

120 kB

URL HTTP/1.1
www.dndprinting.com/uploads/portofolio/banner_Mug1.jpg
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2019:01:18 07:50:55], baseline, precision 8, 750x750, components 3\012- data
Size
120 kB (119485 bytes)
Hash
b5a81f1ae2f8aa452cda2e8e2e384717
5c2279387bf0fd51b7d55a0332f97d74696c4cd4
0900083953c8b657f59a183bbd6e175f8a2348405c749be6f84d1c177022cc92

HTTP Headers

GET /uploads/portofolio/banner_Mug1.jpg HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:12 GMT
Server: Apache
Last-Modified: Wed, 23 Jan 2019 01:58:25 GMT
Accept-Ranges: bytes
Content-Length: 119485
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

www.dndprinting.com//public/transcend/css/micons/fonts/icomoon.ttf?jo2z5t

95.111.200.191

200 OK

74 kB

URL HTTP/1.1
www.dndprinting.com//public/transcend/css/micons/fonts/icomoon.ttf?jo2z5t
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Size
74 kB (73452 bytes)
Hash
59809af617d58f5da50fb027f3c617ef
299ed66c2649fe0f0257347bae37641fa4d3afdb
1209b735a0a5a297d6379986d00fe88f6b537e9070ecf79455a3129302f56870

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/transcend/css/micons/fonts/icomoon.ttf?jo2z5t HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com//public/transcend/css/micons/micons.css
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:13 GMT
Server: Apache
Last-Modified: Thu, 24 Dec 2015 11:09:50 GMT
Accept-Ranges: bytes
Content-Length: 73452
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/ttf

www.dndprinting.com//public/transcend/css/font-awesome/webfonts/fa-brands-400.woff2

95.111.200.191

200 OK

54 kB

URL HTTP/1.1
www.dndprinting.com//public/transcend/css/font-awesome/webfonts/fa-brands-400.woff2
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
Web Open Font Format (Version 2), TrueType, length 54468, version 1.0\012- data
Size
54 kB (54468 bytes)
Hash
877700a37b705486d19bdce3f7586754
7108169d0cb50a3d15a5ebdf27904524e2732f40
abbcb43a4cf5b5c586d440527b87830cc4d6d069e2eabaeb7e0c433ca0edf8d5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/transcend/css/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.dndprinting.com//public/transcend/css/font-awesome/css/fontawesome-all.css
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:13 GMT
Server: Apache
Last-Modified: Wed, 28 Feb 2018 00:18:42 GMT
Accept-Ranges: bytes
Content-Length: 54468
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: font/woff2

www.dndprinting.com//public/transcend/fonts/metropolis/metropolis-regular-webfont.woff2

95.111.200.191

200 OK

15 kB

URL HTTP/1.1
www.dndprinting.com//public/transcend/fonts/metropolis/metropolis-regular-webfont.woff2
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
Web Open Font Format (Version 2), TrueType, length 14840, version 1.0\012- data
Size
15 kB (14840 bytes)
Hash
ea531a4039bd95db5cdbb54a04fc7fb2
06acb144fb1d24cca29c55fcf2642ff7d1a6c0e1
ec9a0dd233dea75cb22fcf99e497b77b21d354860d6301a1d0607ff92174d227

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/transcend/fonts/metropolis/metropolis-regular-webfont.woff2 HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.dndprinting.com//public/transcend/css/fonts.css
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:13 GMT
Server: Apache
Last-Modified: Tue, 12 Dec 2017 22:30:24 GMT
Accept-Ranges: bytes
Content-Length: 14840
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/woff2

www.dndprinting.com//public/transcend/fonts/metropolis/metropolis-light-webfont.woff2

95.111.200.191

200 OK

14 kB

URL HTTP/1.1
www.dndprinting.com//public/transcend/fonts/metropolis/metropolis-light-webfont.woff2
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
Web Open Font Format (Version 2), TrueType, length 14460, version 1.0\012- data
Size
14 kB (14460 bytes)
Hash
79a39f7aeaae578f933fbcfd0ca89f12
8ddee1b7abca88709190be0ff014f892823341c3
37f4fc3c492a792c07f315099f5274a319ae9780dc5e86ca09cc244091944e27

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/transcend/fonts/metropolis/metropolis-light-webfont.woff2 HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.dndprinting.com//public/transcend/css/fonts.css
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:13 GMT
Server: Apache
Last-Modified: Tue, 12 Dec 2017 22:27:12 GMT
Accept-Ranges: bytes
Content-Length: 14460
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: font/woff2

www.dndprinting.com//public/fonts/glyphicons-halflings-regular.woff2

95.111.200.191

200 OK

18 kB

URL HTTP/1.1
www.dndprinting.com//public/fonts/glyphicons-halflings-regular.woff2
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Size
18 kB (18028 bytes)
Hash
448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.dndprinting.com//public/css/bootstrap.css
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:13 GMT
Server: Apache
Last-Modified: Fri, 22 Dec 2017 08:46:46 GMT
Accept-Ranges: bytes
Content-Length: 18028
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/woff2

www.dndprinting.com/public/css/fonts/Poppins-Bold.ttf

95.111.200.191

200 OK

278 kB

URL HTTP/1.1
www.dndprinting.com/public/css/fonts/Poppins-Bold.ttf
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 15 names, Microsoft, language 0x409, Copyright (c) 2014 Indian Type Foundry (info@indiantypefoundry.com)PoppinsBold2.000;ITFO;Poppins\012- data
Size
278 kB (277756 bytes)
Hash
2f55e0d4b3f9eb3ffaefdac379fa3f8b
45dc28c425c3ee2237440bf9cb926753c5aa3b5c
b8b92424acfd9581c9dd74723a5627b6a5882a643b2148bd0463e9cd077d3728

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/css/fonts/Poppins-Bold.ttf HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/public/css/index.css
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:13 GMT
Server: Apache
Last-Modified: Mon, 22 Jan 2018 07:28:42 GMT
Accept-Ranges: bytes
Content-Length: 277756
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/ttf

www.dndprinting.com/public/images/send_wa.png

95.111.200.191

200 OK

18 kB

URL HTTP/1.1
www.dndprinting.com/public/images/send_wa.png
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
PNG image data, 350 x 88, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (17613 bytes)
Hash
fe40aecc8f9260055e2690800c4b014a
9e6b247521a2b682520736029da6bc54fa579aab
bf736645feef042b4a9d136ca5185054d96649b749adc2824f43160edc2af4f7

HTTP Headers

GET /public/images/send_wa.png HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:13 GMT
Server: Apache
Last-Modified: Mon, 15 Apr 2019 03:02:01 GMT
Accept-Ranges: bytes
Content-Length: 17613
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png

www.dndprinting.com//public/transcend/images/icons/icon-arrow-down.svg

95.111.200.191

200 OK

911 B

URL HTTP/1.1
www.dndprinting.com//public/transcend/images/icons/icon-arrow-down.svg
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
911 B (911 bytes)
Hash
735bca71e4b8539fcef46696170f04a3
9a348714cc8651c175c7a2d5b20cd42decdfbf09
afd1b2aaf44d8b7bba5a7576c57b8580ceb3aca94cfcd44ba90a6eed1b1aba0f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/transcend/images/icons/icon-arrow-down.svg HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com//public/transcend/css/main.css
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:13 GMT
Server: Apache
Last-Modified: Fri, 09 Mar 2018 17:41:54 GMT
Accept-Ranges: bytes
Content-Length: 911
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/svg+xml

www.dndprinting.com/undefined

95.111.200.191

200 OK

7.0 kB

URL HTTP/1.1
www.dndprinting.com/undefined
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (647), with CRLF, LF line terminators
Size
7.0 kB (7043 bytes)
Hash
4e2c26d1590350ed6e28ad7a2a6c4e93
79d1d6a20d605b93d5b031bd29c9fcc5c5ec17e6
d100d1424ca9250159af4c2382aae787d6601487a8b36a49d114e6278e0dc762

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /undefined HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:13 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; expires=Mon, 28-Nov-2022 20:35:13 GMT; Max-Age=7200; path=/
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

www.dndprinting.com/uploads/banner/banner_BukuMenuSpiral.jpg

95.111.200.191

200 OK

77 kB

URL HTTP/1.1
www.dndprinting.com/uploads/banner/banner_BukuMenuSpiral.jpg
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 450x450, components 3\012- data
Size
77 kB (76712 bytes)
Hash
aa35b67bc54818c76891c061ed4c461e
9791c106cbdc3b1cafced09517ee90c464150c28
1b278ca0d863e570d548ea97487887d7f60622070db549886508ce4c0d73a328

HTTP Headers

GET /uploads/banner/banner_BukuMenuSpiral.jpg HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:13 GMT
Server: Apache
Last-Modified: Sat, 21 Sep 2019 05:52:54 GMT
Accept-Ranges: bytes
Content-Length: 76712
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg

www.dndprinting.com/uploads/banner_.png

95.111.200.191

200 OK

31 kB

URL HTTP/1.1
www.dndprinting.com/uploads/banner_.png
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
PNG image data, 200 x 101, 8-bit/color RGBA, non-interlaced\012- data
Size
31 kB (30967 bytes)
Hash
2c392562f4dc310999b2a4eb6638ac3d
72df3ec196a79f36bba4660d44940ba86e509ea6
78f6c8c344fa4bf0810cc7d1b55a47889df2a224007199c0cd30b70db2f55bf6

HTTP Headers

GET /uploads/banner_.png HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:13 GMT
Server: Apache
Last-Modified: Thu, 17 Jan 2019 05:51:50 GMT
Accept-Ranges: bytes
Content-Length: 30967
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png

www.dndprinting.com/uploads/portofolio/banner_IdCard1.jpg

95.111.200.191

200 OK

106 kB

URL HTTP/1.1
www.dndprinting.com/uploads/portofolio/banner_IdCard1.jpg
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=960, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=720], progressive, precision 8, 750x750, components 3\012- data
Size
106 kB (106328 bytes)
Hash
e0736950085e0f20a85121ce434a83ae
0ee10271f66ee4e7ab7cabe033162156933b0a40
91f42ea6073f8c5ca4af118eca0c8e638857f586b48b3f4974982785d247afb2

HTTP Headers

GET /uploads/portofolio/banner_IdCard1.jpg HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:13 GMT
Server: Apache
Last-Modified: Tue, 22 Jan 2019 06:45:47 GMT
Accept-Ranges: bytes
Content-Length: 106328
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg

www.dndprinting.com/uploads/banner/banner_CetaKUndangandiBali.jpg

95.111.200.191

200 OK

274 kB

URL HTTP/1.1
www.dndprinting.com/uploads/banner/banner_CetaKUndangandiBali.jpg
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1500x1020, components 3\012- data
Size
274 kB (274164 bytes)
Hash
647778d2a1d10efe84e188d63c305c5d
1dc2d3f16818f70f2c2a08b93555190c349f6d86
9eeb2304ea5e0048c6ee0825ec021727fc7930431ce68a67f7b855eb47335269

HTTP Headers

GET /uploads/banner/banner_CetaKUndangandiBali.jpg HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:13 GMT
Server: Apache
Last-Modified: Sat, 21 Sep 2019 05:33:54 GMT
Accept-Ranges: bytes
Content-Length: 274164
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg

www.dndprinting.com/uploads/portofolio/banner_Spanduk1.jpg

95.111.200.191

200 OK

91 kB

URL HTTP/1.1
www.dndprinting.com/uploads/portofolio/banner_Spanduk1.jpg
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=558, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=960], progressive, precision 8, 750x750, components 3\012- data
Size
91 kB (90996 bytes)
Hash
c7c17e85b2859c32ddcc3e19052580d2
707ede4a9e6d44a1867a8e6c036d4ec55af95cdd
ebedee0aa562b21f18cbef0e1d1a51f812d2e99f84ea47d80088617c6e6576cd

HTTP Headers

GET /uploads/portofolio/banner_Spanduk1.jpg HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:13 GMT
Server: Apache
Last-Modified: Wed, 23 Jan 2019 02:11:15 GMT
Accept-Ranges: bytes
Content-Length: 90996
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg

www.dndprinting.com/uploads/portofolio/banner_Kalender2.jpg

95.111.200.191

200 OK

180 kB

URL HTTP/1.1
www.dndprinting.com/uploads/portofolio/banner_Kalender2.jpg
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=750, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=750], baseline, precision 8, 750x750, components 3\012- data
Size
180 kB (180504 bytes)
Hash
c66be819acb356d8c3ff8dd91d3c2e4d
26458a9d8ad5e854b93d9d932c9a05a32fe8ba06
d8c070fff6060ca52a8aa85404d7719b8665c0b3a12861221610e92c12465093

HTTP Headers

GET /uploads/portofolio/banner_Kalender2.jpg HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:13 GMT
Server: Apache
Last-Modified: Tue, 22 Jan 2019 07:34:21 GMT
Accept-Ranges: bytes
Content-Length: 180504
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg

www.dndprinting.com/uploads/portofolio/banner_Stiker1.jpg

95.111.200.191

200 OK

143 kB

URL HTTP/1.1
www.dndprinting.com/uploads/portofolio/banner_Stiker1.jpg
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1152, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=2048], progressive, precision 8, 750x750, components 3\012- data
Size
143 kB (143253 bytes)
Hash
2b96245c22fc95ffe53b64ab8ad7208b
c1543c7984b1f376fc4a02086b9741b1f6400a21
ce8bfe4a5a6dc7c35c61d8c70d2650f8e3d5a4c52520909d2e8b925d7728e8bd

HTTP Headers

GET /uploads/portofolio/banner_Stiker1.jpg HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:13 GMT
Server: Apache
Last-Modified: Wed, 23 Jan 2019 02:07:03 GMT
Accept-Ranges: bytes
Content-Length: 143253
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg

www.dndprinting.com/uploads/banner/banner_CetakFlyer.jpg

95.111.200.191

200 OK

64 kB

URL HTTP/1.1
www.dndprinting.com/uploads/banner/banner_CetakFlyer.jpg
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 450x450, components 3\012- data
Size
64 kB (63522 bytes)
Hash
82d33d838359493838f29597d40ee6af
1dc59b9f26af0dd386e9cd4fa82ad804a7a34f94
58aeb75695203223dfe8414ea264a2f6f539685dac835a1f95f390993d25afa0

HTTP Headers

GET /uploads/banner/banner_CetakFlyer.jpg HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:13 GMT
Server: Apache
Last-Modified: Sat, 21 Sep 2019 05:51:53 GMT
Accept-Ranges: bytes
Content-Length: 63522
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg

www.dndprinting.com/uploads/banner/banner_CetakKartuNama.jpg

95.111.200.191

200 OK

48 kB

URL HTTP/1.1
www.dndprinting.com/uploads/banner/banner_CetakKartuNama.jpg
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 450x450, components 3\012- data
Size
48 kB (47468 bytes)
Hash
0f669d3057155d4a2a07e68e39eddf58
a9cbdfd269641da8833e422734ad207922969b0e
3de1116354ad08da1acedef9d9449de08d4d8fc23fbd44f3e7de3179b1e1ebe8

HTTP Headers

GET /uploads/banner/banner_CetakKartuNama.jpg HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:13 GMT
Server: Apache
Last-Modified: Sat, 21 Sep 2019 05:52:14 GMT
Accept-Ranges: bytes
Content-Length: 47468
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg

www.dndprinting.com/uploads/banner/banner_GantunganKunci.jpg

95.111.200.191

200 OK

74 kB

URL HTTP/1.1
www.dndprinting.com/uploads/banner/banner_GantunganKunci.jpg
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 450x450, components 3\012- data
Size
74 kB (74170 bytes)
Hash
80c20a590317803210df71a422c16010
8e1d7edf38c5cae8325042b274de4d79153752e7
c14a9cb65f8e4b985c9dbabcabaf6dc1cbf948f17146567f2897d67973c9f5e0

HTTP Headers

GET /uploads/banner/banner_GantunganKunci.jpg HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:13 GMT
Server: Apache
Last-Modified: Sat, 21 Sep 2019 05:52:35 GMT
Accept-Ranges: bytes
Content-Length: 74170
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 28 Nov 2022 16:41:08 GMT
expires: Mon, 28 Nov 2022 18:41:08 GMT
cache-control: public, max-age=7200
age: 6846
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.dndprinting.com//public/images/icon.png

95.111.200.191

200 OK

24 kB

URL HTTP/1.1
www.dndprinting.com//public/images/icon.png
IP
95.111.200.191:0
ASN
#202053 UpCloud Ltd

File type
PNG image data, 184 x 184, 8-bit/color RGBA, non-interlaced\012- data
Size
24 kB (24025 bytes)
Hash
83e7677293d06258bbbbc1e83d59fe0b
0cfc162c169c4aa3914cdf306d2c15aa75a30632
322312a6d1fe167b708ae18c85b538cafb84a5e8dd3104ff0323ccf4d870d18c

HTTP Headers

GET //public/images/icon.png HTTP/1.1
Host: www.dndprinting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/index.php?/new/public/ckfinder/userfiles/files/fray-roblox-hack_GM431946152.pdf
Cookie: csrf_cookie_name=2cf69cfc10ae2ef3cd1f2b40f274993f; ci_session=5633538d803725ac6d5e227a4b60e8a4d7500066
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:35:13 GMT
Server: Apache
Last-Modified: Sat, 19 Jan 2019 01:25:21 GMT
Accept-Ranges: bytes
Content-Length: 24025
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 18:35:10 GMT
date: Mon, 28 Nov 2022 18:35:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/DND-Sablon-Printing-583072968413593/&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/DND-Sablon-Printing-583072968413593/&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /plugins/likebox.php?href=https://www.facebook.com/DND-Sablon-Printing-583072968413593/&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dndprinting.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: Ice41MVMvqLbhE+Qy+R423KxxdExvfl9BCJBNz8L8nDph/ni9xuhZXHMA1A8SFYZjzs1LVMAz83oIKsqFoumFw==
date: Mon, 28 Nov 2022 18:35:12 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations