| followshops.net/user/monatrading/followers |  172.67.177.12 | 301 Moved Permanently | 0 B |
URL HTTP/1.1followshops.net/user/monatrading/followers IP172.67.177.12:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /user/monatrading/followers HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 09 Nov 2022 02:33:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 09 Nov 2022 03:33:00 GMT
Location: https://followshops.net/user/monatrading/followers
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kYJwVN9c0ICOw8tOTUBLpRNekY9TnPmpX29TUl69b%2BvZMnkgcCTj4e%2Faa9OlxThj6%2BS1Y13XWBQJmVmm1keT4m4qp%2FeMH5A1uQf%2B2scqF9HtCpQrVnYdxNBOMXmH%2BpkMoHg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76732423dca0fab8-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ |  23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash9e164a845d32db8fa51fdb5b1aa218d9 169099b4d2f8e119ab6cf6fca279b6fb535b1759 402ffbf1404cf05c0516c5a8cd5344bd53537ac5150d387730a90c81c17dc9e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "402FFBF1404CF05C0516C5A8CD5344BD53537AC5150D387730A90C81C17DC9E4"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8733
Expires: Wed, 09 Nov 2022 04:58:34 GMT
Date: Wed, 09 Nov 2022 02:33:01 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash7908acd0c083145e2b454aaeb063c236 0696647bb0a4118327f637a50ebcc21bac39d592 ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5988
Cache-Control: max-age=121078
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 02:33:01 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 12:10:59 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash7908acd0c083145e2b454aaeb063c236 0696647bb0a4118327f637a50ebcc21bac39d592 ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5444
Cache-Control: max-age=120534
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 02:33:01 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 12:01:55 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash4736bac84ca28f2b1e961159fb4ea098 1319612979f53896fcfeacd4215c2715d4951e4c 5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
Alt-Used: 0
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 09 Nov 2022 01:43:36 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2965
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashdc90abd8b3ea8e75a68c144d74d75788 1ce29dca1ee9ca8931397de31ffb6cf7833baaf8 807000997bcf1b7a1fa35e43908cbfa54cd1704a5a0f53c09e1ae154638f10e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "807000997BCF1B7A1FA35E43908CBFA54CD1704A5A0F53C09E1AE154638F10E0"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10568
Expires: Wed, 09 Nov 2022 05:29:09 GMT
Date: Wed, 09 Nov 2022 02:33:01 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: sfFJuF4yKWpPorAMM9ArgO7Ag+MlPA/hLjRjYYa4mFXDif4kX2sglvd4aaiMTnab/hS/j8X/vWJi9TGp+JBfrQ==
x-amz-request-id: 2CEWYPV6FVTP96PY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 09 Nov 2022 02:11:33 GMT
age: 1288
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hash8a0658f65a9701e65c24b59ec8fb4178 0101a1f9e85f3d78dc795355219b113d6901a7e1 79e6ebf736445fb66d7f5a575f009075ee227ab4f6305072fab7961795e75a03
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=126226
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 02:33:01 GMT
Etag: "636a5b6f-118"
Expires: Thu, 10 Nov 2022 13:36:47 GMT
Last-Modified: Tue, 08 Nov 2022 13:36:47 GMT
Server: nginx
Content-Length: 280
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hash8a0658f65a9701e65c24b59ec8fb4178 0101a1f9e85f3d78dc795355219b113d6901a7e1 79e6ebf736445fb66d7f5a575f009075ee227ab4f6305072fab7961795e75a03
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=126226
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 02:33:01 GMT
Etag: "636a5b6f-118"
Expires: Thu, 10 Nov 2022 13:36:47 GMT
Last-Modified: Tue, 08 Nov 2022 13:36:47 GMT
Server: nginx
Content-Length: 280
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hash9f410ccb5c0cad5afa19393e7a27abd5 d8623f131eecfe7a60777817101b0709c975e518 2fe87c8a9b914a3472e8d6f68f289550d370950987a0fdfeb0f6bf18a77c1caa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5158
Cache-Control: max-age=107659
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 02:33:01 GMT
Etag: "6369fec2-118"
Expires: Thu, 10 Nov 2022 08:27:20 GMT
Last-Modified: Tue, 08 Nov 2022 07:01:22 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 280
|
|
| followshops.net/images/logo/followshops.png | 172.67.177.12 | 200 OK | 52 kB |
URL HTTP/2followshops.net/images/logo/followshops.png IP172.67.177.12:0
File typePNG image data, 500 x 106, 8-bit/color RGBA, non-interlaced\012- data Hasheed78319f3cb4e09117f4757f3cfad3a b24f49ee17b1673a5d88202c85b74723cbb63ed7 55acd64c847b3fe9f4dbdb4a65020a6328ebf8bbea73a3d7e69f6589550db1ea
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /images/logo/followshops.png HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: image/png
content-length: 51655
last-modified: Thu, 01 Oct 2015 09:55:24 GMT
etag: "560d030c-c9c7"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 259272
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBfyww%2B4z6yqERTkO0ru2nXXozXtUnU%2BvB%2FZpw1NaKT4SOoEq5OLdw95oIGF1dq2ijVfu1tpsQzeboenMX9KFZ%2Bi1vhot%2BlNHp4aU%2FWWLTvQPqO24Ospezj%2BXMFQ%2FOoZm5w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 767324293aaab521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js |  104.17.25.14 | 200 OK | 6.7 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js IP104.17.25.14:0
File typeASCII text, with very long lines (21084) Hash9e85c6f6521bceeccb3d9ba9149fef80 1e18137215b276bb9bda85ac311d9c8cd5b01985 913b850ee0b505bf6b957ecd04dd3aab13543c9047c46532ac27b0be31e206bc
GET /ajax/libs/popper.js/1.16.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 6696
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-5309"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1764376
expires: Mon, 30 Oct 2023 02:33:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5459DckVWab%2F4hcyx1OTncp2GDgnLKuE2iu5GZHA6squk0txMxx1AylkHgydiN4tdgycPKHzFaJlDtvVloqc%2FQ9xV8BPUQopwV87XICNC7Rb3dFjETEhXkutbvJv%2BKmQwKkKMnoP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7673242939000b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| followshops.net/images/site/loading.gif | 172.67.177.12 | 200 OK | 1.2 kB |
URL HTTP/2followshops.net/images/site/loading.gif IP172.67.177.12:0
File typeGIF image data, version 89a, 32 x 22\012- data Hash206d3c2a8896cbb199683a9906075f8c ffa26c8e5eee4b4e15acf13d547c3f33a174976e 551e27d05a38b2505f23c14f83b584af3e815f1aca16ad9177f66a92d0b879a4
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /images/site/loading.gif HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: image/gif
content-length: 1188
last-modified: Thu, 01 Oct 2015 09:55:24 GMT
etag: "560d030c-4a4"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 259272
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1owgZHROcd7OQu0vXOmAK1h4Ty9mD%2FcPtEcFNkg0j09XUggyuJo0TdoEzhA6oaxDoT7L4V%2B6zCFnhMo3%2BLF044VZyYfYpWFPpS4KnefXlB4fbKbfsfmSu%2Buysr4VKmVL18%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 767324293aacb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| followshops.net/images/site/blank.gif | 172.67.177.12 | 200 OK | 43 B |
URL HTTP/2followshops.net/images/site/blank.gif IP172.67.177.12:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash325472601571f31e1bf00674c368d335 2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /images/site/blank.gif HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: image/gif
content-length: 43
last-modified: Thu, 01 Oct 2015 09:55:22 GMT
etag: "560d030a-2b"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 259272
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVhgY8zLMryrirLsosumuz58xz309cfx8H3s7Ufs%2FjAkhBqi%2F5ftLEkhnQWYo%2ByDugRl%2F9vRhkI2aDk%2BI6JZ2YgH44KVjPwlSUqFC%2FPsJlhld9AfUsVxHM6NnM4TPNq%2FYK4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 767324293ab5b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| followshops.net/images/users/user-thumb1.png | 172.67.177.12 | 200 OK | 1.4 kB |
URL HTTP/2followshops.net/images/users/user-thumb1.png IP172.67.177.12:0
File typePNG image data, 40 x 40, 8-bit/color RGB, non-interlaced\012- data Hash25216cc01210322e52ca0f421e693409 8f82afde806a9bb2124e797651835ca7318928ca b33fcf9f7f3a9ff45f2614d920a947a07469cb3f53860f651808274ac0bff094
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /images/users/user-thumb1.png HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: image/png
content-length: 1403
last-modified: Thu, 01 Oct 2015 09:55:22 GMT
etag: "560d030a-57b"
cache-control: public, max-age=2592000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RssuS2b191DwDjl28j2%2BnDbwXAuxxPxyJ0%2FJ%2Fa%2BlYTrjMRnUaMhIGyN6dxh4kXf4jMrFapjKE6DXVtHrVvuWqowxdlCTMm6hyVQ9yOCYHZyp5wB6AtS3C01FV493qQ7yHq8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 767324298ad1b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| followshops.net/images/product/IMG_077023.JPG | 172.67.177.12 | 200 OK | 48 kB |
URL HTTP/2followshops.net/images/product/IMG_077023.JPG IP172.67.177.12:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 99", baseline, precision 8, 600x600, components 3\012- data Hash7d6b5145dbba97dc9e70c2c980c77e6b 3c5331db85f63d10b3fa15eeb455bad8f0400a25 f5b483dc2bc96a28cd99c032550005a8abe4b877d61ca8be832a8e7f4bd55bb0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /images/product/IMG_077023.JPG HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: image/jpeg
content-length: 48206
last-modified: Mon, 21 Jun 2021 07:52:43 GMT
etag: "60d0454b-bc4e"
cache-control: public, max-age=2592000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEoTU3%2Fg8ynU58zBX1deJQicCCuuS6xMEbxghz6IsUaEbXvfZUAAwaGQx0ZUomUPYNcBtdgmDOXQ5P4PomH1h448E0a1GSwSgWRPExBD77LGDyODEtx%2Fr5Crhc4Tk%2FX%2FRnk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 767324298ad3b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash4e48180712e2e140b9748591e3228a70 49d4292426ddfbc6e98cff6d468e3bdf1be41ff7 16ebf61312b22e0032171995a665bad4ea8c7fd80636fc04eb6456d0f60397ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 02:33:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| code.jquery.com/jquery-1.11.3.min.js | 69.16.175.42 | 200 OK | 33 kB |
URL HTTP/2code.jquery.com/jquery-1.11.3.min.js IP69.16.175.42:0
File typeASCII text, with very long lines (32038) Hash1c8acbf5f411ace3b76578a1fd1a603e b1bbee9db24d885c25afd2e5a7720e4f79b6b991 e37464521b5447580a641b775ddb258a76f3bc7a3ca5a34eb452b12908b350a9
GET /jquery-1.11.3.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-encoding: gzip
content-length: 33261
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-176d5"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1667961181.dop218.sk1.t,1667961181.cds067.sk1.hn,1667961181.cds216.sk1.c
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-migrate-1.2.1.min.js | 69.16.175.42 | 200 OK | 3.1 kB |
URL HTTP/2code.jquery.com/jquery-migrate-1.2.1.min.js IP69.16.175.42:0
File typeASCII text, with very long lines (7085) Hashe1084a25976d8b8999acadc7350ffb48 99b723d38b78d8347e8dfa60193b12864a370227 b98359c65420aa3864d5b86ef94c4c9a5fb8c772a905884a5ba4ce55319a3d13
GET /jquery-migrate-1.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-encoding: gzip
content-length: 3063
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-1c1f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1667961181.dop218.sk1.t,1667961181.cds067.sk1.hn,1667961181.cds242.sk1.c
X-Firefox-Spdy: h2
|
|
| followshops.net/js/site/follow-filesjquery_002.js | 172.67.177.12 | 200 OK | 5.7 kB |
URL HTTP/2followshops.net/js/site/follow-filesjquery_002.js IP172.67.177.12:0
File typeassembler source, ASCII text Hash2882a380bf66538c215051bced85ea86 a9efe96ad97974d6dbe264ac659b235155aeed93 f6fece2c5e7f93d4f0d0fb4ff2d0bc4faa8ef258923abf6392c699f8835d207f
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /js/site/follow-filesjquery_002.js HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: application/javascript
last-modified: Mon, 31 Aug 2015 07:24:06 GMT
vary: Accept-Encoding
etag: W/"55e40116-5eaa"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 259272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WoIm2NnbxFJW6HCliecO3nYhkKuwoKnWz5SoJZYrOewwKdGgJnjGd3kVA%2FU25glXyAmiAAtL%2B7nXBcuWVdCyVVTaIbTb3IpcJjWhYiu6%2FW6icOdtSwLUrQyD21N45vu7rgc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767324291a9cb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash4e48180712e2e140b9748591e3228a70 49d4292426ddfbc6e98cff6d468e3bdf1be41ff7 16ebf61312b22e0032171995a665bad4ea8c7fd80636fc04eb6456d0f60397ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 02:33:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js | 142.250.74.106 | 200 OK | 31 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP142.250.74.106:0
File typeASCII text, with very long lines (65451) Hash903bc7a7e510f87aa5d0201eb59a0832 ac9aa4dd94cde1bcba9037e94087138b127e41fc 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Nov 2022 13:11:20 GMT
expires: Sat, 04 Nov 2023 13:11:20 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 393701
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash5c4c9c21e826ed9dd1520ac96dea393c 106bc7d84ae02a77a4006f2cae1cf7b5093d36c0 1201a34924da1af919077623ac06926d89f890b33b843d30e1e129fee007783f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 02:33:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash2a47d129a3af5f02c654faf925c60273 9ad27ed9f4500c939260a677c12e702599b00fa9 0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2817
Cache-Control: max-age=112842
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 02:33:01 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 09:53:43 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
|
|
| ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js | 142.250.74.106 | 200 OK | 60 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js IP142.250.74.106:0
File typeASCII text, with very long lines (32389) Hash6d50451df0d9f8dcd462a9855265142f 0ffd13d9363a639c097d1a52c4be5432679813e7 fced51326b3edb5ec17118b26daa594999aea1d5430378fd489d70ea823faee2
GET /ajax/libs/jqueryui/1.10.3/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 60529
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 06 Nov 2022 01:00:03 GMT
expires: Mon, 06 Nov 2023 01:00:03 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 264778
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash4e48180712e2e140b9748591e3228a70 49d4292426ddfbc6e98cff6d468e3bdf1be41ff7 16ebf61312b22e0032171995a665bad4ea8c7fd80636fc04eb6456d0f60397ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 02:33:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| maps.google.com/maps/api/js?key=AIzaSyBVL5oiAiHqEzFAqjR2U6OX2SWB2K6TlPs&sensor=false&libraries=places | 216.58.211.14 | 200 OK | 56 kB |
URL HTTP/2maps.google.com/maps/api/js?key=AIzaSyBVL5oiAiHqEzFAqjR2U6OX2SWB2K6TlPs&sensor=false&libraries=places IP216.58.211.14:0
File typeASCII text, with very long lines (2393) Hashedb129821d8c081f8074e5e0d099d805 48f70768a7d33d9d761758a0df652b83e0e181dc 5d562a35882578314704a7fd4ab173dab91d11befb46405648daaed28e2ed607
GET /maps/api/js?key=AIzaSyBVL5oiAiHqEzFAqjR2U6OX2SWB2K6TlPs&sensor=false&libraries=places HTTP/1.1
Host: maps.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Wed, 09 Nov 2022 02:33:01 GMT
expires: Wed, 09 Nov 2022 03:03:01 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 55526
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash5c4c9c21e826ed9dd1520ac96dea393c 106bc7d84ae02a77a4006f2cae1cf7b5093d36c0 1201a34924da1af919077623ac06926d89f890b33b843d30e1e129fee007783f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 02:33:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| followshops.net/js/site/bootstrap3-typeahead.min.js | 172.67.177.12 | 200 OK | 4.5 kB |
URL HTTP/2followshops.net/js/site/bootstrap3-typeahead.min.js IP172.67.177.12:0
File typeASCII text, with very long lines (6877) Hash7167a4dd9d372fbd6270b1bfd550bab2 c8f4077619943d6f7a0f42d69983f7fd83912ec7 bf5612e4adc4b78baccda8487922c94d9c29cd138f1a8ba0eedd69aefda19665
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /js/site/bootstrap3-typeahead.min.js HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: application/javascript
last-modified: Mon, 09 Nov 2015 14:54:28 GMT
vary: Accept-Encoding
etag: W/"5640b3a4-1ade"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 259272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2p5%2Fc2XEGVvRzf3TmYRPp0dEpAewODna0cqFMbImnl3zN2nLZffodJqn%2BfL2IgmjRFfLCsH1GbZbeRtBAiYxLz9d6SU165Yl232bR%2Fs0%2BbSBq1mdp9u%2BSF7JDMEsWetXHiE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767324291a9ab521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| followshops.net/js/site/landing_category.js | 172.67.177.12 | 200 OK | 173 kB |
URL HTTP/2followshops.net/js/site/landing_category.js IP172.67.177.12:0
Size173 kB (173357 bytes) Hashe3927611baf2f69f3fc58a5501730372 aa6b7159cf22806bf123ace5932a3b9c98a6288c 12e862adc56f9d88cdc02e1ce2060f11a5ed40f38444167273c1737167efe7e8
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /js/site/landing_category.js HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: application/javascript
last-modified: Mon, 03 Apr 2017 16:29:54 GMT
vary: Accept-Encoding
etag: W/"58e27882-2ff5"
cache-control: public, max-age=2592000
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtOTVgtODANPUClFG3B%2FQMAh%2BedwUnx4g3YtlIYYsWujDkHGdYs7UyvR7bQ%2FSDsq8kfHJWm0rA3%2BXIPf%2B%2BcbPSudNb5QwF9t6lP3f2MLhgzUwuGkKlWMx5cjYGpx4gJbeUA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767324295ac0b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| followshops.net/js/site/follow-filesjquery.js | 172.67.177.12 | 200 OK | 11 kB |
URL HTTP/2followshops.net/js/site/follow-filesjquery.js IP172.67.177.12:0
File typeASCII text, with very long lines (7199) Hash9ed54e7d42d938c48ef3d40f43ea5861 4584eba4bab570ffb8002d309381e79aea33106a 5f6df3c59002eede8f54ab16417c6a4a378463356b5b26281882176230e0df03
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /js/site/follow-filesjquery.js HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: application/javascript
last-modified: Mon, 31 Aug 2015 07:24:06 GMT
vary: Accept-Encoding
etag: W/"55e40116-1d01"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 259272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QS4AdVVxjkqSVvtzQ22IkN%2F%2F0UXHbuYi3moKnCsYGywVspCpr5UFP36N54NAyCjLz6cZeOfl06Wx6lyo1LfvkYjTdYgRh2mIpnkLJhKioJ%2BMIjY7HO2xP3ZmVGCl4bTRn7U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767324291a9db521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| followshops.net/js/site/main4.js | 172.67.177.12 | 200 OK | 55 kB |
URL HTTP/2followshops.net/js/site/main4.js IP172.67.177.12:0
File typeASCII text, with very long lines (4227) Hash41db03504dd80862bd8ac47fd5a6d127 9f49cd7db71ee2dd0a5c7f8859cb8d32e6887bf2 68f6e8755d4bc1fcc9a8a90b157282d82f0d25f517d2ce3448449b10aeecfbb0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /js/site/main4.js HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: application/javascript
last-modified: Sat, 26 Jun 2021 07:58:22 GMT
vary: Accept-Encoding
etag: W/"60d6de1e-1f848"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 259272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWOXDDmIqxtCyCWujhvtoSwiTFtMqxXzCBmbDjEDvMfnN%2Fwf3nZHjFRJE1jGD2lb01c%2FmoLh9wb0UnyufObJO6UPikrxJqUMR7C%2BhXcGL%2BMoHWX5ldbdzeElj7GT8VbDSZQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767324292aa2b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 44.242.41.15 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP44.242.41.15:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aSU+eUi5XjYaa7XbD6iKNQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UJX7DUrSLeUSV6WzyWGKNWk7Hc8=
|
|
| followshops.net/css/site/follow-timeline.css?v=12345 | 172.67.177.12 | 200 OK | 11 kB |
URL HTTP/2followshops.net/css/site/follow-timeline.css?v=12345 IP172.67.177.12:0
Hash021baa14a1ce3109d6a6bc90d9fa8304 e4c5384bbc2dc7a1bb50cb750a5080acb6fd7b25 cc664dac63885cccf174311a9dd218551939ab46d8b025d01067d29cd589fdab
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /css/site/follow-timeline.css?v=12345 HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: text/css
last-modified: Tue, 27 Jul 2021 11:07:55 GMT
vary: Accept-Encoding
etag: W/"60ffe90b-c05d"
cache-control: public, max-age=2592000
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzhYwk17mOwE1Z4X2BOz4MsRtm3XhJciVLX8CY05UDqP9DU4V7SA74CLueTkbWuZGrpbcldtWI9ctK5hp7yF6LGT1BLrc77A0yoCi%2Fnt5FXKfIFkOXSAJDas5Nv8ecW1AZo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767324295ac1b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| followshops.net/css/site/follow-selectbox.css?v=123456 | 172.67.177.12 | 200 OK | 44 kB |
URL HTTP/2followshops.net/css/site/follow-selectbox.css?v=123456 IP172.67.177.12:0
File typeASCII text, with CRLF line terminators Hashd1e5b0ccd72d9196da9579e983f88d13 9f5675c313c330cd41dbfa44d1358b298dfc7cf4 47e7b1249ec036e029b3e50db4d709fab41a9334e88cf85343a60a9d9200b6c9
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /css/site/follow-selectbox.css?v=123456 HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: text/css
last-modified: Sat, 17 Aug 2013 10:11:42 GMT
vary: Accept-Encoding
etag: W/"520f4c5e-bb6"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 259272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jx%2BVx5jmOgp2fp3xaUG1dYlveK%2FFfuAkSUrW08E7gA5wXYvKh2gATqfmRRqjFR7vqnCMD%2BDpwEDTUu%2Bx0wxDawcMPbatTYOWLXawqUboyqfgTCNHvW9loR0IJhn048kyuu8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767324290a92b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js | 104.18.10.207 | 200 OK | 19 kB |
URL HTTP/2maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js IP104.18.10.207:0
File typeASCII text, with very long lines (59765) Hash0dfb7e7c3e23321bc39c7260ca7b4eb0 4cfdcf35530918f79461c248a47a44d9293ef641 a8375ba4e0c1204a281e628be5abd616e614666dc74214ccd4a058327e681ffb
GET /bootstrap/4.5.2/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 601, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 2021-04-23 06:18:12
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 635a5ba5b16f6b5cab614d07cc78dc4b
cdn-cache: HIT
cf-cache-status: HIT
age: 16071479
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76732429aefeb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash3b26e900b9be930a07101e0d5f5de579 fc84082e3eef2e000f255f1cbd4cf45b694a2118 1dff9aae4984871070d193b60d41548a8a816f0ba20839d41d6e73a08e548afe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 02:33:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| followshops.net/js/site/jquery.ui.addresspicker.js | 172.67.177.12 | 200 OK | 2.7 kB |
URL HTTP/2followshops.net/js/site/jquery.ui.addresspicker.js IP172.67.177.12:0
Hash7f78b127f6444cf4f59507d6493904b0 c34678d7e555b3eeb5b7f4d43e49a30354bc1a07 7675f3732f13dfa428e7fb3ef8f07967f8314fdc1b00c07bc790e13e1510d52a
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /js/site/jquery.ui.addresspicker.js HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: application/javascript
last-modified: Sat, 04 Sep 2021 10:14:40 GMT
vary: Accept-Encoding
etag: W/"61334710-286f"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 259272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1U7uVf%2BViwQahGACpfAqop3qNMlvCChM2H3s9adRfql1DRZIH7PqKqZ9lW9ds2ij8jpFNqafaZm5p6B4QsjWlQ3m6RAu7HRqTVCIRu3dqtJbfpSYxNClxOW%2BYOhGqYRe%2B8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767324291a9bb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.google-analytics.com/analytics.js | 142.250.74.174 | 200 OK | 35 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.174:0
Hashd85b91caa1e772cf1800669b8d1bfc75 50949e8a96c0a0199589e830c8799354b9e5e685 fb601e6ecc31931f4f7b7ac77a5911d815e96ae00cdc82533e7f3d72256277dd
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 09 Nov 2022 00:41:09 GMT
expires: Wed, 09 Nov 2022 02:41:09 GMT
cache-control: public, max-age=7200
age: 6713
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| followshops.net/css/site/follow-filestimeline-slideshow.css?v=123456 | 172.67.177.12 | 200 OK | 30 kB |
URL HTTP/2followshops.net/css/site/follow-filestimeline-slideshow.css?v=123456 IP172.67.177.12:0
File typeASCII text, with CRLF line terminators Hash4fa6744c1a9f47f7fd1aae03fb86a6ec d66f682e2e8efec28d761baacb67ee080018037f 87300b72a3dfee913ca5e31f798dbfde5ad1551f3520f4b07b1b40ab12b38b5f
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /css/site/follow-filestimeline-slideshow.css?v=123456 HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: text/css
last-modified: Sat, 17 Aug 2013 10:10:34 GMT
vary: Accept-Encoding
etag: W/"520f4c1a-27ee"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 259272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajXmjzdhpC9GTzso2xdasbmdvw%2FEM%2BCtu0QVuCBf1ObPA7OAwFM3%2By8wgb5cJ0e5XTV4bmL827e%2FsuKa7gqHvrNrl5D580FPmBYfMPe%2Bs3wM5iCGUaOEM%2FNRL7R2HKp5fCY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767324290a90b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash3b26e900b9be930a07101e0d5f5de579 fc84082e3eef2e000f255f1cbd4cf45b694a2118 1dff9aae4984871070d193b60d41548a8a816f0ba20839d41d6e73a08e548afe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 02:33:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| followshops.net/css/site/follow-filesphoto.css?v=123456 | 172.67.177.12 | 200 OK | 1.1 kB |
URL HTTP/2followshops.net/css/site/follow-filesphoto.css?v=123456 IP172.67.177.12:0
Hash5b9c7b5e9f091fe275f44ea149ca6b27 2ed628908f8e7d865f14bbe84c1a95c450e5e5c7 96651a4de86539d762d3e9eb23584b06735718fc77a9dbf38463679f8f9c0c92
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /css/site/follow-filesphoto.css?v=123456 HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: text/css
last-modified: Mon, 31 Aug 2015 07:21:32 GMT
vary: Accept-Encoding
etag: W/"55e4007c-8a5"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 259272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XA3KldDwLR8Bjp0pRJAucVcJKRfsROGxAD%2BKHKyyqH%2B4rpWZ1HQ3ibxTGiwOk3XkDqLZfMXdcOzGLT0JwbcUwBFRRYoJE7hLoKob%2F299m8K2vRnJ6TZeJZsHB6tHs1MHD50%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767324290a91b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| maps.gstatic.com/mapfiles/transparent.png | 142.250.74.163 | 200 OK | 68 B |
URL HTTP/2maps.gstatic.com/mapfiles/transparent.png IP142.250.74.163:0
File typePNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data Hash8327a6037ae00a5be9f75e63ee1b9fbe a812c79b0d125e4946b33446eae0353f518627e2 fe67e12a6497f8518ef1673fd8cf5622871935ff85f204715e78b2009dd48588
GET /mapfiles/transparent.png HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 68
date: Wed, 09 Nov 2022 02:33:02 GMT
expires: Wed, 09 Nov 2022 02:33:02 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash4dc4a177d25f666a9ba1cf6225354467 8975f2e5cc9cadc4a1e369da45471eb1f0830c5e 6c9e54a13abc265cac7bdee51c6fa49e5e7590fec7a1cc99096c384dabef31be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 02:33:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4599ea4ab89bca0461dfc4e86cf90610 d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a 6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13655
Expires: Wed, 09 Nov 2022 06:20:38 GMT
Date: Wed, 09 Nov 2022 02:33:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4599ea4ab89bca0461dfc4e86cf90610 d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a 6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13655
Expires: Wed, 09 Nov 2022 06:20:38 GMT
Date: Wed, 09 Nov 2022 02:33:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4599ea4ab89bca0461dfc4e86cf90610 d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a 6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13655
Expires: Wed, 09 Nov 2022 06:20:38 GMT
Date: Wed, 09 Nov 2022 02:33:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4599ea4ab89bca0461dfc4e86cf90610 d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a 6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13655
Expires: Wed, 09 Nov 2022 06:20:38 GMT
Date: Wed, 09 Nov 2022 02:33:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4599ea4ab89bca0461dfc4e86cf90610 d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a 6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13655
Expires: Wed, 09 Nov 2022 06:20:38 GMT
Date: Wed, 09 Nov 2022 02:33:03 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg | 34.120.237.76 | 200 OK | 8.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc69b19d2273c3ade32fd0797921c0459 8cafda5659f5b36c855a2bbcaeb03aa715ddeebd d78b92e1175207b1179c85f9490f937e1647aeae3fe95cf8b3dc336db232945e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8154
x-amzn-requestid: 1d9d6e13-69a4-473d-af4b-ef3d4382f3ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTU2EyZoAMF94w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc1e-0dec203434f42df01d9a1182;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5sq7XRYInS334VVDEtCJNlf_O9FTHn2G4u-WAIygFZ-SALN0flMwew==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:02:14 GMT
age: 16249
etag: "8cafda5659f5b36c855a2bbcaeb03aa715ddeebd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d4ddd67-c616-4121-a20d-93a46ca683a5.jpeg | 34.120.237.76 | 200 OK | 7.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d4ddd67-c616-4121-a20d-93a46ca683a5.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb52a8b78f7273b02455e93107edb9633 7a09033d8e92af7e492e5ec41d6d90c473b848f6 b239606b1c37e680536a899808e845ccf270b1eadec03476e0cbfdf9911c149b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d4ddd67-c616-4121-a20d-93a46ca683a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7620
x-amzn-requestid: 4938029b-6e40-4549-8404-63ca28e79961
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTU_WEQgIAMFU2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acec8-2bda1b015e94c4127df2b052;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:48:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N-7W40j1csZhuoQvk_awKDRBjxJukydzyRVHvJNBSBx-AqYJQrUYGg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:02:26 GMT
age: 16237
etag: "7a09033d8e92af7e492e5ec41d6d90c473b848f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg | 34.120.237.76 | 200 OK | 9.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash29429581f8dc762c69c5916009f70080 9265cae98aa663a5498925b70079abdd8e7031fd c3deee74c80905a1e92b84868b9987cb30ad7a210dca066b97c325cc2c83872e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9313
x-amzn-requestid: be3f6b0f-cf61-4bec-ad1a-87abdbc45d73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTwF5AoAMFZAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-5ca45b5b1065a4ea492f2ac6;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: SEA19-C3, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9lVY7YgQQ0FAP3ItgCSWePY0Msd4RIyBz4eNPc-K51BtnWUjOObv6g==
via: 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:31 GMT
etag: "9265cae98aa663a5498925b70079abdd8e7031fd"
content-type: image/jpeg
age: 17372
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b1448b9-c14a-494a-b2b3-d4d430f83cd7.jpeg | 34.120.237.76 | 200 OK | 7.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b1448b9-c14a-494a-b2b3-d4d430f83cd7.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashda90dc6a5f2fc0c07e1e3d7ac0f1a67c 131acddbc0fefa19de876f5254d21370691b4653 60a17b9d4f66a571b54b17bcdd5ae19942bd8540569663611a3a64c07734417c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b1448b9-c14a-494a-b2b3-d4d430f83cd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7108
x-amzn-requestid: bf8302ba-8138-4b4a-8821-fe1c1d1864fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bMYDHEoFoAMFqVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636806e0-7b5856224000122233ad81ea;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 19:11:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4BaZ-LMJyYy_6UTMKjwjUulT4nAc0pxyJvmTmsy-M_WGXw9doIO0Vg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:03:36 GMT
age: 16167
etag: "131acddbc0fefa19de876f5254d21370691b4653"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a8ff193-2f9a-4dbd-aabc-a70f9abdf169.jpeg | 34.120.237.76 | 200 OK | 5.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a8ff193-2f9a-4dbd-aabc-a70f9abdf169.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe265c87faef55af1d47d72286d93268a b97207d04eced8e6412f60c3764cdb527cce26d0 bf3f4fc715e107947c5bf3d622fbf9de1f591649a5008d8790a23463aa8703db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a8ff193-2f9a-4dbd-aabc-a70f9abdf169.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5125
x-amzn-requestid: c4f7c3d2-4c43-442e-a477-84a5baf6ff49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bM4rXGdcoAMF5zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63683b15-1aec78204d291cfe5061d179;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 22:54:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZH49PpL-lN1JhCh03uyZJqRLu5vHF1RDMIBKKCvHOaKYdDOASOdUcw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:50 GMT
age: 17353
etag: "b97207d04eced8e6412f60c3764cdb527cce26d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4e2853cc6ec6223160471401e6871f4b f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 06:28:01 GMT
age: 72302
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| followshops.net/js/site/follow-filescatalog.js | 172.67.177.12 | 200 OK | 0 B |
URL HTTP/2followshops.net/js/site/follow-filescatalog.js IP172.67.177.12:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /js/site/follow-filescatalog.js HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: application/javascript
last-modified: Mon, 31 Aug 2015 07:24:06 GMT
vary: Accept-Encoding
etag: W/"55e40116-b21"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 259272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rpXL06VNqgWDMXVg0xa0SGsM4NZ5rucpXxy8KbwcDtMA4LxhWrupr6rjiSv0ezEf7zGo3JWIL3iATTm7BSOhXFLDk47u5iahbs0unhD04ZZ5F57KkudwDjel1d%2BIU6bbys%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767324291a98b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| followshops.net/js/site/editor-config.js | 172.67.177.12 | 200 OK | 0 B |
URL HTTP/2followshops.net/js/site/editor-config.js IP172.67.177.12:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /js/site/editor-config.js HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: application/javascript
last-modified: Thu, 01 Oct 2015 09:47:54 GMT
vary: Accept-Encoding
etag: W/"560d014a-c89"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 259272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljn8f2vXNHQ9bQkkmyZ7mVcjE0Yr7IxB1jhTyLzEpv7bMD7orcDmpLQ2SaKtsgaOiojgwe%2Bd2TgB7vQhK6hZ4zy0gGdRiK8oTsuCNuCdWCoBrXsT37igaqDBxzh1AoCAKYY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767324292aa5b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| followshops.net/js/locationpicker.jquery.js | 172.67.177.12 | 200 OK | 0 B |
URL HTTP/2followshops.net/js/locationpicker.jquery.js IP172.67.177.12:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /js/locationpicker.jquery.js HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: application/javascript
last-modified: Mon, 06 Sep 2021 10:20:01 GMT
vary: Accept-Encoding
etag: W/"6135eb51-2ce9"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 259272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XG8S7kuZt9IsAA9z%2FwEmvkb0n0uS3jm75PLx9RblhHGZYlKqZAWfmJ43wiO5%2BmCaI%2FZOTq6aXPL56plVPmKxgzj3LOnfOavCBLGqA3Sunl0B%2BSoFhuCilGu6u%2Fuu%2B1842%2BU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767324291a99b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css | 104.18.10.207 | 200 OK | 0 B |
URL HTTP/2maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css IP104.18.10.207:0
GET /bootstrap/4.5.2/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 08/03/2021 15:44:07
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: 0c835de6853c3382b93a518481c93460
cdn-cache: HIT
cf-cache-status: HIT
age: 1125438
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 767324299ef8b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| followshops.net/css/site/follow-filespopup.css?v=1234567 | 172.67.177.12 | 200 OK | 0 B |
URL HTTP/2followshops.net/css/site/follow-filespopup.css?v=1234567 IP172.67.177.12:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /css/site/follow-filespopup.css?v=1234567 HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: text/css
last-modified: Thu, 29 Jul 2021 09:33:28 GMT
vary: Accept-Encoding
etag: W/"610275e8-25b41"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 259272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyK3OL99I7gTx49ly3CY0bUpJ6Rhh8EzT2obytzKTRZn5lwI60%2FK0zVBInVSevpzJq3YioqdhKDRX4xMm1Ho3yMz0QTaQGja9rT5o60qozmGzd7HUehqlAsUrKuAKxy%2Bnek%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767324290a8fb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| followshops.net/css/site/follow-clone-style.css?v=123456 | 172.67.177.12 | 200 OK | 0 B |
URL HTTP/2followshops.net/css/site/follow-clone-style.css?v=123456 IP172.67.177.12:0
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /css/site/follow-clone-style.css?v=123456 HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: text/css
last-modified: Thu, 29 Jul 2021 06:25:50 GMT
vary: Accept-Encoding
etag: W/"610249ee-28684"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 259272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anQaOZAZ8T43cC1kt0k8Ae9dot155Zz6LE4n%2F7VaffXnr%2BuGiY%2FGhCuamq2GkpsDmV6mizWImdeonLFh9TImMGn9w1y6qFb66t6WCppsZsx2ykpd6VJli4APcWHreIvJ3Ak%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76732428fa8ab521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| followshops.net/css/site/follow-timeline.css?v=123456 | 172.67.177.12 | 200 OK | 0 B |
URL HTTP/2followshops.net/css/site/follow-timeline.css?v=123456 IP172.67.177.12:0
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /css/site/follow-timeline.css?v=123456 HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: text/css
last-modified: Tue, 27 Jul 2021 11:07:55 GMT
vary: Accept-Encoding
etag: W/"60ffe90b-c05d"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 259272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Hw5w6%2BP5jsIQiiD1UcYVlb9rCKFzLy5719ApsBq168J2uRRhH%2FAURf%2B3XBTlN1tlmZrgwAkMVGeRXhyxUMAkJyPMK3P21fl5DnaJ9qj2PNPHJiuwPJgJBPE7xc3PP2O%2Blk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767324290a95b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| followshops.net/css/site/follow-main.css?v=123456 | 172.67.177.12 | 200 OK | 0 B |
URL HTTP/2followshops.net/css/site/follow-main.css?v=123456 IP172.67.177.12:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /css/site/follow-main.css?v=123456 HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: text/css
last-modified: Thu, 29 Jul 2021 06:05:38 GMT
vary: Accept-Encoding
etag: W/"61024532-6d08f"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 259272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hQT9SBVHX%2B0%2FyF2vXlzltXTqrMcPzDn8%2FBFwSVh3IhDawoPBFHt3XwGz5T1%2BbDyM91Y%2B2i9i0J69Z226qKVhqKff3YJVeg4LD%2BEVP%2BsdekShBZIGcC0fFlCey7JdCuC2hk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76732428fa8bb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| followshops.net/css/site/follow-filessign.css?v=123456 | 172.67.177.12 | 200 OK | 0 B |
URL HTTP/2followshops.net/css/site/follow-filessign.css?v=123456 IP172.67.177.12:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /css/site/follow-filessign.css?v=123456 HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: text/css
last-modified: Mon, 24 May 2021 08:06:23 GMT
vary: Accept-Encoding
etag: W/"60ab5e7f-6bee"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 259272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDM3vADXHtu9Sw%2B1hz2np0o%2BTMe4lWpmqaR4U0BKDU0OgTCoBvF0tuSj9pfoNZe%2F%2F9nxxIvTfj%2F4YOBpevPbGDZUSYa2b4yN%2BTEgZ1r75a73vsXh8ZIq2tzdy4DClsZ4Z80%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76732428fa8cb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| followshops.net/js/site/follow-filestimeline_slideshow.js | 172.67.177.12 | 200 OK | 0 B |
URL HTTP/2followshops.net/js/site/follow-filestimeline_slideshow.js IP172.67.177.12:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /js/site/follow-filestimeline_slideshow.js HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: application/javascript
last-modified: Mon, 31 Aug 2015 07:24:08 GMT
vary: Accept-Encoding
etag: W/"55e40118-5bbb"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 259272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UaTPvchdYguW83Q9Igr8YzekKD0XYSOKvLnlSxBRAU4zXsb%2Fe3ifsEyLeGnB78TAwfjN2dj1Y9jLdQwTVLAYmu%2Fmkot6OaXq%2BddF%2Fheo3ZyHNqV65Mq46ij6mfeFKXmBkiw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767324292aa3b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| followshops.net/css/developer.css?v=123456 | 172.67.177.12 | 200 OK | 0 B |
URL HTTP/2followshops.net/css/developer.css?v=123456 IP172.67.177.12:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /css/developer.css?v=123456 HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: text/css
last-modified: Tue, 27 Apr 2021 08:49:57 GMT
vary: Accept-Encoding
etag: W/"6087d035-2a57"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 259272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VdIsbDmjZ2KmZTZQgg6S992z6XKTwc360CddzM0y%2FVB%2BLEzEuEtsW5SFz8LGDH4glo7Tb5yd9C8w6XUhVk7XzUppOqy5yObIa0heddHL3h0mQq%2BUUcaM1MZVodkzVs1444%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767324290a93b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| followshops.net/ | 172.67.177.12 | 200 OK | 0 B |
IP172.67.177.12:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET / HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=eqsagelgi8ub5ul012hgkh0961; path=/
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPdypybY7dtO5ierPJn4VT%2BAJ5SaojkOMJM56%2BriU1EuUN%2B5bYt4xYRAS3WxeHCg3Atg1hoxSJ%2Fv5MVrUyNrsPG09Jjn2kDNZJY1lIkoXj7q6L6rsHuQEF8qhm5n9s146oo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76732427ea15b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| followshops.net/js/tinymce/jscripts/tiny_mce/tiny_mce.js | 172.67.177.12 | 200 OK | 0 B |
URL HTTP/2followshops.net/js/tinymce/jscripts/tiny_mce/tiny_mce.js IP172.67.177.12:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /js/tinymce/jscripts/tiny_mce/tiny_mce.js HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; PHPSESSID=eqsagelgi8ub5ul012hgkh0961
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: application/javascript
last-modified: Thu, 01 Oct 2015 09:47:54 GMT
vary: Accept-Encoding
etag: W/"560d014a-28fe4"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 259272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQESbenm2DmG86Dd8rn0EgpjUD%2FOmILD9NpMdgRW5ycVZKQJtrG4NGuX%2Ffj%2FWpN9FLMSMTmZLMiqsTbnJQCScYK%2B2UnPivuiP3nLJjVR7%2BfMBUPTCNa9sY411GJ4dy24SyU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767324292aa4b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js | 104.18.10.207 | 200 OK | 0 B |
URL HTTP/2maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js IP104.18.10.207:0
GET /bootstrap/3.3.5/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://followshops.net
Connection: keep-alive
Referer: https://followshops.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"4becdc9104623e891fbb9d38bba01be4"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 08/20/2022 02:32:00
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 864
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: b17f0addf2f0a395fbf75d9383f20934
cdn-cache: HIT
cf-cache-status: HIT
age: 259272
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7673242a3f280b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| followshops.net/user/monatrading/followers | 172.67.177.12 | 302 Found | 0 B |
URL HTTP/2followshops.net/user/monatrading/followers IP172.67.177.12:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /user/monatrading/followers HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Wed, 09 Nov 2022 02:33:01 GMT
content-type: text/html; charset=UTF-8
location: https://followshops.net/
cf-cache-status: DYNAMIC
set-cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D44acfc91bc90d17ad7a2a28194c356c6822641f0; path=/
ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229627f5b94a96f0ea5186bed655a56068%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1667961181%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22116201%22%3B%7D2c79b70c1c9c4badda7da672e8cfaa35f6c49fc1; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNdrSTtR5D55TpezGJ7ZDhBNrqYLRWblAo6HHRq7OdtPNwNTLwwzqoOVYpw1XcMNGvXcUBV80HCSkRog%2BLEtYP8z0bdCxVGQ6rzakR5fXaY8cVfH%2B8yIiZxFjLhFChFVU90%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7673242759bcb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
104.21.17.152