Report - thefieldpoint.com/?a=9921&c=68593&s1=&s2=0d8bexs17ib7v3y4ed&s3=&s4=&s5=

Report Overview

Visited public
2023-12-05 13:00:21
Tags
URL
thefieldpoint.com/?a=9921&c=68593&s1=&s2=0d8bexs17ib7v3y4ed&s3=&s4=&s5=
Finishing URL
404noresult.com/
IP / ASN
54.154.196.178
#16509 AMAZON-02
Title
Performance Tracking

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
404noresult.com	unknown	2022-12-05	2023-03-02 01:16:41	2023-11-30 21:15:22	933 B	2.4 kB	54.230.111.39
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-05 06:14:20	1.1 kB	98 kB	142.250.74.3
thefieldpoint.com	unknown	2022-12-23	2021-01-06 23:15:46	2023-12-04 23:12:33	537 B	678 B	34.248.177.68
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2023-12-05 11:45:58	350 B	863 B	54.230.218.11
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-05 07:37:50	449 B	1.8 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-05	medium	thefieldpoint.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (7)

URL IP Response Size

thefieldpoint.com/?a=9921&c=68593&s1=&s2=0d8bexs17ib7v3y4ed&s3=&s4=&s5=

34.248.177.68

302 Found

141 B

URL User Request GET HTTP/1.1
thefieldpoint.com/?a=9921&c=68593&s1=&s2=0d8bexs17ib7v3y4ed&s3=&s4=&s5=
IP
34.248.177.68:443
ASN
#16509 AMAZON-02

Certificate
IssuerGlobalSign nv-sa
Subject*.thefieldpoint.com
Fingerprint12:B4:7D:0E:F8:A0:27:7A:A5:42:68:49:DC:3B:37:AA:DA:59:E4:B3
ValidityTue, 03 Jan 2023 02:26:12 GMT - Sun, 04 Feb 2024 02:26:11 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
141 B (141 bytes)
Hash
784b6c23be188954ef9aeed16d42e016
4dd0a710116a9d62970a73ac161fa5f7d7dade1a
72dee4e466b9a5674c813b5976cfa58e82433abe79525af4cbfd78342b21c5b1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?a=9921&c=68593&s1=&s2=0d8bexs17ib7v3y4ed&s3=&s4=&s5= HTTP/1.1
Host: thefieldpoint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 141
Content-Type: text/html; charset=utf-8
Date: Tue, 05 Dec 2023 13:00:04 GMT
Location: https://404noresult.com/
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=POzNnGvScF43+ax1rfWkT+DSmO50CJGWH8huXjzohT/N67ibdebfiw==; domain=.thefieldpoint.com; path=/; HttpOnly
trk=TNat3NUOg6k3+ax1rfWkT+DSmO50CJGWH8huXjzohT/N67ibdebfiw==; domain=.thefieldpoint.com; expires=Fri, 05-Dec-2025 13:00:04 GMT; path=/; HttpOnly
Connection: close

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b18500119a3c47163016761fcbefe731
b57a674344a0615ba092123aa73cbff947d5a7f0
3525a73e5001f7a282fdebce5c00f7a1dc43c284e105ce39a30033700cefbae9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Tue, 05 Dec 2023 13:00:05 GMT
Server: ECAcc (amb/6AB3)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: md--Tdz6avsIgkRXZgisAe2HDdI5wuqywivO1hw6RhP4pB89NNXvNg==

fonts.googleapis.com/css?family=Open+Sans:400,700

142.250.74.106

200 OK

1.1 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://404noresult.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
1.1 kB (1145 bytes)
Hash
182fb0bda33ec8dd88dbae8151cf8ea8
a867a22f31b2424821ee68e60830c703feb18e15
d80a4678964f86ea0a8e5385f34138717275b0347771e3e5fe275079101218f5

HTTP Headers

GET /css?family=Open+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://404noresult.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 05 Dec 2023 13:00:05 GMT
date: Tue, 05 Dec 2023 13:00:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

404noresult.com/favicon.ico

54.230.111.39

404 Not Found

346 B

URL GET HTTP/2
404noresult.com/favicon.ico
IP
54.230.111.39:443
ASN
#16509 AMAZON-02

Requested by
https://404noresult.com/
Certificate
IssuerAmazon
Subject404noresult.com
FingerprintC2:71:48:47:E3:94:55:36:EB:3B:9C:CB:E6:91:F0:21:34:45:98:E0
ValiditySun, 05 Nov 2023 00:00:00 GMT - Tue, 03 Dec 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
346 B (346 bytes)
Hash
1d9b7003da1070a3ce047a6efaa18f11
6cfb4cf6642a66ffdff834d034c189bcb775d867
c484c4f0b209ff4efd61837b4e92abe139f02050654b5e62295ddee4637cd30c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 404noresult.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://404noresult.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=utf-8
content-length: 346
date: Tue, 05 Dec 2023 13:00:05 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dKVLxWzNr1zufTsLDno2NXK1cOncxAVHaLNKawgP1nkE-tfVJt3hcQ==
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.3

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://404noresult.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://404noresult.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 460748
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.3

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://404noresult.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://404noresult.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 460748
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

404noresult.com/

54.230.111.39

200 OK

1.2 kB

URL User Request GET HTTP/2
404noresult.com/
IP
54.230.111.39:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject404noresult.com
FingerprintC2:71:48:47:E3:94:55:36:EB:3B:9C:CB:E6:91:F0:21:34:45:98:E0
ValiditySun, 05 Nov 2023 00:00:00 GMT - Tue, 03 Dec 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1285), with no line terminators
Size
1.2 kB (1223 bytes)
Hash
40d5518264f14a5602159f86e70dd973
d520831fe62bd850b7ed98ba66c8647f24b4d246
3646a49420f8f1264776f999b81fd6e7ae9ae388ed1c42f7a140262d3e4a444f

HTTP Headers

GET / HTTP/1.1
Host: 404noresult.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
date: Tue, 05 Dec 2023 04:20:08 GMT
last-modified: Tue, 06 Nov 2018 13:34:06 GMT
etag: W/"6fd7a254ec55e51d637f66377a43d1b2"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Pzcz4Lz9To7gbm4DyKCeRwyIY2YwCDwUXGm6AXC71a8FvUfANpcUqQ==
age: 31198
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (7)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers