{"report_id":"4024c2c9-b375-417a-9ea4-c76265eee400","version":6,"status":"done","tags":["meta","facebook","phishing","social"],"date":"2026-05-20T12:54:33Z","url":{"schema":"http","addr":"fbshop.ffbbshop.shop","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":0,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/#/index","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"title":"Facebook","dom":{"size":113454,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (38507)","md5":"18dd0ee3bec9a6fa119cecda3aa2d287","sha1":"013cc68858c15670d6f135c506498c9c873cde12","sha256":"5dfde113cf755b85c9f8188a4cea383e926b550073b1b4c2a29c88f26a046299","sha512":"92b99a7bb0855092fdc60b1f6b06659a41a1611d76991112a04c64efd3fc4c5fce181e23d9006421ae4b23913e396ad25eecf9ab927d2a587a2efe34d4355af7","ssdeep":"1536:T/M9aOK9363/C4emeQeMMzVIxpOMZMiO/7/NEWGJo363/C4yFflDbVgCShhq:Q9azqa4+HMYVCFOiYNEWGJoqa4y5IFU","tlshash":"adb38cb2c18124af11238fd5a4216b1f7ec7821fd56389106bec775fe7cadd0d629886","dom_hash":"domhasha9062bf69bc3f93ea3d8e804f6f21061","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"fbshop.ffbbshop.shop","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":0,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-24T12:54:33Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]},"summary":[{"fqdn":"imgtest1.s3.amazonaws.com","ip":{"addr":"54.231.163.33","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2005-08-18","domain_rank":0,"first_seen":"2019-08-25T08:51:32Z","last_seen":"2026-05-17T11:56:07.465369Z","alert_count":0,"request_count":23,"received_data":1752030,"sent_data":10488,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"fbshope.s3.amazonaws.com","ip":{"addr":"54.231.131.185","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2005-08-18","domain_rank":0,"first_seen":"2025-04-02T11:41:07.089686Z","last_seen":"2026-05-20T07:02:53.168836Z","alert_count":0,"request_count":1,"received_data":18029,"sent_data":457,"comment":"","tags":null,"fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"fbshop.ffbbshop.shop","ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":484,"request_count":121,"received_data":6627827,"sent_data":52606,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/app.9bdf0edb.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"059d9d9c2aa4db1a2fc43b552d5cbc21","sha1":"0750ae010773a15cf0e255a629d1fb149488e415","sha256":"f9df390c29aa7b9bf992d64a6a99f97833a0c1b7d59f7424fda9a7f79d837616","sha512":"6b14038782024b79efc30a42a10fe22857c56df3286bfe30bfc3d4ded4d5db199b5a82b87b1ba0a59a248396f8dc904eee1227858f2d7632769b24a85c386d30","ssdeep":"24576:G8aRvIuOVuh9YMU997PU9tLz29HxNUCOE3Nkxp5R+4t69uE9s1B9Lfbzxg7BuiVJ:baRvIuOVuh9YMU9BPitm9Hb59dWf+83a","tlshash":"67658def67da77fc08545646a04f397521981cbafb96f0e008edf62921e9e40c213f69","size":1455945,"data":"","first_seen":"2025-08-18T11:53:05.476207Z","last_seen":"2026-05-20T20:27:33.955611Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/vendors~app.72d2c294.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5a25803ec1cafb186b629a6f57935689","sha1":"d7ef0037910550157365da62cff911975cd66915","sha256":"f7d5b10df4dd3a3bbdede66a1bba63518e90dbb5452f9c1b37f5a2bb3f24bd5a","sha512":"e127a90b4dc271907ac79ffffbfa5b953e8b2d9dd5f019ba46478f9548fd87f3512c3b1b88240fec2337a2c0e47ae7bf627f1b7ee75ee7f3c70509f6195c9cc4","ssdeep":"49152:takvhaaV3fIIdVOVrM7U0/FEvmzGEALFp2QvInzjUZtA0R6+lGvpM:UkvwI2rM7U0+mqXpVI/UEg6BRM","tlshash":"05f5c35c364af340915ad0e7e43b3c49d26ae589a40b00d47f7087f31eb574ae7aee26","size":3511552,"data":"","first_seen":"2024-12-15T17:27:17.700307Z","last_seen":"2026-05-20T20:27:33.956974Z","times_seen":37,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-8dec02da.052b31b2.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a8bedd7667d1917be39e7abd2e842a7b","sha1":"1f9e52a708378997e9fde79b112a752c22d29e7f","sha256":"b2536af43023e1f84b77308e0eb7d96bb59a9ee7b1a5131bb63827b4f50b2bd9","sha512":"7edf70598e585686abd39e67d190377111ff0105553fabfde5e4851a07749b4dae852b5886746935219180db51c92aeaf14c1141772c19d24d8c6d8340ad5ca2","ssdeep":"384:DzsnfX8TCU86ZbJaMsS0CnlDKalAeuMoPu/QWoYkWvztFhY+1J8c:uMTPsSznlD4W/QYp/Yjc","tlshash":"88e21a4798816c3d8f57615a341b1298fa362f85d442cc96b53cfde9e2aae30330b76c","size":33009,"data":"","first_seen":"2025-04-04T11:57:58.040522Z","last_seen":"2026-05-20T20:27:33.791729Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-0e287aba.5e9c589d.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"40f3511d00f79de7ba0ab842d06e4249","sha1":"87d70563ee6b0198992d8a6305d57b8e68af2b61","sha256":"751a16c5b1bcaee6249c83d98ea24e080a7129de8a844bb3e3ad3c63f484bbf2","sha512":"ef6b58b87bf03f6a2978acefe9f1d1afe48c644f26e20c4994cad8f42eb963f156c53270aaf7378e29837430909d9093d590ce036e77a6ac6e8ad50f6936bc21","ssdeep":"192:XzCjfAcMsHsuDmLDYRRHEX8bMuMOO0L5xq/cictjAfNeNF/BPsGC8kA:2fNMsHfkX8bMKdmmvPX/","tlshash":"955294e6c470a4bd895a92722045f1e0fb643a68d006514ffa7cec9b72ed424332e77e","size":14030,"data":"","first_seen":"2025-04-02T11:41:13.575077Z","last_seen":"2026-05-20T20:27:33.872702Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-2849664a.b30d78dd.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.303Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-2849664a.b30d78dd.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: text/css\r\ncontent-length: 340\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\netag: \"682da6f8-154\"\r\nexpires: Wed, 27 May 2026 12:54:14 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":340,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (340), with no line terminators","md5":"7de78efe8bf09e10f280567a395d6b1b","sha1":"a84403256fb9c265c757c632def2bf3681d921e3","sha256":"3c64df4c1120ae8af09b2670ec78de64165c17cfe281e9fd19d9a55277f38b77","sha512":"575e2e01d3b715fc66a4de91cbe6cde658c2d3953445a92f711f396196fe921f1ff198fa691271c8670688cac8b445a52076248bc01382ffdd4b6956c1137eb5","ssdeep":"","tlshash":"f6e020708b561089952be1438b034cda2af9e663d16395855fa3d03dd46704f2e2a785","first_seen":"2024-02-11T04:26:48Z","last_seen":"2026-05-20T20:27:33.94263Z","times_seen":7604,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-24e95abb.b2e5197a.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.279Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-24e95abb.b2e5197a.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: text/css\r\ncontent-length: 447\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\netag: \"682da6f8-1bf\"\r\nexpires: Wed, 27 May 2026 12:54:14 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":447,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (447), with no line terminators","md5":"921bce4f483b1f08e93b4216d27b47de","sha1":"b4a29f334d7440c5b2f40841216224b72c6fcde9","sha256":"66b6628c502e0ea0445dc0ae31e229f358bd8a58aaf06e4eb525757fea64d439","sha512":"44e70871a7b43d640237f9f6f070c10a7bed3b3256e548f42488214ac6cd1421ae2209822abbb46e4940081e816f71e92ba2e6a658d1118cf5e3a9f8e7537240","ssdeep":"","tlshash":"f6f0ec012cbd95a15837c53df1c233b42e20369f0206c7a2ac44ac54c68ba613a14201","first_seen":"2024-02-11T04:26:47Z","last_seen":"2026-05-20T20:27:33.900012Z","times_seen":7228,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/d2355e87-0f42-48d3-9924-966b9fd8d2e0.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.163.33","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.456Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /type/2023-03-29/d2355e87-0f42-48d3-9924-966b9fd8d2e0.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: 1nGKCnJfXTFBWUvU3vZY4EgVQ/bPdImhMVuLcK/ltbZlSkCJnq2ZuuV2ngiy5z2+JpbibFwHOaw=\r\nx-amz-request-id: MEYQSWD15QSZ6HE2\r\nDate: Wed, 20 May 2026 12:54:16 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:19 GMT\r\nETag: \"3fb702f913ff64c272d67742c3fade6d\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 28164\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":28164,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"3fb702f913ff64c272d67742c3fade6d","sha1":"9d59af9b1418caaf57ed3f938074958affbdbf5c","sha256":"effe7b76be1c47da3ab9aaf81e6542743506dc40affd341687094417a4feea49","sha512":"1be15380d11c4c57f3ac922aa8d945afa256b4fda813b5254fe3ec2fd8b01fc242c8f9faf79a25245626438240e63d8c68bc1e3dc6c8ae1569b363e28f99c817","ssdeep":"768:GkLEEqGMducsX2FbPZlrPr0YFveH2fzquxgfI:GZXvducmObPZlrPoYkH27hl","tlshash":"3bc2278b59484ed3a46d93e5be970e9c6f453b4ce88229ff10924fd77f202664c4d02b","first_seen":"2023-11-07T02:37:44Z","last_seen":"2026-05-20T20:27:33.815483Z","times_seen":9800,"resource_available":false,"data":null}},"time_used":758,"timings":{"blocked":640,"dns":0,"connect":0,"send":0,"wait":116,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-8dec02da.2d855c30.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.844Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-8dec02da.2d855c30.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:15 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-3ba1\"\r\nexpires: Wed, 27 May 2026 12:54:15 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15265,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (15265), with no line terminators","md5":"e566520b3a38be091967afa56512d18b","sha1":"cf756a440187c7f5a3d2644ec70ccb07d17681fe","sha256":"9c59481e8e68c2e1d315fd6a639b84155d611890d45cefb72eed6d48edb7d2b2","sha512":"0f58e41bfb501afc8d10dfd5ef4c7c33c030fabb58133138e9958dd4ef3caf76fa52410eac62f0abc0007f0428f5902b4729aacbc267c3f785db4857a249915b","ssdeep":"384:i5s8CkC2caII41+qFkV0vD5rw/CVFcjHM:i5sVGUI4EFaDm0FcTM","tlshash":"b562e8737420a539b6b7a66930d4a4ca7055f903c1a7c2feba5db12cc5c72e3663234e","first_seen":"2025-04-02T11:41:13.220254Z","last_seen":"2026-05-20T20:27:33.77413Z","times_seen":28,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-78328792.44a33ea6.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-78328792.44a33ea6.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:17 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-2d28\"\r\nexpires: Wed, 27 May 2026 12:54:17 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11560,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11530), with no line terminators","md5":"4427afb19f1f56b7322b54451c5405d4","sha1":"a2a65a628b510f6f88295f44f06625912c3d2fe3","sha256":"3a47f7ace609f7ad83ae25cccd5b7f6c6a75901295f78a302661ac18d2195002","sha512":"9f7aafc591ad72e8fc33e7dba61246918edc065cdd9d0bdfd8295a1978cefb1622fa541fc33367106b19b4304eac786f0f281ba9e5140c15f929c4ba4c03a965","ssdeep":"192:6lxthRrXBr3nev/Vnwk43i2gv419Ii15QtwyO/3a3O56QY3tO/sC4X/5Dup5Dhie:6dXReXVwXgvg9Iat/156f3tO/sC4X/h0","tlshash":"2132f9883695bc950a27b0f1b0af745770958e82540d0541fbf488be7dbbd6b670372b","first_seen":"2024-11-12T14:47:34.656235Z","last_seen":"2026-05-20T20:27:33.784845Z","times_seen":448,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/app.cfe41071.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:11.416Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/app.cfe41071.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:11 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-39b84\"\r\nexpires: Wed, 27 May 2026 12:54:11 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":236420,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"2dd344f2c11c090d497b8f6925af6fbe","sha1":"d7cb3f39ceffae818ecc41b597f62efd767ab693","sha256":"f5b905e70f73e8be1fdca8710d876c08ec3b96a027dc07d5687a9120f926b705","sha512":"08a75a1ba498c27dd47d2a0249e09c1b92dbaac49c00b29cd5d5153c563db4bc829740dc85fd6fa73cf2279cbd933c035933e45dd88cc4428a45e53faa56f693","ssdeep":"1536:MgXC6l3028Y7SrW3YeWXA1u9w4HCe/l4RdgW9cMEcWAp7KO6iZkJgYu8e0r8kvXc:9dFJWTPL4Q+05q2pe","tlshash":"f634b510db17217b222be66d75c0ba886f28c323d9725b7bfd95741ccae64891163e0f","first_seen":"2025-04-02T11:41:13.202064Z","last_seen":"2026-05-20T20:27:33.938916Z","times_seen":28,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-0e287aba.5e9c589d.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:13.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-0e287aba.5e9c589d.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:13 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-36ce\"\r\nexpires: Wed, 27 May 2026 12:54:13 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14030,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14022), with no line terminators","md5":"40f3511d00f79de7ba0ab842d06e4249","sha1":"87d70563ee6b0198992d8a6305d57b8e68af2b61","sha256":"751a16c5b1bcaee6249c83d98ea24e080a7129de8a844bb3e3ad3c63f484bbf2","sha512":"ef6b58b87bf03f6a2978acefe9f1d1afe48c644f26e20c4994cad8f42eb963f156c53270aaf7378e29837430909d9093d590ce036e77a6ac6e8ad50f6936bc21","ssdeep":"192:XzCjfAcMsHsuDmLDYRRHEX8bMuMOO0L5xq/cictjAfNeNF/BPsGC8kA:2fNMsHfkX8bMKdmmvPX/","tlshash":"955294e6c470a4bd895a92722045f1e0fb643a68d006514ffa7cec9b72ed424332e77e","first_seen":"2025-04-02T11:41:13.575077Z","last_seen":"2026-05-20T20:27:33.872702Z","times_seen":20,"resource_available":true,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/img/banner_02.89b098f4.png","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.005Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /img/banner_02.89b098f4.png HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-4fe1\"\r\nexpires: Fri, 19 Jun 2026 12:54:14 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20449,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1200 x 297, 8-bit colormap, non-interlaced","md5":"89b098f43ae255167ff8b26c24194870","sha1":"6cf7d73b538b2f6b92942a9054b0befe10e03f33","sha256":"9d85d3258f92e0cb5dd6bbe44d10f65aa9910a75a1f9e6774428314c9e76659c","sha512":"e093c03f4de4cf196a7b8d6f2004339f82c355268b832a0bf8ba719d23af27cb3136483c34e3390e0881e643d518ac1a01448fb3faecbf6949bd8443634441bd","ssdeep":"384:RwLMKW7MjvwmrXJxI/vlWvanoXTSrZzmo8NC4YIWFdhipRB2MvT/34kLPEbdv8N4:vMbNrzglWinQTSrZzm94bqpR0K/IkLaB","tlshash":"a892e145bc5d88b5e97da4113380b98f0b75decf61d2984f3a2b48ff86e9a904353863","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-05-20T20:27:33.937452Z","times_seen":1269,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-09-27/4ccad6d7-1ac4-4b71-91a2-7f303bae5eb3.png","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.163.33","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.372Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /type/2023-09-27/4ccad6d7-1ac4-4b71-91a2-7f303bae5eb3.png HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: 7uYIGqCcSwHv37KzXXHA+ejf3Pf1aEC/NkkVZBHG4KOEmAok7Onj7wjKLv1FwZKQUsUU9xy2Zjc=\r\nx-amz-request-id: ZVEVJBZ0X875ASHZ\r\nDate: Wed, 20 May 2026 12:54:15 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:35 GMT\r\nETag: \"5a8141a1e3f9ae20e358558f847715f5\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 204466\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":204466,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 704 x 314, 8-bit/color RGBA, non-interlaced","md5":"5a8141a1e3f9ae20e358558f847715f5","sha1":"f7be50d3868c793818255a6094e78053690db2e9","sha256":"620a101a1e114bcc50bddbec1e1bbc157276a7d86918c943589c479e1f824d24","sha512":"bebc62defc949b0295bbc48717a43e974dab98b90383e568eea78e58a503791c8c87473af26443e43eaf9154bdf4e4fa0ab7ec18b37b6d289ea454b3ece93a54","ssdeep":"6144:6n2eIy8lDUjZw6TiGDMkl8T4Ax0DSOyYl:6n2CjZnRi4AxeXy2","tlshash":"b61423bdb2efcc1a21695ad1d4719b7ce7b85db0d448343803714296cdca53a6ff0928","first_seen":"2024-02-11T04:26:45Z","last_seen":"2026-05-20T20:27:33.93818Z","times_seen":5006,"resource_available":false,"data":null}},"time_used":1068,"timings":{"blocked":331,"dns":22,"connect":92,"send":0,"wait":124,"receive":281,"ssl":214},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-ec5b203e.45f75ffc.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.999Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-ec5b203e.45f75ffc.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-1297\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4759,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4759), with no line terminators","md5":"50b67c1e36297b1843f24dadece451cb","sha1":"aab4395d6d74d3e50d7016a544f7709a601343a2","sha256":"6310619d584f66c72ad89a3e491fcd0100f459bbb6c9d49d92843f464fcf51d5","sha512":"4dfc42a95a7a19d045ca233519f6f1c6fbd5446b344a059b1a5f691e916a5191b0121a7ba61619722cb7989a175982917bdf4e6359cfa4920d9f1e4b3ae2f29b","ssdeep":"96:2oxsUQOwXVcjglPJiA8J+eCkGCaCR4CRjpClCucCOCTpCHC9C3C9CtACbCUCtCcJ:2oxsUQOwXVcjQPJiA80eCkGCaCqCTClX","tlshash":"35a11297311f133d68b7e1571981a86d7878efc2c1322211fc27aa18c8db6977a3724d","first_seen":"2024-02-11T04:26:49Z","last_seen":"2026-05-20T20:27:33.800558Z","times_seen":5396,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-2d216994.faa818af.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-2d216994.faa818af.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 242\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\netag: \"682da6f8-f2\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":242,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with no line terminators","md5":"1848a82b0051355113b7ba2c4c8c3a45","sha1":"3a828b0a984048ed553f470fe2e1c9915eb6a61e","sha256":"5576e076d5e45c201b5f124f80daf6f7120812f9a0d236389ec35252e09f56c7","sha512":"305eded87b4f006d446a1b1a97050189eeab13e19a9685b24e2438fe087f7a167d4494389ec80b96fb9430f654a7ad34611b554367760563a14506b7cc0ba7a2","ssdeep":"","tlshash":"f5d09566b0117c55cd27310543bb5323382f141b0ecc105013a046ec313671b4106dcd","first_seen":"2024-07-21T11:22:09Z","last_seen":"2026-05-20T20:27:33.813594Z","times_seen":1549,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-74926972.12234da0.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-74926972.12234da0.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-15b42\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":88898,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (54608)","md5":"2142f5884705a44701f72822b6e0762f","sha1":"eec977efcdcc5fa0001fd9927eb4684854b79744","sha256":"03136f8c143ebd53f575dfd4abadf8486b94dd5f5224910bc75a0b686b210897","sha512":"ea711d522f41b48aeea63de41dcc28eabbaffb8f3023c23c329dc6d22434caef1760f65eed0324b091ec3e227244a37823d9b5808130ffbb8b729016a08a179f","ssdeep":"1536:XNpb5uzrxeR+PsutPHXPnPT8Y2B2eN8cruESosk0Fdf:Xg+uHQY23+cruESoR0H","tlshash":"6b932a88f2d5b176039355e0442f140bf175a929a84988a8f734d4e1bdf8ecea4bbf74","first_seen":"2024-11-12T14:47:34.664193Z","last_seen":"2026-05-20T20:27:33.9349Z","times_seen":1226,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-04-14/9f9c23cc-7abd-41ee-a116-01eed9d588a5.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.163.33","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /type/2023-04-14/9f9c23cc-7abd-41ee-a116-01eed9d588a5.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: 16P5NjtJrw/OEXJWD9lDZbQ/qUiZNt71sDCqGdwMoC0WPBR/jyoUJWsEIMbRH91WehAwIkujb7A=\r\nx-amz-request-id: MEYH7R5NE10JQ0S0\r\nDate: Wed, 20 May 2026 12:54:16 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:34 GMT\r\nETag: \"8d6323e7fdd7e06d404af122b2c85f3f\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 22652\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":22652,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3","md5":"8d6323e7fdd7e06d404af122b2c85f3f","sha1":"a5d01f7b4ad71db23c48fa3f117f7cfcc444e189","sha256":"8e2b0eddf8d540aaa3b2076eefe4ba494c7acabed1f15431bafffe5bd3513f72","sha512":"6fc93fb49c82210ca205c6d6dd0831f9016eb24e3a5fbd5072106d5f2b44adb98d39c7df922da930f53d2cbfc28176810e7f2692011d556155f4785c8b314c19","ssdeep":"384:g1oAebo8+5LM5Y3W9rtPwKbJO5Uq6/ECRgQPifCiN:g1o39+dMmKrtPwUqSyQPmCq","tlshash":"eea2be61f8803733c585636c4cbea112585584f288f9e8aba674cee9f2d4c879c49ce6","first_seen":"2024-02-11T04:26:46Z","last_seen":"2026-05-20T20:27:33.948163Z","times_seen":9741,"resource_available":false,"data":null}},"time_used":894,"timings":{"blocked":780,"dns":0,"connect":0,"send":0,"wait":111,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-39fb98b5.fb1e1003.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-39fb98b5.fb1e1003.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-2d9a\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11674,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (11674), with no line terminators","md5":"114d285231c8b45fc34dbba509f18b08","sha1":"c9c1433b07d5ed2d211399a48081ef5677c00075","sha256":"d099a7a95f3630b244b6a72bbe5895b0d709a3b7840353c78fb50755408a395f","sha512":"b65b7159b35ee7e18bd1e15a0fc09f79d190ecd695bf8574e21c33cd8d104de08e31d18f4110572158a187d6a46720f7731b1f515c19be7340359b52d33d6a26","ssdeep":"192:L33sODCMSXc6xJ6gCA95PR90oEWFs5d24uKgcX+4cesm:LnsAKXjxOMcOE7p+4cel","tlshash":"fa32f74eb0aae6bc889b00223116637475757bd5f00448ddb3fcdce85949ea4272b73e","first_seen":"2025-04-02T11:41:13.171207Z","last_seen":"2026-05-20T20:27:33.944592Z","times_seen":24,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/wap/api/syspara!getSyspara.action?code=customer_service_url\u0026lang=en","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /wap/api/syspara!getSyspara.action?code=customer_service_url\u0026lang=en HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":58,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"87f201052e0dc6c3b8a4a53b83bf44b5","sha1":"f6b152fa79c655449e9e938e4417a5676a2e06da","sha256":"fb522b0841e80aac3e1cb4fe0f613ae4bfd87fcbe1c03d0137e5c10fbdb86cf4","sha512":"8f854611a22d0fe5ab058bb7ae25c79e995dcc20396f0e64e68aea6662f71cd4144e3378ca1d648d4e3785d96bdb9522864359c14da34c69bbcbceb0bd412777","ssdeep":"","tlshash":"8aa00200146d582b0ca364896c6d39548a5e615348d09f246f99a66440de56d1004429","first_seen":"2023-12-01T19:12:11Z","last_seen":"2026-05-20T20:27:33.770838Z","times_seen":6090,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/bfa34439-cd8b-4b7c-b849-8cd85c7b6a33.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.163.33","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.436Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /type/2023-03-29/bfa34439-cd8b-4b7c-b849-8cd85c7b6a33.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: 3gg0oEM6jJ8+7JigNXa/inYg1hrHY5ADLAxc9hS+WKOmNF5rxS+QAXJSJLq8orgMSh6r46pgKio=\r\nx-amz-request-id: ZVEQ44D2XTY77ZYT\r\nDate: Wed, 20 May 2026 12:54:15 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:18 GMT\r\nETag: \"46155632d481869cb9c3e853c7832bea\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 39527\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":39527,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"46155632d481869cb9c3e853c7832bea","sha1":"988a2fdc538ca57eadd8730f028800f736e1ee86","sha256":"1e4dba5d9d5fae2a3aafe91ae59ff2f9f938229ee17b6af825d3d7ae78a93913","sha512":"6a93dfe70a2ee1089d7a1137043494795f98bab7533792b6e736c25439b4c871437a83103e1f02c58b32e7af94aa20e67db51929d945869cff4485b6840c2255","ssdeep":"768:G2faHY+HPhvSyz/eZculI+Pl9UTnIbrimLDGEFK6hbrysiU1JL4:GogPUGkymLDGExSsiE4","tlshash":"af03d0472804ef4b762ce2727e9b1f681f819b4ca8c672cc4a530dafaf657b9491c41c","first_seen":"2023-11-07T02:37:41Z","last_seen":"2026-05-20T20:27:33.804172Z","times_seen":9853,"resource_available":false,"data":null}},"time_used":535,"timings":{"blocked":421,"dns":0,"connect":0,"send":0,"wait":112,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-28/b95dc824-0d77-4013-a5b6-73fab1c9e4c5.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.163.33","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.446Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /type/2023-03-28/b95dc824-0d77-4013-a5b6-73fab1c9e4c5.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: Tmj6K/WSZz/Xslpgyr9261EX/V4qzO8zENgCI+G2Vy+EONdM6o/+728u3qMmNBffKP8CX58nRh4=\r\nx-amz-request-id: MEYR2MQGY3FVMX8X\r\nDate: Wed, 20 May 2026 12:54:16 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:17 GMT\r\nETag: \"0527d1653d7ad2d9fce0c6e3e6ff3f8d\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 17300\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":17300,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"0527d1653d7ad2d9fce0c6e3e6ff3f8d","sha1":"96f83c2be0860f8d33bda1e5955d2f69e1947cce","sha256":"91d6492646ed09c0cd914e6d6b5756d5e5ce01c44334b1e4fe035ead232a3f00","sha512":"a52945f8f23f05aedb2288cf6da590d9cacdeb9c07cda2e165f751c8f5eab3a752061e605e778f3c374481c4b1661d99be9d5fd8962d30e5cc3e4f5f007f2a61","ssdeep":"192:Gdel8vIA3KMvActt7vDzEu/L38lmmDOTORDpUcQws5kXMwAjdMubITDpgO67jTf:GdSnq/tt7vTLAnyO5skTAjGJTt67","tlshash":"ce7216179d089dd3616cc3e5bf060eec7f9a5758e8063def90a10fd93b206878d8946a","first_seen":"2023-11-07T02:37:41Z","last_seen":"2026-05-20T20:27:33.871732Z","times_seen":9821,"resource_available":false,"data":null}},"time_used":650,"timings":{"blocked":528,"dns":0,"connect":0,"send":0,"wait":120,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-39fb98b5.8dbf3dd6.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-39fb98b5.8dbf3dd6.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-1bac\"\r\nexpires: Wed, 27 May 2026 12:54:14 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7084,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7084), with no line terminators","md5":"0471f7d4229c51672e63f05b4fbb3f36","sha1":"89cc6f253e24fc1efd45b16c235212e5fb0ba72e","sha256":"d22f36a5f8ab1cac5caa44af2382d69262d5d5cf4d4b206eec8ddfa5184b8623","sha512":"b5090770f539ce82b9cd2bca9010611789c973b42ada52663797e7e268c2cd565d10adb5f242f3d802637caef6fb0dca0469f8c3269e38771e80644678ce9982","ssdeep":"96:cWUXz4UsG8OOOOOOOOOOOONaHYUt0bgCusCoG5YNDwTsoQiEbLGVk7AtWA2WyUfk:cXz5sbKYxgCtCowY2duLGm7AtmIfkXH","tlshash":"9fe119f7a036e129ba7ba2b930b065e97410e902ecd787e9b244762cc8c35931b5674d","first_seen":"2024-03-24T18:07:06Z","last_seen":"2026-05-20T20:27:33.79057Z","times_seen":1196,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-55a26a12.7840c12a.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.449Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-55a26a12.7840c12a.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:15 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-570\"\r\nexpires: Wed, 27 May 2026 12:54:15 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1392,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1392), with no line terminators","md5":"eddc635fcf3cb8f345a6c8bbcc9b6036","sha1":"7a3f2d798cb53dffe7cf6c52e071c865d5523bf9","sha256":"e77e73c25992fab28ae631f7d15520056b9106d43b95f0e07d73c49f5b89d984","sha512":"43c604de6411e0e4f6bc49e2bbd34338ebbb33d4b57be4b8f6707e35c5f31ec387c53308175d54075b64d61c6f10261c1b2ed4b4bda60af37255c2887cd02fdf","ssdeep":"","tlshash":"dc21f4f86136523660f3b437286142e67aa8faef51e1a10d6e8a504c9467f025f33c46","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-05-20T20:27:33.927259Z","times_seen":1356,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-3bb28e34.cccdcae6.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-3bb28e34.cccdcae6.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-253c\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9532,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9382), with no line terminators","md5":"f60f8814ee14d15d02fd4ca32663864b","sha1":"3eb97026eccd3f25935680b76717d3527ed80e1d","sha256":"f214d3e99e0782b7b6bffca65005544b1710a671b67ece2fdd3026ff629424ff","sha512":"676327c4e191599c72eff7bd3bd07b558d6f845e0df0670ca36acd720948a8d9266df4d6323bee46c7f65a1cf5ee3214b039a3936066e27016807e9d4c64cf91","ssdeep":"192:dB73GZXV5Pfu+kFGpS3dvr7MmEf7Cwbq2:v72xm+tE3tro/CO","tlshash":"9b12f88dbb51f89e0b2761a570af7416b2921254bc1d46d2f279c8f739add182303b3b","first_seen":"2025-04-10T12:19:43.532366Z","last_seen":"2026-05-20T20:27:33.933602Z","times_seen":251,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-2ef5db62.c782d047.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-2ef5db62.c782d047.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-cda\"\r\nexpires: Wed, 27 May 2026 12:54:14 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3290,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3290), with no line terminators","md5":"2f06748ac3f1235c97a4cb396a1e7a1b","sha1":"4823ff6c0a91a3656eedf994b38bc678ca1b1343","sha256":"7e82833d28b3db83afa9c628fa630038a05c4abcc4f9aff9ce93c2d1e6550f26","sha512":"9a67e6934ef4a0b1f1745f24cb28648c8cc3e7afa73e59a0542aa7dda86a65e4bf320e3ed8ec5494eeff62c4d11fa7adac854c5bd451394374ffa48a841c61da","ssdeep":"","tlshash":"1c61337122295a2e65b7f0ae61c015dc760ca336e792cbffdea1810a8dc93f35130b55","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-05-20T20:27:33.88507Z","times_seen":981,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-3581ccc6.f09689d1.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.568Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-3581ccc6.f09689d1.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-e29\"\r\nexpires: Wed, 27 May 2026 12:54:14 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3625,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3625), with no line terminators","md5":"f1780f9d45f7658d040c38d25eb705a1","sha1":"b819f324b3d0a8530037bb5474799ad57939ea91","sha256":"67041091f6905c2a4d162ea27c32382a85a0519e0b6c9dd7e3fe9e3a2393597c","sha512":"a7f6365c1ed56e22baa5c02f6e0d5336e10db1e34ebf13d65c0b62ef517c8a7b81498c8e2f5a8be34d1df3a8119fa643a2c8b569d04233da739edad49bdea906","ssdeep":"","tlshash":"d4718a117b2922f8e867805e2b56944d3710f10ba26ec8f7eea0d435cee29123b7459a","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-05-20T20:27:33.833235Z","times_seen":1760,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-0492056c.f832384f.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-0492056c.f832384f.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-f38\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3896,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3896), with no line terminators","md5":"0de986d9f829ab5a75c27eef46588a56","sha1":"43eab6e0a96c8ef14835d6fe1dc90c4cb84a2217","sha256":"054f136af8005c13cd926d3a9cddfaec40ec77a1ca2eef76cad2e07022b61432","sha512":"d86bd8422c23ee22f57cb0ef49b1d5d25dda2ef35f5566b66f596215d542878adc3ca11d6b66b1997507a3f1391d393922f4608636356f852271d0e33360ec25","ssdeep":"","tlshash":"4e81605da496e4bccd5ad052300f6234e1723fd69404c9aa7338dea89298d61332f37d","first_seen":"2025-04-09T11:53:08.853986Z","last_seen":"2026-05-20T20:27:33.830018Z","times_seen":472,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/img/zd.06c37b29.png","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:13.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /img/zd.06c37b29.png HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-39df\"\r\nexpires: Fri, 19 Jun 2026 12:54:14 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14815,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 656 x 500, 8-bit colormap, non-interlaced","md5":"06c37b2934ebf613a10a10d05bdc427a","sha1":"24365d9b433b3e5c56841ce9f9ee4f054a7f829f","sha256":"9f30277af966a7d3b4d80ebb5e842a764124b8c66da840be67a77ceb2ff377e5","sha512":"03e8f1da58f268023f87a951837d25f58cc1e9b5e81eb22abe08d7bbc6f13eee7e190b14178b81b4ae64741afcbf2fc05f96d4e131ede92408762a28622300ad","ssdeep":"384:u1tjDkG2Y0F9VaSfhgcd9HcdzVPbZRv5pRY8EXCu69/:ufPk9Zd98dzVP/lEXCv/","tlshash":"ad62d06aebb7fb0ae139307153808d26ea6d068b052f044f926cfc9cc639731bb55c95","first_seen":"2024-03-15T18:45:44Z","last_seen":"2026-05-20T20:27:33.931005Z","times_seen":1359,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/wap/api/sellerGoods!recommend_new.action?type=1\u0026pageSize=24\u0026pageNum=1\u0026lang=en","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"POST /wap/api/sellerGoods!recommend_new.action?type=1\u0026pageSize=24\u0026pageNum=1\u0026lang=en HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://fbshop.ffbbshop.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"f2982955040e03da061e625bb0bf375c","sha1":"20181528c67d8f347372b93f90d96e7d6c3cfd0b","sha256":"aa16d955b045de5c2728a37653d3f51d5f24f6e43879c0214e7b015079356608","sha512":"503575abcbe6db127825c8225d96bc0142d885aa83f74e8b5558ede44b0668ea953ffe7d3087c4d55b98b8550f776ebce4c989e93d571590ed8aa03789e88bb0","ssdeep":"","tlshash":"b49004403c0d1c17040fd545f44c3540455c315307d4c7300d4c5730415f1753d04570","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-05-20T20:27:33.796225Z","times_seen":7265,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-2d3b15cc.1065e47b.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.563Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-2d3b15cc.1065e47b.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-201c\"\r\nexpires: Wed, 27 May 2026 12:54:14 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8220,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (8220), with no line terminators","md5":"15af1d3c26e82f554e22d4b92989e50c","sha1":"21febdbf6c09940131326c18d6c6b5881074b618","sha256":"330f77708473892fcf35599941ab374c7dc73f4e2d71923161330537dfbb637f","sha512":"2752f6891792617b5a6e0e7aef54d792861597683c59ffa9a44525ae90d438a03e2bbe7c31a106dcebdf686e409edc822af50910d2aa3f54004a8ba1f929bd69","ssdeep":"192:Iz5sbKYxgCtCowY2duLGm7AtmIfP5iFxWXo:i5s8CkC2caIIsFko","tlshash":"ab02d5b7a0b2e029666bf0a9757495f87444da12ecd783e5f6847238ccc32e31666b0d","first_seen":"2024-03-24T18:07:05Z","last_seen":"2026-05-20T20:27:33.819744Z","times_seen":1189,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-7683130d.3c5f53b3.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.696Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-7683130d.3c5f53b3.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:15 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-3f46\"\r\nexpires: Wed, 27 May 2026 12:54:15 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16198,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (16198), with no line terminators","md5":"75983192dce0b51dec90da3b3fa32d0d","sha1":"3af0ef3661a45772a908035cb9ba9993fe802bea","sha256":"5f7232798bb2b19d1a1f24809955f50507a9e26f87e4de4d0af6babe518e3a65","sha512":"447e300d3c34082f8a828824acbeb6dbd53a9f4464832a6fbe41bcf95b34b6cd358f4a5fc983c65a1e69043c8e77d72e74fdb0041a83409fb54aea6323fa5cde","ssdeep":"384:Ox25s8CkC2caIMX5s8CkC2caIIsncjUdG:Ox25sVGU25sVGUIsncv","tlshash":"86720bf1f530a13eb897647931849ecf7844f909e1f696a6ee84b62dd0c65a3273834c","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-05-20T20:27:33.848133Z","times_seen":3224,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-0e287aba.5e9c589d.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-0e287aba.5e9c589d.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-36ce\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14030,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14022), with no line terminators","md5":"40f3511d00f79de7ba0ab842d06e4249","sha1":"87d70563ee6b0198992d8a6305d57b8e68af2b61","sha256":"751a16c5b1bcaee6249c83d98ea24e080a7129de8a844bb3e3ad3c63f484bbf2","sha512":"ef6b58b87bf03f6a2978acefe9f1d1afe48c644f26e20c4994cad8f42eb963f156c53270aaf7378e29837430909d9093d590ce036e77a6ac6e8ad50f6936bc21","ssdeep":"192:XzCjfAcMsHsuDmLDYRRHEX8bMuMOO0L5xq/cictjAfNeNF/BPsGC8kA:2fNMsHfkX8bMKdmmvPX/","tlshash":"955294e6c470a4bd895a92722045f1e0fb643a68d006514ffa7cec9b72ed424332e77e","first_seen":"2025-04-02T11:41:13.575077Z","last_seen":"2026-05-20T20:27:33.872702Z","times_seen":20,"resource_available":true,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-2849664a.dd9fdc98.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-2849664a.dd9fdc98.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-476\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1142,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1134), with no line terminators","md5":"2902c12fd2ae30588abd41b043263fc1","sha1":"d75b0f7d416ad157d74ca9454862fb66064087a8","sha256":"02d3bf9b81f50e62b0e722b29964c4483f3f940ecbe24f0da76255b8fdb86537","sha512":"df551adf93a9d855a1b1e4208959e4a0fb36dc9d3c717923c25760b51591a097e0570ec8d35592033b685d4948ed1f40c03a416d5395839698c2a764a6968568","ssdeep":"","tlshash":"5b21ce136092794d586ea501210f2134f4f09d964c0bece16378c8fae2b2d5a7a9f27d","first_seen":"2025-04-10T12:19:43.541107Z","last_seen":"2026-05-20T20:27:33.822908Z","times_seen":26,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-b4023030.5e986cbb.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:17.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-b4023030.5e986cbb.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:17 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-e996\"\r\nexpires: Wed, 27 May 2026 12:54:17 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":59798,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (59798), with no line terminators","md5":"0926866200e639e9410da75904ad575b","sha1":"01d5d2b49bc0e19ef11bb92d874b68eec23f4d92","sha256":"fd3e6e39dffcf7eb585b7dcced3ba5e676e04f1d6cdab87cf8cbcbcae855820c","sha512":"4fc3ae11ec6f0d8eb66981f9ff327bca3f10eb8ff7a53994d27b7175cad60ee22c83113826a82afd2e61d755fc4cfd41286541325d5b3eec15895dca84c72a95","ssdeep":"1536:fDaeK86yPVHJtxEa+BZtnnzYcXbKc7rfqtbZG6v1f+yOgv14:fDLlVHKBZtnzxrKc7sNG6ss4","tlshash":"1f43d03720d3a4931f2ac121324bb84d8d769b9dd182d5c3f278b989ec5fe74635e098","first_seen":"2025-04-02T11:41:13.197153Z","last_seen":"2026-05-20T20:27:33.764289Z","times_seen":24,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":158,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-20T12:54:10.725Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:11 GMT\r\ncontent-type: text/html\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-1c79\"\r\nexpires: Wed, 20 May 2026 12:54:11 GMT\r\ncache-control: max-age=0, no-cache, no-store, must-revalidate\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7289,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5351)","md5":"2a3e40956eae09b9ed226f3e9b916ced","sha1":"e408e88729709e4522d95c9a64bfba9032bf505c","sha256":"e435b0480b98b75f5199cdb4f3a1d93ad695b81f912115fcd3e73cbe32ba0db1","sha512":"89c0e891aba71357e5171052a3e4ce3441fb78f6d24dead7cd49d2e7dd27e701c962b462ad428df272f490763a1d10e4b1dd0222ff0dcfd55303fe286dbe8ad2","ssdeep":"192:hCcufJt2vDYbNVNt7AU2PQWLyvxLv8vXAohW:hGt2M3MUabLC27W","tlshash":"d5e1eeb9ce40608fe9f0ce879d29e72beacb8c771130e440e219984fd968fd4516b947","first_seen":"2025-08-18T11:53:05.426825Z","last_seen":"2026-05-20T20:27:33.769929Z","times_seen":6,"resource_available":true,"data":null}},"time_used":898,"timings":{"blocked":373,"dns":60,"connect":153,"send":0,"wait":152,"receive":0,"ssl":157},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-43f51806.68a288da.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.518Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-43f51806.68a288da.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-7089\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28809,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (28359), with no line terminators","md5":"f3c2a58047096d889a9de2751fb6f15e","sha1":"b7d51bb521314f1bd69a46eb17c5e5e975ddda4d","sha256":"34e886f2dc0d1f088651856c046dfb40acda76710da7b872ad9d284cb5388a06","sha512":"edb93f124f1984d1085341df25915c39295c35175d7d6870cb381334dda62d231363251ff2d9137987212d0f6eea4d5900f24fcbbdf2283bcf7133ae33928a9a","ssdeep":"192:/hAyGEERrGGMOmdQlAy5j2h1OyIvP4eR1X2mKNASDnyHB3VbXgPnD3TpLmV4b5OR:/GyZERjlT52uRvFR1GNw3VrgPnk4QdH","tlshash":"c1d2d84e71a13c8e130b4261745f2651a21a6169740e90dbb7bdccfdfa9cd245832ffa","first_seen":"2025-04-10T12:19:43.550154Z","last_seen":"2026-05-20T20:27:33.917659Z","times_seen":18,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/40488675-237a-40d9-b2d3-e5d53b0e6455.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.163.33","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.427Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /type/2023-03-29/40488675-237a-40d9-b2d3-e5d53b0e6455.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: OyYjSRN59laUO9I2gcmVIXmK/7d9icXv2rINwDV6HcGlR+E41hC1dm9afXxpuRrliwMVsz33PxY=\r\nx-amz-request-id: ZVEW61720WDNKK36\r\nDate: Wed, 20 May 2026 12:54:15 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:18 GMT\r\nETag: \"a5941f987a0fe015714bc8b8cde4baff\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 44216\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":44216,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"a5941f987a0fe015714bc8b8cde4baff","sha1":"88c88146f9813942943df5777e08d4486db3040a","sha256":"41da4ebe3b85b5ca006db2a633baa60593618feeb72f3db99e110d74e1cbd918","sha512":"937d3c4add07ef443e201c34e73eef5cf558a781c5112a81719a989e4ff4c2cc29f2bf35739cec929988409694a4518fe862820b2fb6c18d71b4195954700628","ssdeep":"768:GTRG9BPKCHP1oTrfNz7uVdkyQ5CmHjrYaBsDTtk9GbLf+H:GT8QgP1oTzB0dkyQ5Cm7Bs/u9+CH","tlshash":"52139d478e489f835014d3fd3e079e6d6b891b0c59893aef19b31eab3f216521c8e54e","first_seen":"2023-11-07T02:37:43Z","last_seen":"2026-05-20T20:27:33.768003Z","times_seen":9808,"resource_available":false,"data":null}},"time_used":798,"timings":{"blocked":276,"dns":3,"connect":93,"send":0,"wait":119,"receive":93,"ssl":205},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-376ad29c.cf3ef494.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-376ad29c.cf3ef494.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-53bb\"\r\nexpires: Wed, 27 May 2026 12:54:14 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21435,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (21435), with no line terminators","md5":"347e7471c06e54b272c94be9c1ad23c2","sha1":"c861e89f40823ab23cd3f71a14bb2146b4848c63","sha256":"274d806042475f7c8c017e971f32194339ac1c74bcea70a23a2743af61b3b43f","sha512":"88b410b900b577eaa4f8c0b87fcd9408c26e9234b360c484a2fc205fe3438adb714a0b4a9a12a4af442be36799d6484a98e47a2ae41662c85bfa07730bbca22c","ssdeep":"384:3ZMkIQyEkkeX/pZ25ZC85s8CkC2caIdR2iW4YGrSLjhh+P5/e7R0N:jIZEheX/poF5sVGUqtLr+P5/eVy","tlshash":"e1a208b1b22d223cb937f2691a8156cdb460f263e4568396bedc7325c8c36e36d34265","first_seen":"2024-03-15T18:45:48Z","last_seen":"2026-05-20T20:27:33.940778Z","times_seen":898,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-aa8d1574.20b8fb7e.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:17.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-aa8d1574.20b8fb7e.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:17 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-4696\"\r\nexpires: Wed, 27 May 2026 12:54:17 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18070,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (18038), with no line terminators","md5":"90e28e9a9ae0f8fb5e7e15d6005c86e6","sha1":"121afaffd035d128d714ee5c0d402701bc6003a1","sha256":"feb011b95a02644b8b4ead41ffc55dc083978f71a963111d85ea1aceefe6154a","sha512":"eac97e35b42275dcbdca9347e51f33e5e8b0ab9cd01199bcb6ad11afc610f749efe51c870376cce31f880b583a85feeb495473fd53bc0218f737448f172f051e","ssdeep":"192:GXOR02/VnwKjXmj+YtcjE3Y7nzVg5z5xNuJtY97fYUzsi+T0qTRiqZ8JH8z3Jn5z:yu0KVwqmipjWxEt6b7cRiqZ8JH811","tlshash":"e082b69ba651b45f0e677661309b2403b15862a42c0c9d56f23dc9f637bcc342b17b7e","first_seen":"2025-04-10T12:19:43.48554Z","last_seen":"2026-05-20T20:27:33.888073Z","times_seen":216,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":156,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-11-01/b1365176-2126-4b52-893a-d823ba7fa752.png","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.163.33","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /type/2023-11-01/b1365176-2126-4b52-893a-d823ba7fa752.png HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: H7r8e/T1KWXuTZr7lM6q6OrOWrSuAU0Plq47Ewt3e5mVCZSNH53s2v6ZtorTwfSlMDVkcx0g/Rk=\r\nx-amz-request-id: MEYPGDJK30ZEW7MC\r\nDate: Wed, 20 May 2026 12:54:16 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:36 GMT\r\nETag: \"57fc8f526d4275ea03d2bdbdc5576892\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 170933\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":170933,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"57fc8f526d4275ea03d2bdbdc5576892","sha1":"648d7e45b5f40cefb1d18bb9c726fa2194627313","sha256":"5b08dd67e7ff0eb29804f686a825a0607fcfad5e509780a30adfea265bc26d6d","sha512":"046bbf2c489dd817458bb078c2a21eee87949f983e0924087800414acb782c41e1e777873e9bf43ad90c456a764044b9a142646b88ca61a2589c90e0a31b860b","ssdeep":"3072:uZZZCa4TScGLIk8FhGOovWdjezklGcjjltrXy2zm423z7LOOCAr:u3knH9GOusjezklGGltri2zm3fLNr","tlshash":"a1f31238ed7ef755a4fad15f910cada0a0f877204832a5813e37d7d437c98a192eb249","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-05-20T20:27:33.88366Z","times_seen":2439,"resource_available":false,"data":null}},"time_used":1004,"timings":{"blocked":795,"dns":0,"connect":0,"send":0,"wait":113,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fbshope.s3.amazonaws.com/avatar/2026-05-19/6250d5c2-769e-459a-a565-aa0beee04bf7.jpg","fqdn":"fbshope.s3.amazonaws.com","domain":"fbshope.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.131.185","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.477Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /avatar/2026-05-19/6250d5c2-769e-459a-a565-aa0beee04bf7.jpg HTTP/1.1\r\nHost: fbshope.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: GtoK6Q70f5pwfGEy5ESWQGeSxI/uYwVohtnREJ5EvoOFgUr1Z/dOkLBqjq7tSF1A1WKjwSLS0Ro=\r\nx-amz-request-id: ZVEN4JR2V627AKJ3\r\nDate: Wed, 20 May 2026 12:54:15 GMT\r\nLast-Modified: Wed, 20 May 2026 02:06:07 GMT\r\nETag: \"2ea6bb55a872c60bb5b07fc86389af36\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-myval: test\r\nAccept-Ranges: bytes\r\nContent-Type: application/octet-stream\r\nContent-Length: 17594\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":17594,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 212x210, components 3","md5":"2ea6bb55a872c60bb5b07fc86389af36","sha1":"72c30a4c557334be8cbca87df9439ccaa93a73cc","sha256":"2360d71046a2e47ed01571421380a8ceb8e4f435956f70fd08fbbda7299cd6ba","sha512":"4f76a62ad8ebe9ba1037ac30951843342957d4877c1849ffe623e22287b7c88fe68a99ed5585b1df70c3f434a6912af7749b02c7b35b00b2d1e09dd507891be1","ssdeep":"384:PNu/WCACfqTR/tRBO4pdGq0O3XzUcOhEPws5kYq4/UY:F2WCBqTW4pcEXqfs5E4MY","tlshash":"9882d0a29165f20c7ec331b3613d869589a59a6ef60c66c3721cce1b0cf5b7c0a9c635","first_seen":"2026-05-20T07:03:00.981528Z","last_seen":"2026-05-20T20:27:33.805083Z","times_seen":3,"resource_available":false,"data":null}},"time_used":321,"timings":{"blocked":-1,"dns":1,"connect":92,"send":0,"wait":122,"receive":5,"ssl":101},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-b4023030.b4f6766c.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-b4023030.b4f6766c.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-1827\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6183,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6183), with no line terminators","md5":"46cb2b9940c77d775cb0305a0fdcb373","sha1":"97473a667cd34ab33b5378c02df05091f0c5ea4f","sha256":"369fa1811e220d2e03fdacfb9edbfcb14cfb31b1ced51cf483eaf5e4d50a17ce","sha512":"adb6f0e0eb49a9113e5e92aad710d69a4c485e2afd4695304bf19aa7753f374b5daeef0f01a7808425ffed1716f384b5d9870f54bf41a1359fe23adde9b500c2","ssdeep":"96:V735Bnp0eZAhzD/wFmwxM3Q7BkyJtFoJUx9Bfiea2dFyq:Vzaw+0Bfiea2dFR","tlshash":"74d141132a676560fcbae01e7a547b8e3e5cf643d08606bcf89a7e35c4c7873b518141","first_seen":"2024-06-01T14:29:20Z","last_seen":"2026-05-20T20:27:33.812187Z","times_seen":1838,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-080bb2e0.de943bc9.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-080bb2e0.de943bc9.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-4271\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17009,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (17005), with no line terminators","md5":"0b8e7ee3c08ec21913ea159c7ec5f210","sha1":"12433ab9cd1f14d010728420bb80c27d64808c92","sha256":"3c6a70a4de5cbcc4a28d9bbd64618197759811ff27a4f7d292846c953a602b1e","sha512":"38d66ebfadaf1b5b1321d3e4ea14c49d3df56b7c460f04d784c4e9fd58fc2b7e807c841d298a0ddc204ff1978083c439396dc98dc14f3d9f75abc7b95fb9723c","ssdeep":"384:2g9h7KAjyDfKQ0RYCw6IJGzg0E3EQyqUUhDBusDJB7WmjX:2wh7Kzv0RYCwPJGzg0aEQyqUUhDBusDV","tlshash":"07721a4b9094bc4dab2b97a3308f30e1b141a569381559ebf2adcdf7634cd203a1b779","first_seen":"2025-04-10T12:19:43.519226Z","last_seen":"2026-05-20T20:27:33.887071Z","times_seen":18,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-3fd6aeb4.92c26b97.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-3fd6aeb4.92c26b97.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-798\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1944,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1944), with no line terminators","md5":"7f71849dc89c4abd07fc9d5dbe438d21","sha1":"2a2633f43fa5048788df8879ad9393e3f99bb9bb","sha256":"9a1127feb13abb9c5981815728a3bdf146ce33699e457af01ed2c2f8272059c7","sha512":"d250f9868bff4cf5c1a78f948ed6fc3e0edec49083f5167dde50254c55ca467a084257ffac5e0bb2e83c492650d3c41151ef6bfcdadedc007032e132e68fc619","ssdeep":"","tlshash":"ba4167df94a6fc6d9a9bb001116a103570613fc254468ca53bf4cd6086d4d909f1dbce","first_seen":"2024-11-30T11:36:36.876109Z","last_seen":"2026-05-20T20:27:33.950068Z","times_seen":847,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-4f3cc811.1eaf278f.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-4f3cc811.1eaf278f.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-2534\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9524,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9490), with no line terminators","md5":"11289dd6d8b0301d7aac825d563ab96d","sha1":"39e7586064605316633f6bc982d02c94a6155bc4","sha256":"890d1fd7bab1c33a0ca357f6b0d87c31ab4d3aaac61e52911cfe9e667a0a12bc","sha512":"2376e9b364e8b1ae6bd471ba98941eef98b8386cce08d57166814c43828850f4e46abc1a9bcc91b9bf2d270490c8b211d68d9808947b4d6d27e68d42c0de72e9","ssdeep":"192:JE6pgpvwC6acMPc7GVHPqSzV5Pzmh7XdI6k:JbpgpvgGHyQc5k","tlshash":"0412d8cabb92f85e9b372194706fb117b1952610bc0e16e1f138ccf63aa8c186353736","first_seen":"2025-04-08T11:46:55.725554Z","last_seen":"2026-05-20T20:27:33.81422Z","times_seen":373,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/app.9bdf0edb.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:11.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/app.9bdf0edb.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:11 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-163749\"\r\nexpires: Wed, 27 May 2026 12:54:11 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1455945,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64898), with no line terminators","md5":"f9f9c3af8166f74123babc80ab8f13e7","sha1":"60d1727576c69b9b8bfa3e34aa2d5af20db97e18","sha256":"aaf6acbce2775016e095fa32d140bc0ac2ac98e0ad310be7af1b3f785b42e7d8","sha512":"34bf5cad92debb573a98eac695f116485473173ec316ac25eaa7aae5225789bd612f4a9e3fa9b8b6e43cd362dd071d84728fe07e3f92e72e49493bfd1fc84f1f","ssdeep":"24576:G8aRv6x2KEHyZFRiXOVuh9YMU997PU9tLz29HxNUCOE3Nkxp5R+4t69uE9s1B9L+:baRv6x2KEHyZFRQOVuh9YMU9BPitm9HF","tlshash":"82658eea97c7b3b80dd47695200b37b022ac08f7fbe9f4d90ae8f95521f9d408116e65","first_seen":"2026-05-20T12:54:52.348906Z","last_seen":"2026-05-20T12:54:52.348906Z","times_seen":1,"resource_available":false,"data":null}},"time_used":479,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":479,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-04-14/d8d17705-42b6-4aa5-ae9c-82d7e8cc7bdd.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.163.33","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.466Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /type/2023-04-14/d8d17705-42b6-4aa5-ae9c-82d7e8cc7bdd.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: Ll4/W1UPGz/tiv4LFv7JIqSSmdzBWQYQE46LNm10EB3q5QrXeURNguoCBMUjVlRd/MYjN8DcdEY=\r\nx-amz-request-id: MEYSCT6TVFW93C7J\r\nDate: Wed, 20 May 2026 12:54:16 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:34 GMT\r\nETag: \"1e463b0bfc58cbe93de38ad62f2ac7ee\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 21173\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":21173,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3","md5":"1e463b0bfc58cbe93de38ad62f2ac7ee","sha1":"ae83334518cc12da8587ae98f78a5dd7de9b7a98","sha256":"de1fc345b3fe2ed5fbac321243e8814cd39a37a5554fa0d6b665284da90a6e28","sha512":"e29d51e79e7609dd12e1477a117b2af83259505557ba520681172019687275acc73b92129559a74a03b0f5fdd649c169f5301acbab3c599515ff1a89c1cc4afc","ssdeep":"384:ADUu/oKRfXu/25fNvZ4ZpZKbPzjApEZWZ7CJTa/kKfwu:96b9fNvZDfAEWjvou","tlshash":"0d92d01ded906352d745e472b7e7daae1d0c09d8a31c98286af1cc0b98363193f774c6","first_seen":"2024-02-11T04:26:46Z","last_seen":"2026-05-20T20:27:33.953059Z","times_seen":9368,"resource_available":false,"data":null}},"time_used":904,"timings":{"blocked":790,"dns":0,"connect":0,"send":0,"wait":112,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-4ad33d1e.e67f7f3e.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.445Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-4ad33d1e.e67f7f3e.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:15 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-edf\"\r\nexpires: Wed, 27 May 2026 12:54:15 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3807,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3807), with no line terminators","md5":"d5c5cf21c0ac8cf32937fd5577eba50b","sha1":"49b8872bf19a1f9c7f9e78b19497e8b89ca2ccfb","sha256":"4531f24949afa7812c1f59876406ea88233df11ccaa72f9a7f559e55416dcc6d","sha512":"bd7965d44b3c3d8fe1e112a9097b029319ea0eb7bd67e9a52912b44344edf8f28493123a0ac5bfdca0181a551d03990a1ce84044abd3abace820f386e04ba5f8","ssdeep":"","tlshash":"04710e60ba22231f6a72f6fa55c0a1dc370aa21be19345dfdd49c40ec6df3a79174b60","first_seen":"2024-02-19T23:01:30Z","last_seen":"2026-05-20T20:27:33.932954Z","times_seen":1109,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-fe46833a.f2bd8913.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-fe46833a.f2bd8913.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: text/css\r\ncontent-length: 731\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\netag: \"682da6f8-2db\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":731,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (731), with no line terminators","md5":"04fddaebcf220f89065a61a8972e9ff6","sha1":"a72aaad63f69552c1bfc2ce529d0934877a151a5","sha256":"fde628e3bf1d28a032a27b15fb82ee652f593c2de925664d244ef73294ca3002","sha512":"91283184ba4be03fc8613a4cb7476f38560ea9ce179e380e14c783b1dbd2a7b001596670057aca7a28aa80f63ff390a69ddada5e8730d7ec4ab353382952985b","ssdeep":"","tlshash":"b30128f3d1100422c1f7e617e1826898ff95ccb2e753c0afad92551d82caad70ba7b15","first_seen":"2024-02-11T04:26:47Z","last_seen":"2026-05-20T20:27:33.812937Z","times_seen":8433,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-8dec02da.2d855c30.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:13.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-8dec02da.2d855c30.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:13 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-3ba1\"\r\nexpires: Wed, 27 May 2026 12:54:13 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15265,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (15265), with no line terminators","md5":"e566520b3a38be091967afa56512d18b","sha1":"cf756a440187c7f5a3d2644ec70ccb07d17681fe","sha256":"9c59481e8e68c2e1d315fd6a639b84155d611890d45cefb72eed6d48edb7d2b2","sha512":"0f58e41bfb501afc8d10dfd5ef4c7c33c030fabb58133138e9958dd4ef3caf76fa52410eac62f0abc0007f0428f5902b4729aacbc267c3f785db4857a249915b","ssdeep":"384:i5s8CkC2caII41+qFkV0vD5rw/CVFcjHM:i5sVGUI4EFaDm0FcTM","tlshash":"b562e8737420a539b6b7a66930d4a4ca7055f903c1a7c2feba5db12cc5c72e3663234e","first_seen":"2025-04-02T11:41:13.220254Z","last_seen":"2026-05-20T20:27:33.77413Z","times_seen":28,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/2df406e9-dc70-492e-a7d5-4db89889fe58.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.163.33","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.441Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /type/2023-03-29/2df406e9-dc70-492e-a7d5-4db89889fe58.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: dwnyRQGTvHXnBWvE6fNh/3ida9TB29r8NFXLMBkpixT3lCGGgmqi4yyKDatxmHRUisPJlq9GSLM=\r\nx-amz-request-id: ZVEYEFMQNF9D63FT\r\nDate: Wed, 20 May 2026 12:54:15 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:18 GMT\r\nETag: \"882acb8a590986400f716b14ce87dbd7\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 27557\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":27557,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"882acb8a590986400f716b14ce87dbd7","sha1":"69d9585cebff24ca05746278353d9723ac581960","sha256":"1c488a620a2342179fea9b5325ea4b5e0e450de64f3bc3383c67e3040242d1e0","sha512":"21cc314fbc6d011adc782475102dcc061e67ed01e1162a9046700b1375b1841701831af77286cc0fead58c997eeba79f5e1d141cdb124ed7881fbe71315c65a6","ssdeep":"768:GG5AJy9ToRwVbgiqHgdBAe9u4p58OsHIE7W6lWG:GGis9sRwVbgiBdieWHTlWG","tlshash":"40c27c039c854ad3b575c391ff468f6d3b8aaf08fc5672e710e11eda37a01424c9da6a","first_seen":"2023-11-07T02:37:41Z","last_seen":"2026-05-20T20:27:33.882488Z","times_seen":9952,"resource_available":false,"data":null}},"time_used":533,"timings":{"blocked":418,"dns":0,"connect":0,"send":0,"wait":113,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/fd370537-bc59-4d31-a9c8-e7bbfebb9c9f.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.163.33","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.445Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /type/2023-03-29/fd370537-bc59-4d31-a9c8-e7bbfebb9c9f.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: GmdzQWnAto603ya+3KB+JhrAo88gjLw5K8prmIeLUeeJDViAMjHzrgekufucqUedaae8/A5llBA=\r\nx-amz-request-id: MEYPS6FBASPA5C5S\r\nDate: Wed, 20 May 2026 12:54:16 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:19 GMT\r\nETag: \"87706f749b341f09c0d4f313a08fc43e\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 29992\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":29992,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"87706f749b341f09c0d4f313a08fc43e","sha1":"1509845938ec37024267488237d11e718cde9f13","sha256":"b7fe2721d939005c3d167ba39f1512ee5ba880a08fe370ab93dab990ff0a914f","sha512":"862ad1c48221a29e8fbeeef1be46b06d77617afd44de9e63598e0f746aa0277ef3c79366454df627aa6c12f465440d729d9157ba768922c90a574439df2d195c","ssdeep":"768:Gv6RenUljXtCiU+uKMHNDBp56HJJg0+Fz7P:GVnUlJFiuJ6FfP","tlshash":"67d2ad27aa50afd7b448d7a2ff030d862fda522c41d439de81d76b436b18b77480d1ad","first_seen":"2023-11-07T02:37:43Z","last_seen":"2026-05-20T20:27:33.832168Z","times_seen":9825,"resource_available":false,"data":null}},"time_used":639,"timings":{"blocked":525,"dns":0,"connect":0,"send":0,"wait":113,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/img/right8.b1412bc5.jpeg","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /img/right8.b1412bc5.jpeg HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-1354\"\r\nexpires: Fri, 19 Jun 2026 12:54:14 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4948,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 242x152, components 3","md5":"b1412bc5ba0e763ff23aa08e3edfaedd","sha1":"d47b7b57f0147304de91e48497863d4bc90f2582","sha256":"a787935def85b5205fd886da2128855c877ab64a61755efee88d38c3f53d8b26","sha512":"d008c03d079a300f48904ce78873596b45e8d763f410e1707961ffdcd8786c57d2c78e9b191f42d50fba60009c78b843cdd0fd8cf4d3faac2c3d913c9cba0c5b","ssdeep":"96:Whjfa1ZcZcf9nqATAMmrGxCMpAdWWxzq/SVbFNXJakuuHcPL8z1UlmXexHgvMjH:Ej8Zbf9nXTYMpfWZbFNJuu8PYz1LOxHv","tlshash":"a4a17fcc3a345e7bff2491b3768b17391718092524bcc37921aa2e2c3e0ed704869d67","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-05-20T20:27:33.829603Z","times_seen":4705,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/img/right4.6d5f23ff.jpeg","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /img/right4.6d5f23ff.jpeg HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-1260\"\r\nexpires: Fri, 19 Jun 2026 12:54:14 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4704,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 242x152, components 3","md5":"6d5f23ff9ecb9724c07b2cd1541269f9","sha1":"5e750c426346b1fc8fb169ce8539ac98a13614b1","sha256":"52e08b3d2f52fb6b3ae31c2df98abd68fcc703e02f2fc21b68743f5f0f254d1c","sha512":"4a3cdf202ec25973c245ca77c96782ec1b6b9402dd6fe9d654dd3696b2929a1f0d2d3ad76d63a40998685fe0debf4ac2b66c742307b7f8a8040e386e64c72eb2","ssdeep":"96:Wh+tAiYHAua4Aqt9u4F3DRBfO18AB/x0qaZIPdwR3ODcpOfxukRbnCRTVMfn:E+tEgBvEwgRyHSIPmR3OD485hn66","tlshash":"43a16e9acffa688fff121f7ab124246975810e026a01aaf344014d7a7927c318743596","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-05-20T20:27:33.926617Z","times_seen":4703,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/img/right5.1ea7fcc6.jpeg","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /img/right5.1ea7fcc6.jpeg HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-1594\"\r\nexpires: Fri, 19 Jun 2026 12:54:14 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5524,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 242x154, components 3","md5":"1ea7fcc6e9b3100bffbe6b7f028ff17f","sha1":"61c58566bbc59e3f7eee8fd0ca827c00da52a17c","sha256":"a3b706331a70ffa493547d558a58857bfa2dcbe54f11b19745a8c0ec4692e045","sha512":"7c129d8b0f97c5c3645a966ea129cf352e53997c2caeb88d975a6774bb157808dec36999b766942663622fce8ce7ea387d4a2a5f4385cb68481e554b4dee4d05","ssdeep":"96:WhJUFeNHgld/rdM2oX1pfs1BBfcVq3CxmaiVFMbo9qJC1dwH2J34Rm1cum8lwoRY:E5NH+BqBl1kBBfc1xmnQ7U1dwH64AyuA","tlshash":"d6b17e19e62eb807cb2aadfb2d5c259661011ab47f1c0bf245b121ddbd42cb1af15314","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-05-20T20:27:33.787838Z","times_seen":4679,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-3bb28e34.c6474aa1.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.163Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-3bb28e34.c6474aa1.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:15 GMT\r\ncontent-type: text/css\r\ncontent-length: 242\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\netag: \"682da6f8-f2\"\r\nexpires: Wed, 27 May 2026 12:54:15 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":242,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"207b8b759b262464712f92d1ae1e37eb","sha1":"7029c92363ea630f095754daf11add091fcb57dd","sha256":"83e8578a1c454c2177dc7c70879f3a2e5e917cb457b060909784e71ddaec84cb","sha512":"7ec9d45d68a15b191ab0ec850c159b6a09cdedeecaa33c45bec5870115ae5717ee8cbdd1c020cdec12987d0705e88b487287e93e72bb2ced89b80fb446516a1b","ssdeep":"","tlshash":"45d0a731b39c5824b527c0dbe6c568c5b6043bb2984974b6edd31f68c887453716834a","first_seen":"2024-02-19T23:01:30Z","last_seen":"2026-05-20T20:27:33.874591Z","times_seen":1453,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/wap/api/activity/lottery!getCurrentActivity.action?lang=en","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:13.560Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /wap/api/activity/lottery!getCurrentActivity.action?lang=en HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:13 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":33,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"5b85c39fb769eb183b6e5b8519ec3a00","sha1":"ae8be787b4c0500a7125bd129f660d18541d9da9","sha256":"ba3dc3cf6e634921eb9eed57e39334b4517b5b8b09327a935ff0d5546802c12f","sha512":"68d10a3cc895858d8bfabcd41db64466b2ce4907d7844dd0f69c6a4b83344aa7b3cda0ba2accbd5e81a925652b4a7dd2580316c1d0b30379f80a10ff687fd176","ssdeep":"","tlshash":"d2800000280e2c8b0803a088a88c3a0080ac22a308c0cb200e8cab3880ae2b22000830","first_seen":"2024-02-19T23:01:27Z","last_seen":"2026-05-20T20:27:33.777187Z","times_seen":3064,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-09-27/fec070f0-ebcb-41bb-9d4e-b383ced7bf87.png","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.163.33","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /type/2023-09-27/fec070f0-ebcb-41bb-9d4e-b383ced7bf87.png HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: QrdElizBXNI9zDVZt1IxInhVj8qB2akko0ay/LqKcfMAdmD8/d2NgbFCz1ypTSHKwh+z9Q+Kn5g=\r\nx-amz-request-id: MEYGFK5ZGA9KB4Q6\r\nDate: Wed, 20 May 2026 12:54:16 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:35 GMT\r\nETag: \"9f38d77d904f502b512c9ec5b8ea5906\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 167342\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":167342,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 704 x 314, 8-bit/color RGBA, non-interlaced","md5":"9f38d77d904f502b512c9ec5b8ea5906","sha1":"1bebdca8e525a4c016780265cf05ba2e0621f652","sha256":"7be1f4180d586218d352c2e46603c046fbacdf908313b987becca84e09bbcc2d","sha512":"cbbae2f0cee0235b23fdf99e7e006101c9a6d7001a5c43cd2aec059fe207ceb0b17a6f51754406e006a7d3b78221ac572aa3db6e2efa58c36a7f1baa466d305b","ssdeep":"3072:2zHXQyGpimL+GdP+1wNE2AneMrUhkhYEHuxS2Sd4EbgdNSoDejQT8:2zHgzc4+Cm2AeMXZ2SdFCmjD","tlshash":"92f323e5cb37e0a3826f6a210d5da645e507a04727113fea532a8f53c38d3d75687ec8","first_seen":"2024-02-11T04:26:46Z","last_seen":"2026-05-20T20:27:33.881441Z","times_seen":5369,"resource_available":false,"data":null}},"time_used":889,"timings":{"blocked":670,"dns":0,"connect":0,"send":0,"wait":122,"receive":97,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-4a688b54.51b5a192.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.629Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-4a688b54.51b5a192.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-2cc1\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11457,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11415), with no line terminators","md5":"be7b3771d25203bdfaad649aaa249d37","sha1":"ab951b1850fcc5552809e566f3ac06d6d6628435","sha256":"d3c9ccd3bbb34e1ddb77d698ee4b0e00fdb86df1054dde7c5a4b47324182a34e","sha512":"e7646b9cab84a95ea913f874be39470d7d7c44739fcdff7c63230a6fb717d3eb199ba96810f61d8e943852b2ef7079e464eb523861b9817f60462fd8c8f69b51","ssdeep":"192:OSBk3KLocnHVDAB73GmNA4Whyd7BaSLWaHyXAxHevDSs:26LoIHVDG72oWAKes","tlshash":"c932c7487392f89d096351b0305fb506f1a93a41780d9995b274caf979bcc1ea326f3e","first_seen":"2024-12-15T17:27:17.796173Z","last_seen":"2026-05-20T20:27:33.763152Z","times_seen":254,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-080bb2e0.615f6bf6.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.270Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-080bb2e0.615f6bf6.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-63a\"\r\nexpires: Wed, 27 May 2026 12:54:14 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1594,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1594), with no line terminators","md5":"7bb68d7264949b255c669843ea227988","sha1":"c37129a7f0dbda018bd10436c4812ca558ccca03","sha256":"e1e47844c3390d548f1cd51ea560bf6301ebc6163228d4bf728cfd0a10b5e70d","sha512":"af29987a4411e45d99202eed3f1ebb777ea971e2b4eb617f4232c504c4f83b247c6e6651bb83c7dd153a19306a521a1e4ff6e633c6faf12308f1eb631623f7eb","ssdeep":"","tlshash":"3b31761e3e491d18f833f71f21c24a5e3212a37385b6831a7c43e55afd470c67ab12a6","first_seen":"2024-02-11T04:26:50Z","last_seen":"2026-05-20T20:27:33.810001Z","times_seen":5562,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/wap/api/sellerGoods!recommend_new.action?type=2\u0026pageSize=24\u0026lang=en","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"POST /wap/api/sellerGoods!recommend_new.action?type=2\u0026pageSize=24\u0026lang=en HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://fbshop.ffbbshop.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"f2982955040e03da061e625bb0bf375c","sha1":"20181528c67d8f347372b93f90d96e7d6c3cfd0b","sha256":"aa16d955b045de5c2728a37653d3f51d5f24f6e43879c0214e7b015079356608","sha512":"503575abcbe6db127825c8225d96bc0142d885aa83f74e8b5558ede44b0668ea953ffe7d3087c4d55b98b8550f776ebce4c989e93d571590ed8aa03789e88bb0","ssdeep":"","tlshash":"b49004403c0d1c17040fd545f44c3540455c315307d4c7300d4c5730415f1753d04570","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-05-20T20:27:33.796225Z","times_seen":7265,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-78328792.1a94a034.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-78328792.1a94a034.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:15 GMT\r\ncontent-type: text/css\r\ncontent-length: 428\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\netag: \"682da6f8-1ac\"\r\nexpires: Wed, 27 May 2026 12:54:15 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":428,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (428), with no line terminators","md5":"839113b3a06297a1185b208299520527","sha1":"df67e42e507fdf888b4f0b1706a0bd54e09763ff","sha256":"ae7439473b984cf35ac3a8199ea3a3ccd8c794d239d0e36fec25cd4a3f0222ac","sha512":"da16c62f7431636915bdfa092d4468b66770272aca96b2e4c27d1bf9cd36b044dc03acb199486e709a3a82c272c9ab6ffe79305e116376d596ec30e3523dbf6b","ssdeep":"","tlshash":"2de0a0a051072a3b2563f0b6a8c20427b655f7abe91291107be305092e7b38a68373e8","first_seen":"2024-02-11T04:26:49Z","last_seen":"2026-05-20T20:27:33.916143Z","times_seen":6791,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-2d7a155f.fbe16d79.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-2d7a155f.fbe16d79.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-6b74\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27508,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (27466), with no line terminators","md5":"93642e9f104f1d0407ad191806b26e86","sha1":"c292c9c53f0fbddab5d58c345d7dda5f95364937","sha256":"a703c5320b1c794c7a4bc21e161c494839c10fea036094fe2492fabda2c213c2","sha512":"d1f61dc886b190b3bf7357d57af59db109260547a541d428a91f45bbd7c763fef6b9ebf97475a44ca9171b4cf08c6be59cc709e69621c2664808665852ca48de","ssdeep":"384:yFJ1G5vS5oQ6FxwWajeIN6WwQDPQjug5BNK6lRgSmBT53vzLs:yFJ1G5vS3dWceM5p7wNK6lRgSmBxs","tlshash":"e9c2f82a3246202849631fa453df4b09f33661c564264988f3ada5c76f7cd6e31bbb7c","first_seen":"2024-11-12T14:47:34.620682Z","last_seen":"2026-05-20T20:27:33.892305Z","times_seen":487,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-6699a1ea.07049ed0.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.821Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-6699a1ea.07049ed0.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-e36\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3638,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3634), with no line terminators","md5":"4f9ce4e23faffd960980fbbbdbd77cb9","sha1":"1ecd3d1a9a853bdf8bb63e413fda2060aaf0e927","sha256":"743f48ac12c805e699815c4bc464df776046d8eec2fe7eefb339c7b85988f91d","sha512":"775dfe8416c2dcd93aa6fb0b0cc62f19d19110487953d21fac48daead75bb2b8e890b83e0c503d34ebd1c5ed27ddfb11ed9d82d0d80e6c82f08d55fb2042c227","ssdeep":"","tlshash":"0a714646412179ed8bb9151231a96024e1f409d8680dacd2edbcecf963e487c7b6d3fd","first_seen":"2024-11-12T14:47:34.64835Z","last_seen":"2026-05-20T20:27:33.876303Z","times_seen":1200,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-7683130d.e4adbc53.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.843Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-7683130d.e4adbc53.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-5206\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20998,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (20940), with no line terminators","md5":"20a338377bf11ad9cb676e2e56b4b347","sha1":"77392acaa3a3444fd0f8a1da7cbff9abf4148576","sha256":"f337bb593d59124810cdbfe2b803b3814983c3a5c7d17b55c362ba9efbde6913","sha512":"51149937a445ca0d1f3e604abd5c7068fe8f71349ed0a8d95220ac7ef68b9dd280c5f7e6336b42a1b305486a175f99610eaec1a51e65c9fb3b691009e4fdc94e","ssdeep":"384:VDYsA4Xhk804DXbyuohIAwXs3iX775b/2MnnAbk7w86E4:lxkl4D3oardb/2MnAbk7w8k","tlshash":"1092c986e072a8ac895b6251351eb3b4b6742b94a050c459fa3cddbc21e9d60333ff7c","first_seen":"2025-04-10T12:19:43.544759Z","last_seen":"2026-05-20T20:27:33.941398Z","times_seen":18,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-96625288.d83af6c2.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:17.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-96625288.d83af6c2.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:17 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-27b8\"\r\nexpires: Wed, 27 May 2026 12:54:17 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10168,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10016), with no line terminators","md5":"09400caf2621b744cca753095ea1a2f8","sha1":"26fe5b4af268f6d0b13236926ca606415b2ee963","sha256":"e58881dcdc36bea8216fce8a8b0177f2720969f2997b923dfdbd3352631c43f5","sha512":"63c5bdfda446c9a32e8d16c706f1524e65bc37d886edfeacab1ae22fb02e6bf9d4d2cec2aebb64534b85abe719d08a07d6c64100fccac0ea2fd6078f6682186d","ssdeep":"192:vfbfNheZy+9Ks6rF1mK2gK2qG6N2WattQBIBpGeBQBrga2vdozPPfI6D3dAW:vfbfNhGy036JB2gK2qG6N2ZttQBIBpGx","tlshash":"5822e7d877d4b0665b4ba272613f204eb3b729c80a0f1850c364d6d579b1958b3bbf6c","first_seen":"2025-04-09T11:53:08.87516Z","last_seen":"2026-05-20T20:27:33.924595Z","times_seen":366,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/wap/api/category!recommend.action?\u0026pageSize=50\u0026pageNum=1\u0026lang=en","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.215Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"POST /wap/api/category!recommend.action?\u0026pageSize=50\u0026pageNum=1\u0026lang=en HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://fbshop.ffbbshop.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7436,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"81b1a87b80eefb6079d50adb7fe6eed4","sha1":"dec9b65b5f1c239dd7fb62e4a31212a44f641378","sha256":"4229a828b12d3fd9b99810c92c657e24daca47db0a89aa34bf5785dfeffc6035","sha512":"8aa3521d2400eca2c23b5c5d245df79794dc098442b47f0c571d4513ccd25aa37bd74543f763f2cfb4f2a2520c016d66554252088c031546fe1429d1f0ef6808","ssdeep":"192:5VRAdzoHaIDsGJTN1o1xzvxVRbQKgDCU70NUbcxhYuI3PnU7xG60gkAxpHPUL4CU:5V2F4DBm1hvPQmU7YTxhKU7s60RAszUN","tlshash":"98e174a9ffe83c6d4b8486d1168725cfe4a0e03b9fd70ec604fdde448aa676a057c164","first_seen":"2025-06-12T11:40:21.422089Z","last_seen":"2026-05-20T20:27:33.896612Z","times_seen":12,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/f638f5c6-610e-4035-8a7d-1b49bd18a6ea.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.163.33","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.408Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /type/2023-03-29/f638f5c6-610e-4035-8a7d-1b49bd18a6ea.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: I2MqrfYC5h0bdkIHyIlwQJQXQWaHNohm598JDY36paK6bBfEeMT3eWi4/Q4urU5B8S9k3PyJNTc=\r\nx-amz-request-id: ZVEG2WGYD08M43JD\r\nDate: Wed, 20 May 2026 12:54:15 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:19 GMT\r\nETag: \"b367a1a2939abed5721ba1cf5fd272ac\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 43151\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":43151,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"b367a1a2939abed5721ba1cf5fd272ac","sha1":"14494a7fe1017a29f9fed7421f7d652257490203","sha256":"46d322495677c8a7c5394e265b4ff29491e138ca470aa1ca2d8abf364db9cd21","sha512":"2952940e26d548ef1b5caaff6ed0f6226a5fe3333be792544289621e428353943df8b2c80303329041e0b0308b6fd4961d0805110e5d74bf4bfd3808f3c71117","ssdeep":"768:GAnBvnXpOznCDoX5cNyXgGjFLhpx12yVa6+kZL/4FIpV8xoeKzHMkLFr3:GAnBvZOzCe5cNAgGjFNpb2R+4gixovLF","tlshash":"4b13bf87ad198f936454dbb87f530c396bcc1e1ce8463af910a52ed72f582094caf52a","first_seen":"2023-11-07T02:37:41Z","last_seen":"2026-05-20T20:27:33.919588Z","times_seen":9443,"resource_available":false,"data":null}},"time_used":704,"timings":{"blocked":238,"dns":0,"connect":96,"send":0,"wait":118,"receive":95,"ssl":154},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-2b19c21c.0e701f5c.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-2b19c21c.0e701f5c.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-b5f\"\r\nexpires: Wed, 27 May 2026 12:54:14 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2911,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2911), with no line terminators","md5":"ccea655bea4bc170e3aaa0f2f26510ee","sha1":"1259c05c03dfc98dc7f24d470689316ce0bd9141","sha256":"0417838141e75f770427672acfbbaf935e495175cc8431d1a95ff1853902dcf7","sha512":"861aaec4e19464a7f373e1627ff2e2e21060a291d64b39290946344f1ddd72d89cbfcec2245f553ff1933023db5dc0d95c6374859c8eb768c69e9a3220c8afff","ssdeep":"","tlshash":"e851d0523a4d7619913bf2a8f5c1bd8c32a0b1679353d2079ecf5c199cabfc2352da48","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-05-20T20:27:33.953753Z","times_seen":1023,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-4a688b54.8fe95911.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-4a688b54.8fe95911.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:15 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-45e\"\r\nexpires: Wed, 27 May 2026 12:54:15 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1118,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1118), with no line terminators","md5":"51469bb71eb3ad53d091813383d59f9f","sha1":"2dc9da09668fefdab35ccfe6c6a3ec5485ceea3d","sha256":"d9daa1e1faf153cb40d02fe3294adfbf28aeb622797e00cf94c101ccfcf0e073","sha512":"aba105e77a63de395ba92e7d7557d7b7ae209f72dfd735132a2b4d234f8ac75e09d4acbeee7b2cd6e25307285d4d3a4988e9b8b8758761b595c96d20994bfffa","ssdeep":"","tlshash":"d221cef1906510385aabe6b430f0a9b9705df145ea63199c5d6533ad49d378f02e02ce","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-05-20T20:27:33.954469Z","times_seen":5573,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/img/SM-1.999c9fc4.jpg","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /img/SM-1.999c9fc4.jpg HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-5a4f\"\r\nexpires: Fri, 19 Jun 2026 12:54:14 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23119,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x352, components 3","md5":"999c9fc41bba4186a820213428d48ac2","sha1":"7e9c15029bf4add31021cfc012dd72ccacb18974","sha256":"b04501986a195a5c864cce442c6dc97e9be7d06b7e89f9b157f3bf28bf856410","sha512":"2d65c5ad641ae40969fb20723275d2e200d3787d9c2d84779ec90d5af7f786a10d98aedfb101f223fa4488f01833226c248b2c1250adb9beb2063410a3bbe8b2","ssdeep":"384:I1k5onoNfmW/D8xxYbOo/G/GYKECK+CB86Z8ZE207MzNDgMSd4tnSivrNtkWCS:I+55+GD8x6bNu/GYNX8I20wzNDgLmSiz","tlshash":"c1a2d0033bc8491ad3e26fb1b5971f928b0fc950145ad2b28c10eba4c939eb05f55a59","first_seen":"2024-09-25T17:41:27Z","last_seen":"2026-05-20T20:27:33.914375Z","times_seen":97,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-574f8736.7da50378.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.451Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-574f8736.7da50378.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:15 GMT\r\ncontent-type: text/css\r\ncontent-length: 971\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\netag: \"682da6f8-3cb\"\r\nexpires: Wed, 27 May 2026 12:54:15 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":971,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (971), with no line terminators","md5":"364b94b45eaf72b8e38bf5dc4b2348f9","sha1":"869691808bc786803fba4730ffaecb8c2c95a975","sha256":"2da93f714bc866a0e4f302d78c7e5d14d291c27551b29d27969cb57089a191d4","sha512":"a33a5504a3284c5c20c32c7385f61833fada6b1d13e575231c0153a9fdf87d61b7a62caf829e6a22187ec6c8699b87ed13dec945c814e12be7034015716509a0","ssdeep":"","tlshash":"ca119bf151081435b867f26475d055fe316ef343a233446daea4b3a6ce93a9b12212ce","first_seen":"2024-02-11T04:26:47Z","last_seen":"2026-05-20T20:27:33.825867Z","times_seen":7527,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-8dec02da.052b31b2.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-8dec02da.052b31b2.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:17 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-80f1\"\r\nexpires: Wed, 27 May 2026 12:54:17 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33009,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32973), with no line terminators","md5":"a8bedd7667d1917be39e7abd2e842a7b","sha1":"1f9e52a708378997e9fde79b112a752c22d29e7f","sha256":"b2536af43023e1f84b77308e0eb7d96bb59a9ee7b1a5131bb63827b4f50b2bd9","sha512":"7edf70598e585686abd39e67d190377111ff0105553fabfde5e4851a07749b4dae852b5886746935219180db51c92aeaf14c1141772c19d24d8c6d8340ad5ca2","ssdeep":"384:DzsnfX8TCU86ZbJaMsS0CnlDKalAeuMoPu/QWoYkWvztFhY+1J8c:uMTPsSznlD4W/QYp/Yjc","tlshash":"88e21a4798816c3d8f57615a341b1298fa362f85d442cc96b53cfde9e2aae30330b76c","first_seen":"2025-04-04T11:57:58.040522Z","last_seen":"2026-05-20T20:27:33.791729Z","times_seen":8,"resource_available":true,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-83fd3762.eedf19f4.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-83fd3762.eedf19f4.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:17 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-d28\"\r\nexpires: Wed, 27 May 2026 12:54:17 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3368,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3368), with no line terminators","md5":"c30216a8bdd420e27607d3b168428df6","sha1":"f0ac98dad14c94c1062b6ccc084adc160517fd4d","sha256":"aa1a6712329f823b477c10c6143abd40842516844942874078ab482c01ee3896","sha512":"84d0c83119cbe1a5367845fbfb320350d09c5320e435ee0f8e258d74f64e079b1b973c4f91312847ae86170d4c52b5f21633cbe20b89d00e78e3e269a1e47000","ssdeep":"","tlshash":"7f61440e9453783eac6e5112b11d7568a0712fd6d841c4eab63cce6993d0d71332ebe9","first_seen":"2024-11-12T14:47:34.665741Z","last_seen":"2026-05-20T20:27:33.827746Z","times_seen":720,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/vendors~app.e108408d.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:11.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/vendors~app.e108408d.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:11 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-3caed\"\r\nexpires: Wed, 27 May 2026 12:54:11 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":248557,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"358451a21672b858ad25a76fb5c17031","sha1":"d117a17bfe8738c61b95c5bd2451cd3c8b3ec4e8","sha256":"77986877e9bb514c6af36a2939d05ae6512437499c7ffc2867b57827efebeb55","sha512":"3928c2e7fdf5ee243a0c30b8b21570e03d2fbd25d30d3741be5b73d7a9fdc24ce7a04d3f0c527fe05e7ee5de32faf34f5aeb814e5610183c97717b7572546fd1","ssdeep":"1536:nS28Y7SrW3YeWXA1u9w4HCe/l4JrgW9cMERw4B78O6iZkJgYu8e210kSDDvIc/eU:3tKw/27eDLL6ob6v7f65WCXkb","tlshash":"f334b6109b17203bb22bda6d74d0ba892f25c313d8334b7afe95790cc6d64991263e5f","first_seen":"2024-10-04T10:38:40.033086Z","last_seen":"2026-05-20T20:27:33.816839Z","times_seen":1061,"resource_available":false,"data":null}},"time_used":479,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":479,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-08-14/29e5a33a-f02d-43f6-b4ce-5edb8be1577a.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.163.33","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /type/2023-08-14/29e5a33a-f02d-43f6-b4ce-5edb8be1577a.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: eM9pULe8ze2lBjknplebbylo5S8CKM2B/uK6fs6jKrMHaXuXJI4HxoOZycQLD5x28fLF9Lxgn+A=\r\nx-amz-request-id: MEYGGK4VQAP8RJX6\r\nDate: Wed, 20 May 2026 12:54:16 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:35 GMT\r\nETag: \"a7d470fbe103fb9a6784c6e3bd450ccc\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 96012\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":96012,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 500x500, components 3","md5":"a7d470fbe103fb9a6784c6e3bd450ccc","sha1":"cef53fa7fec6b069bc298b96adc02886d48a2bd6","sha256":"4529834992120ae959682d5dfc40e76a46db199fdbe4b20fd77e5d1ce92accd0","sha512":"e429d8efffecef5f79cbdab092f84a5054126fb33ee4b22d8e50861cba8d10edc49b41b5d0b8d02d997428b0f661816cca586b58f15d10cab9629375de8ff737","ssdeep":"1536:Kvlkpltm3DoZ3IUr1vvliVOHylrocmmIqeWJ6BHlCJsSEBT+qScNiHoDqlSBvP:Kvl2tm3DotIUrxtiVaylroc0dPHQJlsZ","tlshash":"1f93f19fdd0acc318b46e0ea7a85c1a364b9c25354d0f97f5739d8b6c09c7b99802cc9","first_seen":"2024-02-11T04:26:46Z","last_seen":"2026-05-20T20:27:33.890337Z","times_seen":9535,"resource_available":false,"data":null}},"time_used":878,"timings":{"blocked":764,"dns":0,"connect":0,"send":0,"wait":110,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-aa8d1574.3ecf88fe.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-aa8d1574.3ecf88fe.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:15 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-d0a\"\r\nexpires: Wed, 27 May 2026 12:54:15 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3338,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3338), with no line terminators","md5":"1bc5b8235f9e8d5bf3961279423cf630","sha1":"466627105df20f8e829d3db72a2617802b7b265a","sha256":"cc7c2d00d52891b7af0ae290785d54f087c4f61951893b7c7fd8c869f7a8047f","sha512":"a2c17506a8e46344978b7955c1c162a6fdb844d0ec51fce021c04aee33df5d44cae64f10a7a6bf5ec295a1210540e5b82c1f7e79b9d89aa14dc29e7531cd81ca","ssdeep":"","tlshash":"766110382130361c3b37922a25c8f54e2619a9e5f18995c9ba98c42f4edf769dcb0263","first_seen":"2024-02-11T04:26:48Z","last_seen":"2026-05-20T20:27:33.799723Z","times_seen":6659,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-24e95abb.a73e725c.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-24e95abb.a73e725c.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 766\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\netag: \"682da6f8-2fe\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":766,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (766), with no line terminators","md5":"c3c5be8817bb2cb91e4d50280d085896","sha1":"6fe69d461cf3f7ed9cc9bf2d65ff8b0242eb0646","sha256":"56d1a1a4b1fa5415f633a791cff5094192fc83a3e7ddf5baa180c5a71afa4c50","sha512":"a2c74a621363bbd07582ac0e04ef8ebaf9257898fc108d98f26f090e5fd9b9490b177b11b1b9bc1abebfe3ec4ba3113356a21bc91b1341210da3f9dd403bef4d","ssdeep":"","tlshash":"6601bd9cbae1b40b4d0e38b1412f11d5612f28e819efbc51e6e081c85e3087e151eecc","first_seen":"2024-09-28T13:40:03Z","last_seen":"2026-05-20T20:27:33.921181Z","times_seen":868,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-2ef5db62.0c6df70e.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-2ef5db62.0c6df70e.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-421f\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16927,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (16881), with no line terminators","md5":"6de1fdffd70fbcc1135a39059b557650","sha1":"8255fbdcb61e5dd80991c50dd79b2644f67f3798","sha256":"dcbed075f8ddeae06534995504d3325afd2f1942c30b721c8eded0883136ac16","sha512":"529a693def182ebd701171efa79c3c933c4b8a8a0d69cdf00cf960fad52d590b119e68bdbbbbe8d06aca4df56bfa2dcd2cf5f1e66f9322d7f6f67318387dfe90","ssdeep":"192:glxthRrXBrRFnEERrSY8yA7cAfo8KwRHfnQMsfN8qAV5zQzpV7ocKwRHfnyMs4mV:gdXbOERDw7HnhqIk7HndqIDlRs","tlshash":"1672e92a50047c9c0e62a0ad702b3464a05985105919df5affb8ceaebaced3d275737f","first_seen":"2025-04-10T12:19:43.546169Z","last_seen":"2026-05-20T20:27:33.797185Z","times_seen":18,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-7c3eed5e.5abe877f.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.958Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-7c3eed5e.5abe877f.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:17 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-7aef\"\r\nexpires: Wed, 27 May 2026 12:54:17 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31471,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (31460), with no line terminators","md5":"129a6a246dd0d538de08bdf4712f96f9","sha1":"aac320b96b29432f3be4ee628959908e31f82637","sha256":"70bef7c2b45750bc6e85d2dc3b908d5f2097223657d5f64769489cbd5892d055","sha512":"528697d1d1b5b15db5059f7313642db389a2d5fbbc125880e9da41e3bf1bad33c7d705fd91fe40f2347bf9221354c027c2f482704654e5c563186fa6494895df","ssdeep":"384:KQAXzwRQiAm0RgpFIIqSq2JD61LQKgyAoRiuX6h/9G11:AXhKygyAjqB1","tlshash":"54e20a539129e41b5e7b6253316a1492a3681ae858089c47f2bdcdf633ecc342b1fb7d","first_seen":"2025-04-10T12:19:43.498395Z","last_seen":"2026-05-20T20:27:33.808798Z","times_seen":227,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/06f91542-f535-445e-b3aa-04e3fb05fe8a.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.163.33","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /type/2023-03-29/06f91542-f535-445e-b3aa-04e3fb05fe8a.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: IYltqTM8Os3dSY0jPxPFQEM1OhzBlrHz5DgiIE+/p28KiSThDzPOGnYUz/TcQ1e5Suy4dTp8WKU=\r\nx-amz-request-id: MEYWVT8SZ5RC4M5R\r\nDate: Wed, 20 May 2026 12:54:16 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:17 GMT\r\nETag: \"1b8714109ac1c300a6848b18f4b10531\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 27057\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":27057,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"1b8714109ac1c300a6848b18f4b10531","sha1":"1c40a9917624327dcad395e8d0a9a204e24d73d0","sha256":"952d26075b0ffa3fd64c6add8791e566a5d7010f52382b468a3f1672c5496320","sha512":"4a5388c14a734141ce576fb7e988c90418774f74d2641dfda2714951ce30264714baaa6338374f69d053de8e232efa6e658ff156ac04412adcfa3d6c41a3b94c","ssdeep":"768:G7DH6SIfn5ChIqflgQY2z+CR8hUywK3cD:GRIRCm3QY2z+nCywKE","tlshash":"2ac29d5348089fc7b13ac361bf031e6daf96bf09d495beeb10920ac7bb34655ac4d128","first_seen":"2023-11-07T02:37:41Z","last_seen":"2026-05-20T20:27:33.94743Z","times_seen":9620,"resource_available":false,"data":null}},"time_used":768,"timings":{"blocked":651,"dns":0,"connect":0,"send":0,"wait":111,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/img/right6.b8bac159.jpeg","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.611Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /img/right6.b8bac159.jpeg HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-13df\"\r\nexpires: Fri, 19 Jun 2026 12:54:14 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5087,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 242x152, components 3","md5":"b8bac1593a48bc443848bb3a683a551d","sha1":"308b1b03b09b9865605a8210d0829847ae0d27e0","sha256":"10a746b60bfa7ffee5b3cb5d7b628ef08774e826d869a9418ae618da09219b61","sha512":"b4728b8792aab88c835d7058e7ae673c20e2d421d0e23d57b7b3b5fc69b00dde745ba47586721c3f5d05fa36f914aca9b483570011e03ed6e90b9772de3cbdce","ssdeep":"96:WhxxYqBhBnFMEKYhu/hCbjftpvzaHZx+RxXP+1VHaWccmRAi5Hx:EPdn2E2+nba5uZ+1VHatNl","tlshash":"6ca15c81f553fa1bdb8293b099a43f100f217c332be267bea602581c1847ef21479b96","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-05-20T20:27:33.854416Z","times_seen":4702,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-3fd6aeb4.ba19ca45.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.165Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-3fd6aeb4.ba19ca45.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:15 GMT\r\ncontent-type: text/css\r\ncontent-length: 922\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\netag: \"682da6f8-39a\"\r\nexpires: Wed, 27 May 2026 12:54:15 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":922,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (922), with no line terminators","md5":"3701036a35bcea856e89f00d36781e8f","sha1":"b63d63b209ccc2d1402c31a15d1d83edfe17d7c9","sha256":"a1e235f84b6314672b83a7044c2002663ee3a911f57b6d40232c5a0677b4bc32","sha512":"704ff416fa3d339a2677f78c0648d1991b282fd126cf410e760f7268dcdcadd45e77cc9fddd37352fbd6bfec16b25b97fa60c12c3a07bff3d1bca84c13f91903","ssdeep":"","tlshash":"04119e73a125d932e9332d77674494def19188e2e6428739bee7690cc08eb539621304","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-05-20T20:27:33.835428Z","times_seen":2082,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-fe46833a.bc2ccf60.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:17.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-fe46833a.bc2ccf60.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:17 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-1109\"\r\nexpires: Wed, 27 May 2026 12:54:17 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4361,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4361), with no line terminators","md5":"e989d8fb29569d25ce281f8cdae4c061","sha1":"b5aad17af3ec59c1777d4234d41c4aad5befc2f8","sha256":"8e458e4d9bd8f4d0d9cf52f9f2a046c5b6fb75fce2a129ad0a7c0e9aca1000f9","sha512":"f222ca544e1abcc98405c8ff3c1aadb4d36c754f0ddf6b65262cc9e4453523b8891d6891aecd03d4d04f2cfece7db3cb03ed825819d7355aa88b78aafa8cd89f","ssdeep":"96:JunACr3IIIIIIIIIIIIIIIpG2p1Vum9Ix4tvyE7mtNoXE6DEsCtK:3WIIIIIIIIIIIIIIItt9IxOhmtaXvDF","tlshash":"d1918746e9f2d371fa2b1a3f684572102d304fc893aac4456be57efb218447e0b7b694","first_seen":"2024-11-12T14:47:34.679847Z","last_seen":"2026-05-20T20:27:33.798854Z","times_seen":785,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-04-14/d26d36b6-6435-4071-a1ed-647cf4e9214b.png","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.163.33","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.429Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /type/2023-04-14/d26d36b6-6435-4071-a1ed-647cf4e9214b.png HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: HiQ0x0qpqLWn1otPxHXS0EiFXXlQCG//fzzptiO+ejm5xLRD348n70KbnBc5HCJv4SI0MZp1b7Y=\r\nx-amz-request-id: ZVETZM8QBEYH7VJ3\r\nDate: Wed, 20 May 2026 12:54:15 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:34 GMT\r\nETag: \"60e10d77ebe5877fc1c9385748e2cf72\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 180465\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":180465,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"60e10d77ebe5877fc1c9385748e2cf72","sha1":"77082da3f7af090dbcf9ac692bf2ba4e0d699aec","sha256":"f1343ddaa389f3aca6568d15637793f510925e7f88d13a6ff93591a326a66c48","sha512":"1a4999d20713081b41425f1f82ed3e7b5003e8f7024b18986a6f1e759e0cc797f7a0003c2d0e208d14261df253681ebe2795836541ff4ebb82b8763fbe5ce182","ssdeep":"3072:TrvxlqyFWPMUAy9v42Jxd3BDRnD748ezoCrW4rlfBoKamBYuWhNJwhi1nkx:Tr5AxXZvDJH3bnn7etB5fxzYhJb1nu","tlshash":"ca041269530c763929af82bccfdac921eff0210d0a74d75911cbf8e90a7a0bb91f2515","first_seen":"2024-02-11T04:26:49Z","last_seen":"2026-05-20T20:27:33.836518Z","times_seen":9560,"resource_available":false,"data":null}},"time_used":860,"timings":{"blocked":213,"dns":2,"connect":100,"send":0,"wait":119,"receive":283,"ssl":140},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-4f3cc811.c70dd4a7.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.446Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-4f3cc811.c70dd4a7.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:15 GMT\r\ncontent-type: text/css\r\ncontent-length: 111\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\netag: \"682da6f8-6f\"\r\nexpires: Wed, 27 May 2026 12:54:15 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":111,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"6fa0ecf4147c8ce0222c50c699e3807a","sha1":"a77f07547a33f9b6ec67e6eed37629f508f97a6b","sha256":"6943a6d74dcebdb81ed9b48152a94e537946bd452b87590c4179c966722f5719","sha512":"8cc93fbb80c2bbce59ed5c2bf12fbe7ca0c49da27fa32ef1bbaafbf84aace700d4e60931ad95010ae4f7a5405b3e6f475e9ebf8431beb768ddf5d95ac4efb1ef","ssdeep":"","tlshash":"66b0123a734b04fc8c2ff0203f5988b87ec13322e11924035f9c8024451e7027c30210","first_seen":"2024-02-11T04:26:49Z","last_seen":"2026-05-20T20:27:33.858313Z","times_seen":8442,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-50d79b30.0f594967.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.448Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-50d79b30.0f594967.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:15 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-9b8\"\r\nexpires: Wed, 27 May 2026 12:54:15 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2488,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2488), with no line terminators","md5":"4890366680b9e8d4c468a8489db5d4ac","sha1":"d23b2634a28b365388c81e06d4489149c75500a7","sha256":"0b9eaa9bf0012af1f82493c9cf550761f87f87c3a793be2c3c5484aa44cab4ba","sha512":"98d5ae88c2f3052aab4a1139d61329c29395cb24e33e9cb8313ecf136874191df1c32ee68db83dc7d28029a49c8a0c25cd49f02e27e4c6fdb368628d782af404","ssdeep":"","tlshash":"235158712490297457fefa2a9c8676ab3103fd93e61150cd7847871e8cdafd228e1768","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-05-20T20:27:33.946732Z","times_seen":2056,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-55a26a12.61d6e65a.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-55a26a12.61d6e65a.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-19df\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6623,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (6595), with no line terminators","md5":"0e4f4b613f32aeaf6718d1d6a377e545","sha1":"172f0c29faf67b96705d39d6c3410d44fea04fd0","sha256":"aa2fa0a4624b74cb86423a1226b9a8257dd8e05fd054f46e1f6d8573c4fe734e","sha512":"63aeeb814659e157cca0a8c39306840735e5e1e459fa7bb31ae848b02ada0012a7b814fd064abca2b44dd45823dc74f49e5baca63940954b2e57060bd230a322","ssdeep":"96:BBljrEdln4vrjYXkLIuGtdcskBIHKKFD7AkMTEWgvbVPLYsoqfZTx3:Brc4Dj45uGtmUbD7AkMAWspUsJfr3","tlshash":"77d1d79ea518f80d4e1b9112301d25b2f5a93ae5b024c9da773dc8fd619cd102b2eb79","first_seen":"2025-04-10T12:19:43.537422Z","last_seen":"2026-05-20T20:27:33.875441Z","times_seen":246,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-ec5b203e.d04e979b.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:17.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-ec5b203e.d04e979b.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:17 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-149e\"\r\nexpires: Wed, 27 May 2026 12:54:17 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5278,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5276), with no line terminators","md5":"071f910a1d9312d71717e6cec4039454","sha1":"5227e1dd81229ec57c30d58b31f3cdeb31288601","sha256":"49f103cdd86cb4042b578394be2176f37d494d917cf2ba80038ef78dead2c178","sha512":"b86fb4934b532501eb30f21b2788ae632785317d79475d9679a3103432c8a43e491a85f6f771be2c13fe482dae4e37ef2207a75a82651c307afd2072e73a6331","ssdeep":"48:lD58YPcPy52aj+WWWgSO0+u4jQAF2GB2N5Ydcvp6T/KtLS1gRSpDzwZSkVxUiFNh:V7+WGsSBkVKoLVYIZlUmJwGitAt4HK","tlshash":"9bb1a586b043606cc95bb412311f6a35b4a62fb4f405889ef37ddce49a98d10772ebb9","first_seen":"2024-11-12T14:47:34.675281Z","last_seen":"2026-05-20T20:27:33.88948Z","times_seen":761,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-0e287aba.c3acef98.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:13.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-0e287aba.c3acef98.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:13 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-1ab2\"\r\nexpires: Wed, 27 May 2026 12:54:13 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6834,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6834), with no line terminators","md5":"f7b1de25905c81c373dba149d03c31f9","sha1":"862e37406535632dfb53a15f6a89c16efb3c94df","sha256":"e75dbd8d3fa49fec96c2b893018aed78a616974cb812b015636553d832881751","sha512":"5a2f0034e39196a38ce44b9d9cc46301069bf252b4f092c46db65bcd45a55ed05a6b53bc8241f14a5f5390b530394bcfb0ffea60b21c9262d0b669e07fd1707d","ssdeep":"96:Zsivfdy8lOFD1vq80WV/LPxDmvo6SOwUu50NJj9MC2:Zz33lSD1v30I/LPxDWrhxuuz+","tlshash":"56e10ff2f231112f7426953be18389e8bc86b10dd3ffc656ff84b514daa9182063518e","first_seen":"2024-03-24T18:07:06Z","last_seen":"2026-05-20T20:27:33.778209Z","times_seen":1954,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-8dec02da.052b31b2.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:13.552Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-8dec02da.052b31b2.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:13 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-80f1\"\r\nexpires: Wed, 27 May 2026 12:54:13 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33009,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32973), with no line terminators","md5":"a8bedd7667d1917be39e7abd2e842a7b","sha1":"1f9e52a708378997e9fde79b112a752c22d29e7f","sha256":"b2536af43023e1f84b77308e0eb7d96bb59a9ee7b1a5131bb63827b4f50b2bd9","sha512":"7edf70598e585686abd39e67d190377111ff0105553fabfde5e4851a07749b4dae852b5886746935219180db51c92aeaf14c1141772c19d24d8c6d8340ad5ca2","ssdeep":"384:DzsnfX8TCU86ZbJaMsS0CnlDKalAeuMoPu/QWoYkWvztFhY+1J8c:uMTPsSznlD4W/QYp/Yjc","tlshash":"88e21a4798816c3d8f57615a341b1298fa362f85d442cc96b53cfde9e2aae30330b76c","first_seen":"2025-04-04T11:57:58.040522Z","last_seen":"2026-05-20T20:27:33.791729Z","times_seen":8,"resource_available":true,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/fonts/iconfont.0080bb9b.woff2","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.050Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /fonts/iconfont.0080bb9b.woff2 HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fbshop.ffbbshop.shop/css/app.cfe41071.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 5212\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\netag: \"682da6f8-145c\"\r\nexpires: Fri, 19 Jun 2026 12:54:14 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5212,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 5212, version 1.0","md5":"0080bb9b021fc0823608910adc2e5fdb","sha1":"b03c86fc4fb5e0542122925d2eb2468cdc842dd3","sha256":"a72e9b48fd851011d2e52a77ae7f72b6de42e4647182c7bae3ca49edf3347af4","sha512":"aa68b80986d5ebce07a92a36839e2b7f4365932ac12c992864ebb4a4e49ab9964e39464d9da1b79a0f963947a669176c3f65b23ef4e4203e520a790bfe6b0756","ssdeep":"96:vSvxwJyBbfhD1WrBqAFtlzkqV4tQWGRGQX/rZHhxm9Sy4kUf6:vS5H1p4FtlwqV4tOGQXtBxm9SpkUi","tlshash":"94b18f888c661528cf387a353840367dc9a3130db636e49acae41f1b57ab78a0159761","first_seen":"2024-02-11T04:26:44Z","last_seen":"2026-05-20T20:27:33.94203Z","times_seen":8030,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-83fd3762.bbf1f88d.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-83fd3762.bbf1f88d.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:15 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-8db\"\r\nexpires: Wed, 27 May 2026 12:54:15 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2267,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2267), with no line terminators","md5":"8c6c2e32d246f43938c015ddcdeb69c0","sha1":"b6c0900796b2f918e95196d1deec6b6bb23de45c","sha256":"2286584045d499c3f6d7e0178051e8cee89b1e36412f7e91b095f677e1b46c73","sha512":"9bb9bf502e8cfe654b271eaa74dfbc90f633cc0ffc25cd2811f89643b603d79584fc1396ad80f23b84cf54beffa20f21ab81a34c3f799d0b7b6cda721418feab","ssdeep":"","tlshash":"5241c0737065617ad9b3e36972419ccc7a81f243e3b352f8fe95e43c89c2aa2193019d","first_seen":"2024-02-11T04:26:49Z","last_seen":"2026-05-20T20:27:33.849599Z","times_seen":6364,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-91f4e7e8.054674a3.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-91f4e7e8.054674a3.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:15 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-104d\"\r\nexpires: Wed, 27 May 2026 12:54:15 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4173,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4173), with no line terminators","md5":"d26838e6fc6c5713d841649b06a47e9c","sha1":"7681e0887d8b3957920c84e07fe95a1f8a22bca7","sha256":"5d0e36aa6715f146ee4979217b130ba8e86c334c02758895220835a2366d5a01","sha512":"d01fe57c48c7685b7f14f29a50d61418040c66ed4c756276c25108e74dde577d4c79841b9d3690f94799cb30a1ea691dba49e71870b97018d2d57291026f90d3","ssdeep":"48:jMxKHcoeYHjMBgquTy/ra6oYkAryBxzYpUfRmua+IzvtTm5rx2/6iYrxXfZsfZyK:CKHco56gNTwm+yNfZsfZyZZK+8p5","tlshash":"cd81ee91712c94266c73e07b309e455e6e54ef63c012a3589c56bf3e8c932e32e707c9","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-05-20T20:27:33.943216Z","times_seen":5287,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-2d3b15cc.80446ca5.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-2d3b15cc.80446ca5.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-3737\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14135,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (14135), with no line terminators","md5":"0176ef36ffee56cb6188b59e51d21543","sha1":"07b3edeec81f8a558bf5640ef81ac982f40213e7","sha256":"b891fefadeb705c55ddeeac269f8a533b6e2cb120bd3ca5a2c5fd95e1fb75b19","sha512":"615370dec71fb8d2311c1faac8ad47625eb24fa27188941a2e3540d5d43b953de3c5e7dbf0d27acc448e740f9546af4fcaff6b0b52e9653bc5a7f3db1aac3b0b","ssdeep":"192:Z/gCcnE518R/LIT42vVsODCMSXc61qgCI9pn5VrrQ0l+4ceTr:ujLITV9sAKXj687rj+4ce/","tlshash":"2e52d65e70bdedb889aa6022301a227871751bd1f4054cdcb3bccdb85589ea4a32f77d","first_seen":"2025-04-02T11:41:13.195378Z","last_seen":"2026-05-20T20:27:33.785858Z","times_seen":24,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/e1158c3f-a786-4374-aab7-3f4dac76589d.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.163.33","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.459Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /type/2023-03-29/e1158c3f-a786-4374-aab7-3f4dac76589d.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: gLPYX0Lrrv5CbcCwn071F3I+4gEz3NWoGryWkb0ssArJmkkDJjQDHa0IrcVmiRnyQtmggMC0Hrk=\r\nx-amz-request-id: MEYG5AP976AYP2XR\r\nDate: Wed, 20 May 2026 12:54:16 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:19 GMT\r\nETag: \"dbb5460537325e381060d6a696bdabba\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 66319\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":66319,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"dbb5460537325e381060d6a696bdabba","sha1":"852c6ea174a0fcdd7e7351b5bc5c1ddc309d87a1","sha256":"3ff029feb7f2d1b0a7bffa8d5060030474f569524abd014585f373a17fc09695","sha512":"404f949ebbad69f94ae8b173c2c1d8807599df69c51675e3b0e06bc0953f94f95a51914abd77bf684dc3c5ff42249defe6152bf148f4aa8c1515fb8d29879374","ssdeep":"1536:Gi+tPxNX6ucnz4Zw7vPYpNuirA5gmQGo1CISuKbKNiI:F+tHKucnz4Zw7vPYxUpPHIS7KNh","tlshash":"cc53d0a31a450fd35629e3e67f0799284fc65b8d94e039ee11d358e37ba13b3680e11e","first_seen":"2023-11-07T02:37:43Z","last_seen":"2026-05-20T20:27:33.811139Z","times_seen":9808,"resource_available":false,"data":null}},"time_used":954,"timings":{"blocked":745,"dns":0,"connect":0,"send":0,"wait":115,"receive":94,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-2e9b19e4.8da1d826.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-2e9b19e4.8da1d826.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-2ed4\"\r\nexpires: Wed, 27 May 2026 12:54:14 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11988,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (11988), with no line terminators","md5":"24239fc2953d2a22d7cd5c5632dcd4a6","sha1":"f33b1a460541a32ed04732f26cc49d070b656e2a","sha256":"d31737889dd96d092a914e02a996629ee1097ba471cf1b3bda901d48dcc6a855","sha512":"40de2fde9884d94a6d6196f6b6e39cba8f36a05f289451d7b20e1a6fc82b32cd8ca02c47207a67b77769ee3d72c59ed7250232661a7269b26a92006ec8f56b68","ssdeep":"192:Iz5sbKYxgCtCowY2duLGm7AtmIfOxoi7k2Xer4p412QRAelWklFbaiWsAXU:i5s8CkC2caIIWxoi7kGerMscKYtsIU","tlshash":"a1320a72a072a33da927f1a574a8a8e83440d526dd9383edf654713cccc62e32672f5d","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-05-20T20:27:33.920446Z","times_seen":827,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-96625288.b488a9b3.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.859Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-96625288.b488a9b3.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:15 GMT\r\ncontent-type: text/css\r\ncontent-length: 455\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\netag: \"682da6f8-1c7\"\r\nexpires: Wed, 27 May 2026 12:54:15 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":455,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (455), with no line terminators","md5":"349139296c5738f2fbacd031343b6bff","sha1":"db2e6346f94985d180c7081db376465748e60841","sha256":"d7ce0fa60daadd138b9d842897feceaba382258f85832df2680ce83f43f0cf4d","sha512":"066cef44f8abb789338e33e9adfa7983344be69f276be860abeac2f458d3993eb3e6180547d19487e037f186631c9477d0cbe3c907371d9facfea31cbbf86fd0","ssdeep":"","tlshash":"ddf05c562b1a61baf8f3c02f20420aeb7117cb4f531bc07957a2e631c947a8b6f71460","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-05-20T20:27:33.943927Z","times_seen":2087,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-376ad29c.e8935e8d.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-376ad29c.e8935e8d.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-c5b8\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50616,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (50540), with no line terminators","md5":"112508db2a4f97d5fe0d447612326596","sha1":"79fa6473e6ed90f4f813f6f8115030fae27563d2","sha256":"2b8c299b3f75fed53d7c40b189fc7602cac1a6cedd1aeac6c3e8756977cd6032","sha512":"958faa42fa4aaa47075482517423f4a899a1702a142df69251ab9e1485863e3cd50d6eeb4f015b5a8ea3d73ff7803a5a45879cb9d112b45304159ec8b33c5905","ssdeep":"768:wXmuF37KGbqweV4GQ2jlWSBZlV9PENwHR3JHmk4qhPi:aL5FPMZHHaN03JGOh6","tlshash":"223309576228b86d5e6756a2305b3060a2a43be55408849fb27dcdf963dcc243b0ff7e","first_seen":"2025-04-10T12:19:43.480234Z","last_seen":"2026-05-20T20:27:33.921771Z","times_seen":18,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/wap/api/index!download-url.action?lang=en","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.232Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"POST /wap/api/index!download-url.action?lang=en HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://fbshop.ffbbshop.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":59,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"bcbda084453257ab0e3a5c0bd8caaaee","sha1":"9ce7d09fbb1a62a25c2eb9f328981a72a576fbc8","sha256":"2f47fe19492f889854f2501149ea3e88caf38636080c079e3436212dd619a327","sha512":"a839b560b88feea03d758b13f0f1be8108dcf3faa20f63b311dca1aacb239d468672e24b065ce6cc919235af2f6d4468a225a3dd84073687195c300f1c185de7","ssdeep":"","tlshash":"70a002925749594a460b1589a45c7f48459e1ea749c1a713cd489f6088792b62025a25","first_seen":"2026-05-20T12:54:52.411649Z","last_seen":"2026-05-20T20:27:33.771858Z","times_seen":2,"resource_available":false,"data":null}},"time_used":297,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":297,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/img/right2.23d3e322.jpeg","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.584Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /img/right2.23d3e322.jpeg HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-1b42\"\r\nexpires: Fri, 19 Jun 2026 12:54:14 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6978,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 242x154, components 3","md5":"23d3e322bf2a163abb5e4331580d3d7c","sha1":"dc9cc27e86b9ab385f24a1ebcacc102b8fee6d12","sha256":"e71173feb88bfac5f997753ceac015ca23f31f9f2234a8083be8a5a4d4e6bc20","sha512":"072c55f9d2a58fab3e13393b1f401d1302aa3269b405f85fdf99a86e9e8860bbc4182db36bf5acbfc6aaa9cf492dd69d194e70513d0f28b4fa287cf6b8b1d0d3","ssdeep":"192:E87ECyhHACQc4X2g7B0WiYHgv+YLX8RrI9GMftmR:fECKHACQcBg7BUYHgv/Qt","tlshash":"9ce19d5cef89ba61df29a13b062535093b23560a7fd297ff754c6c10e956c3056d8051","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-05-20T20:27:33.807466Z","times_seen":4651,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-2b19c21c.0f15ba9c.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-2b19c21c.0f15ba9c.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-1f3e\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7998,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7974), with no line terminators","md5":"6885b2f2a0e647d5d34aee7678e6af81","sha1":"60a57b59a7d3d42e872a1d4e67c65a08370aea5f","sha256":"6782506b89444940e18b5390cb28cdb2f8bec52ce610caf4b3e83472fbd51d2d","sha512":"5647c610eddd596de69abf3c9b826bfe6f0d625f901bbb66ba0da662b2a3ea8c688d52c999342a271dade6428eda2fe2ba223690a9751d9e4a0b5d1f57d97c6c","ssdeep":"96:rfx+E6Ee08/8dv73tO2y5/Ifv6EE1RbWVu0aAfHZsALbYiG++T2GZG0/McEaeUUz:1w//w73UlIfy3AVraEGgr1bn","tlshash":"18f1fa4690036868cf5e508160297e34f4b53ed1b952dccaf7bcccf891a5aa5334e67d","first_seen":"2025-04-08T11:46:55.789599Z","last_seen":"2026-05-20T20:27:33.783798Z","times_seen":347,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-3805cfd3.0c310517.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.477Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-3805cfd3.0c310517.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-2b5d\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11101,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11071), with no line terminators","md5":"bbd079037d16bee8a5b8453b143192a1","sha1":"50b0d69c3387d9b75625b265fedd002cf66512c4","sha256":"5ca8e9d485336ee4f2dcc14eff73d3a6f5dac42d227e1587ee3d0b597d26aebf","sha512":"e00adc2e18667d2479596966d23a36cb1c26bf698af0f7eb2f1dc7efb0e1b26118f576c3433114a94189ed2fe481e26ad4587ddca5b9b490f475a9ba91c19fa5","ssdeep":"192:/xthRrXBrR25SC/VnwpxkevPXwGD5H/wHO/3UL5ZQe3cO/sojj/Th8U5vQERneHY:nXSYWVw0ev/7Z/05ZB3cO/sojj/pRRnf","tlshash":"c8320b883195bc9d0a27b0f1606f7457b0968e82240d1b42ebf485bd79fbd2b970376b","first_seen":"2024-11-12T14:47:34.624568Z","last_seen":"2026-05-20T20:27:33.801445Z","times_seen":449,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-59b3c64c.fefbebb7.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-59b3c64c.fefbebb7.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-3b60\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15200,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (15170), with no line terminators","md5":"3e55fba4f66b29e90401fb4edcf4912e","sha1":"e2c849cafca1b7e0df938b3065708bc08c968c28","sha256":"4cdd6c030230a76d5524ec056920221ddd0e9c216bc0f55f7b9c71f5b13c4b31","sha512":"02ba0349782aa8e29634eabcf11bc13af2adb1eeaa4244307712c9987a5c3cdf21eccfad6e53f84bdfd1c01fe45c92d950744385a27fac245ae57941739629e1","ssdeep":"384:bXn2CRNgwJ3INfAKA5kzqXbFk56MoswZRL:bXn2CRHIOk5kRL","tlshash":"076229122185b44e9b764172316621a171653ac6d40df0abb3b8edfe32d9c18372fb2f","first_seen":"2025-04-10T12:19:43.484838Z","last_seen":"2026-05-20T20:27:33.827155Z","times_seen":18,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/vendors~app.72d2c294.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:11.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/vendors~app.72d2c294.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:11 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-359500\"\r\nexpires: Wed, 27 May 2026 12:54:11 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3511552,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (37875)","md5":"c891d33c809e3a3a3d7d02206004f2db","sha1":"0024ff7d9d59f7cfeb8c1eb1539603ac73f843af","sha256":"13732a8f489d816be56bc6d426fb31699a91f4a8aef17f818101f2bb24ba779f","sha512":"6307a45b92d1bc6f949648272faacb2a781a9d0117a85f43cf720060faf2cf88441adcc71061b724ed9c2c405b3a16875826260b3c6c94ddfe999d81115a8bbb","ssdeep":"12288:takzkO8PkyNpsaAdVISW67f+7nIdLqg9abWD9DYVsE9pUhJM:takvPygaaVj7f+7IdLZ3eVsE3F","tlshash":"2a3529dd7285b42253a37074407f250bb33a2959680e8458f665e8dabc7da4e633bf3c","first_seen":"2025-08-18T11:53:05.446773Z","last_seen":"2026-05-20T20:27:33.945251Z","times_seen":6,"resource_available":false,"data":null}},"time_used":478,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":478,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/img/argos.5de82920.png","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:13.982Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /img/argos.5de82920.png HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-36be\"\r\nexpires: Fri, 19 Jun 2026 12:54:14 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14014,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced","md5":"5de82920b5a7fcb28d08995465a5c8a7","sha1":"80dceebdabdc936c6baf4f01a8d6f6f176789bcd","sha256":"bc6b09c4de29fd733f38748884c176f21f19d3bb449481b9c8236ed8b50afa4c","sha512":"e9e8efee550f08da413be218d4d7d3340dc35bdcae60151bec4e84aa78d6fb66636e44f64b7b9195c3f4210b9f17dc1bc4f2534e71b645f7afd96c2ade3ee8fd","ssdeep":"384:m+DWfH5CT5ZpxKxAMVjKiqbIpQDGMNlBijBy5c:mJfHU5xEAMVjKiqbIPMNlIjBy5c","tlshash":"9b52ad56d3714076eb88453c250b17263b352073a5b7520f2abb26ca5cb2ba23b71fb5","first_seen":"2024-03-15T18:45:46Z","last_seen":"2026-05-20T20:27:33.828324Z","times_seen":499,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/img/Facebooklogo.24852693.svg","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:13.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /img/Facebooklogo.24852693.svg HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:13 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-930\"\r\nexpires: Fri, 19 Jun 2026 12:54:13 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2352,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"24852693938555e2dfb342e0859e4ae9","sha1":"6fb25bcea2ae71a258d2076698066fa7d04583b9","sha256":"b636b0b2c302d36db81b84e3a82ce25f854194dec766a71ae407b55a72479632","sha512":"2ee7faa1ba5ae75a6c066970299104b1c503b74b1e114356f1953fab039a5cded42cac806799b9e10f20e00ef5aff78007f9f57463fce3dfb510840754adf409","ssdeep":"","tlshash":"9d41d675e85f6f1a90ad8903413cf1632c2312ca39a88e4d39a03a78d88657a6e7066d","first_seen":"2025-04-10T12:19:43.473404Z","last_seen":"2026-05-20T20:27:33.946015Z","times_seen":18,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/fonts/element-icons.535877f5.woff","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /fonts/element-icons.535877f5.woff HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fbshop.ffbbshop.shop/css/app.cfe41071.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: font/woff\r\ncontent-length: 28200\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\netag: \"682da6f8-6e28\"\r\nexpires: Fri, 19 Jun 2026 12:54:14 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28200,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 28200, version 1.0","md5":"535877f50039c0cb49a6196a5b7517cd","sha1":"0000c4e27d38f9f8bbe4e58b5ce2477e589507a7","sha256":"ab40a58972be2ceab32e7e35dab3131b959aae63835d7bda1a79ae51f9a73c17","sha512":"da269b20f13fb5b0bb4628b75ec29e69bb2d36999e94b61a846cb58db679287a13d0aa38cdf64b2893558d183c4cc5df8da770e5a5b2a3288622cd4bd0e1c87b","ssdeep":"768:gOvv6ExpCVxUtrT6w8ClFd80EjPVerMKBaGXjAlEm:Hvv6xVWewtlFdGjPlkFjAlEm","tlshash":"b9c2e13197213ae9d9824ef876e498fef1651402290f390e8696adb3a98d5c73e16831","first_seen":"2023-04-05T15:22:49Z","last_seen":"2026-05-20T20:27:33.918653Z","times_seen":25684,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/wap/api/banner!bannerList.action?pageNum=1\u0026pageSize=8\u0026type=pc\u0026imgType=1\u0026lang=en","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"POST /wap/api/banner!bannerList.action?pageNum=1\u0026pageSize=8\u0026type=pc\u0026imgType=1\u0026lang=en HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://fbshop.ffbbshop.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":865,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"53dd6ac5a79d871d89b020fb37444627","sha1":"271f2a1815dca38dc42d7fe047fb49c1e1b7edbd","sha256":"1e39a4acd929650c609a0572f365cf56c43d3f63abfbbe7551377103b45d68ad","sha512":"7920d2ceecee00879e6d1b77e5f3e18e574c8ec199716c7265b656fb8108d3655402b7883180b1fe19d99ccbb206906c8f997e03d5367db7ad79daeda43f6e4e","ssdeep":"","tlshash":"c811cc061ea8d454098877828cceb5c4d27ca61b5de68e0ad8adde0c6a34f7c242d312","first_seen":"2024-09-28T07:38:09.675509Z","last_seen":"2026-05-20T20:27:33.940191Z","times_seen":505,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-0492056c.0f4ddcd1.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-0492056c.0f4ddcd1.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-17e1\"\r\nexpires: Wed, 27 May 2026 12:54:14 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6113,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6113), with no line terminators","md5":"9788f5c1eb6e47bac79ab36acc495817","sha1":"32907ce10bd8edfa4ffb56ee347d853b9a5faf7e","sha256":"e2807614374572930715fe74e5222b8fd8193aa83529b9e7fd7477057b0223af","sha512":"c1b35b2041203f68190891e96b7e6d4e95b817976b8c327208c713336d95abb284895bd5d912cbe45de3a373337e216fd071b1b11e789f5745e2939a34b79227","ssdeep":"96:VTdRiowyLNQRLCQz4UsG8OOOOOOOOOOOONaHYUt0bgCusCoG5YNDwTsoQiEbLGV1:VTdoJaQwQz5sbKYxgCtCowY2duLGm7Aj","tlshash":"44c11c763414a83996fef56998763acbf006f813d00991edb740a76cc8e3bc62db4359","first_seen":"2024-03-24T18:07:06Z","last_seen":"2026-05-20T20:27:33.825031Z","times_seen":996,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/b07acf47-c478-464b-b17a-ba9226a7e00e.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.163.33","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.453Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /type/2023-03-29/b07acf47-c478-464b-b17a-ba9226a7e00e.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: 8hJspDw5dMzHAJlE7mwY8mu5BAHUUhf2dfBMW4uOUbt1XRvrJdF0+4QrS+qztlPKQNFpxj/1Mtk=\r\nx-amz-request-id: MEYPXK61QVW3R6D7\r\nDate: Wed, 20 May 2026 12:54:16 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:18 GMT\r\nETag: \"3cadf1789eb8f8d80a12e5ad0e19ea67\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 26582\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":26582,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"3cadf1789eb8f8d80a12e5ad0e19ea67","sha1":"90a7bb2b2bf9588a95f5895d19564e8e0d7a1b01","sha256":"4a1e05ded030983d325fa2a293dffeb39ce70d4948634927f6752dfc6d2f1dbe","sha512":"9236112d6c6dad19ae6b463f258f73caf2470a6f375251a68b7a2f36df53573861a75fe032c86ce6494978e164f514ffcc85e2b20fd04896b014b9a038397a06","ssdeep":"384:G0IuovjpguMrZYtx3ebUIAN+sXub/t4fgq0i9Iun1k2ij4i71P68:G5uoLubd4Ub0AM24ecIGBiHc8","tlshash":"cfc2bf834a448f837859d3ab7f631c408fce49ad85d5b8df11e74243bba673a008e96d","first_seen":"2023-11-07T02:37:41Z","last_seen":"2026-05-20T20:27:33.911003Z","times_seen":9794,"resource_available":false,"data":null}},"time_used":751,"timings":{"blocked":632,"dns":0,"connect":0,"send":0,"wait":117,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-2d216070.9fbf6d60.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-2d216070.9fbf6d60.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 358\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\netag: \"682da6f8-166\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":358,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (358), with no line terminators","md5":"49fe497cd9edb2b28ba875d23798f2e8","sha1":"4566de79364cbcacd8d047f3195955966c39d5dc","sha256":"90dc47eaa9fbfcae6a6863b1e07bcee10529f6f2f9e76c71382903052a141c94","sha512":"7e23f31f49f3467b47e056f8681aa3921c42695a13481351bc3b513b55c43a0eb4b2a9876d43162cf4599e5cf78f608c7954e19e91c8fc52431eb14de710bf4f","ssdeep":"","tlshash":"09e0c07420b37e6c522d30ca237f1a66951e2c050ad788d019a4d09a713761f4224fe9","first_seen":"2024-07-30T00:39:10Z","last_seen":"2026-05-20T20:27:33.81487Z","times_seen":1529,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-3581ccc6.a23e5a55.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.358Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-3581ccc6.a23e5a55.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-1fba\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8122,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (8122), with no line terminators","md5":"7d6d8648447e34e1a837e2933d327009","sha1":"77e98b711522629e147142f99e38930f05db9cb3","sha256":"2c2dc3ec77931bae7c36f9f6e5f50fc22aa546644926eb46acd1a2bc4ec548d1","sha512":"fb3dfd8bb560abe894d500f69c15edd545d1fe1eed3f83261f9bcee13cb0ce600aba0911ae10766e1538265af897801019034fcf0fcb9730135e236193674ad8","ssdeep":"192:AiJzgOfNauB7ukUxcZ198zdvyvlcC0POa3R4:DgOfNa07uh8kW","tlshash":"2df1a6427019a55cca9ad023312959f4e3ad2bb0941158cfe33ecdb971dcc61774e779","first_seen":"2025-04-09T11:53:08.878846Z","last_seen":"2026-05-20T20:27:33.786855Z","times_seen":340,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-5dded65c.bc4b5c02.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-5dded65c.bc4b5c02.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-687c\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26748,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (26747), with no line terminators","md5":"47004a9957d295bec6333ba6a869b8ad","sha1":"255a616dc614c7d9b921fbc1a1ac1b2ccd684b6d","sha256":"49d4848918823d80b517e7c7d2a1b062cc96ba0899ae54af3b428c76cd5f5e5e","sha512":"f17120ea5e18191e544ceb6a8918cc8020e92b6e5907646852872ff820fd00f1cd3601f848ff236874b8092618dc8c2a37c7ea9856cf8c49e4951213a7153ee9","ssdeep":"384:gev2juL4Z7nLvLircP7373oaIkVNGAylP6KHXa1lDr85Th71ls:3v2juLoLvrjrYTBXP9IlaThvs","tlshash":"dfc2f9dd75d0f06d52e334a000aba843b27b5a09b41c1c60a312d9d97876edad3bff69","first_seen":"2024-12-15T17:27:17.80465Z","last_seen":"2026-05-20T20:27:33.851206Z","times_seen":149,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/img/BankCard.915c01e7.png","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:13.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /img/BankCard.915c01e7.png HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-5379\"\r\nexpires: Fri, 19 Jun 2026 12:54:14 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21369,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 237 x 152, 8-bit colormap, non-interlaced","md5":"915c01e780c3570e792c2f37f2890069","sha1":"470ba5d1124700ad3563ef97773106b365ba9e9f","sha256":"7d9a26a24612d89ee6a130d9c7d13b8a9e61def83e43061d9087c060858ac7a6","sha512":"8521827f0ac72aef6a3aa718f503640fa8bd114258a78a4276fa591c9ba47f7377f7da84465559551bd1eed5c95cd57ba65a28a3df1ff79dfff2eb8346cf0400","ssdeep":"384:2qqHrBkzsYwbh0fdYV8qp2B3BVye4WpO+wQZJbyVu9fbhlKYpe5gyOXlaRLMhkfI:iLBusYTeV8E2NJf4yzKCxUdMuA","tlshash":"40a2e0f808179f255a97365d4efef60c9c5af7189037e453f902e4e645dc0c90aeb618","first_seen":"2024-03-15T18:45:44Z","last_seen":"2026-05-20T20:27:33.859795Z","times_seen":612,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/wap/api/syspara!getSyspara.action?code=customer_service_url\u0026lang=en","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.231Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /wap/api/syspara!getSyspara.action?code=customer_service_url\u0026lang=en HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":58,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"87f201052e0dc6c3b8a4a53b83bf44b5","sha1":"f6b152fa79c655449e9e938e4417a5676a2e06da","sha256":"fb522b0841e80aac3e1cb4fe0f613ae4bfd87fcbe1c03d0137e5c10fbdb86cf4","sha512":"8f854611a22d0fe5ab058bb7ae25c79e995dcc20396f0e64e68aea6662f71cd4144e3378ca1d648d4e3785d96bdb9522864359c14da34c69bbcbceb0bd412777","ssdeep":"","tlshash":"8aa00200146d582b0ca364896c6d39548a5e615348d09f246f99a66440de56d1004429","first_seen":"2023-12-01T19:12:11Z","last_seen":"2026-05-20T20:27:33.770838Z","times_seen":6090,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/wap/api/banner!bannerList.action?pageNum=1\u0026pageSize=8\u0026type=pc\u0026imgType=0\u0026lang=en","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.398Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"POST /wap/api/banner!bannerList.action?pageNum=1\u0026pageSize=8\u0026type=pc\u0026imgType=0\u0026lang=en HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://fbshop.ffbbshop.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"f2982955040e03da061e625bb0bf375c","sha1":"20181528c67d8f347372b93f90d96e7d6c3cfd0b","sha256":"aa16d955b045de5c2728a37653d3f51d5f24f6e43879c0214e7b015079356608","sha512":"503575abcbe6db127825c8225d96bc0142d885aa83f74e8b5558ede44b0668ea953ffe7d3087c4d55b98b8550f776ebce4c989e93d571590ed8aa03789e88bb0","ssdeep":"","tlshash":"b49004403c0d1c17040fd545f44c3540455c315307d4c7300d4c5730415f1753d04570","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-05-20T20:27:33.796225Z","times_seen":7265,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-356c00b0.3a3fd33a.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-356c00b0.3a3fd33a.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-1655\"\r\nexpires: Wed, 27 May 2026 12:54:14 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5717,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5717), with no line terminators","md5":"e79c00cb7ca8983a851123ba2995282b","sha1":"d6439cbac31440161232b30bde84f72dace6f3f3","sha256":"1f395dbf216fac976c28ad9a5d7310f5fa0a4a58d6465be836fe493c7d9cda06","sha512":"96f881d710f575d2d4f87a2610d16c2b87fb5874dc4afda800ba5f175e57498e791ff40889a3e3bb4998df8738bab4f65f3f790ba6fe077954a434d181ee9d17","ssdeep":"96:GXz4UsG8OOOOOOOOOOOONaHYUt0bgCusCoG5YNDwTsoQiEbLGVk7AtWA2WyUfsXR:Iz5sbKYxgCtCowY2duLGm7AtmIfsXR","tlshash":"3ac14c7be839f03eb52615b9317819ceb814d806e1cd8775f748772cc4c30932b2925a","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-05-20T20:27:33.925996Z","times_seen":3224,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-7c3eed5e.a5610556.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.700Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-7c3eed5e.a5610556.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:15 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-190c\"\r\nexpires: Wed, 27 May 2026 12:54:15 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6412,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6412), with no line terminators","md5":"0633ee4661855b6bbe621c11916c84cc","sha1":"4c0a2a81e69522697b1cbaa7338158639c4aa12c","sha256":"fac6b26cf761221c13291fbb469530d8d6caecfc22f09faa1a9e562bf15ad127","sha512":"b2441da78e3cf4a5c847805eac6921d852bd2f17db15b012485357a438eb0d41d84c853e8ca0784803fefd8a7315d0426b19bc78f310cb23ca2a9818fa232830","ssdeep":"96:+jWBPlmQKmYqqxrnY1vfqQrFvniDypkpNhD93JlyIqdUPY8:+jGPlmQKd1b8vfqQZiepkpNhh+IqdUg8","tlshash":"90d161b2b5b5426a7d3fe3b822d4e4ac75049551e8629be6fed4d028cbc2ff35410b08","first_seen":"2024-02-11T04:26:50Z","last_seen":"2026-05-20T20:27:33.834272Z","times_seen":5222,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-09-27/de5825e3-c72f-4186-9503-2b6b89af399a.png","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.163.33","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.375Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /type/2023-09-27/de5825e3-c72f-4186-9503-2b6b89af399a.png HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: N2oJT7Wj6ydA9CFibN5SvQa0wYdUKz0ni/DnDpud0RE8xXEQxQSKq9UzGQspz+eDiFw14oo4f14=\r\nx-amz-request-id: MEYVMFAGB6JS6TVW\r\nDate: Wed, 20 May 2026 12:54:16 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:35 GMT\r\nETag: \"fe338c9b5d010848cb21a1db76fadf7e\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 227074\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":227074,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 704 x 314, 8-bit/color RGBA, non-interlaced","md5":"fe338c9b5d010848cb21a1db76fadf7e","sha1":"45eb4551bb82a4993dbc63c4bbc236b89b52fe61","sha256":"eac06e949524de896c14555b703c2a7c6e63c573083b7544a336f8c027fdde81","sha512":"e12280cde3ef9eb88c6ce4af8447dd342bfda378d30776541085a725f5624aef98c048e18e724f704b821de16afd3ff424fc4ad6649908c6885410f616111936","ssdeep":"6144:vIwTgSDMGq8hLz6R+CxH/SNXquhJbgcqnHNo3mznP8:gfSQGq8hO5/EDhZa23mD8","tlshash":"582422ae161261137fd59cb23cd193ac335797989d8dc1deeec305603eb802794eb886","first_seen":"2024-02-11T04:26:46Z","last_seen":"2026-05-20T20:27:33.766953Z","times_seen":5097,"resource_available":false,"data":null}},"time_used":880,"timings":{"blocked":671,"dns":0,"connect":0,"send":0,"wait":110,"receive":99,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-3805cfd3.85ee17e2.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-3805cfd3.85ee17e2.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: text/css\r\ncontent-length: 410\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\netag: \"682da6f8-19a\"\r\nexpires: Wed, 27 May 2026 12:54:14 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":410,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (410), with no line terminators","md5":"fc805b781c89c799b666c4fbc4aeb200","sha1":"fd06224fae1c2c2bde5a18ae89ad003e03d5fef3","sha256":"a69b97003c8dfe86e112829516ab7dd637a12b08508d6cb9049741ea93868576","sha512":"2c06b84040f5df4f5486d754fa36dc5acfd67741c94e929f9c94994c1e7e71898c1fb336dc6be4e8568c2bd0c449b0e34e8f392cee6452d08874382a90856bf6","ssdeep":"","tlshash":"09e0a942010a1e2b2563f42ad0820707b665fb37eb42d2409ee00a080f9b30a38383e6","first_seen":"2024-02-11T04:26:47Z","last_seen":"2026-05-20T20:27:33.873594Z","times_seen":6970,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-6699a1ea.cd704402.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-6699a1ea.cd704402.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:15 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-4e4\"\r\nexpires: Wed, 27 May 2026 12:54:15 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1252,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1252), with no line terminators","md5":"b50aad23d365ccde72e78b8313b4e7c2","sha1":"82e1ed3080ed69d8b4384e17044cdcf837769a03","sha256":"e36128c4817614792876d24a43ab454dd8cdd52f66965bb00f14406da9011f3c","sha512":"3929980e42defe71e881ffa97bf69c5d70251a4adf0eaabc203dc87188f3d9da61887ecf8f793b9c6a2861a6b24484417bd3adc1cd46a41cf2a0f14082f92dd7","ssdeep":"","tlshash":"3f21ee67b51163ada3bb689413b29c8c7414c840f5ebebfae906411dc7c72973691388","first_seen":"2024-02-11T04:26:49Z","last_seen":"2026-05-20T20:27:33.861731Z","times_seen":7270,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-2e9b19e4.7a41a3bc.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-2e9b19e4.7a41a3bc.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-7c44\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31812,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (31812), with no line terminators","md5":"f062f2f394f57cb19f3f295cc3dd4bac","sha1":"b31694eee0ac6856f01473b329812450655f96f7","sha256":"908543fc509181305f4b876e57d45ad62fcd2d8f1940872bd2460fbc741e9841","sha512":"38255e9074fd5f75f5f3eefe872cc8196a8be7ac6d6ea855b16078af4d5a03fdd54c5d349018220ea0841bab8ad2c2a14cfd74c1cf7de180ead84fe70cc37c24","ssdeep":"768:RuyZ5rMkR8Fkzhm0IxQJt0SXuqeje72VE2+5z:Ru8CxQJtFXqjeSn+5z","tlshash":"aae23a4f60a9bdb8c88e2021701962397475ab95f04588d8b7bcceac4498fb4735f77d","first_seen":"2025-04-02T11:41:13.200878Z","last_seen":"2026-05-20T20:27:33.82657Z","times_seen":24,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-50d79b30.8f06debe.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-50d79b30.8f06debe.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-ba1\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2977,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2973), with no line terminators","md5":"92e4ffb3291c1b1bb111581f8d927758","sha1":"7a5c10bce073ebb44169254aa4ae420b10d2e451","sha256":"4d934a8dfb333738f164937b79316f89810a6a304ccd90fdab842fd0979df114","sha512":"ab65b2de34555c4d158364e389168490a3bad5684d034e5a24204a4ca8b3df9fbfa8da6f3d7e174a20ff03ab662280942d380a0447f1a0b8d5a15eb5f4849523","ssdeep":"","tlshash":"2a51324d5452f47d898e502a311db734a0713fd3488194beb778ce9592a8e61370f7f9","first_seen":"2025-04-09T11:53:08.930171Z","last_seen":"2026-05-20T20:27:33.798124Z","times_seen":465,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-91f4e7e8.d83b46fd.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:17.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-91f4e7e8.d83b46fd.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:17 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-2fe4\"\r\nexpires: Wed, 27 May 2026 12:54:17 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12260,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (12228), with no line terminators","md5":"4b743cb072cf8e103dca88de891c0b08","sha1":"3d1d26f7e91a7d04eaa0b0d639a8f3a7251d8059","sha256":"bc008e7650db62bff13146028441871de209c405a00def77c12217bbb84e4ac2","sha512":"70a6d48ea6088e8de2fda426d3b9e7ad0140b0e850350470ba7214aa089f49eae529c57fc6271874ead1f3d57bb483703a8c55c21bb217991b1fb3a62d1dac0c","ssdeep":"192:fSBk3KLocZbpVsvg1JbzRJetfNcjjiXcrWD2I5FsSOCBuP5hHBaSLob:P6LoUbRLXefNcjZWfsMK5hq","tlshash":"9b4285067153b52e5d6a81a1300a7420b6743ed94806d08ab6b8cdf9779cc35732efb9","first_seen":"2025-04-09T12:14:46.960161Z","last_seen":"2026-05-20T20:27:33.936001Z","times_seen":255,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-a9f88638.ae814861.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:17.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-a9f88638.ae814861.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:17 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-2a2d\"\r\nexpires: Wed, 27 May 2026 12:54:17 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10797,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10797), with no line terminators","md5":"1e7d9da735bf2a22541458518a91f753","sha1":"7b24d8b364e516752615b61de69680d2adad1f23","sha256":"f3f6758e0ae93f85a10ac111ca67d4950321d0ce5905a65b36ff5c95aaca6af2","sha512":"d00072640d7b5372906fb42a9364744405aa7e633872b0eef3b2507476217e7fa0c63a72ad5caf09e03acf7cdb1ea1b344ac81749ae50cc41c928e911762c15a","ssdeep":"192:Q/sOYPMSXr6HqgCI9pn5VssQ8xs+4ceTyEufSaP:Ws7NX2k8trs+4ceTAfh","tlshash":"2222f60ab0a6a9b8895f4112311aa27871765fd1f40444ddf7bcdca89689e78332f37e","first_seen":"2025-04-02T11:41:13.210054Z","last_seen":"2026-05-20T20:27:33.925329Z","times_seen":24,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-04-14/fb09769f-95b0-4418-bc5a-8f91952ddf75.png","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.163.33","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.433Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /type/2023-04-14/fb09769f-95b0-4418-bc5a-8f91952ddf75.png HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: C+KFyk01HI91tV08Ryd8PbR6EEqXfYom9oHhP/IY+D3kqfK/E90q8hsJ7kjINgBGtWyEb6Cqv7U=\r\nx-amz-request-id: ZVEWEKP2EP9RP77H\r\nDate: Wed, 20 May 2026 12:54:15 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:35 GMT\r\nETag: \"e1d0a17b2eb5865bccc7dff6330f6562\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 147078\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":147078,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"e1d0a17b2eb5865bccc7dff6330f6562","sha1":"c956ae8ac7dc2720241d709e92d963ce814550bb","sha256":"9d0495f4e08deab21e64eb8cbe00de00a937aba37d3ff7a3714f30e551f978e0","sha512":"a6c80898e0109f3b6887861ca36e8bcbad9e7091a24eb9d49e55051ebeacbff242ecf0b192cf45d318948b90d660b97dc520cf870d5d651af386a4cec7553456","ssdeep":"3072:0bomG8J7r42I27eo7oPi6T3gKWN4+ogF1Ejq76Cui8MuXK/vDJMKC:0brr425eo6WUgRuC98M7DJMKC","tlshash":"f4e322ddc9c8a380c8003df5fd1699599a347ea34db476461f637adc7b19648ae1bc0c","first_seen":"2024-02-11T04:26:45Z","last_seen":"2026-05-20T20:27:33.816146Z","times_seen":9292,"resource_available":false,"data":null}},"time_used":859,"timings":{"blocked":213,"dns":1,"connect":98,"send":0,"wait":118,"receive":282,"ssl":141},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/d29f0843-33ad-4b3f-8a90-b56fc21b0e77.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.163.33","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.449Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /type/2023-03-29/d29f0843-33ad-4b3f-8a90-b56fc21b0e77.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: nTIsEBDLL1AgAaMmIAzuSX/bcLx4EissMgJH5U/v1f4lyuql+L3VpZOR9L37TkaItAUsVXHexbw=\r\nx-amz-request-id: MEYXS76SPF35JRP2\r\nDate: Wed, 20 May 2026 12:54:16 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:19 GMT\r\nETag: \"6a85f34af56b3c034d5137d4ec807895\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 49034\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":49034,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"6a85f34af56b3c034d5137d4ec807895","sha1":"75fd4cec7f44e8b8f20655dfdb165720d7223bd6","sha256":"67488643bc9d3ae11bd5cababff694c1f7a131c289d81eb79e25576f78dd4fa8","sha512":"d827fa0cf605ede5b060c72333d4552c1a930b0d8eec8052ba78949ea5e54a58bf0addbef05e024159a196589abbadef866f8c4d5f3c34722ebe1d9757563f9c","ssdeep":"768:G6O88eZQudaEcS6tJCXfvmmxmxwc3ndr/8wP/x49gE3bjt1Txv7ZJ:G6OYAESJCnm2IF3t/8wB49giPdFJ","tlshash":"5523e18725805ee3352fe3f6ff065ae80f088f64d1263edb21e54f98b312a238595428","first_seen":"2023-11-07T02:37:44Z","last_seen":"2026-05-20T20:27:33.951538Z","times_seen":9935,"resource_available":false,"data":null}},"time_used":793,"timings":{"blocked":585,"dns":0,"connect":0,"send":0,"wait":115,"receive":93,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-2343ec85.70ddb9d8.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-2343ec85.70ddb9d8.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-393c\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14652,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14424), with no line terminators","md5":"89822be98cb03219eb6fee0a639a18dd","sha1":"c020268ba5ac31551dd9343605fc20445b3b635a","sha256":"cbc672c46d9c74c8bdb02487c8d67f4a91c2d3827b57deb4a60941be0b5ccb38","sha512":"038bb0e94ae2380305311b5b1f94c0e7cf97a11664168bafc7b41bbf01d163864fe2241701fc6176f8ef4078300d0f868920a282fc695cfdd6c59a6e750797f2","ssdeep":"192:aeeqs1RPDWzU/q+1mruvgKHoBUsnyHZHJV6QXfZH+00Ma7YHNKnZ6:Ds1gzUxArkHotuqQXf8OpHNKZ6","tlshash":"1b62b88222ba385e5756219330eb2580a17256a5280e94eff13dddf6b3ccc247d27b77","first_seen":"2025-04-10T12:19:43.517023Z","last_seen":"2026-05-20T20:27:33.891373Z","times_seen":18,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-68f12e90.5a903544.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-68f12e90.5a903544.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-440b\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17419,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (17411), with no line terminators","md5":"e0ab5192a62c0ec6675803a6a384b398","sha1":"862f5b2e2ded1c1e433753cd10e732407bc88f3a","sha256":"f01aa1e7e4c700d91f14142456cf80dfd51c80fddc092456c7113133b0d35c74","sha512":"02c3fa6cc82bf487162e2d2a08281a96522036d575c51f28e6b02173c0b1cfec750a70108ff3d1b6f3f954423acc56c96691f612120131a7f833a0c85c7a11bb","ssdeep":"192:AMvdDwLDPOAetBzhJgFjz9Y7zcqv0Q5zd+z4uzUhHYkyGJzYDckx306Uglxgl+/I:vq2phJgFCcqvPq4u9gzwNHgyI","tlshash":"4c722b93760de40d4e3b6595363e3965a2c71a64b008689bf37e9cfe168cc20354fb7a","first_seen":"2025-04-09T12:14:46.923467Z","last_seen":"2026-05-20T20:27:33.930263Z","times_seen":220,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/wap/api/seller!list.action?isRec=1\u0026lang=en","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.225Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"POST /wap/api/seller!list.action?isRec=1\u0026lang=en HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://fbshop.ffbbshop.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1894,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"aeae730ee956c83b48fdc813b59549fe","sha1":"5c04ec8975c83539a45d3c2c9839aaa2c9c6859c","sha256":"9dffbb1138fcb93e4547361d05fe3048f5ed4f2ad4ae9b6ad84147693c78f739","sha512":"f5ecec6bf55c2a0377b3ade249478533bde5f3a95939b9985d57ff70eaddaf14e2a59dba396f4ebd3a49b856c113458562d30679d6e1fbc48406a90aa2b1b2ad","ssdeep":"","tlshash":"b54171091aa42f32974d1d06bd0bbe87966c219f5d814e748baccf2417f5ab1031e520","first_seen":"2026-05-20T07:03:01.004147Z","last_seen":"2026-05-20T12:54:52.433347Z","times_seen":2,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/wap/api/newOnlinechat!unread.action?lang=en","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.235Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /wap/api/newOnlinechat!unread.action?lang=en HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":32,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"472e9a7530675f76d965067fcba6278d","sha1":"e1fdae764ba06c37792e7b2a2549c88cf3350b09","sha256":"26de7e215697f7b90d77581633fd7fe0b379ba230d1a9c1a0b502ed862b3f5bd","sha512":"7f765b18a1b6f5818daf3905ed24ae9f4283248ac7a41bfcca65dd1be696c9a741d510629b6134940784b3cb832fe3be7fa76881cb2d01f226e1246a70039e7a","ssdeep":"","tlshash":"47800000280e2c0b08032088a88c3a0080ae22a308c0cb308e8cab3080ae2b22000830","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-05-20T20:27:33.852709Z","times_seen":8646,"resource_available":false,"data":null}},"time_used":293,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":293,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/d80b2606-3bc7-47a2-bee9-d040619a34a6.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.163.33","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.415Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /type/2023-03-29/d80b2606-3bc7-47a2-bee9-d040619a34a6.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: VSN9S4C0GxfYTgcW8U3xRCv0vJa8NT4nlHmiTfTexu+6zl2tH8aay+zDUWct1HIVgITAV+mg32Y=\r\nx-amz-request-id: ZVEGS48VVMXZWKDF\r\nDate: Wed, 20 May 2026 12:54:15 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:19 GMT\r\nETag: \"ad3bb72e6cf979df37c56cc70e70710c\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 46207\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":46207,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"ad3bb72e6cf979df37c56cc70e70710c","sha1":"f0bff01c9d923ad55250ef7de41afae41cbe3f90","sha256":"50294b071e29cc9e8afdac176dd2fbc62f4c36265d5f494d96a7ab2908c1a643","sha512":"1fc3e1b07a86c34fb8c9720f8ff8c2a584cfb6dfe7b4e34d53f2f0555e558fe95f5a62bad4a6874a64e081cddae0defe530870d76dcf1551ca45ee570b582ce8","ssdeep":"768:GOSu2YQp+gujkfsasYaYtu/tgiE/c1tcDkV2FynHs5d4RX3S6cqUrolLoDzT6S51:GOt2YQVujkfTJaYg/wU1SYSJ4JcrsLo/","tlshash":"4f23e09b86804fdbf03acbc53f272d985b41fa0944d0b4fbd1e986af1f65622285c48c","first_seen":"2023-11-07T02:37:44Z","last_seen":"2026-05-20T20:27:33.950828Z","times_seen":9790,"resource_available":false,"data":null}},"time_used":695,"timings":{"blocked":231,"dns":0,"connect":96,"send":0,"wait":116,"receive":94,"ssl":151},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-43f51806.0daa9b11.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-43f51806.0daa9b11.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:15 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-55e\"\r\nexpires: Wed, 27 May 2026 12:54:15 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1374,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1374), with no line terminators","md5":"7a0ea81bab09a5e259ac1884d3f72012","sha1":"d87441160241af9deea25169e8fb52a8537929e3","sha256":"b2217a779e1c0810181c9c1cc122bbd3ff1ce69d94164bf7b1e308cceb93e2c6","sha512":"a0d4c2bd68e73bc95ebe419ae4fa1a9210de9ff9e75bb7c3694bffa92fffb77dd7373bc7c3585ba1a9a67b9a3d0207afd87e34d630ba821177a70512c061bb98","ssdeep":"","tlshash":"e3215b00355e673edd37e67e64805abd6900e26bc453e227b9889405cecaa572813ed3","first_seen":"2024-02-19T23:01:30Z","last_seen":"2026-05-20T20:27:33.781396Z","times_seen":5030,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-68f12e90.27a370f9.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.695Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-68f12e90.27a370f9.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:15 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-1257\"\r\nexpires: Wed, 27 May 2026 12:54:15 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4695,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4695), with no line terminators","md5":"2abfc31d2a6752d6d66f5fa21c7fa262","sha1":"63116607f3b72d74be9d1bdd5050ac15859f7243","sha256":"9159959031e6a701bd2e9e5baaa03c4f14d6c2530977a9e013c8af24c4838a37","sha512":"ec6bd33bd4a69b9e93485dfa272e08170ac3c17b0aec5f291b716c1e370435f6bf26fd7b2139aa75790defcf2223f4deeec07818a549334ba069f8a307201127","ssdeep":"96:VQrF215xix1yXSl6nS65EaOYIj8MRSLRsR7S6m0Z8u/j/20RO5sR5WFs5E:VQKM8F9","tlshash":"77a1b050b15e162b687bfad9187cdd4cb0d6fe2ac1324b76ed9f24148882e733622235","first_seen":"2024-02-11T04:26:48Z","last_seen":"2026-05-20T20:27:33.927928Z","times_seen":5209,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-a9f88638.585206f9.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.862Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-a9f88638.585206f9.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:15 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-1bc4\"\r\nexpires: Wed, 27 May 2026 12:54:15 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7108,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7108), with no line terminators","md5":"a92df02183518f1335484a856a1bc3df","sha1":"86ecce3175020b4bc9dc98eaa7126ba5ad9e2e5b","sha256":"80bd4f236b99085bb88c4c1fb2767dc81df964cddb44e30ad9ee96038dc5f9cb","sha512":"052562933ff5a39c23cf2fbc2ead1c6b3c1b24b787ed4488f6ad1582e74996e56deb666c0ac4c7bd4db9562284ad4606ced305e8a3de936d414015d4b2954b20","ssdeep":"96:GXz4UsG8OOOOOOOOOOOONaHYUt0bgCusCoG5YNDwTsoQiEbLGVk7AtWA2WyUfSWd:Iz5sbKYxgCtCowY2duLGm7AtmIfSt5Xe","tlshash":"ebe11af6a036e129b67bd2b971b065e97410d912ecc783e9b644762cccc3293275274d","first_seen":"2024-03-15T18:45:48Z","last_seen":"2026-05-20T20:27:33.821332Z","times_seen":1194,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-356c00b0.4a48e32e.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-356c00b0.4a48e32e.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-18b0\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6320,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6320), with no line terminators","md5":"23ee854cd4e9c1be5bc329c835f791fb","sha1":"98078ceadf2f15e8cac7b4bd37aa02bf49de9dc2","sha256":"a6b99a708906e097c7e42609d298fcd0247519d93e153c4fa2544659f26a9d05","sha512":"b895a42a69940f4f09e901b009dbc7b48db2018d66228b116b0af8b25b0cfcde9e64b3952cdfb01ffa4f79aac475f5e02ccdafab1d03e9b957c0514fb22d2cd3","ssdeep":"96:86Mt/NsTVUWfrMSXH6ftqgIldI9OwnZrvVJBCpn2V+4N/UJjlVsc3YC:8VsOGrMSXH61qgCI9pn5VWE43","tlshash":"0bd1f65bf056687c881f6255311b2328b6742bc1a04048a9f73dddbc66d9d64231b77d","first_seen":"2024-11-12T14:47:34.622714Z","last_seen":"2026-05-20T20:27:33.929584Z","times_seen":505,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/wap/api/syspara!getSyspara.action?code=mall_max_goods_number_in_order\u0026lang=en","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"POST /wap/api/syspara!getSyspara.action?code=mall_max_goods_number_in_order\u0026lang=en HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://fbshop.ffbbshop.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":71,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"7c4654fa4ff81d11b3c8d322ec628880","sha1":"080c15bfaa6d03e4ccdd092630344aaf1f003c47","sha256":"1f9573c145cceac2e7ec7273293953edd53fd282aca6e50acd9334f59f34a5fa","sha512":"61d2d5a60435f554ef05dcb0e1b1c47875ac6610289e4d3ea66013244a25a7b1b720d3927649ce420575cc00929d9350f519524350066508593ad659aacb79ed","ssdeep":"","tlshash":"b9a012009c155c150c03c244a84d260641c8210246404e180d041928017d43c21000b0","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-05-20T20:27:33.823888Z","times_seen":5670,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/97f3899d-51d4-4cd2-9720-0af99206dabb.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.163.33","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /type/2023-03-29/97f3899d-51d4-4cd2-9720-0af99206dabb.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: mmSlFTPXq20CGzChVUTn78ytOrlH+O29G1nPsxePbtcgmQpsCPDiQHGU7WAs55LLrNSOSDyLZPg=\r\nx-amz-request-id: ZVENH0QCNEP744G1\r\nDate: Wed, 20 May 2026 12:54:15 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:18 GMT\r\nETag: \"74ce2539c3d1d018eb92f94dd3b9bd23\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 40407\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":40407,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"74ce2539c3d1d018eb92f94dd3b9bd23","sha1":"1ed07808d60d8ff4965899591136f4f1ccc880e3","sha256":"5a3f2be7dd8069790a3bb5098aa704996a51c1c689459abf286b29a0a99a3d26","sha512":"2b962643ae9c9c3aec2caae066500f422473d23eab84cd3dbf14dab1b1bcd25fa0cbf8914f6a540b724b78fef89f4c952873cc2de3e733886f9fe03a57aa3fec","ssdeep":"768:G26vbkDR8P2NFi0uyoJ6TlcoZVJixSS/+Q1irAGMk8P2x9rzcXyz:G2kQM8Fi1yZTlZVMxSmwXM5gcCz","tlshash":"a203e027dd508ec7b10dd3fc7faa7db8839d5a01a58473de20f51c96332584a4e6b458","first_seen":"2023-11-07T02:37:43Z","last_seen":"2026-05-20T20:27:33.76897Z","times_seen":9792,"resource_available":false,"data":null}},"time_used":590,"timings":{"blocked":472,"dns":0,"connect":0,"send":0,"wait":116,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/img/right3.9c862538.jpeg","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.587Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /img/right3.9c862538.jpeg HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-157b\"\r\nexpires: Fri, 19 Jun 2026 12:54:14 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5499,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 242x154, components 3","md5":"9c86253815081c0c34036ff07d755cb5","sha1":"c76c8077affbb0a17ef370150dfb718db290a455","sha256":"29f7b8a55109e9ad235762ef2edf7523357ac563202f2ef931aa3099685c9e8a","sha512":"cd0ee09be0e8c939646c3e72e32a70a37017bb27f5bf23e3167776e8aaf81c0ff3868ecc1eb12df37341088e1aeba54cc1605c88aaf44a89000a8eb5b53b65a5","ssdeep":"96:Wh4J1bDl2qrFHk8A3CrwfOIngvJlMde582vqxe2CjEploBUs3:ESxPFHk8A39QhDQVoBX","tlshash":"04b18e9fb6cb7d90f776043be0c61d5522d67b0615e0a7fc8098aa4f98bbc714d10879","first_seen":"2024-03-15T18:45:46Z","last_seen":"2026-05-20T20:27:33.779289Z","times_seen":4681,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/wap/api/sellerGoods!recommend_new.action?type=0\u0026pageSize=24\u0026pageNum=1\u0026lang=en","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"POST /wap/api/sellerGoods!recommend_new.action?type=0\u0026pageSize=24\u0026pageNum=1\u0026lang=en HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://fbshop.ffbbshop.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"f2982955040e03da061e625bb0bf375c","sha1":"20181528c67d8f347372b93f90d96e7d6c3cfd0b","sha256":"aa16d955b045de5c2728a37653d3f51d5f24f6e43879c0214e7b015079356608","sha512":"503575abcbe6db127825c8225d96bc0142d885aa83f74e8b5558ede44b0668ea953ffe7d3087c4d55b98b8550f776ebce4c989e93d571590ed8aa03789e88bb0","ssdeep":"","tlshash":"b49004403c0d1c17040fd545f44c3540455c315307d4c7300d4c5730415f1753d04570","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-05-20T20:27:33.796225Z","times_seen":7265,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-0e287aba.c3acef98.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.272Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-0e287aba.c3acef98.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-1ab2\"\r\nexpires: Wed, 27 May 2026 12:54:14 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6834,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6834), with no line terminators","md5":"f7b1de25905c81c373dba149d03c31f9","sha1":"862e37406535632dfb53a15f6a89c16efb3c94df","sha256":"e75dbd8d3fa49fec96c2b893018aed78a616974cb812b015636553d832881751","sha512":"5a2f0034e39196a38ce44b9d9cc46301069bf252b4f092c46db65bcd45a55ed05a6b53bc8241f14a5f5390b530394bcfb0ffea60b21c9262d0b669e07fd1707d","ssdeep":"96:Zsivfdy8lOFD1vq80WV/LPxDmvo6SOwUu50NJj9MC2:Zz33lSD1v30I/LPxDWrhxuuz+","tlshash":"56e10ff2f231112f7426953be18389e8bc86b10dd3ffc656ff84b514daa9182063518e","first_seen":"2024-03-24T18:07:06Z","last_seen":"2026-05-20T20:27:33.778209Z","times_seen":1954,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":236,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-574f8736.8448cf6d.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-574f8736.8448cf6d.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-19dc\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6620,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (6518), with no line terminators","md5":"101d170c3d123bf308770ccafd01259a","sha1":"351003ad7f6581caecedb55d63b9a259a230effd","sha256":"3fe4906fe972da3f48e6d20f1bafab2b7e01306f48acaf24a3650379f6831a8d","sha512":"20b0ebd4aaf87a1b0d9bf6a97498186a144a6c5d6f9dd32e3ae14698071cd0b090e0e3fe03d590b5de2e71e319a1edb9333cebab35ac1c8eb9c7b1eb7f130e01","ssdeep":"96:aoVtr/FXo3c1te+9eXygLnWpcqkIGm6ZriCvWRZr/JGbmq:JBo3gX9otWj5KOHG1","tlshash":"3fd1c8156247f95d4d6b8660304a3120b0683f94a409949dbbb4dff976e4c14337efbe","first_seen":"2024-12-15T17:27:17.802188Z","last_seen":"2026-05-20T20:27:33.922414Z","times_seen":539,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/matashop2.svg","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:13.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /matashop2.svg HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:13 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-05-20T20:37:24.712067Z","times_seen":513879,"resource_available":true,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-2343ec85.03c5e968.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-2343ec85.03c5e968.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-4c8\"\r\nexpires: Wed, 27 May 2026 12:54:14 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1224,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1224), with no line terminators","md5":"efff8542cb73c85ee85efd24535a5d2a","sha1":"d349fea54dd16de6874a420f79388407e2fd05cf","sha256":"0198f6533d83bd348a16ef7735fb444e4f4dab419e638d85ac95a4b700e44f50","sha512":"c78053b870e87027849f1478ef04aba055e91e98ce7d26c66b53cd7a58b8fda7bfadf4c9bf4612f0e0ba808029b2525045ec13059fdcd9c7d318d184ab60f126","ssdeep":"","tlshash":"d821c041719b32361477f8aa50a00275b811f3e79c1f4262fddbe2104bcb6273861e9e","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-05-20T20:27:33.795081Z","times_seen":965,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":233,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-04-14/a8ed7145-c86e-4506-8da2-b8b27f610db4.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.163.33","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /type/2023-04-14/a8ed7145-c86e-4506-8da2-b8b27f610db4.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: 8AaqZg+h7nJXsfIGb7Dfn72nYW0G5GWsZzDvK/qSi3BpsAnSi+gCtgWPqSVhdxxTG0o7r/Gim3s=\r\nx-amz-request-id: MEYRV9BZH00HMRNE\r\nDate: Wed, 20 May 2026 12:54:16 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:34 GMT\r\nETag: \"d88ae54a30fed8843621233e2c13698c\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 20191\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":20191,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3","md5":"d88ae54a30fed8843621233e2c13698c","sha1":"9fa542e8677ab97712a7fdc7e1250e36536ec3a5","sha256":"dbe475f26aed9df934e9dca6ef2115b5d0968f312174dfecb9da3ddd3c9640bf","sha512":"606629525b62e056825a3dfbd8ca45e0f84740cad1cfa79ee8dc3e7a34658e951b3aa72bc8bdf276c294912a38d839dd6c2f864791c9038dc395b7d12d08385f","ssdeep":"384:EUsqD+1BG8DGQZl9Y4PyXpFmx82oEu1W3454xOKeq0ooJRImy+90lh:5V2G8RZHP9oEt3454heq0dRI1flh","tlshash":"fa92d1e1ad0a233de68685f6b7f6e2b304f412919bd19d3b53730c858d88261de396c4","first_seen":"2024-02-11T04:26:46Z","last_seen":"2026-05-20T20:27:33.828931Z","times_seen":9755,"resource_available":false,"data":null}},"time_used":869,"timings":{"blocked":754,"dns":0,"connect":0,"send":0,"wait":113,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/img/right1.57c427fc.jpeg","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:14.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /img/right1.57c427fc.jpeg HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:14 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-12c5\"\r\nexpires: Fri, 19 Jun 2026 12:54:14 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4805,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 242x154, components 3","md5":"57c427fca0d84bc0a092d9034deed77f","sha1":"e47ba5c89f052526d7eda2aad1a86336b3319aa8","sha256":"913d611036152ecabefb26e4ef79c198a2779ea1e5fca384f6a6b159d0babca6","sha512":"df3edf66df0741f19114843d93cea243ad98efb17a75f4a9d07f7ad80b006b110010eb0feb96f84f6ae57d9e5408096812fc528468f6a7b42c1ead3e8595d171","ssdeep":"96:WhC4SzAFMLFwDLyk6KPTLPwrAO824idlifhcL1qYIwEfRHNRXb9z:EJFMJiOklLLGvG83ELRXF","tlshash":"e3a18e4f67b66c5febba8bbc04184f942512dc1159321f7905a05c195d2fcfad9603d1","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-05-20T20:27:33.886097Z","times_seen":4629,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/css/chunk-59b3c64c.e3d69890.css","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:15.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /css/chunk-59b3c64c.e3d69890.css HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:15 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-b76\"\r\nexpires: Wed, 27 May 2026 12:54:15 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2934,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2934), with no line terminators","md5":"6c9c06504aeaa44eceb02b42501b4d05","sha1":"f44d6b5f35027749a0816164f09b9bed1890ddfa","sha256":"f00be6b0aedab8ac5e7de13774b195a7ea74e9ebb240a077a80f953ce6ee868e","sha512":"915e73c6db5b1607e430494b9064be658f02e64a04af9de8f3c615fc034bcd7fb8dd609a3df2f40ee8f652f430d94fe31e6ae3080ed2c7242c3bb72f6073c923","ssdeep":"","tlshash":"df511fa139392a7c4837e067b1d5d5af70a8f25bc0b786cd8ca1335e9cc32422d126ce","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-05-20T20:27:33.860799Z","times_seen":955,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"fbshop.ffbbshop.shop/js/chunk-4ad33d1e.5b851406.js","fqdn":"fbshop.ffbbshop.shop","domain":"ffbbshop.shop","tld":"shop"},"ip":{"addr":"170.106.199.68","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://fbshop.ffbbshop.shop/","date":"2026-05-20T12:54:16.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbshop.ffbbshop.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 09:12:34 GMT","end":"Tue, 18 Aug 2026 09:12:33 GMT"},"fingerprint":{"sha1":"D5:48:1F:DC:C5:F2:93:EE:96:54:FF:AF:47:F0:C3:57:54:96:D0:BB","sha256":"FE:6A:D8:B6:2F:1D:C8:29:93:69:41:F8:81:2E:3F:A6:63:C1:BC:49:D5:B1:A4:2E:7B:C5:15:41:CA:D4:02:C1"}}},"request":{"raw":"GET /js/chunk-4ad33d1e.5b851406.js HTTP/1.1\r\nHost: fbshop.ffbbshop.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:54:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 May 2025 10:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682da6f8-57fd\"\r\nexpires: Wed, 27 May 2026 12:54:16 GMT\r\ncache-control: max-age=604800, public, max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22525,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22455), with no line terminators","md5":"b5b0a049d9366991ccc8ab60d3907df7","sha1":"6efc48553e72b0d6f0ab5c412a3cebc355ebfccb","sha256":"141dc62598b6dfc353c25fbceb421999882252f5de5b68418fbc69f90e0f28f5","sha512":"8c12078d264eb6313d2fd7d6f88f9634ce278657b55b0a96649767c3ea388d24bc2d5e6260c33426e0ad5107d1adf08dd252079545e4d48e824dbddee4b8f88c","ssdeep":"192:6xthRrXBrjBcEiUtB73GKxhQQBNgtTkzsuQ4y1wTYDLihd15pj0L9IeuuyWwQmc2:UXJBEo72UYJlUgAH9GPrq69IvxdR+4Y2","tlshash":"d8a2c40ea145fc9b0fa272a5701f301160528444680a9e56f778cdf9b6ffd257a23b3b","first_seen":"2025-04-10T12:19:43.497222Z","last_seen":"2026-05-20T20:27:33.95232Z","times_seen":18,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"fbshop.ffbbshop.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"fbshop.ffbbshop.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}}]}