Report - followshops.net/user/ebenistes/followers

Report Overview

Submitted URL
followshops.net/user/ebenistes/followers
IP
104.21.17.152
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-10 03:48:14
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
100

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
maps.googleapis.com	33876	2019-10-17T17:56:16Z	2023-03-10T14:06:43Z	421 B	680 B	142.250.74.170
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-10T13:35:34Z	372 B	21 kB	142.250.74.174
maps.gstatic.com	unknown	2016-01-11T17:55:17Z	2023-03-10T13:04:58Z	806 B	19 kB	142.250.74.163
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	364 B	1.5 kB	34.102.187.140
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-10T08:04:05Z	400 B	7.7 kB	104.17.25.14
code.jquery.com	634	2012-05-21T19:28:02Z	2023-03-10T05:11:37Z	749 B	37 kB	69.16.175.42
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	35.83.241.90
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	1.7 kB	4.4 kB	23.36.77.32
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	2.7 kB	5.4 kB	93.184.220.29
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-10T15:05:48Z	788 B	33 kB	142.250.74.106
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	57 kB	34.120.237.76
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-10T13:32:40Z	1.2 kB	2.8 kB	104.18.10.207
followshops.net	unknown	2014-04-04T00:20:27Z	2023-03-08T09:46:58Z	26 kB	308 kB	104.21.17.152
maps.google.com	1899	2012-09-11T01:07:43Z	2023-03-10T09:26:55Z	436 B	56 kB	216.58.211.14
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	2.7 kB	5.6 kB	142.250.74.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-10	medium	followshops.net/user/ebenistes/followers	Malware
2022-11-10	medium	followshops.net/images/product/IMG_077023.JPG	Malware
2022-11-10	medium	followshops.net/js/site/follow-filesjquery_002.js	Malware
2022-11-10	medium	followshops.net/css/site/follow-main.css?v=123456	Malware
2022-11-10	medium	followshops.net/css/site/follow-filessign.css?v=123456	Malware
2022-11-10	medium	followshops.net/css/site/follow-selectbox.css?v=123456	Malware
2022-11-10	medium	followshops.net/js/site/follow-filescatalog.js	Malware
2022-11-10	medium	followshops.net/css/site/follow-filesphoto.css?v=123456	Malware
2022-11-10	medium	followshops.net/js/locationpicker.jquery.js	Malware
2022-11-10	medium	followshops.net/js/site/main4.js	Malware
2022-11-10	medium	followshops.net/user/ebenistes/followers	Malware
2022-11-10	medium	followshops.net/css/site/follow-filespopup.css?v=1234567	Malware
2022-11-10	medium	followshops.net/css/developer.css?v=123456	Malware
2022-11-10	medium	followshops.net/js/site/jquery.ui.addresspicker.js	Malware
2022-11-10	medium	followshops.net/js/site/editor-config.js	Malware
2022-11-10	medium	followshops.net/js/site/follow-filesjquery.js	Malware
2022-11-10	medium	followshops.net/js/site/landing_category.js	Malware
2022-11-10	medium	followshops.net/js/site/bootstrap3-typeahead.min.js	Malware
2022-11-10	medium	followshops.net/js/site/follow-filestimeline_slideshow.js	Malware
2022-11-10	medium	followshops.net/js/tinymce/jscripts/tiny_mce/tiny_mce.js	Malware
2022-11-10	medium	followshops.net/js/validation.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed
2022-11-10	medium	followshops.net	Sinkholed

JavaScript (44)

	URL	Size	First Seen	Last Seen
	maps.google.com/maps-api-v3/api/js/50/12a/map.js	72 kB	2023-03-08	2023-10-18
Pretty URL maps.google.com/maps-api-v3/api/js/50/12a/map.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:33:29 Last Seen2023-10-18 15:23:02 Times Seen10 Hash ebb856aa78e254385c905ef99dea8b0f 6f04f59d232be611bb59b4d70e419b5a3be88984 e2c5d297851e8bda5008eb62a635f08e447690b09390ef71c4fde847e59350f8 Loading...

	maps.google.com/maps-api-v3/api/js/50/12a/geometry.js	8.1 kB	2023-03-08	2023-10-18
Pretty URL maps.google.com/maps-api-v3/api/js/50/12a/geometry.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:36:10 Last Seen2023-10-18 15:23:02 Times Seen8 Hash 23b7e63bda9de7b846ce2fc2a264a26e 16ba2a88f0af78cc21cb3978ff16d098d49eab48 47418323b16612928286decc33412561c6cda6351a3221615a1dc04fd589e281 Loading...

	maps.google.com/maps-api-v3/api/js/50/12a/onion.js	27 kB	2023-03-08	2023-10-18
Pretty URL maps.google.com/maps-api-v3/api/js/50/12a/onion.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:33:29 Last Seen2023-10-18 15:23:02 Times Seen10 Hash 1eda3efe1b13472fb0f0519a4a8ff5f7 e1d80046fe832cbd7fe78b0343c205e28a40678f 5628a593ca8b146f8da83b134ffab69585549a94799bb0d4ec249479f9bc3204 Loading...

	followshops.net/js/site/follow-filestimeline_slideshow.js	24 kB	2023-03-07	2024-03-17
Pretty URL followshops.net/js/site/follow-filestimeline_slideshow.js IP 172.67.177.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-03-17 14:30:17 Times Seen19 Hash 7e72ffb918c810ece2754c0b7c685096 9537f7a15f0ce8c608e57aefddb6b6637cba24e8 5332b507da8b748873ed213a0826d28bc25021c679752e10b1d727790b3d7a4d Loading...

	followshops.net/js/site/follow-filescatalog.js	2.8 kB	2023-03-07	2024-03-17
Pretty URL followshops.net/js/site/follow-filescatalog.js IP 172.67.177.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-03-17 14:30:17 Times Seen10 Hash c2ae8d566828b0119b3e47b7d2323cf1 37d527b2c0b4f5396b5900668b2f4f5d002332e1 88dada0ddc2001a2b476c67297effaf2560803f3be3b971a9a914f06fab382e8 Loading...

	followshops.net/	65 B	2023-03-07	2024-03-17
Pretty URL followshops.net/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-03-17 14:30:16 Times Seen11 Hash 90a619d09b43e074f654bb558a01f8f6 2f8eb8171e78f2d639ab647c3c789e7adcf4f439 543e0206214fb40d6c6162968103886a2a5b04982fef5e41298ed9138922d98c Loading...

	followshops.net/	103 B	2023-03-07	2024-03-17
Pretty URL followshops.net/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-03-17 14:30:17 Times Seen11 Hash 9abe410f49ea37a1228e43d4e30b1236 2c2ada1b13c1d7881233ab569010b05379181b4d f2c549a7f061d7db436e3d5c00c5e60edc022e09aeb04293d0405233451b1a6b Loading...

	maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Ffollowshops.net%2F&4sAIzaSyBVL5oiAiHqEzFAqjR2U6OX2SWB2K6TlPs&8b0&callback=_xdc_._dzrt4t&key=AIzaSyBVL5oiAiHqEzFAqjR2U6OX2SWB2K6TlPs&token=101919	62 B	2023-03-08	2024-03-17
Pretty URL maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Ffollowshops.net%2F&4sAIzaSyBVL5oiAiHqEzFAqjR2U6OX2SWB2K6TlPs&8b0&callback=_xdc_._dzrt4t&key=AIzaSyBVL5oiAiHqEzFAqjR2U6OX2SWB2K6TlPs&token=101919 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:52:27 Last Seen2024-03-17 14:30:17 Times Seen16 Hash f352d57c3b49b9832f92066412af99d5 0ebb972c355fd32e2a66c175494e7c3c61cf2cc2 cc07c268198bdc88895989e4e66ae1f6e6b29a90fb79c806b8b656d001103ace Loading...

	followshops.net/js/tinymce/jscripts/tiny_mce/tiny_mce.js	168 kB	2023-03-07	2024-03-17
Pretty URL followshops.net/js/tinymce/jscripts/tiny_mce/tiny_mce.js IP 172.67.177.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-03-17 14:30:17 Times Seen19 Hash b8b21ba348f83e9c27a892d2a4af0ce5 7f3119808dd63761742bf4c9160747c1c63570c3 84cc298e3a5b4841048954de79ebed80c2590c5ecb5a668bdbe48e612c163afc Loading...

	followshops.net/js/validation.js	48 kB	2023-03-07	2024-03-17
Pretty URL followshops.net/js/validation.js IP 172.67.177.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-03-17 14:30:17 Times Seen19 Hash 3214ed0c83fb626299147498fa3822af eaae46725978719517adbcb52eb1e9bbea869123 9a13d4f17f67971e06fd79837d27f85d49f5c72b2e061a97b13cb464d16d0f2c Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 07:39:53 Times Seen37056293 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	followshops.net/	1.6 kB	2023-03-07	2024-03-17
Pretty URL followshops.net/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-03-17 14:30:16 Times Seen11 Hash 56782ff0835bd1a779604cdf31cf7a80 f9438f3c96286a49e3d083dbaa8292d71f4498b5 14428821a523655ebefc6cdd564a4733b3551fd4ab9610de9a35f8c4e43ecfcf Loading...

	code.jquery.com/jquery-1.11.3.min.js	96 kB	2023-03-07	2024-04-25
Pretty URL code.jquery.com/jquery-1.11.3.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:25 Last Seen2024-04-25 06:07:25 Times Seen10382 Hash 895323ed2f7258af4fae2c738c8aea49 276c87ff3e1e3155679c318938e74e5c1b76d809 ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8 Loading...

	maps.google.com/maps-api-v3/api/js/50/12a/common.js	254 kB	2023-03-08	2023-10-18
Pretty URL maps.google.com/maps-api-v3/api/js/50/12a/common.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:45 Last Seen2023-10-18 15:23:03 Times Seen16 Hash 7caaf941be566b5a0ab845ebbe6fa41c 6baa9fd462731f60d53390e8e808bca815601226 b7f6913366b53872adac07cbd9708d54830a578b5a59e6fcb600e32b340fa1bc Loading...

	maps.google.com/maps-api-v3/api/js/50/12a/util.js	170 kB	2023-03-08	2023-10-18
Pretty URL maps.google.com/maps-api-v3/api/js/50/12a/util.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:19 Last Seen2023-10-18 15:23:03 Times Seen16 Hash 0b9b4e5d1bc7a1ae4ca5568310adcc16 8cb5a2a559d5d30b15e5feadea686192f2474462 9c794b1db0cce54971541669b8c23bbe83b3406db2d70eecac666136e6627b93 Loading...

	followshops.net/	549 B	2023-03-07	2024-03-17
Pretty URL followshops.net/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-03-17 14:30:16 Times Seen11 Hash eec1087414019d217e6859d953595c45 fbc2a7f225bb532d39ff83083e9485d8f26624ad 3a5ca7f875c2ff002e22302c5c10c14c8cc8a8b08e712e6cf26eff0081920955 Loading...

	followshops.net/	2.4 kB	2023-03-07	2024-03-17
Pretty URL followshops.net/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-03-17 14:30:16 Times Seen11 Hash 184ceb53b50535d7755b0d7f9896f61c 355bd7af289f257aba039f2d422065fafa730167 57ed6841d415a663c9d3730e52c02778837550c3c7d715e398c868b0e0dbcfff Loading...

	followshops.net/	402 B	2023-03-07	2024-03-17
Pretty URL followshops.net/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-03-17 14:30:16 Times Seen11 Hash 6ce942f592a4c19f55c93cce045b2444 c124e390ec74ceb4ed4bcd82584b4ed2d9ad092b ea2407fa468795144ccdc9e4fe00e7ec595d50b6f975d9c60e6604cf66741043 Loading...

	maps.google.com/maps-api-v3/api/js/50/12a/marker.js	37 kB	2023-03-08	2023-03-26
Pretty URL maps.google.com/maps-api-v3/api/js/50/12a/marker.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:33:29 Last Seen2023-03-26 06:43:12 Times Seen2 Hash a16acd33251bfb6bfbec77a1b26aced0 1ef72392074521f8eb2019afbd07d5c3e16641c5 226c5ea2586ad46be8cf4bfa1b2607a63f12e157d8bcb1d77529d0127e7e04f6 Loading...

	followshops.net/js/locationpicker.jquery.js	12 kB	2023-03-07	2024-03-17
Pretty URL followshops.net/js/locationpicker.jquery.js IP 172.67.177.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-03-17 14:30:17 Times Seen19 Hash 9b15d3ebd3747c10cddb5e9a27f402e8 2b74a8c489741610146d83c00d5ece9833a87fac 726eb2e31a40a5249474f6e0c530821a63039ba93c9b43604585fe685eec96c9 Loading...

	followshops.net/js/site/jquery.ui.addresspicker.js	10 kB	2023-03-07	2024-03-17
Pretty URL followshops.net/js/site/jquery.ui.addresspicker.js IP 172.67.177.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-03-17 14:30:17 Times Seen19 Hash 05de3c887cb06d9da60cfee03dd1bafb 1eb18967956e9b961985573e0d78d28837bb3e08 c1c5040f5ea9605621bfaf7f7c5e8ab5c7cac5ab4092443326330a588d96245b Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js	21 kB	2023-03-07	2024-04-24
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-04-24 19:08:25 Times Seen10526 Hash 84415b7368fd6fc764cbe86039ce0626 62f238e73348c77eb9e865426a7d1b7de23cbb2d c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060 Loading...

	followshops.net/	733 B	2023-03-07	2024-03-17
Pretty URL followshops.net/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-03-17 14:30:16 Times Seen11 Hash ceb4a978fa323d180abd45301adb9a62 a76b8880a76ef3c9e83fbff6bba61983a930df60 6c16b5fa2f31aaa4443d13c1f9e1b9f3b73a997ca165ee20ee87030e079c405d Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-24
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-24 18:41:20 Times Seen1526 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js	228 kB	2023-03-07	2024-04-24
Pretty URL ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:06 Last Seen2024-04-24 14:49:55 Times Seen1972 Hash fd255415839568e52a48da5de5af244c abd6f85a04584792d77e4791c441ff49e9e28c0d 9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1 Loading...

	followshops.net/js/site/editor-config.js	3.2 kB	2023-03-07	2024-03-17
Pretty URL followshops.net/js/site/editor-config.js IP 172.67.177.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-03-17 14:30:16 Times Seen8 Hash 86b92a0dd47a5b8030808d5b05debef3 12e02b0835c8cf71329eb9c176b658de3f5e5c02 67a11fc2ec652dbf24fa278e6c87e6ff28031c47461b8f08dc17e40a2ab99917 Loading...

	followshops.net/	522 B	2023-03-07	2024-03-17
Pretty URL followshops.net/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-03-17 14:30:17 Times Seen11 Hash 792c643fc2b27dff135cb8007429e380 b2f6a16166f642478037f8f9e8b837b5816142b6 4e7d8de2aab547c5a7fc4c8074b4d5eb9a80a74847974660d855ebb2aa9b03c8 Loading...

	maps.googleapis.com/maps/api/js/GeocodeService.Search?5m2&1d40.7324319&2d-73.82480799999996&7sUS&9sen-US&callback=_xdc_._81d095&key=AIzaSyBVL5oiAiHqEzFAqjR2U6OX2SWB2K6TlPs&token=102170	25 kB	2023-03-07	2023-03-17
Pretty URL maps.googleapis.com/maps/api/js/GeocodeService.Search?5m2&1d40.7324319&2d-73.82480799999996&7sUS&9sen-US&callback=_xdc_._81d095&key=AIzaSyBVL5oiAiHqEzFAqjR2U6OX2SWB2K6TlPs&token=102170 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2023-03-17 11:37:28 Times Seen1 Hash 135c1f99a14224ad48f02f3520b15f8f 083d0f71a7282647c4ec82a715d6334a585489a8 b2edbe1a2e67de2f5d84dd862b4adfe31ee47f0caaac60d126021ea6c03c7f6b Loading...

	followshops.net/js/site/bootstrap3-typeahead.min.js	6.9 kB	2023-03-07	2024-03-17
Pretty URL followshops.net/js/site/bootstrap3-typeahead.min.js IP 172.67.177.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-03-17 14:30:16 Times Seen11 Hash aad2e65f8ddf9c93fb6832b17f175b12 91c5723f18a616d506e1a50cfec4e5ffa160d1f6 1e8b6d1eef593a3c7e5e8208da7b112291b8b9024e740171abc56c5cf76edbae Loading...

	followshops.net/js/site/follow-filesjquery_002.js	24 kB	2023-03-07	2024-03-17
Pretty URL followshops.net/js/site/follow-filesjquery_002.js IP 172.67.177.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-03-17 14:30:17 Times Seen19 Hash e666718cc0c1e1d4e700817f7914de89 a83a919192dcd2d46f2ec5f35252438752aba8c1 5e39b106af0ee3798000fc2b2432d21ad20fab0639742ff13f39fc1de6f8669b Loading...

	followshops.net/js/site/landing_category.js	12 kB	2023-03-07	2024-03-17
Pretty URL followshops.net/js/site/landing_category.js IP 172.67.177.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-03-17 14:30:17 Times Seen19 Hash 390a89b2e1a0920bd690e28051732d4a 8dfd5f8489bd51b2d38703a25e2629baeb256482 07b50b83aeb35d701b084471e4c55eee0ad937ff5e0fffcfe8d1be309321d1a3 Loading...

	code.jquery.com/jquery-migrate-1.2.1.min.js	7.2 kB	2023-03-07	2024-04-25
Pretty URL code.jquery.com/jquery-migrate-1.2.1.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-25 06:09:48 Times Seen12998 Hash eb05d8d73b5b13d8d84308a4751ece96 743052320809514fb788fe1d3df37fc87ce90452 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js	60 kB	2023-03-07	2024-04-25
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:50 Last Seen2024-04-25 06:09:10 Times Seen7389 Hash 02d223393e00c273efdcb1ade8f4f8b1 0cc93b8421d89c24a889642428b363cb831de78a 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582 Loading...

	followshops.net/	454 B	2023-03-07	2024-03-17
Pretty URL followshops.net/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-03-17 14:30:16 Times Seen11 Hash 5b7acc188d4901416eeb1174fca35557 7a144d92c38862fff09d61faf245f15e9fa96e6e f8406275abadcd8dc0dd52f9b7f7346e65e4e863005b4ef089baf8f7f93877b5 Loading...

	followshops.net/	386 B	2023-03-07	2024-03-17
Pretty URL followshops.net/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-03-17 14:30:17 Times Seen11 Hash fb6f91be804a8335ccaad2f3cde51f27 7cc195837f7973b504acc7c5a20a2ad5ee2a10e4 d4352c47cdf4865716795731428c846f6a95f9283f0e503f92b7ba70f6ce9500 Loading...

	maps.google.com/maps-api-v3/api/js/50/12a/geocoder.js	4.9 kB	2023-03-08	2023-03-13
Pretty URL maps.google.com/maps-api-v3/api/js/50/12a/geocoder.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:43:03 Last Seen2023-03-13 21:06:11 Times Seen1 Hash 860fa825cf5e96eefd14aada27483e33 3fca68b46482832fc0e09b6df978155df5b829c8 7ef79be67b6dfa4be68a29f7bc3d8d83bd1b34946b7183c12d71fa0caaa4cd07 Loading...

	followshops.net/js/site/follow-filesjquery.js	7.4 kB	2023-03-07	2024-04-21
Pretty URL followshops.net/js/site/follow-filesjquery.js IP 172.67.177.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-04-21 21:07:55 Times Seen123 Hash 9e85741bf31afd921a7289b6cccdfdbd ed68e77078d387ac00c1050e19612f66d066ff7d dabff7fab90a3cd6d4470754cc171eeb54c3c174f9a9190740d13b3a76de825a Loading...

	followshops.net/js/site/main4.js	129 kB	2023-03-07	2024-03-17
Pretty URL followshops.net/js/site/main4.js IP 172.67.177.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-03-17 14:30:16 Times Seen12 Hash 6395a9337fe71f7ab3505cf9e4155a38 2d35f8195648658871b28ecd08f87facda281c96 c24dce2e3f4cd02909efe7d4cc3e2c74cdcceb177943f825d22cd73ea3e6eb1e Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-04-25
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-25 06:16:34 Times Seen139070 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	followshops.net/	15 kB	2023-03-07	2024-03-17
Pretty URL followshops.net/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-03-17 14:30:17 Times Seen11 Hash aa8ffeb9718ec795c6a6469b080b6e82 d6c7c4cabbda3aa54c1e8e2b8ffe21cb28c08e51 ba60997e3e0b56f7dda385091052f055d1728e0cfc69aaf6560274c53ea6794a Loading...

	maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js	37 kB	2023-03-07	2024-04-25
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:46 Last Seen2024-04-25 05:20:07 Times Seen10667 Hash 4becdc9104623e891fbb9d38bba01be4 6c264e0e0026ab5ece49350c6a8812398e696cbb 4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327 Loading...

	followshops.net/	90 B	2023-03-07	2024-03-17
Pretty URL followshops.net/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-03-17 14:30:16 Times Seen11 Hash e368f6896d6b495325b21d3946075400 b0cb1f62d47e60bacc9051a7d5e6bac79a12b561 bacfac07b08e19d9279769cec8fa0c118b6b23a35a549022afb91308cf533101 Loading...

	followshops.net/	177 B	2023-03-07	2024-03-17
Pretty URL followshops.net/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-03-17 14:30:16 Times Seen11 Hash 41f7b3580093c962aefa33da1ea5102b e12e3c393d9f069010b2b7afcd755433fcac08a0 bafae36fa38acdad82caa786252dccee78f2c293133793f452c556d8eb09d28f Loading...

	maps.google.com/maps-api-v3/api/js/50/12a/poly.js	55 kB	2023-03-08	2023-10-18
Pretty URL maps.google.com/maps-api-v3/api/js/50/12a/poly.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:36:10 Last Seen2023-10-18 15:23:02 Times Seen10 Hash 089760331691bdda9d02a537dd2af0ba 79bab13f32cd68d27e8d7ee11beee7d95d1b2e95 3b0412b65373a15358b74d98f98604319380f23fc0024afbaf8243ddc7428672 Loading...

HTTP Transactions (73)

URL IP Response Size

followshops.net/user/ebenistes/followers

104.21.17.152

301 Moved Permanently

0 B

URL HTTP/1.1
followshops.net/user/ebenistes/followers
IP
104.21.17.152:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /user/ebenistes/followers HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 10 Nov 2022 03:48:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 10 Nov 2022 04:48:02 GMT
Location: https://followshops.net/user/ebenistes/followers
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vkk9yI1LzooKL%2F%2Bcc5sAF6zZNfUKKl6af3uCHzZUjVvf12srM9hYjjwsRgOsuGdiLQFTlwgjgHHh4K4g0QpL6kN%2FTPw%2FNStTnIWBH18KpSNsTO66jFBPNarjsxj7uSKczYI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767bcf6c7d5eb511-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2932
Expires: Thu, 10 Nov 2022 04:36:54 GMT
Date: Thu, 10 Nov 2022 03:48:02 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4c6e4047ec266b87485610e26a85bb6f
cd543757597609d7309d02652318359078a965c2
d8aff7a24f3274782b4f41d6dbd181ba817f5a562d992a3a82966481c91f8a90

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6239
Cache-Control: max-age=116821
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:48:02 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 12:15:03 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4c6e4047ec266b87485610e26a85bb6f
cd543757597609d7309d02652318359078a965c2
d8aff7a24f3274782b4f41d6dbd181ba817f5a562d992a3a82966481c91f8a90

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6234
Cache-Control: max-age=116816
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:48:02 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 12:14:58 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dc90abd8b3ea8e75a68c144d74d75788
1ce29dca1ee9ca8931397de31ffb6cf7833baaf8
807000997bcf1b7a1fa35e43908cbfa54cd1704a5a0f53c09e1ae154638f10e0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "807000997BCF1B7A1FA35E43908CBFA54CD1704A5A0F53C09E1AE154638F10E0"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6365
Expires: Thu, 10 Nov 2022 05:34:07 GMT
Date: Thu, 10 Nov 2022 03:48:02 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
Alt-Used: 0

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 10 Nov 2022 03:43:49 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 253
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 1Td6uB8lbv5RcUm0RiypmtD5PPSHwxcidvvjZSThvegcUonsb+/NG/aqWKq0A39FFqIqnguFVe0=
x-amz-request-id: VJHJYNZN9BNMZK8A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 10 Nov 2022 03:11:59 GMT
age: 2163
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 03:48:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
c7df636eebdec79915b0b56dde01c538
b18ffb7c184c9a371e5095cff2b778b46a1243a4
96cb32087217cc126391e482458926f3a956d79429a7a7c38e2e05a0d7916e53

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=121726
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:48:03 GMT
Etag: "636bacf1-117"
Expires: Fri, 11 Nov 2022 13:36:49 GMT
Last-Modified: Wed, 09 Nov 2022 13:36:49 GMT
Server: nginx
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
c7df636eebdec79915b0b56dde01c538
b18ffb7c184c9a371e5095cff2b778b46a1243a4
96cb32087217cc126391e482458926f3a956d79429a7a7c38e2e05a0d7916e53

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=121726
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:48:03 GMT
Etag: "636bacf1-117"
Expires: Fri, 11 Nov 2022 13:36:49 GMT
Last-Modified: Wed, 09 Nov 2022 13:36:49 GMT
Server: nginx
Content-Length: 279

followshops.net/images/users/user-thumb1.png

172.67.177.12

200 OK

1.4 kB

URL HTTP/2
followshops.net/images/users/user-thumb1.png
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 40 x 40, 8-bit/color RGB, non-interlaced\012- data
Size
1.4 kB (1403 bytes)
Hash
25216cc01210322e52ca0f421e693409
8f82afde806a9bb2124e797651835ca7318928ca
b33fcf9f7f3a9ff45f2614d920a947a07469cb3f53860f651808274ac0bff094

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /images/users/user-thumb1.png HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: image/png
content-length: 1403
last-modified: Thu, 01 Oct 2015 09:55:22 GMT
etag: "560d030a-57b"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 90902
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4ca1ZqGX83ulQiWquiCSbBTUDayS2mgF3OzCjXGk1Ohx90N5cGaoOJr87V72sLdGvz3PpKHJDuxZXgjvBOUL82564op3Xb53f1IK%2FJXjmCjoNxNnMzPaK3HMUqPe2FTc2w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 767bcf71595cb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js

104.17.25.14

200 OK

6.7 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (21084)
Size
6.7 kB (6696 bytes)
Hash
9e85c6f6521bceeccb3d9ba9149fef80
1e18137215b276bb9bda85ac311d9c8cd5b01985
913b850ee0b505bf6b957ecd04dd3aab13543c9047c46532ac27b0be31e206bc

HTTP Headers

GET /ajax/libs/popper.js/1.16.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 6696
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-5309"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1855278
expires: Tue, 31 Oct 2023 03:48:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQeVp2g3JRxWf5Ke%2FCiycaCEGiVgmtvnToiGbXGzpoodexL6pZsIFAMT%2FGFALa1K6nk2uiw75zoYNLGXG3zBHX7KeLPDBZ1l6gjyVbYna45uLJ%2BDDYO3GG1rb%2B1DRjfudBco5fxN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 767bcf715f48b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

followshops.net/images/site/blank.gif

172.67.177.12

200 OK

43 B

URL HTTP/2
followshops.net/images/site/blank.gif
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /images/site/blank.gif HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: image/gif
content-length: 43
last-modified: Thu, 01 Oct 2015 09:55:22 GMT
etag: "560d030a-2b"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 350174
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pd%2FdWboCAwfL67c%2BEPecB2oC4OogE0NHD6g6TKqS6w1PWb2ae5p4qeZmfPV2AFEfEKLg2zJZOE7CIV3RaiAre%2BWk%2B9%2FhmziOXPvyJigkEib%2FLbD5kIK1RsBY02D5rtkh844%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 767bcf715959b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
87fa8e71a8dacba779a21338a94f841c
da2f625947dd791987f59af9ef39808804543fbe
1faea1fcba69bc8aac30d26c3d6ea989e914b7311108b150f9257bdcb987d833

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6227
Cache-Control: max-age=104227
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:48:03 GMT
Etag: "636b5043-118"
Expires: Fri, 11 Nov 2022 08:45:11 GMT
Last-Modified: Wed, 09 Nov 2022 07:01:23 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
87fa8e71a8dacba779a21338a94f841c
da2f625947dd791987f59af9ef39808804543fbe
1faea1fcba69bc8aac30d26c3d6ea989e914b7311108b150f9257bdcb987d833

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2240
Cache-Control: max-age=100240
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:48:03 GMT
Etag: "636b5043-118"
Expires: Fri, 11 Nov 2022 07:38:43 GMT
Last-Modified: Wed, 09 Nov 2022 07:01:23 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280

followshops.net/images/logo/followshops.png

172.67.177.12

200 OK

52 kB

URL HTTP/2
followshops.net/images/logo/followshops.png
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 500 x 106, 8-bit/color RGBA, non-interlaced\012- data
Size
52 kB (51655 bytes)
Hash
eed78319f3cb4e09117f4757f3cfad3a
b24f49ee17b1673a5d88202c85b74723cbb63ed7
55acd64c847b3fe9f4dbdb4a65020a6328ebf8bbea73a3d7e69f6589550db1ea

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /images/logo/followshops.png HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: image/png
content-length: 51655
last-modified: Thu, 01 Oct 2015 09:55:24 GMT
etag: "560d030c-c9c7"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 350174
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nwLUw7IPsVjUZL6qzJevrpVWOIeVunn%2Fa8JIWnJGfWFNLm7squQWDShlQhy%2FFmxirG33RyKD022EwWyQcmmuYNkyTzww3E1UMo%2BQy%2FmPgSuk0souVHMzmKR%2FeM4LM%2BzrSTY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 767bcf715956b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

followshops.net/images/site/loading.gif

172.67.177.12

200 OK

1.2 kB

URL HTTP/2
followshops.net/images/site/loading.gif
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 32 x 22\012- data
Size
1.2 kB (1188 bytes)
Hash
206d3c2a8896cbb199683a9906075f8c
ffa26c8e5eee4b4e15acf13d547c3f33a174976e
551e27d05a38b2505f23c14f83b584af3e815f1aca16ad9177f66a92d0b879a4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /images/site/loading.gif HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: image/gif
content-length: 1188
last-modified: Thu, 01 Oct 2015 09:55:24 GMT
etag: "560d030c-4a4"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 350174
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ppGl2GQp29vTEL7L99Livx3jYW2sgxlai7hJaPlUmEvUHpilbtqMrDvgu10vEPq%2B9DlsbLv7eA%2Ft7FBh9QohJJ80i7r6c3tYiwB3Dx0JQYcKfBzTEfIfc95VslJjyGUP7AI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 767bcf715957b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
87fa8e71a8dacba779a21338a94f841c
da2f625947dd791987f59af9ef39808804543fbe
1faea1fcba69bc8aac30d26c3d6ea989e914b7311108b150f9257bdcb987d833

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6227
Cache-Control: max-age=104227
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:48:03 GMT
Etag: "636b5043-118"
Expires: Fri, 11 Nov 2022 08:45:11 GMT
Last-Modified: Wed, 09 Nov 2022 07:01:23 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280

followshops.net/images/product/IMG_077023.JPG

172.67.177.12

200 OK

48 kB

URL HTTP/2
followshops.net/images/product/IMG_077023.JPG
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 99", baseline, precision 8, 600x600, components 3\012- data
Size
48 kB (48206 bytes)
Hash
7d6b5145dbba97dc9e70c2c980c77e6b
3c5331db85f63d10b3fa15eeb455bad8f0400a25
f5b483dc2bc96a28cd99c032550005a8abe4b877d61ca8be832a8e7f4bd55bb0

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /images/product/IMG_077023.JPG HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: image/jpeg
content-length: 48206
last-modified: Mon, 21 Jun 2021 07:52:43 GMT
etag: "60d0454b-bc4e"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 90902
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zYiN%2BNP0UNZEvg9zSszgFZXKHZRrowSVMhyz3gVPyAqjRxVnb4CQOArW%2BpsHQaHsQBj5Xlyk7M%2FXfBvqBKr2XBCIjQfzy8cN%2BiX%2BuwVnRDFAzNPrnvK%2B5KvFZMA%2FZROGejw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 767bcf715960b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-1.11.3.min.js

69.16.175.42

200 OK

33 kB

URL HTTP/2
code.jquery.com/jquery-1.11.3.min.js
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (32038)
Size
33 kB (33261 bytes)
Hash
1c8acbf5f411ace3b76578a1fd1a603e
b1bbee9db24d885c25afd2e5a7720e4f79b6b991
e37464521b5447580a641b775ddb258a76f3bc7a3ca5a34eb452b12908b350a9

HTTP Headers

GET /jquery-1.11.3.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-encoding: gzip
content-length: 33261
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-176d5"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1668052083.dop023.sk1.t,1668052083.cds259.sk1.hn,1668052083.cds216.sk1.c
X-Firefox-Spdy: h2

code.jquery.com/jquery-migrate-1.2.1.min.js

69.16.175.42

200 OK

3.1 kB

URL HTTP/2
code.jquery.com/jquery-migrate-1.2.1.min.js
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (7085)
Size
3.1 kB (3063 bytes)
Hash
e1084a25976d8b8999acadc7350ffb48
99b723d38b78d8347e8dfa60193b12864a370227
b98359c65420aa3864d5b86ef94c4c9a5fb8c772a905884a5ba4ce55319a3d13

HTTP Headers

GET /jquery-migrate-1.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-encoding: gzip
content-length: 3063
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-1c1f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1668052083.dop023.sk1.t,1668052083.cds259.sk1.hn,1668052083.cds242.sk1.c
X-Firefox-Spdy: h2

followshops.net/js/site/follow-filesjquery_002.js

172.67.177.12

200 OK

5.9 kB

URL HTTP/2
followshops.net/js/site/follow-filesjquery_002.js
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type
assembler source, ASCII text
Size
5.9 kB (5926 bytes)
Hash
9e531bfb9f794a3f1b0c160d8f1d0686
c8e65f7e9aa39fd45838f55c1e2c0f91e4719682
7eb5eda87e675afd7fef9c444a7c845743c8eb12b36eab557f0f67046e311ebb

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /js/site/follow-filesjquery_002.js HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: application/javascript
last-modified: Mon, 31 Aug 2015 07:24:06 GMT
vary: Accept-Encoding
etag: W/"55e40116-5eaa"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 350174
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFyViYaqyXNPtG%2Bn8EbHsGlg%2FWzdcgc2ktkdm0PZZHcm%2FafQwTrlTP5Jbce946XoN2n5fKDhSkuS7AxxACPb5wozfPeZTU0RopSsbkz2yCnMCCfkcDDLDq6xGmOIl6rhwdM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767bcf714942b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c59d06092401e375df491b06ee8e6dbc
2e27b8ff7c08a5349e27969bc2a08e5e19d0c1da
23ee4ab633fcf67dc5d4d1931450e365cec8d436ef1f9ba5f46b6bab974724c4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4658
Cache-Control: max-age=110184
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:48:03 GMT
Etag: "636b6da9-1d7"
Expires: Fri, 11 Nov 2022 10:24:27 GMT
Last-Modified: Wed, 09 Nov 2022 09:06:49 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2d46cc53a1538ba2f6bb280da629e041
2ef714b4f668272bd5ab9c1a27a7e5441c975b53
178465070084aced449db36199915decc6517938c9261ca1a9a0bf5b7d95a94d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:48:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2d46cc53a1538ba2f6bb280da629e041
2ef714b4f668272bd5ab9c1a27a7e5441c975b53
178465070084aced449db36199915decc6517938c9261ca1a9a0bf5b7d95a94d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:48:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

followshops.net/css/site/follow-main.css?v=123456

172.67.177.12

200 OK

78 kB

URL HTTP/2
followshops.net/css/site/follow-main.css?v=123456
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF, CR line terminators
Size
78 kB (77494 bytes)
Hash
f05f9f3ecea0799238f3c30ed817d542
9e7a4fcd6853f7d4563dde223e3d0ea7ee7d21a9
62435dd842066130773c925880a31c36c446aea2148988d232228f41a638afd0

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /css/site/follow-main.css?v=123456 HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: text/css
last-modified: Thu, 29 Jul 2021 06:05:38 GMT
vary: Accept-Encoding
etag: W/"61024532-6d08f"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 350174
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJwJhxB9MpmyrTqGiunNnG0t9DE2ARsBOjh09vw0ARURNHviKElFf2zKs9xRV40zdX5FGvTX0wZXF0STKMVUR1fBdnXOXEoA2GMbHBLDRmvcupgTo3vM7OBHR4bNc%2BOhY08%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767bcf712924b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 16:32:03 GMT
expires: Thu, 09 Nov 2023 16:32:03 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
age: 40560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

maps.google.com/maps/api/js?key=AIzaSyBVL5oiAiHqEzFAqjR2U6OX2SWB2K6TlPs&sensor=false&libraries=places

216.58.211.14

200 OK

56 kB

URL HTTP/2
maps.google.com/maps/api/js?key=AIzaSyBVL5oiAiHqEzFAqjR2U6OX2SWB2K6TlPs&sensor=false&libraries=places
IP
216.58.211.14:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2393)
Size
56 kB (55526 bytes)
Hash
2a533bd2f58bb40ec1a23e6c1942dde1
f4a1d7136fa1ca19e0a0e18ace71c5609e2c56b0
a449315ebaf9a360bf39d2242c4410b305e353c74885a21f97b296472a7c375d

HTTP Headers

GET /maps/api/js?key=AIzaSyBVL5oiAiHqEzFAqjR2U6OX2SWB2K6TlPs&sensor=false&libraries=places HTTP/1.1
Host: maps.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Thu, 10 Nov 2022 03:48:03 GMT
expires: Thu, 10 Nov 2022 04:18:03 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 55526
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=14
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2d46cc53a1538ba2f6bb280da629e041
2ef714b4f668272bd5ab9c1a27a7e5441c975b53
178465070084aced449db36199915decc6517938c9261ca1a9a0bf5b7d95a94d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:48:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9cec7fd19118aaeb5702dd97a8dd2b0e
40769764dfe2e1d216aeb0f18b935ad9e2fd9b11
0d10421ffd21c60df554fc54330fb769ea6cf59b8a795c14500defff88f8b366

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:48:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

followshops.net/css/site/follow-filessign.css?v=123456

172.67.177.12

200 OK

7.6 kB

URL HTTP/2
followshops.net/css/site/follow-filessign.css?v=123456
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (421), with CRLF line terminators
Size
7.6 kB (7579 bytes)
Hash
ab7099d0214d76f101462dc89d9430d2
7b8cb1337fbc48cd424a5ecc8abe34e7a7a338ae
643e20ab7327c5fb03096cbe987bfc7c5bbb9b3cede1622af643c0020041a8fb

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /css/site/follow-filessign.css?v=123456 HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: text/css
last-modified: Mon, 24 May 2021 08:06:23 GMT
vary: Accept-Encoding
etag: W/"60ab5e7f-6bee"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 350174
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BbQffUf%2BJ4y8m0GkADXtkh%2BPlFKz%2B%2Bzvf694zmV%2BilBeQcwWDIOd1gGtDSQWKaMwJhFikqOpO0sd6FziRBTfV7LlJdEuPPZRj729o8CWFv908uSdK1urdkj0RUDBtH2g7Nc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767bcf712926b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

followshops.net/css/site/follow-selectbox.css?v=123456

172.67.177.12

200 OK

38 kB

URL HTTP/2
followshops.net/css/site/follow-selectbox.css?v=123456
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
38 kB (37954 bytes)
Hash
cafb45bf441f40b64be77b14bc65af7b
9c8f6222f8170da05cb1d2d074db8df102e933fc
4d8f5540f74f7a25e39156903e42c7783d7c7b4f356b649eae16f6d94f9b6715

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /css/site/follow-selectbox.css?v=123456 HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: text/css
last-modified: Sat, 17 Aug 2013 10:11:42 GMT
vary: Accept-Encoding
etag: W/"520f4c5e-bb6"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 350174
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izkMqSXJ6PBUuh2CHldbRYCqoOrkqcZm0tUSMcELRVFT9PgSQ6AEFrCaSgJ0DCREU%2FP6WRv4I74W%2Fah8eB9tm52H3A1%2B0RwUsvYBXyPsu1clNBVzduT4CJNOafCWywQWEXU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767bcf71292db50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

followshops.net/css/site/follow-timeline.css?v=123456

172.67.177.12

200 OK

11 kB

URL HTTP/2
followshops.net/css/site/follow-timeline.css?v=123456
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
11 kB (10700 bytes)
Hash
021baa14a1ce3109d6a6bc90d9fa8304
e4c5384bbc2dc7a1bb50cb750a5080acb6fd7b25
cc664dac63885cccf174311a9dd218551939ab46d8b025d01067d29cd589fdab

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/site/follow-timeline.css?v=123456 HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: text/css
last-modified: Tue, 27 Jul 2021 11:07:55 GMT
vary: Accept-Encoding
etag: W/"60ffe90b-c05d"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 350174
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3xCe3VmP25qzm5vJF0oguk06sSNSFSN32iRM1TwJaYu9Y1%2BZIiPkQtpo3hcsaASL5nCW69qbuFWsDlnBZ1mEaqpWm7mQkLDnuO5SQRMghZR0IF1n%2FoZea5jl6lvVagunro%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767bcf712932b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.83.241.90

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.83.241.90:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9Y3trnfQC7veZpm+6DU40g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: R9l8D/SZcYePpJ1rn0X4PvVk0G4=

followshops.net/js/site/follow-filescatalog.js

172.67.177.12

200 OK

44 kB

URL HTTP/2
followshops.net/js/site/follow-filescatalog.js
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
44 kB (44386 bytes)
Hash
56a0304843440e42a83b6c1096a0ed79
b0aa47cab8f814e545bfdd4ac5e7a59b02b8bf8f
efcf184244010badebed0a62d4374198a4d420b440fd4de5b956bcafd6f2751a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /js/site/follow-filescatalog.js HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: application/javascript
last-modified: Mon, 31 Aug 2015 07:24:06 GMT
vary: Accept-Encoding
etag: W/"55e40116-b21"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 350174
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6RgO9PgFA2Gr2UBU7UTM9EU7IFJIcyF%2FFJ%2FP7%2BaF%2FeZlZ3aXcDB69Z9MAkaOSKlMeVnhpL%2Bp29SlvK0f%2BSjbdaGIuv5zyjYnD%2BLn7LiI8YI%2FHT2%2F32eXzQ34JxmHbgDAZyg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767bcf71493eb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2b6e814cf24d6076a53097eacb138a7f
7e3b9b5d44699f81209a7ea0182640f5596804a5
218be263224d3d1a01ba126d0a7311b972bd88744ec0919b5e471077abe68e03

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:48:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

142.250.74.170

200 OK

23 B

URL HTTP/2
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text
Size
23 B (23 bytes)
Hash
e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9

HTTP Headers

GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://followshops.net
Connection: keep-alive
Referer: https://followshops.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 10 Nov 2022 03:48:04 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://followshops.net
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 10 Nov 2022 02:41:09 GMT
expires: Thu, 10 Nov 2022 04:41:09 GMT
cache-control: public, max-age=7200
age: 4015
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2b6e814cf24d6076a53097eacb138a7f
7e3b9b5d44699f81209a7ea0182640f5596804a5
218be263224d3d1a01ba126d0a7311b972bd88744ec0919b5e471077abe68e03

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:48:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
61a9432317cba5908c0a73266e8b8a62
c8bc872f016956cbb5569d7727bdfd46d64146c6
fafa5e76a4ed086616cce2f8e5af613630b11221ec9001d30cac72f6c1f350de

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:48:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

maps.gstatic.com/mapfiles/transparent.png

142.250.74.163

200 OK

15 kB

URL HTTP/2
maps.gstatic.com/mapfiles/transparent.png
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
15 kB (15302 bytes)
Hash
ec965ccfd8acaf0602eef03eedac08a2
08efc4a5c15ae6da0d0d317d0468378e1066382f
3b853d1584261fe8098ec4a2cdd9696eccdcf6a00448cfe3038df9c1f48e0889

HTTP Headers

GET /mapfiles/transparent.png HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 68
date: Thu, 10 Nov 2022 03:48:04 GMT
expires: Thu, 10 Nov 2022 03:48:04 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
61a9432317cba5908c0a73266e8b8a62
c8bc872f016956cbb5569d7727bdfd46d64146c6
fafa5e76a4ed086616cce2f8e5af613630b11221ec9001d30cac72f6c1f350de

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 03:48:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

maps.gstatic.com/mapfiles/undo_poly.png

142.250.74.163

200 OK

1.8 kB

URL HTTP/2
maps.gstatic.com/mapfiles/undo_poly.png
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
PNG image data, 90 x 27, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1804 bytes)
Hash
2bb1383e2a9ee6528ddb13196809fb3f
ea89cd4bd22c7210609dd81ab7b950c54e610b4f
c2891e07d682011e6916fb39490661579278993d30a0c0a4bf41b08627fafb88

HTTP Headers

GET /mapfiles/undo_poly.png HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 1804
date: Thu, 10 Nov 2022 03:48:04 GMT
expires: Thu, 10 Nov 2022 03:48:04 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12573
Expires: Thu, 10 Nov 2022 07:17:38 GMT
Date: Thu, 10 Nov 2022 03:48:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12573
Expires: Thu, 10 Nov 2022 07:17:38 GMT
Date: Thu, 10 Nov 2022 03:48:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12573
Expires: Thu, 10 Nov 2022 07:17:38 GMT
Date: Thu, 10 Nov 2022 03:48:05 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6f25920-a3d0-43b8-b5bf-03e98ef4db49.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6f25920-a3d0-43b8-b5bf-03e98ef4db49.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10654 bytes)
Hash
9ee61492435f30b5997b4628feffd92a
7a4873a1b472f973fe8eef44a5af4eb7ace6344f
2685279092cd3c81ed4064ca47c286bc9993df2558be22326d3db2810544c4c2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6f25920-a3d0-43b8-b5bf-03e98ef4db49.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10654
x-amzn-requestid: 29c382f1-c231-4293-bb36-3547bd2f93a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bRUxYFKwoAMFj7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636a01a2-5960978c2e9561057ad85692;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 07:13:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YZQmyZ5nAhwM9swgxxovu0g3JsQkYRQBArFWND76bj-bT6BWXbhkuQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 07:14:55 GMT
age: 73990
etag: "7a4873a1b472f973fe8eef44a5af4eb7ace6344f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74db090f-5da5-464b-91b1-7fac90d3e5eb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7987 bytes)
Hash
d68ac59950c3276cd8f92b777a004df1
94c0ee5c14e8e8cdf95883582ba8084cc5867f93
b02d6d61c1fae8260d1fc30c0a78ebbc3482a3aa0acafb58d8269942ff8e732b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74db090f-5da5-464b-91b1-7fac90d3e5eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7987
x-amzn-requestid: 6a465dcd-6a4e-49fb-9fa9-169678d39b5d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlo7HBFIAMFSQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c9f-4ffe8f2534aeaef73329a8cd;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:19 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gbK3hyzE9RBuLiIQHUrouV-Kqe6r2cTMLYauv9W0ych9irxQexKWAQ==
via: 1.1 637ef0a7bc474e9a314fa064b65e8082.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:53:35 GMT
age: 21270
etag: "94c0ee5c14e8e8cdf95883582ba8084cc5867f93"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb45d42fc-185c-4bf0-906b-55b0275ee2d4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.3 kB (3319 bytes)
Hash
aeb648ba8ff2bcbb363004559ced5b87
25c8230dc14cfc31d8660b8ea8a72f3ac881ea7e
3eb0d98cc52b574f7496061ab00d6276c7a83ca1be7b7974a932a7827a9dd4b3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb45d42fc-185c-4bf0-906b-55b0275ee2d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3319
x-amzn-requestid: 4720d817-e198-4cae-b14c-b78972e7dd05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlrkGdMIAMF8_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1cb0-6c3edabf3f07e37951156122;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:36 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DM1zgiiuwGAtsVQj7S-Nz7N8_NvgUdw8JceoQtBRJrNg9iUmpfBY3w==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 21895
etag: "25c8230dc14cfc31d8660b8ea8a72f3ac881ea7e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0d37511-5958-42ab-acd0-aed0c04a0e2c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9360 bytes)
Hash
61e58563ce83ab22c1604920db81f8e5
71dc8a32634a72c2092ef90a4f46250599b523f6
ddbb9d12368a95d38b94398274524862a28da41f22062d0096ac0c7052e2ca3b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0d37511-5958-42ab-acd0-aed0c04a0e2c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9360
x-amzn-requestid: ab27926c-6cd1-4817-a5ff-aa47f666f337
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlpOGmjoAMFU4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1ca1-5835f3a814659500346d44e8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MrUvpMcxRPmksSmHQv-VIavSGtumJjPbrn4wleWN-9EXk-IUctJsgg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:57:48 GMT
age: 21017
etag: "71dc8a32634a72c2092ef90a4f46250599b523f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11316 bytes)
Hash
848af62ec10d0c297922f8600b6ad12d
4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d
a3b4eb6768259876819d7e6c7ac9e21c603d54f60bf70ed077cb820711e2ae74

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11316
x-amzn-requestid: 8456b25a-b87f-490d-86b3-fb217afea082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniESaIAMF3Qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-30ed3b0972418bae4700edc8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: paNICiysr9pIOxtqOqjnIOValYbM8InQZ9SmEOUIJirFQd03IN6eRw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 21895
etag: "4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8242 bytes)
Hash
feb275cc5fa7b13e70522cb76f001bbc
80ca9cf6cbbc73a884c3a839ace9a7aa191a8504
a5680637b55669355967b87fd4be4881a3e4dea746b7c420acf4dcb46b8a28de

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8242
x-amzn-requestid: 1ab9c180-7e6b-4eae-a6cf-6a45c96fdc4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlrkE_2oAMFk2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1cb0-0089846803d11bb649874507;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6xhB_vy5Aj6ScBQuTwWX93HFG5eS3SZHr7dP2Qsz-Q1P1pcXk339gQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 21895
etag: "80ca9cf6cbbc73a884c3a839ace9a7aa191a8504"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

followshops.net/css/site/follow-filesphoto.css?v=123456

172.67.177.12

200 OK

0 B

URL HTTP/2
followshops.net/css/site/follow-filesphoto.css?v=123456
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /css/site/follow-filesphoto.css?v=123456 HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: text/css
last-modified: Mon, 31 Aug 2015 07:21:32 GMT
vary: Accept-Encoding
etag: W/"55e4007c-8a5"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 350174
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Abu%2F0q6gbn7KuA6EIFYqZfEa2orqwSueXE5QgB1q83GhGsEsloQXjbV0SD0SCcayYOOMpRV0I%2BMjeSEPayrnDecrH%2FJo9R7I2mFHa9x71Je346pFY6IZQXO%2FNQvgmnBAK1s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767bcf71292cb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

followshops.net/css/site/follow-filestimeline-slideshow.css?v=123456

172.67.177.12

200 OK

0 B

URL HTTP/2
followshops.net/css/site/follow-filestimeline-slideshow.css?v=123456
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/site/follow-filestimeline-slideshow.css?v=123456 HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: text/css
last-modified: Sat, 17 Aug 2013 10:10:34 GMT
vary: Accept-Encoding
etag: W/"520f4c1a-27ee"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 350174
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1SOW5t%2BL8jlEMPEjBw6c4XwXd48%2BuokyJ%2B%2FCsj%2BEZD0jPMd%2FJt5ukFjrRvM02ABj5%2FdfOvxFvNcxusRoWUoVzOdzj7z1ChgTK%2F%2FKQM6c3pypD3%2F2d6gIMl3ncLSM%2BMEHYs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767bcf71292ab50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

followshops.net/js/locationpicker.jquery.js

172.67.177.12

200 OK

0 B

URL HTTP/2
followshops.net/js/locationpicker.jquery.js
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /js/locationpicker.jquery.js HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: application/javascript
last-modified: Mon, 06 Sep 2021 10:20:01 GMT
vary: Accept-Encoding
etag: W/"6135eb51-2ce9"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 350174
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HyK9vzA3EyogtKCM7LXfV35W%2FZLX%2FizvkGUSoLlX9eKDoKaG36hY6iT51ArhQ1fizCo9DREL7VlJDvSATMFhAqi15M%2FNXX7NERmVDksWqJ9fSRSfxOcEqVxqQ13JkRYJVAg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767bcf71493fb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

followshops.net/js/site/main4.js

172.67.177.12

200 OK

0 B

URL HTTP/2
followshops.net/js/site/main4.js
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /js/site/main4.js HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: application/javascript
last-modified: Sat, 26 Jun 2021 07:58:22 GMT
vary: Accept-Encoding
etag: W/"60d6de1e-1f848"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 350174
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJ4LauPMgaMfE69gjV%2B0Dw2AI1SahE1kw2LBQm2kJVcYb2oIY3e94apeUaPSibpJ6na4RU57wwkm2R1sc0EBOf%2F94iFtrJ1oW5VEz8e5HwcKSXE05vBZHnAX44pEAm%2B5a1I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767bcf714944b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js

104.18.10.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/3.3.5/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://followshops.net
Connection: keep-alive
Referer: https://followshops.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"4becdc9104623e891fbb9d38bba01be4"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 08/20/2022 02:32:00
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 864
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: b17f0addf2f0a395fbf75d9383f20934
cdn-cache: HIT
cf-cache-status: HIT
age: 350174
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 767bcf729c18b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js

142.250.74.106

200 OK

0 B

URL HTTP/2
ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ajax/libs/jqueryui/1.10.3/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 60529
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:02:03 GMT
expires: Thu, 09 Nov 2023 19:02:03 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 31560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

followshops.net/user/ebenistes/followers

172.67.177.12

302 Found

0 B

URL HTTP/2
followshops.net/user/ebenistes/followers
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /user/ebenistes/followers HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: text/html; charset=UTF-8
location: https://followshops.net/
cf-cache-status: DYNAMIC
set-cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D9a1deead45bcf3a208167e06cd881cf9797ce2ae; path=/
ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZU4LM5fU72FM6XgWicb2vgmoS6HE4MOWYnlffeoz%2BlMiTc80ehWL9pdXDtEs%2FSsJhDLhEk0sOAmahzdFKKgo0YL8vCqvpQr7FZCHKzf3t6O392c57VHQ%2F%2BuZc6JUJM7fDVI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767bcf6f6ff7b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

followshops.net/css/site/follow-filespopup.css?v=1234567

172.67.177.12

200 OK

0 B

URL HTTP/2
followshops.net/css/site/follow-filespopup.css?v=1234567
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /css/site/follow-filespopup.css?v=1234567 HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: text/css
last-modified: Thu, 29 Jul 2021 09:33:28 GMT
vary: Accept-Encoding
etag: W/"610275e8-25b41"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 350174
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbNfKTqWdyy2msq5WJ6vdAuLCW5FswK4hyE5TTrZH%2FFSh76pr%2BlYV7vp1DsHiRlHgtW42OsiMGFJl%2BXOjCD3CIz4r9UHwq8R9vUT4%2BsrswaN3fUsK6xfmM1mlmn%2FwR1xTsY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767bcf712927b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

followshops.net/css/developer.css?v=123456

172.67.177.12

200 OK

0 B

URL HTTP/2
followshops.net/css/developer.css?v=123456
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /css/developer.css?v=123456 HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: text/css
last-modified: Tue, 27 Apr 2021 08:49:57 GMT
vary: Accept-Encoding
etag: W/"6087d035-2a57"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 350174
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LC3t9uqpmGoRlBb7mNl4sXNkF8CQ56%2FZztgzKbokeHm%2F3zwjC5895mOwAX7osx9c7lqaHkoBmbHkOKRoFbp4Pbj%2BfS0g0JSWHEHWGFHDn2%2B3qXyCFsJbJcK7J2rQu6P68RU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767bcf712931b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

followshops.net/js/site/jquery.ui.addresspicker.js

172.67.177.12

200 OK

0 B

URL HTTP/2
followshops.net/js/site/jquery.ui.addresspicker.js
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /js/site/jquery.ui.addresspicker.js HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: application/javascript
last-modified: Sat, 04 Sep 2021 10:14:40 GMT
vary: Accept-Encoding
etag: W/"61334710-286f"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 350174
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hzSv7W42MTAI43knM7unS%2BEjXtX%2BaaLL76rfPKqwFwuzfaH64NAbpXkNOsidxhv1shTei%2B1uEKqO81OYR%2FZNCEKMXe9Yr2AIT6DdHqll78aK8ZVU8LmfFpebVfdIm2xWOpA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767bcf714941b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js

104.18.10.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.5.2/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 601, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 2021-04-23 06:18:12
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 635a5ba5b16f6b5cab614d07cc78dc4b
cdn-cache: HIT
cf-cache-status: HIT
age: 16162381
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 767bcf722f97b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

followshops.net/js/site/editor-config.js

172.67.177.12

200 OK

0 B

URL HTTP/2
followshops.net/js/site/editor-config.js
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /js/site/editor-config.js HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: application/javascript
last-modified: Thu, 01 Oct 2015 09:47:54 GMT
vary: Accept-Encoding
etag: W/"560d014a-c89"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 350174
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m1jOPRET5wQq%2F0nDq%2BtPzJ9C6PZPwQBSr60c2TaTxjGqXxKJDjKvLVdAjmGXq0WphdpXrIA7pl4CGRQHdmJkuMJogJKPSb8JwTQ9MHO4ZMNqcurB0wmwvHsTpiVWol%2FCtHE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767bcf714947b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

followshops.net/js/site/follow-filesjquery.js

172.67.177.12

200 OK

0 B

URL HTTP/2
followshops.net/js/site/follow-filesjquery.js
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /js/site/follow-filesjquery.js HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: application/javascript
last-modified: Mon, 31 Aug 2015 07:24:06 GMT
vary: Accept-Encoding
etag: W/"55e40116-1d01"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 350174
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZ8PyuODpE5mWUuMOOSV8Nbb%2B0R7hIUIUkwEi6PAHF30evzMZfilj943xzhPiD13AxVcUmkjXSwRrko0G2ZMbprba1wECr0Ml%2Ft1dy%2B1ywUVAW%2B3twiOWBB4OceYlj2cODE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767bcf714943b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

followshops.net/js/site/landing_category.js

172.67.177.12

200 OK

0 B

URL HTTP/2
followshops.net/js/site/landing_category.js
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /js/site/landing_category.js HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: application/javascript
last-modified: Mon, 03 Apr 2017 16:29:54 GMT
vary: Accept-Encoding
etag: W/"58e27882-2ff5"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 90902
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YpgGHzGmIW0WIrQwFAwSZwCi54vAhVPwJxNT17m2SQWD0j4NsM0M%2BYFOM100G6tvfAJrHX6748YmruW0ftdHuLwKh1zJqMNXbQG3sBpYu0Vta5PvoGn3uFapJf9xOaf4v8w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767bcf71595ab50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css

104.18.10.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.5.2/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 08/03/2021 15:44:07
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: 0c835de6853c3382b93a518481c93460
cdn-cache: HIT
cf-cache-status: HIT
age: 1216340
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 767bcf722fa8b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

followshops.net/css/site/follow-clone-style.css?v=123456

172.67.177.12

200 OK

0 B

URL HTTP/2
followshops.net/css/site/follow-clone-style.css?v=123456
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/site/follow-clone-style.css?v=123456 HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: text/css
last-modified: Thu, 29 Jul 2021 06:25:50 GMT
vary: Accept-Encoding
etag: W/"610249ee-28684"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 350174
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5XHE4JA0v6PAzvXonjOGVnZ3sPPGgJZbN81z%2FupC8LpXxPZL1zLBuBzHxgFW%2FRPCPCKgrFqbjnechtPnz5efMKE7uIbjv9GdE210SsfjjD8kgAZ6rCZGnQq2zGXZbaeSDw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767bcf71191bb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

followshops.net/js/site/bootstrap3-typeahead.min.js

172.67.177.12

200 OK

0 B

URL HTTP/2
followshops.net/js/site/bootstrap3-typeahead.min.js
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /js/site/bootstrap3-typeahead.min.js HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: application/javascript
last-modified: Mon, 09 Nov 2015 14:54:28 GMT
vary: Accept-Encoding
etag: W/"5640b3a4-1ade"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 350174
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WuckX1ZO%2FxI9jHhRLfjde6MblT5Wmsdds5gH1f5l2SpwRudwpiimyxqDg%2FmTx%2FbW9zYcGLjWERS%2B2N6rWEMGUBXhX2%2BYRaIHWv1t197LVg6xUehJOmzY7MBkzm3X0hfx1dQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767bcf714940b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

followshops.net/js/site/follow-filestimeline_slideshow.js

172.67.177.12

200 OK

0 B

URL HTTP/2
followshops.net/js/site/follow-filestimeline_slideshow.js
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /js/site/follow-filestimeline_slideshow.js HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: application/javascript
last-modified: Mon, 31 Aug 2015 07:24:08 GMT
vary: Accept-Encoding
etag: W/"55e40118-5bbb"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 350174
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vgtv1NePLlkF1JDxvcMd%2BiuNSyfKzFUWAl3usvENTm5azfZd0%2Byfd2KywO0uU8Lqh5hbUh%2Bn698N%2F4eXTK73uyQ19KkVaRCXGNTXQsScCRVq33hQdYKPkBuYLU%2Bph2CdKhI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767bcf714945b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

followshops.net/js/tinymce/jscripts/tiny_mce/tiny_mce.js

172.67.177.12

200 OK

0 B

URL HTTP/2
followshops.net/js/tinymce/jscripts/tiny_mce/tiny_mce.js
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /js/tinymce/jscripts/tiny_mce/tiny_mce.js HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: application/javascript
last-modified: Thu, 01 Oct 2015 09:47:54 GMT
vary: Accept-Encoding
etag: W/"560d014a-28fe4"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 350174
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ce4bEvhwFScruAHwYQjMnhNfPAEkZ6GfAWVJd0zZ6IR3zQTm1%2BTT2XZqHEx3%2Boc0a5R0bWAclGeP%2FbXeFUpvSb9dpxxcQ%2BvvGneWyEpLlTWESGCtCJQgLXzFs6AZWhV4jXY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767bcf714946b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

followshops.net/css/site/follow-timeline.css?v=12345

172.67.177.12

200 OK

0 B

URL HTTP/2
followshops.net/css/site/follow-timeline.css?v=12345
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/site/follow-timeline.css?v=12345 HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: text/css
last-modified: Tue, 27 Jul 2021 11:07:55 GMT
vary: Accept-Encoding
etag: W/"60ffe90b-c05d"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 90902
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6iRpEdEm5M9Sg3%2B%2FurbYjtNxrmC0Ex58V6uUmpZhoJuD5NU4WCpjsQpBQSwiHSjT8YB5GOIPDjyii5wV24Xl7y4YDIUx25U8T0d4YlrJHsNTPms1ikfzZI1hYKz0kkl7hE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767bcf71595bb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

followshops.net/js/validation.js

172.67.177.12

200 OK

0 B

URL HTTP/2
followshops.net/js/validation.js
IP
172.67.177.12:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /js/validation.js HTTP/1.1
Host: followshops.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://followshops.net/
Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22447453c41217835300c86e097762fb8f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1668052083%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A18%3A%22fc_session_temp_id%22%3Bs%3A6%3A%22328801%22%3B%7D18ec40193a8b486ce09716994a8ca1d6670976f0; PHPSESSID=jg1d8651mggao56hp1p1o52hi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 03:48:03 GMT
content-type: application/javascript
last-modified: Thu, 01 Oct 2015 09:47:56 GMT
vary: Accept-Encoding
etag: W/"560d014c-bacd"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 350174
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2F%2ByfIegRiKe%2BFz43FC9vC9M7JZvRGUxY7wnRGGfaWdO83%2F3AHC4opxqlhrNFXVEcBL9DNOpRmWtqeq9JQ%2BUaps9yTIQu9CGir96QkWJcVIQ7clfL%2Fdk3MZ%2FWFderT23mq0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767bcf715955b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (44)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations