Report - news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/

Report Overview

Submitted URL
news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
IP
172.67.179.154
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-25 06:41:16
Access
public
Website Title
Login to continue – Buy and Sell Items Locally or … – Marketplace Listings
Final URL
news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Tags
meta facebook phishing social
urlquery detections
Phishing - Facebook

Detections

urlquery
15
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
news.ddr8drop.shop	unknown	unknown	No data	No data	10 kB	2.1 MB	104.21.31.192

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	news.ddr8drop.shop/bower_components/ua-parser-js/dist/ua-parser.min.js	17 kB	2023-04-05	2024-05-03
Pretty URL news.ddr8drop.shop/bower_components/ua-parser-js/dist/ua-parser.min.js IP 104.21.31.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 05:27:01 Last Seen2024-05-03 19:19:51 Times Seen848 Hash a7e9c9b57fe9cfe79bd36a350b9a877f c186195ae889214c8b4af9f70ef872098bc44f4c 15dab54b218a38a7955d0ce950039eaf35fd565f40eec53032fc52353c302b76 Loading...

	unknown	58 B	2024-04-25	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 08:41:22 Last Seen2024-04-25 08:41:22 Times Seen2 Hash d8e694c4d8dec2591e0bc2a55af79199 569be7fa9ac5d1a2f3a8759a170c07cf6a1bcfd3 ba975990a1d0434d667e2e816dc4bd3dea44b0b53960d6723c7db1403f55454e Loading...

	news.ddr8drop.shop/core/form/core_form.js	17 kB	2024-03-11	2024-05-02
Pretty URL news.ddr8drop.shop/core/form/core_form.js IP 104.21.31.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-11 13:42:05 Last Seen2024-05-02 18:09:58 Times Seen123 Hash a17c7e17b71ea10cf76bf5bbb8fb6f57 08ebb851c9c37f53a2b8fedc94adc9d1cacb1cb8 871d7d34566ed4c3206be32e299552d04a697a82a36829cc71ba258ce44e4ca1 Loading...

	news.ddr8drop.shop/core/token/core_token.js	14 kB	2024-03-11	2024-05-02
Pretty URL news.ddr8drop.shop/core/token/core_token.js IP 104.21.31.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-11 13:42:06 Last Seen2024-05-02 18:09:58 Times Seen123 Hash 94f53d530575909ce27cdd1f5dc64372 91b96e78d0aad4dfb6fa1834e7d9a60829d42eb8 3c8c63b5d734c8307e26340fabc40d2db29b8e790c857bc794f429196bc8bcf1 Loading...

	news.ddr8drop.shop/login/token/token.js?v=6629faf24bdf7	1.3 kB	2023-03-09	2024-05-02
Pretty URL news.ddr8drop.shop/login/token/token.js?v=6629faf24bdf7 IP 104.21.31.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:46:09 Last Seen2024-05-02 18:09:58 Times Seen319 Hash 8468dcbc6d954bbc68eaad8033dfecd5 1f4cf015e6605be37ac4fb2ee9502ccb545b0936 c0bbbbdcb1b367c9212e278853f052c45436e7d7fcaae2d1250611912374285a Loading...

	news.ddr8drop.shop/bower_components/jquery/dist/jquery.min.js	87 kB	2023-03-07	2024-05-04
Pretty URL news.ddr8drop.shop/bower_components/jquery/dist/jquery.min.js IP 104.21.31.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-04 20:20:50 Times Seen64590 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/	67 B	2023-05-14	2024-05-03
Pretty URL news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/ IP 104.21.31.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-14 01:54:41 Last Seen2024-05-03 17:36:09 Times Seen282 Hash 4bd4dc631ee60266d37f5b11f6d3c003 b0fc8747d330540396cc516a8c9f6c62b50775d5 9f10280c0f99cf9bac911e64b36c08344a3d4ff9a10e2028e37f513b67e39d43 Loading...

	news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/	351 B	2024-04-25	2024-04-25
Pretty URL news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/ IP 104.21.31.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-25 08:41:22 Last Seen2024-04-25 13:20:55 Times Seen2 Hash c8b148a7c39475399d2523d46c5399bd 94856486dc845eb65d16e9e6b38bdf7025498c26 0e2e66133d2fc86f2c08a3ebec6ce16993e8815f082ffb35933b6fef130e24d0 Loading...

	news.ddr8drop.shop/login/form/form.js?v=6629faf24bdf3	2.6 kB	2023-03-07	2024-05-02
Pretty URL news.ddr8drop.shop/login/form/form.js?v=6629faf24bdf3 IP 104.21.31.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:50 Last Seen2024-05-02 18:09:58 Times Seen394 Hash eee4f38d51f96bf15259382b48b33d50 247040dcf67aa7f48d5bbcd3e91610f7ae534787 01c12b5cd06120dfb1f8f9ee454d423b3c6648580d55926d5394c0ee6cdc2b47 Loading...

	unknown	58 B	2024-04-25	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 08:41:22 Last Seen2024-04-25 08:41:22 Times Seen2 Hash 5aad65b6e7b03810661a120fc4a00083 04bd3488673d644a03daaba11883767b760fff16 fed4598541a490079e649f366845c520ebafac0d4981b6b42e477b38a86b93a6 Loading...

HTTP Transactions (17)

URL IP Response Size

news.ddr8drop.shop/login/form/newloader.gif

104.21.31.192

200 OK

557 kB

URL GET HTTP/3
news.ddr8drop.shop/login/form/newloader.gif
IP
104.21.31.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Certificate
IssuerGoogle Trust Services LLC
Subjectddr8drop.shop
Fingerprint89:27:33:23:C9:2E:ED:8C:AD:3D:6C:C2:0B:51:99:6A:18:3A:A8:F3
ValidityWed, 17 Apr 2024 18:14:49 GMT - Tue, 16 Jul 2024 18:14:48 GMT

File type
GIF image data, version 89a, 480 x 480
Size
557 kB (557122 bytes)
Hash
ef8d4e6b20b0cf0d68713fb2f6069042
d62bb4b1a169c88879de3bd2f5c4292b6259a952
32bfc673211421c1a5a33acc98291840183582f11d15490954b42a81d79d4630

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook

HTTP Headers

GET /login/form/newloader.gif HTTP/1.1
Host: news.ddr8drop.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:40:50 GMT
content-type: image/gif
content-length: 557122
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 04:31:55 GMT
last-modified: Sat, 15 Jul 2023 08:40:24 GMT
cf-cache-status: HIT
age: 7735
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eIco3DC%2Be25BamMKeLkk04PY9BScqfP8DIQdPvWLlSS8PWjFVrEwnRIPtZ%2FCp3DTckK%2FO0aO2in00jf4qA9jgjMFzMaH3Xcx6Zflr4LhNqavJI7IRttRErMUe0yt6Bn97fKuHzQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c580e9b17b509-OSL
alt-svc: h3=":443"; ma=86400

news.ddr8drop.shop/bower_components/jquery/dist/jquery.min.js

104.21.31.192

200 OK

32 kB

URL GET HTTP/3
news.ddr8drop.shop/bower_components/jquery/dist/jquery.min.js
IP
104.21.31.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Certificate
IssuerGoogle Trust Services LLC
Subjectddr8drop.shop
Fingerprint89:27:33:23:C9:2E:ED:8C:AD:3D:6C:C2:0B:51:99:6A:18:3A:A8:F3
ValidityWed, 17 Apr 2024 18:14:49 GMT - Tue, 16 Jul 2024 18:14:48 GMT

File type
JavaScript source, ASCII text, with very long lines (32058)
Size
32 kB (32386 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook

HTTP Headers

GET /bower_components/jquery/dist/jquery.min.js HTTP/1.1
Host: news.ddr8drop.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:40:50 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 04:31:54 GMT
last-modified: Sat, 15 Jul 2023 08:40:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 7736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VD0ie77%2B9YxTzXiL6lKWXg%2FduxS9bmTUSu%2FsAEXuKBP%2FeunHhEbLRK9FgEjzl%2FnQ8e3y2QQYwztwHb3bDXAiv4sOwiUzYh4v%2FCtlhO811Hq0MUrhTGmPkyg06q%2Ba6ClXR3TyoBE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c580ba8eeb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

news.ddr8drop.shop/home.php?pl=token&link=Gimi&bid=342c3a3eeeedc0c1355e126f9f097d6b&callback=jQuery321025476556588597055_1714027250678&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1714027250679

104.21.31.192

200 OK

7.4 kB

URL GET HTTP/3
news.ddr8drop.shop/home.php?pl=token&link=Gimi&bid=342c3a3eeeedc0c1355e126f9f097d6b&callback=jQuery321025476556588597055_1714027250678&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1714027250679
IP
104.21.31.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Certificate
IssuerGoogle Trust Services LLC
Subjectddr8drop.shop
Fingerprint89:27:33:23:C9:2E:ED:8C:AD:3D:6C:C2:0B:51:99:6A:18:3A:A8:F3
ValidityWed, 17 Apr 2024 18:14:49 GMT - Tue, 16 Jul 2024 18:14:48 GMT

File type
ASCII text, with no line terminators
Size
7.4 kB (7393 bytes)
Hash
5aad65b6e7b03810661a120fc4a00083
04bd3488673d644a03daaba11883767b760fff16
fed4598541a490079e649f366845c520ebafac0d4981b6b42e477b38a86b93a6

HTTP Headers

GET /home.php?pl=token&link=Gimi&bid=342c3a3eeeedc0c1355e126f9f097d6b&callback=jQuery321025476556588597055_1714027250678&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1714027250679 HTTP/1.1
Host: news.ddr8drop.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:40:51 GMT
content-type: application/json
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bn00FCsF%2F%2FMQBdd51uXfnLAfLnscMfVfn9%2Bh%2B0TRM7aqRwlq6Op%2FXfqNgcbsO7Z9GeEaj1iq%2F%2B4KaW0ivSAJDEg8DjAbF6Jt77NWLcTS00RdLHiLI5A7Kex3fkzz0UJ%2FJvtnhHs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c580e9b19b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

news.ddr8drop.shop/home.php?pl=token&link=Gimi&bid=342c3a3eeeedc0c1355e126f9f097d6b&callback=jQuery321025476556588597055_1714027250680&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1714027250682

104.21.31.192

200 OK

3.7 kB

URL GET HTTP/3
news.ddr8drop.shop/home.php?pl=token&link=Gimi&bid=342c3a3eeeedc0c1355e126f9f097d6b&callback=jQuery321025476556588597055_1714027250680&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1714027250682
IP
104.21.31.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Certificate
IssuerGoogle Trust Services LLC
Subjectddr8drop.shop
Fingerprint89:27:33:23:C9:2E:ED:8C:AD:3D:6C:C2:0B:51:99:6A:18:3A:A8:F3
ValidityWed, 17 Apr 2024 18:14:49 GMT - Tue, 16 Jul 2024 18:14:48 GMT

File type
ASCII text, with no line terminators
Size
3.7 kB (3737 bytes)
Hash
d8e694c4d8dec2591e0bc2a55af79199
569be7fa9ac5d1a2f3a8759a170c07cf6a1bcfd3
ba975990a1d0434d667e2e816dc4bd3dea44b0b53960d6723c7db1403f55454e

HTTP Headers

GET /home.php?pl=token&link=Gimi&bid=342c3a3eeeedc0c1355e126f9f097d6b&callback=jQuery321025476556588597055_1714027250680&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1714027250682 HTTP/1.1
Host: news.ddr8drop.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:40:56 GMT
content-type: application/json
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aPvggV00y43Dc2sWLIzdGeYkJmh5ITjooenKMrd7GCdju6KPLAIlKwm%2BpZBChHGsDWP%2BfHxu0mdukNUb4zcjRT1s1DVJEwhd8tztR2%2BwHngtgGs%2Bbo2Asv3nHskgEJOT6sRT6V4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c582dc819b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

104.21.31.192

200 OK

58 B

URL GET HTTP/3
news.ddr8drop.shop/home.php?pl=token&link=Gimi&bid=342c3a3eeeedc0c1355e126f9f097d6b&callback=jQuery321025476556588597055_1714027250680&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1714027250685
IP
104.21.31.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Certificate
IssuerGoogle Trust Services LLC
Subjectddr8drop.shop
Fingerprint89:27:33:23:C9:2E:ED:8C:AD:3D:6C:C2:0B:51:99:6A:18:3A:A8:F3
ValidityWed, 17 Apr 2024 18:14:49 GMT - Tue, 16 Jul 2024 18:14:48 GMT

File type
ASCII text, with no line terminators
Size
58 B (58 bytes)
Hash
de887c38e8d49a4f70cb9cc6f2c106fa
411d8bea1d0ce54fe1d032cf2cb2800fce394317
c447e2fee9bcc1593133703044e08d3c35af530fb90d92ef4f6d9e0fde3478fc

HTTP Headers

GET /home.php?pl=token&link=Gimi&bid=342c3a3eeeedc0c1355e126f9f097d6b&callback=jQuery321025476556588597055_1714027250680&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1714027250685 HTTP/1.1
Host: news.ddr8drop.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:41:11 GMT
content-type: application/json
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I5hlkIlBXQz1Wx%2FAHYZSQoNW7aA0fAb8DXl%2Fwl2YpmT3us09hSMa9u18zhHzXXCED9mqHkKpx28e9eIxjUMrDSW2BRpYnNK3ZRiQkVYTb2Owg2gpgslfYYPWFQJZjj%2FBwuOMIa8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c588b9934b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

news.ddr8drop.shop/login/form/form.js?v=6629faf24bdf3

104.21.31.192

200 OK

2.6 kB

URL GET HTTP/3
news.ddr8drop.shop/login/form/form.js?v=6629faf24bdf3
IP
104.21.31.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Certificate
IssuerGoogle Trust Services LLC
Subjectddr8drop.shop
Fingerprint89:27:33:23:C9:2E:ED:8C:AD:3D:6C:C2:0B:51:99:6A:18:3A:A8:F3
ValidityWed, 17 Apr 2024 18:14:49 GMT - Tue, 16 Jul 2024 18:14:48 GMT

File type
JavaScript source, ASCII text, with very long lines (2787), with no line terminators
Size
2.6 kB (2633 bytes)
Hash
c90b860de78de5ffe4cda9b2d3a62fde
7aec84c45fdfd7b99646b3a87b3312eb83f8442f
cca3a6bb4044d0a7d321a27373a421d5045b081c21b68efe314fe35b39e319dd

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook

HTTP Headers

GET /login/form/form.js?v=6629faf24bdf3 HTTP/1.1
Host: news.ddr8drop.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:40:50 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 06:40:50 GMT
last-modified: Sat, 15 Jul 2023 08:40:24 GMT
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dQl%2F9%2BPZyf40wPMXoV%2BkMExn1x36AMvExEda4PLHnG2VVGGUF6DzU0k71amJkUOq4953WBaWNaRds6v6LpZUMJPW5RZdNpy5HRmTLF7Aavk2tw9Vm5oxxovw1wi5M5cK3V39QPQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c580bf92fb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

news.ddr8drop.shop/bower_components/font-awesome/css/font-awesome.min.css

104.21.31.192

200 OK

31 kB

URL GET HTTP/3
news.ddr8drop.shop/bower_components/font-awesome/css/font-awesome.min.css
IP
104.21.31.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Certificate
IssuerGoogle Trust Services LLC
Subjectddr8drop.shop
Fingerprint89:27:33:23:C9:2E:ED:8C:AD:3D:6C:C2:0B:51:99:6A:18:3A:A8:F3
ValidityWed, 17 Apr 2024 18:14:49 GMT - Tue, 16 Jul 2024 18:14:48 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook

HTTP Headers

GET /bower_components/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: news.ddr8drop.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:40:50 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 04:31:54 GMT
last-modified: Sat, 15 Jul 2023 08:40:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 7736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gujQ4rS6kwu8GJFWnfY1Hxip4o1XNo0HdNGf9Qy%2B8ku998bsoC0%2B1mLXCzNGm1FxaaWM3zI0ih1radUWS7Ba%2B93K0tSVMrMv%2BI3CDjeUVpeh%2BtHBnUWcPniGElGHEDIhT97oG2Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c580ba8f6b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

news.ddr8drop.shop/core/form/core_form.css

104.21.31.192

200 OK

2.7 kB

URL GET HTTP/3
news.ddr8drop.shop/core/form/core_form.css
IP
104.21.31.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Certificate
IssuerGoogle Trust Services LLC
Subjectddr8drop.shop
Fingerprint89:27:33:23:C9:2E:ED:8C:AD:3D:6C:C2:0B:51:99:6A:18:3A:A8:F3
ValidityWed, 17 Apr 2024 18:14:49 GMT - Tue, 16 Jul 2024 18:14:48 GMT

File type
ASCII text, with very long lines (2859), with no line terminators
Size
2.7 kB (2691 bytes)
Hash
395aa28d6d2623a6313a5bcaaa88a6c0
81be4728c9cb426d8edaa75d4cc64aa15b48dee0
3a6006d052f07c3c1cb20e63b906e851b3848a34f87cf56580758fe7501d7630

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook

HTTP Headers

GET /core/form/core_form.css HTTP/1.1
Host: news.ddr8drop.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:40:50 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 04:31:54 GMT
last-modified: Sat, 25 Nov 2023 12:54:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 7736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BM4hMNsofhbU4%2BRBxK1kkuL1kJ2AjbXn6JkMGUNt1JbpzXfp%2FgzXw7%2FpxJLF1PQHaXX%2FbhzmtMUQ0%2FUiextuZQUoWnjAE6%2B%2FMfNhEjkAv9zVZPfuEhy1UPO1yCrs6LFvoRvxCiQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c580bb8fdb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

news.ddr8drop.shop/login/token/token.js?v=6629faf24bdf7

104.21.31.192

200 OK

1.3 kB

URL GET HTTP/3
news.ddr8drop.shop/login/token/token.js?v=6629faf24bdf7
IP
104.21.31.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Certificate
IssuerGoogle Trust Services LLC
Subjectddr8drop.shop
Fingerprint89:27:33:23:C9:2E:ED:8C:AD:3D:6C:C2:0B:51:99:6A:18:3A:A8:F3
ValidityWed, 17 Apr 2024 18:14:49 GMT - Tue, 16 Jul 2024 18:14:48 GMT

File type
JavaScript source, ASCII text, with very long lines (1340), with no line terminators
Size
1.3 kB (1262 bytes)
Hash
a4c1710281b81e6ba56fd4c3c16e4f64
d973b08d0b9ce7345733fd17cc6606d3ba222b0c
e460dc38e8569d1ad35ac31920e3f5358717425f7803eddbfda7b39348f95af1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook

HTTP Headers

GET /login/token/token.js?v=6629faf24bdf7 HTTP/1.1
Host: news.ddr8drop.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:40:50 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 06:40:50 GMT
last-modified: Sat, 15 Jul 2023 08:40:24 GMT
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FKro%2FRHsTZh1lAMwb1IQHUEcXYY3UFpeJjjZtuEu%2B7D4EQziI1IjNdIm0elAOYQ8cm6P1KDsXN1XeTivynlNxtbd70P%2FnE9o20A69zgvBOQbUbae56eRCv5a%2BFEodOsw57F%2BOMU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c580bf932b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

104.21.31.192

200 OK

58 B

URL GET HTTP/3
news.ddr8drop.shop/home.php?pl=token&link=Gimi&bid=342c3a3eeeedc0c1355e126f9f097d6b&callback=jQuery321025476556588597055_1714027250680&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1714027250683
IP
104.21.31.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Certificate
IssuerGoogle Trust Services LLC
Subjectddr8drop.shop
Fingerprint89:27:33:23:C9:2E:ED:8C:AD:3D:6C:C2:0B:51:99:6A:18:3A:A8:F3
ValidityWed, 17 Apr 2024 18:14:49 GMT - Tue, 16 Jul 2024 18:14:48 GMT

File type
ASCII text, with no line terminators
Size
58 B (58 bytes)
Hash
de887c38e8d49a4f70cb9cc6f2c106fa
411d8bea1d0ce54fe1d032cf2cb2800fce394317
c447e2fee9bcc1593133703044e08d3c35af530fb90d92ef4f6d9e0fde3478fc

HTTP Headers

GET /home.php?pl=token&link=Gimi&bid=342c3a3eeeedc0c1355e126f9f097d6b&callback=jQuery321025476556588597055_1714027250680&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1714027250683 HTTP/1.1
Host: news.ddr8drop.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:41:01 GMT
content-type: application/json
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0UKysX3kxBhkEDaLcAv6dgeUOVFlHHRkUuyWfYH1hHJi15JD5VQPn2Xj2N5rSuTpM0jCwP6T01WTYinvc%2FkveoyF%2B7DI5H5WtOT13UwELnMmccqe58SoyMdj9lqTb%2BTadxEwIoU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c584d0b8ab509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

news.ddr8drop.shop/bower_components/ua-parser-js/dist/ua-parser.min.js

104.21.31.192

200 OK

17 kB

URL GET HTTP/3
news.ddr8drop.shop/bower_components/ua-parser-js/dist/ua-parser.min.js
IP
104.21.31.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Certificate
IssuerGoogle Trust Services LLC
Subjectddr8drop.shop
Fingerprint89:27:33:23:C9:2E:ED:8C:AD:3D:6C:C2:0B:51:99:6A:18:3A:A8:F3
ValidityWed, 17 Apr 2024 18:14:49 GMT - Tue, 16 Jul 2024 18:14:48 GMT

File type

Size
17 kB (17048 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bower_components/ua-parser-js/dist/ua-parser.min.js HTTP/1.1
Host: news.ddr8drop.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:40:50 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 04:31:54 GMT
last-modified: Sat, 15 Jul 2023 08:40:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 7736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3m%2F5ZBfV5BdKswcodelIFqoX%2FBzsLQkzpAnYVwxyMcrzQbpa3lGJXDnbjZuZRy7K%2BjGUA62Bp4sB6K099EPbdGZZzMN2lu9rIE6sqwDN9gbcdQ0ITjQ%2F5TImGYAbfk%2FVmhCdGcE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c580ba8f0b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

news.ddr8drop.shop/login/form/css.css

104.21.31.192

200 OK

563 B

URL GET HTTP/3
news.ddr8drop.shop/login/form/css.css
IP
104.21.31.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Certificate
IssuerGoogle Trust Services LLC
Subjectddr8drop.shop
Fingerprint89:27:33:23:C9:2E:ED:8C:AD:3D:6C:C2:0B:51:99:6A:18:3A:A8:F3
ValidityWed, 17 Apr 2024 18:14:49 GMT - Tue, 16 Jul 2024 18:14:48 GMT

File type
ASCII text, with very long lines (593), with no line terminators
Size
563 B (563 bytes)
Hash
d2fa4f2848d69806d9f0f39dcd92466b
9931bbfc6792da45a421f9b35a5f7f3284a73263
e7bd2de36778afe1a5ddccf9c9d94786eba97b0af8381f23518a6072e5b392b0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook

HTTP Headers

GET /login/form/css.css HTTP/1.1
Host: news.ddr8drop.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:40:50 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 04:31:54 GMT
last-modified: Sat, 15 Jul 2023 08:40:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 7736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SxjMOWvsArPFQmKNrNC781UyIB9NQLdNfJDLbY5ZzHSSDSnaIB7LXZI%2F%2FRr7eCCe7KVNd5dzlOAwmegCfD27h4v5wAhYx5FoV%2FdQCFIuxuBNB3PNdBSYsACN2iXtiTf0GU%2F9HEk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c580bb900b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

news.ddr8drop.shop/home.php?pl=token&link=Gimi&bid=342c3a3eeeedc0c1355e126f9f097d6b&callback=jQuery321025476556588597055_1714027250680&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1714027250681

104.21.31.192

200 OK

58 B

URL GET HTTP/3
news.ddr8drop.shop/home.php?pl=token&link=Gimi&bid=342c3a3eeeedc0c1355e126f9f097d6b&callback=jQuery321025476556588597055_1714027250680&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1714027250681
IP
104.21.31.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Certificate
IssuerGoogle Trust Services LLC
Subjectddr8drop.shop
Fingerprint89:27:33:23:C9:2E:ED:8C:AD:3D:6C:C2:0B:51:99:6A:18:3A:A8:F3
ValidityWed, 17 Apr 2024 18:14:49 GMT - Tue, 16 Jul 2024 18:14:48 GMT

File type
ASCII text, with no line terminators
Size
58 B (58 bytes)
Hash
de887c38e8d49a4f70cb9cc6f2c106fa
411d8bea1d0ce54fe1d032cf2cb2800fce394317
c447e2fee9bcc1593133703044e08d3c35af530fb90d92ef4f6d9e0fde3478fc

HTTP Headers

GET /home.php?pl=token&link=Gimi&bid=342c3a3eeeedc0c1355e126f9f097d6b&callback=jQuery321025476556588597055_1714027250680&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1714027250681 HTTP/1.1
Host: news.ddr8drop.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:40:51 GMT
content-type: application/json
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LudJC2DQUBa85626ErGF3vk6r8GOD9qNgprjGvik%2FBJxRpVCHE7dKqTySgnTOHwqCt%2BQu%2BlC%2BBktYNUpvqK%2FycXbUM8plwU9q7a%2BbUrdsBCo9bNJuWNCriBoF3GT145jeaOSGj4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c580e9b1ab509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

news.ddr8drop.shop/core/form/core_form.js

104.21.31.192

200 OK

17 kB

URL GET HTTP/3
news.ddr8drop.shop/core/form/core_form.js
IP
104.21.31.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Certificate
IssuerGoogle Trust Services LLC
Subjectddr8drop.shop
Fingerprint89:27:33:23:C9:2E:ED:8C:AD:3D:6C:C2:0B:51:99:6A:18:3A:A8:F3
ValidityWed, 17 Apr 2024 18:14:49 GMT - Tue, 16 Jul 2024 18:14:48 GMT

File type
JavaScript source, ASCII text
Size
17 kB (17026 bytes)
Hash
a17c7e17b71ea10cf76bf5bbb8fb6f57
08ebb851c9c37f53a2b8fedc94adc9d1cacb1cb8
871d7d34566ed4c3206be32e299552d04a697a82a36829cc71ba258ce44e4ca1

HTTP Headers

GET /core/form/core_form.js HTTP/1.1
Host: news.ddr8drop.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:40:50 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 04:31:54 GMT
last-modified: Thu, 30 Nov 2023 18:01:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 7736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cvaNkyB1JZDHj9T69CUgCDWf8%2F0fclQURz9u4EoBEzheJwBe5NcgduA3Gg7Z729EW1h%2BjtmHXuxj6nlnmnPs0YzGlXJsvoKn3fir1jK%2FfJfmSLh1jaF4%2FMtE9YXaQMLXIW5sO%2FU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c580ba8f9b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

news.ddr8drop.shop/core/token/core_token.js

104.21.31.192

200 OK

14 kB

URL GET HTTP/3
news.ddr8drop.shop/core/token/core_token.js
IP
104.21.31.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Certificate
IssuerGoogle Trust Services LLC
Subjectddr8drop.shop
Fingerprint89:27:33:23:C9:2E:ED:8C:AD:3D:6C:C2:0B:51:99:6A:18:3A:A8:F3
ValidityWed, 17 Apr 2024 18:14:49 GMT - Tue, 16 Jul 2024 18:14:48 GMT

File type
JavaScript source, ASCII text
Size
14 kB (13505 bytes)
Hash
94f53d530575909ce27cdd1f5dc64372
91b96e78d0aad4dfb6fa1834e7d9a60829d42eb8
3c8c63b5d734c8307e26340fabc40d2db29b8e790c857bc794f429196bc8bcf1

HTTP Headers

GET /core/token/core_token.js HTTP/1.1
Host: news.ddr8drop.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:40:50 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 04:31:54 GMT
last-modified: Thu, 30 Nov 2023 18:01:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 7736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7lJMgLjPVr5u0wz9KxrcUns3qEuCu1Tf1MNQRXT8l9xAIjRFHk9Q4q9stwg8scITHBe%2F1Z8vfQtLjh%2F3LxxWMkU740VrHNgK8TvZg%2BJqVTFZJ%2F97vMqsPRKhrd8pj0MdR6Msl5g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c580ba8fab509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

104.21.31.192

200 OK

58 B

URL GET HTTP/3
news.ddr8drop.shop/home.php?pl=token&link=Gimi&bid=342c3a3eeeedc0c1355e126f9f097d6b&callback=jQuery321025476556588597055_1714027250680&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1714027250684
IP
104.21.31.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Certificate
IssuerGoogle Trust Services LLC
Subjectddr8drop.shop
Fingerprint89:27:33:23:C9:2E:ED:8C:AD:3D:6C:C2:0B:51:99:6A:18:3A:A8:F3
ValidityWed, 17 Apr 2024 18:14:49 GMT - Tue, 16 Jul 2024 18:14:48 GMT

File type
ASCII text, with no line terminators
Size
58 B (58 bytes)
Hash
de887c38e8d49a4f70cb9cc6f2c106fa
411d8bea1d0ce54fe1d032cf2cb2800fce394317
c447e2fee9bcc1593133703044e08d3c35af530fb90d92ef4f6d9e0fde3478fc

HTTP Headers

GET /home.php?pl=token&link=Gimi&bid=342c3a3eeeedc0c1355e126f9f097d6b&callback=jQuery321025476556588597055_1714027250680&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1714027250684 HTTP/1.1
Host: news.ddr8drop.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:41:06 GMT
content-type: application/json
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aQIzxPDPjWwINrIJdNWkKneOrWnoUP8MjMzsbse%2Be3stAwdoiPjmJ%2FFx71IP4jIFv0phoiHa3JCrhTYtUxGEvg7qrvM61sov7zBFpfUGAcqT2VEyEYUOcXmOgrnJa5MqWPEM2aA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c586c4830b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/

104.21.31.192

200 OK

1.4 MB

URL User Request GET HTTP/2
news.ddr8drop.shop/view/342c3a3eeeedc0c1355e126f9f097d6b/public/
IP
104.21.31.192:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectddr8drop.shop
Fingerprint89:27:33:23:C9:2E:ED:8C:AD:3D:6C:C2:0B:51:99:6A:18:3A:A8:F3
ValidityWed, 17 Apr 2024 18:14:49 GMT - Tue, 16 Jul 2024 18:14:48 GMT

File type

Size
1.4 MB (1426822 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /view/342c3a3eeeedc0c1355e126f9f097d6b/public/ HTTP/1.1
Host: news.ddr8drop.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 06:40:50 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r0e5nA049ehv43QvVVDgkFSQHDTYzAJ8Pl3JTlTWsnRt4dyJ13wHVspRyegwx38XnOHRlAOYTb69np0ZBQ6tqWj%2Buj6563F6Sq5JnprTkF1%2Fx8BvKYJh1z3nYr9Az0V4KU7HCQo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c5809db237130-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL