Report - ninjafbmaker.com/

Report Overview

Submitted URL
ninjafbmaker.com/
IP
192.254.235.61
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2022-11-30 08:35:31
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.33.119.27
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ninjafbmaker.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.5 kB	192.254.235.61
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	55 kB	34.120.237.76
searchdiscovered.com	484409	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	651 B	1.9 kB	208.91.196.4
freeresultsguide.com	647838	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	651 B	12 kB	208.91.196.4
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.210.158.59
iyfhshsp.com	375466	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	13 kB	208.91.196.46
i3.cdn-image.com	120650	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	57 kB	95.101.11.113

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-30	medium	ninjafbmaker.com/	Malware
2022-11-30	medium	ninjafbmaker.com/cgi-sys/suspendedpage.cgi	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	iyfhshsp.com/?domain=ninjafbmaker.com&dn=ninjafbmaker.com&fp=A%2B6Zn%2BXpL8dDY0i5WOuPd%2BPdGa9jApUipVWPu7JeH%2BykYUtmoaGq9Qw78B9N6yM2P%2F6jc%2B84olWKIXgEaL8pM4cU7M%2BKhvFOcmF%2FDti%2Fm1FSbq8IKuht%2F6m841mp1lnK6%2FGrPRaKBJLFksekfsXehbCGbAMpHbHwLE7ZAIIbpB8%3D&prvtof=yoB%2B9NlcUnLw5MyrQacXyWwJ6x0nL5yZOdiYt6bpAbTh4NOgm2iBGMDAVM6pw%2BUZ&poru=N2MF503Fyo5c8vFlukbJ1WoRMdQc9u7MuUlrckx677H5jDop0%2FFBmSTgIxgxSidn5i%2FAhZT%2FzYgQwWZhxf2NSQwQH1wqWeJmlYNFQ0zR38E%3D&	27 B	2023-03-07	2024-04-26
Pretty URL iyfhshsp.com/?domain=ninjafbmaker.com&dn=ninjafbmaker.com&fp=A%2B6Zn%2BXpL8dDY0i5WOuPd%2BPdGa9jApUipVWPu7JeH%2BykYUtmoaGq9Qw78B9N6yM2P%2F6jc%2B84olWKIXgEaL8pM4cU7M%2BKhvFOcmF%2FDti%2Fm1FSbq8IKuht%2F6m841mp1lnK6%2FGrPRaKBJLFksekfsXehbCGbAMpHbHwLE7ZAIIbpB8%3D&prvtof=yoB%2B9NlcUnLw5MyrQacXyWwJ6x0nL5yZOdiYt6bpAbTh4NOgm2iBGMDAVM6pw%2BUZ&poru=N2MF503Fyo5c8vFlukbJ1WoRMdQc9u7MuUlrckx677H5jDop0%2FFBmSTgIxgxSidn5i%2FAhZT%2FzYgQwWZhxf2NSQwQH1wqWeJmlYNFQ0zR38E%3D& IP 208.91.196.46 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-04-26 15:23:06 Times Seen12015 Hash 1a13337fc71dcb5b6fb8be5e40b05c66 8ca2b8e8b15ff416d1b6c557a767140c4c034243 e94f533b6c39b822e83695ecb11a193f5ba7a3a3f97c8136bd0bbef8436e48bf Loading...

	iyfhshsp.com/?dn=referer_detect&pid=5POL4F2O4	1.3 kB	2023-03-11	2023-03-11
Pretty URL iyfhshsp.com/?dn=referer_detect&pid=5POL4F2O4 IP 208.91.196.46 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:55:01 Last Seen2023-03-11 22:55:01 Times Seen1 Hash 280b60bf0ab110d588b47b09aacd75fa 683b45eb5a490a6464cafd9f07d4831c066391a8 870efa7bda6fa89e1da15574cd5b98f154d77bcffc045534155f7917f2f40aa2 Loading...

	iyfhshsp.com/?dn=referer_detect&pid=5POL4F2O4	72 B	2023-03-07	2023-12-19
Pretty URL iyfhshsp.com/?dn=referer_detect&pid=5POL4F2O4 IP 208.91.196.46 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2023-12-19 13:44:42 Times Seen5017 Hash c559217a6142aa9c0d79313f8b91379c 382f581cded01680b24256e325f90d536e46b761 8e73581a67925b18a153d03249b6a1672593d50017f91ef94577e5bc034b12b3 Loading...

	iyfhshsp.com/?domain=ninjafbmaker.com&dn=ninjafbmaker.com&fp=A%2B6Zn%2BXpL8dDY0i5WOuPd%2BPdGa9jApUipVWPu7JeH%2BykYUtmoaGq9Qw78B9N6yM2P%2F6jc%2B84olWKIXgEaL8pM4cU7M%2BKhvFOcmF%2FDti%2Fm1FSbq8IKuht%2F6m841mp1lnK6%2FGrPRaKBJLFksekfsXehbCGbAMpHbHwLE7ZAIIbpB8%3D&prvtof=yoB%2B9NlcUnLw5MyrQacXyWwJ6x0nL5yZOdiYt6bpAbTh4NOgm2iBGMDAVM6pw%2BUZ&poru=N2MF503Fyo5c8vFlukbJ1WoRMdQc9u7MuUlrckx677H5jDop0%2FFBmSTgIxgxSidn5i%2FAhZT%2FzYgQwWZhxf2NSQwQH1wqWeJmlYNFQ0zR38E%3D&	8 B	2023-03-07	2024-04-26
Pretty URL iyfhshsp.com/?domain=ninjafbmaker.com&dn=ninjafbmaker.com&fp=A%2B6Zn%2BXpL8dDY0i5WOuPd%2BPdGa9jApUipVWPu7JeH%2BykYUtmoaGq9Qw78B9N6yM2P%2F6jc%2B84olWKIXgEaL8pM4cU7M%2BKhvFOcmF%2FDti%2Fm1FSbq8IKuht%2F6m841mp1lnK6%2FGrPRaKBJLFksekfsXehbCGbAMpHbHwLE7ZAIIbpB8%3D&prvtof=yoB%2B9NlcUnLw5MyrQacXyWwJ6x0nL5yZOdiYt6bpAbTh4NOgm2iBGMDAVM6pw%2BUZ&poru=N2MF503Fyo5c8vFlukbJ1WoRMdQc9u7MuUlrckx677H5jDop0%2FFBmSTgIxgxSidn5i%2FAhZT%2FzYgQwWZhxf2NSQwQH1wqWeJmlYNFQ0zR38E%3D& IP 208.91.196.46 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-04-26 15:23:06 Times Seen10804 Hash 883fa82f6169ed5ddd95e0c34cf36450 52fcfe1e375b542d4847a9c963bff266b98bfbc2 dca6253c1f2bdadb922b559c83bee52fbe1411e3a159adcb922ff3b45c623185 Loading...

	iyfhshsp.com/px.js?ch=1	346 B	2023-03-07	2024-04-26
Pretty URL iyfhshsp.com/px.js?ch=1 IP 208.91.196.46 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-26 15:23:06 Times Seen43570 Hash f84f931c0dd37448e03f0dabf4e4ca9f 9c2c50edcf576453ccc07bf65668bd23c76e8663 5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584 Loading...

	iyfhshsp.com/?domain=ninjafbmaker.com&dn=ninjafbmaker.com&fp=A%2B6Zn%2BXpL8dDY0i5WOuPd%2BPdGa9jApUipVWPu7JeH%2BykYUtmoaGq9Qw78B9N6yM2P%2F6jc%2B84olWKIXgEaL8pM4cU7M%2BKhvFOcmF%2FDti%2Fm1FSbq8IKuht%2F6m841mp1lnK6%2FGrPRaKBJLFksekfsXehbCGbAMpHbHwLE7ZAIIbpB8%3D&prvtof=yoB%2B9NlcUnLw5MyrQacXyWwJ6x0nL5yZOdiYt6bpAbTh4NOgm2iBGMDAVM6pw%2BUZ&poru=N2MF503Fyo5c8vFlukbJ1WoRMdQc9u7MuUlrckx677H5jDop0%2FFBmSTgIxgxSidn5i%2FAhZT%2FzYgQwWZhxf2NSQwQH1wqWeJmlYNFQ0zR38E%3D&	504 B	2023-03-11	2023-03-11
Pretty URL iyfhshsp.com/?domain=ninjafbmaker.com&dn=ninjafbmaker.com&fp=A%2B6Zn%2BXpL8dDY0i5WOuPd%2BPdGa9jApUipVWPu7JeH%2BykYUtmoaGq9Qw78B9N6yM2P%2F6jc%2B84olWKIXgEaL8pM4cU7M%2BKhvFOcmF%2FDti%2Fm1FSbq8IKuht%2F6m841mp1lnK6%2FGrPRaKBJLFksekfsXehbCGbAMpHbHwLE7ZAIIbpB8%3D&prvtof=yoB%2B9NlcUnLw5MyrQacXyWwJ6x0nL5yZOdiYt6bpAbTh4NOgm2iBGMDAVM6pw%2BUZ&poru=N2MF503Fyo5c8vFlukbJ1WoRMdQc9u7MuUlrckx677H5jDop0%2FFBmSTgIxgxSidn5i%2FAhZT%2FzYgQwWZhxf2NSQwQH1wqWeJmlYNFQ0zR38E%3D& IP 208.91.196.46 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:55:01 Last Seen2023-03-11 22:55:01 Times Seen1 Hash 058b40c1825cb2a793c31b90dcb38469 440418f8fbd46022aa0b49326330e5a2e8da8cbe 6f733f1e59b393cb3a6d51885307022ccbbc17fac2f491e18242c56d2aed4016 Loading...

	i3.cdn-image.com/__media__/js/min.js?v2.3	8.4 kB	2023-03-07	2024-04-26
Pretty URL i3.cdn-image.com/__media__/js/min.js?v2.3 IP 95.101.11.113 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-04-26 15:23:06 Times Seen26186 Hash c16c3a4c0fad29106f34d00e89f6886e 6e11811ab8a98bb295b0916cdee68b302c33403d 097786d677a859b7bc87e285377b083b76d66a2fc2832a16bcd50b0e99df77ff Loading...

	iyfhshsp.com/?domain=ninjafbmaker.com&dn=ninjafbmaker.com&fp=A%2B6Zn%2BXpL8dDY0i5WOuPd%2BPdGa9jApUipVWPu7JeH%2BykYUtmoaGq9Qw78B9N6yM2P%2F6jc%2B84olWKIXgEaL8pM4cU7M%2BKhvFOcmF%2FDti%2Fm1FSbq8IKuht%2F6m841mp1lnK6%2FGrPRaKBJLFksekfsXehbCGbAMpHbHwLE7ZAIIbpB8%3D&prvtof=yoB%2B9NlcUnLw5MyrQacXyWwJ6x0nL5yZOdiYt6bpAbTh4NOgm2iBGMDAVM6pw%2BUZ&poru=N2MF503Fyo5c8vFlukbJ1WoRMdQc9u7MuUlrckx677H5jDop0%2FFBmSTgIxgxSidn5i%2FAhZT%2FzYgQwWZhxf2NSQwQH1wqWeJmlYNFQ0zR38E%3D&	42 B	2023-03-07	2024-04-26
Pretty URL iyfhshsp.com/?domain=ninjafbmaker.com&dn=ninjafbmaker.com&fp=A%2B6Zn%2BXpL8dDY0i5WOuPd%2BPdGa9jApUipVWPu7JeH%2BykYUtmoaGq9Qw78B9N6yM2P%2F6jc%2B84olWKIXgEaL8pM4cU7M%2BKhvFOcmF%2FDti%2Fm1FSbq8IKuht%2F6m841mp1lnK6%2FGrPRaKBJLFksekfsXehbCGbAMpHbHwLE7ZAIIbpB8%3D&prvtof=yoB%2B9NlcUnLw5MyrQacXyWwJ6x0nL5yZOdiYt6bpAbTh4NOgm2iBGMDAVM6pw%2BUZ&poru=N2MF503Fyo5c8vFlukbJ1WoRMdQc9u7MuUlrckx677H5jDop0%2FFBmSTgIxgxSidn5i%2FAhZT%2FzYgQwWZhxf2NSQwQH1wqWeJmlYNFQ0zR38E%3D& IP 208.91.196.46 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-04-26 15:23:06 Times Seen12033 Hash 4aa1cafcdca484710d10c7d6d1a6a273 4f2007c15b663111205ce137bdd263e5345104e5 9ce013c35c35b5f4007d40c0d4fa366530f064cbaa91de6c01b3edfe4471b7f8 Loading...

	iyfhshsp.com/?domain=ninjafbmaker.com&dn=ninjafbmaker.com&fp=A%2B6Zn%2BXpL8dDY0i5WOuPd%2BPdGa9jApUipVWPu7JeH%2BykYUtmoaGq9Qw78B9N6yM2P%2F6jc%2B84olWKIXgEaL8pM4cU7M%2BKhvFOcmF%2FDti%2Fm1FSbq8IKuht%2F6m841mp1lnK6%2FGrPRaKBJLFksekfsXehbCGbAMpHbHwLE7ZAIIbpB8%3D&prvtof=yoB%2B9NlcUnLw5MyrQacXyWwJ6x0nL5yZOdiYt6bpAbTh4NOgm2iBGMDAVM6pw%2BUZ&poru=N2MF503Fyo5c8vFlukbJ1WoRMdQc9u7MuUlrckx677H5jDop0%2FFBmSTgIxgxSidn5i%2FAhZT%2FzYgQwWZhxf2NSQwQH1wqWeJmlYNFQ0zR38E%3D&	37 B	2023-03-07	2024-04-26
Pretty URL iyfhshsp.com/?domain=ninjafbmaker.com&dn=ninjafbmaker.com&fp=A%2B6Zn%2BXpL8dDY0i5WOuPd%2BPdGa9jApUipVWPu7JeH%2BykYUtmoaGq9Qw78B9N6yM2P%2F6jc%2B84olWKIXgEaL8pM4cU7M%2BKhvFOcmF%2FDti%2Fm1FSbq8IKuht%2F6m841mp1lnK6%2FGrPRaKBJLFksekfsXehbCGbAMpHbHwLE7ZAIIbpB8%3D&prvtof=yoB%2B9NlcUnLw5MyrQacXyWwJ6x0nL5yZOdiYt6bpAbTh4NOgm2iBGMDAVM6pw%2BUZ&poru=N2MF503Fyo5c8vFlukbJ1WoRMdQc9u7MuUlrckx677H5jDop0%2FFBmSTgIxgxSidn5i%2FAhZT%2FzYgQwWZhxf2NSQwQH1wqWeJmlYNFQ0zR38E%3D& IP 208.91.196.46 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-04-26 15:23:06 Times Seen12207 Hash fcd7b94e73a1f9cc8807da94baec6354 088ae01bf28379b61fd5a322034c8c618d3f2b23 0361577e582e091d8656bc3ffeeafc27c0607530e2000d55772674122d703253 Loading...

HTTP Transactions (36)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3300
Expires: Wed, 30 Nov 2022 09:30:20 GMT
Date: Wed, 30 Nov 2022 08:35:20 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1996
Cache-Control: max-age=95347
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:35:20 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 11:04:27 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3567
Expires: Wed, 30 Nov 2022 09:34:47 GMT
Date: Wed, 30 Nov 2022 08:35:20 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 08:18:00 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1040
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: DTjh24t7UF/t7kvdaf1YhCfkgnfNbGll7wAOobCGBHJFtT+Uwe0zqbspQWT7ttoIhwAVhHMT7nU=
x-amz-request-id: 2BT0KNSZKC9B1JD4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 07:45:08 GMT
age: 3012
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 08:35:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ninjafbmaker.com/

192.254.235.61

302 Found

233 B

URL HTTP/1.1
ninjafbmaker.com/
IP
192.254.235.61:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
233 B (233 bytes)
Hash
619bc7c560f8a37f114c469952016435
081334da7decce89bc6703eb3b8ad86777cc6c86
ac8ca2566d891f8a359591d150e58091a9537b6a034174ea627c1bbc6b25efbc

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: ninjafbmaker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Wed, 30 Nov 2022 08:35:20 GMT
Server: Apache
Location: http://ninjafbmaker.com/cgi-sys/suspendedpage.cgi
Content-Length: 233
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 08:08:56 GMT
cache-control: public,max-age=3600
age: 1584
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ninjafbmaker.com/cgi-sys/suspendedpage.cgi

192.254.235.61

200 OK

316 B

URL HTTP/1.1
ninjafbmaker.com/cgi-sys/suspendedpage.cgi
IP
192.254.235.61:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
316 B (316 bytes)
Hash
c96d062f610bf41835838bb5c2e6ff8d
46bfa6eda475f3bc4ecbedefa29b347c0434ae6e
2d354ba05648b5fc4146d922364c915c15a997fa817b59b9200bebb9c2788d31

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /cgi-sys/suspendedpage.cgi HTTP/1.1
Host: ninjafbmaker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 08:35:20 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 316
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2000
Cache-Control: max-age=90287
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:35:21 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 09:40:08 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

ninjafbmaker.com/favicon.ico

192.254.235.61

302 Found

233 B

URL HTTP/1.1
ninjafbmaker.com/favicon.ico
IP
192.254.235.61:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
233 B (233 bytes)
Hash
619bc7c560f8a37f114c469952016435
081334da7decce89bc6703eb3b8ad86777cc6c86
ac8ca2566d891f8a359591d150e58091a9537b6a034174ea627c1bbc6b25efbc

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ninjafbmaker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ninjafbmaker.com/cgi-sys/suspendedpage.cgi

HTTP/1.1 302 Found
Date: Wed, 30 Nov 2022 08:35:21 GMT
Server: Apache
Location: http://ninjafbmaker.com/cgi-sys/suspendedpage.cgi
Content-Length: 233
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

push.services.mozilla.com/

34.210.158.59

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.210.158.59:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0jI7D6oYr6DaXCtFBGp5gw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2NEATWLrgk1iEU59SzrbpstzkGI=

iyfhshsp.com/?dn=referer_detect&pid=5POL4F2O4

208.91.196.46

200 OK

1.7 kB

URL HTTP/1.1
iyfhshsp.com/?dn=referer_detect&pid=5POL4F2O4
IP
208.91.196.46:0
ASN
#40034 CONFLUENCE-NETWORK-INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (499), with CRLF line terminators
Size
1.7 kB (1692 bytes)
Hash
cd9db703975d6a1d014574c148067c26
b654d476ed228c3a4a3ce2a25544ae6f33adb90b
33f2ed8c0b42732a139a0e0e8fcb5a4ece357efb44004adb4b5ca95f6d0c2bf1

HTTP Headers

GET /?dn=referer_detect&pid=5POL4F2O4 HTTP/1.1
Host: iyfhshsp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ninjafbmaker.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 08:35:21 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_RKXc7TxPHfYBne7waQCCj6TtTylnt5/H6p24b3MGsAjsiw30tN5v8r0FC9L2itAmhz1DPsmWDbxAwLA2QZHSLw==
Cteonnt-Length: 3554
Keep-Alive: timeout=5, max=127
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Cache-Control: private
Content-Encoding: gzip
Content-Length: 1692

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16056
Expires: Wed, 30 Nov 2022 13:02:58 GMT
Date: Wed, 30 Nov 2022 08:35:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16056
Expires: Wed, 30 Nov 2022 13:02:58 GMT
Date: Wed, 30 Nov 2022 08:35:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16056
Expires: Wed, 30 Nov 2022 13:02:58 GMT
Date: Wed, 30 Nov 2022 08:35:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16056
Expires: Wed, 30 Nov 2022 13:02:58 GMT
Date: Wed, 30 Nov 2022 08:35:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16056
Expires: Wed, 30 Nov 2022 13:02:58 GMT
Date: Wed, 30 Nov 2022 08:35:22 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29e8368b-e5a8-4256-a456-b724e13819e4.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29e8368b-e5a8-4256-a456-b724e13819e4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10068 bytes)
Hash
f621857774e4b4adda95f58081644859
639165dc66d171b8266f22cd495181427112bc80
341fd33d3d9486079c182d60e21c355244b6597e6e09ba51ecee2e331b38ca2e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29e8368b-e5a8-4256-a456-b724e13819e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10068
x-amzn-requestid: 7f386e94-3c17-44a1-a36b-3d0eeff4623d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEQQoAMFihA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-5069acfd038ffb2c124b7bd8;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Bh6VQ3BLEXcZKHFyJxHVGQWVQm-w2s0786t8SQOcHQUaNvSFc1rg-A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
etag: "639165dc66d171b8266f22cd495181427112bc80"
content-type: image/jpeg
age: 38551
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4803 bytes)
Hash
cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:35:09 GMT
age: 36013
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8885 bytes)
Hash
8825a2c5c0d98323f489e0b816b7f1d8
05f46985ea4ace57460120876da8e19db08857b3
1d12590a78b32146d6f1d107fb93bdb6cb45228d15babd087c0111495d7138e1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 67e1ba67-b4fb-42c8-985d-f34164101c7b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhIGGtloAMFxjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bcd-295995bb1123430c55659fe3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vOFoi7vW7NluI5wQB03BGh9efp_jvCoH1sUh4s1ubG_JAC6KcDkHxg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:15:52 GMT
age: 37170
etag: "05f46985ea4ace57460120876da8e19db08857b3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7658 bytes)
Hash
536cd283dee06cf1ceb9e15e4850db92
47aafca572d34f9726a0174ac902178556e581d8
63a5acf87962da6656f828422545af0ccc0888f0a2a15ebd2160ffb3714e6241

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7658
x-amzn-requestid: e729e5b6-0c92-4ed3-b449-4a30d5bb4b89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEyEQSIAMFWsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1e-1bba7e9a2d15d66779b1896c;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AuN9hTb4YydNZjvpnTGyE313wl-O3F_p4jC_NUSe8kr3RB_4AjOEMw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:25 GMT
age: 38337
etag: "47aafca572d34f9726a0174ac902178556e581d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7971 bytes)
Hash
9e135c29a8769eb12ef8c26f99097400
87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d
ce41ff79c382efc54aa2fd3ab64293d2d2b706a7f21585f4bd8bbcd9a3566126

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7971
x-amzn-requestid: e47d10e4-2b60-4998-b5fa-5b145e60aac2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgWHgGoAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-5b9710a07b0a59730e73dce4;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OURSF_raDXrHV3-3ScaEdorNpW9ZKSIQjv6WUCQYHhruGz372BU_QA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:58:15 GMT
age: 38227
etag: "87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9674 bytes)
Hash
5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
age: 38551
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

iyfhshsp.com/?domain=ninjafbmaker.com&dn=ninjafbmaker.com&fp=A%2B6Zn%2BXpL8dDY0i5WOuPd%2BPdGa9jApUipVWPu7JeH%2BykYUtmoaGq9Qw78B9N6yM2P%2F6jc%2B84olWKIXgEaL8pM4cU7M%2BKhvFOcmF%2FDti%2Fm1FSbq8IKuht%2F6m841mp1lnK6%2FGrPRaKBJLFksekfsXehbCGbAMpHbHwLE7ZAIIbpB8%3D&prvtof=yoB%2B9NlcUnLw5MyrQacXyWwJ6x0nL5yZOdiYt6bpAbTh4NOgm2iBGMDAVM6pw%2BUZ&poru=N2MF503Fyo5c8vFlukbJ1WoRMdQc9u7MuUlrckx677H5jDop0%2FFBmSTgIxgxSidn5i%2FAhZT%2FzYgQwWZhxf2NSQwQH1wqWeJmlYNFQ0zR38E%3D&

208.91.196.46

200 OK

7.1 kB

URL HTTP/1.1
iyfhshsp.com/?domain=ninjafbmaker.com&dn=ninjafbmaker.com&fp=A%2B6Zn%2BXpL8dDY0i5WOuPd%2BPdGa9jApUipVWPu7JeH%2BykYUtmoaGq9Qw78B9N6yM2P%2F6jc%2B84olWKIXgEaL8pM4cU7M%2BKhvFOcmF%2FDti%2Fm1FSbq8IKuht%2F6m841mp1lnK6%2FGrPRaKBJLFksekfsXehbCGbAMpHbHwLE7ZAIIbpB8%3D&prvtof=yoB%2B9NlcUnLw5MyrQacXyWwJ6x0nL5yZOdiYt6bpAbTh4NOgm2iBGMDAVM6pw%2BUZ&poru=N2MF503Fyo5c8vFlukbJ1WoRMdQc9u7MuUlrckx677H5jDop0%2FFBmSTgIxgxSidn5i%2FAhZT%2FzYgQwWZhxf2NSQwQH1wqWeJmlYNFQ0zR38E%3D&
IP
208.91.196.46:0
ASN
#40034 CONFLUENCE-NETWORK-INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2100), with CRLF, LF line terminators
Size
7.1 kB (7089 bytes)
Hash
6271efad2278f254bc7d186291e9bfb8
15f5b5baffc7f40b174e2d653e8b0d890746bb61
45b09d0db62e7f4be06de36aa39008d8e52794485fb6c49133a4588ab88315e8

HTTP Headers

GET /?domain=ninjafbmaker.com&dn=ninjafbmaker.com&fp=A%2B6Zn%2BXpL8dDY0i5WOuPd%2BPdGa9jApUipVWPu7JeH%2BykYUtmoaGq9Qw78B9N6yM2P%2F6jc%2B84olWKIXgEaL8pM4cU7M%2BKhvFOcmF%2FDti%2Fm1FSbq8IKuht%2F6m841mp1lnK6%2FGrPRaKBJLFksekfsXehbCGbAMpHbHwLE7ZAIIbpB8%3D&prvtof=yoB%2B9NlcUnLw5MyrQacXyWwJ6x0nL5yZOdiYt6bpAbTh4NOgm2iBGMDAVM6pw%2BUZ&poru=N2MF503Fyo5c8vFlukbJ1WoRMdQc9u7MuUlrckx677H5jDop0%2FFBmSTgIxgxSidn5i%2FAhZT%2FzYgQwWZhxf2NSQwQH1wqWeJmlYNFQ0zR38E%3D& HTTP/1.1
Host: iyfhshsp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iyfhshsp.com/?dn=referer_detect&pid=5POL4F2O4
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 08:35:21 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_X/C7iRywJZV/jF/GJJIvM8nn8km5Q9Q8tYtXU0vWXP/doFPQGeXzhDx8YUTjTbYnrgZpDL5BGSZNsgVc4LWnGQ==
Keep-Alive: timeout=5, max=126
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Cache-Control: private
Content-Encoding: gzip
Transfer-Encoding: chunked

iyfhshsp.com/px.js?ch=1

208.91.196.46

200 OK

346 B

URL HTTP/1.1
iyfhshsp.com/px.js?ch=1
IP
208.91.196.46:0
ASN
#40034 CONFLUENCE-NETWORK-INC

File type
ASCII text, with very long lines (346), with no line terminators
Size
346 B (346 bytes)
Hash
f84f931c0dd37448e03f0dabf4e4ca9f
9c2c50edcf576453ccc07bf65668bd23c76e8663
5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584

HTTP Headers

GET /px.js?ch=1 HTTP/1.1
Host: iyfhshsp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iyfhshsp.com/?domain=ninjafbmaker.com&dn=ninjafbmaker.com&fp=A%2B6Zn%2BXpL8dDY0i5WOuPd%2BPdGa9jApUipVWPu7JeH%2BykYUtmoaGq9Qw78B9N6yM2P%2F6jc%2B84olWKIXgEaL8pM4cU7M%2BKhvFOcmF%2FDti%2Fm1FSbq8IKuht%2F6m841mp1lnK6%2FGrPRaKBJLFksekfsXehbCGbAMpHbHwLE7ZAIIbpB8%3D&prvtof=yoB%2B9NlcUnLw5MyrQacXyWwJ6x0nL5yZOdiYt6bpAbTh4NOgm2iBGMDAVM6pw%2BUZ&poru=N2MF503Fyo5c8vFlukbJ1WoRMdQc9u7MuUlrckx677H5jDop0%2FFBmSTgIxgxSidn5i%2FAhZT%2FzYgQwWZhxf2NSQwQH1wqWeJmlYNFQ0zR38E%3D&
Connection: keep-alive

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 08:35:23 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
Content-Length: 346
Keep-Alive: timeout=5, max=125
Connection: Keep-Alive
Content-Type: application/javascript

iyfhshsp.com/px.js?ch=2

208.91.196.46

200 OK

346 B

URL HTTP/1.1
iyfhshsp.com/px.js?ch=2
IP
208.91.196.46:0
ASN
#40034 CONFLUENCE-NETWORK-INC

File type
ASCII text, with very long lines (346), with no line terminators
Size
346 B (346 bytes)
Hash
f84f931c0dd37448e03f0dabf4e4ca9f
9c2c50edcf576453ccc07bf65668bd23c76e8663
5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584

HTTP Headers

GET /px.js?ch=2 HTTP/1.1
Host: iyfhshsp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iyfhshsp.com/?domain=ninjafbmaker.com&dn=ninjafbmaker.com&fp=A%2B6Zn%2BXpL8dDY0i5WOuPd%2BPdGa9jApUipVWPu7JeH%2BykYUtmoaGq9Qw78B9N6yM2P%2F6jc%2B84olWKIXgEaL8pM4cU7M%2BKhvFOcmF%2FDti%2Fm1FSbq8IKuht%2F6m841mp1lnK6%2FGrPRaKBJLFksekfsXehbCGbAMpHbHwLE7ZAIIbpB8%3D&prvtof=yoB%2B9NlcUnLw5MyrQacXyWwJ6x0nL5yZOdiYt6bpAbTh4NOgm2iBGMDAVM6pw%2BUZ&poru=N2MF503Fyo5c8vFlukbJ1WoRMdQc9u7MuUlrckx677H5jDop0%2FFBmSTgIxgxSidn5i%2FAhZT%2FzYgQwWZhxf2NSQwQH1wqWeJmlYNFQ0zR38E%3D&
Connection: keep-alive

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 08:35:23 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
Content-Length: 346
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: application/javascript

i3.cdn-image.com/__media__/js/min.js?v2.3

95.101.11.113

200 OK

3.1 kB

URL HTTP/1.1
i3.cdn-image.com/__media__/js/min.js?v2.3
IP
95.101.11.113:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (8349), with CRLF line terminators
Size
3.1 kB (3050 bytes)
Hash
683b827c961eb1a55ae52a5c42524a13
a1c0b96af389b99124cb42f1730d2dcb0f3dc3f4
58e12a35c892e412e904c69e12d13915c07afb320633925f41a493ebfc2ee053

HTTP Headers

GET /__media__/js/min.js?v2.3 HTTP/1.1
Host: i3.cdn-image.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfhshsp.com/

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/javascript
Last-Modified: Wed, 22 Sep 2021 05:16:09 GMT
ETag: "614abc19-20f3"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=12933
Expires: Wed, 30 Nov 2022 12:10:56 GMT
Date: Wed, 30 Nov 2022 08:35:23 GMT
Content-Length: 3050
Connection: keep-alive

i3.cdn-image.com/__media__/pics/29590/bg1.png

95.101.11.113

200 OK

18 kB

URL HTTP/1.1
i3.cdn-image.com/__media__/pics/29590/bg1.png
IP
95.101.11.113:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 1730 x 988, 4-bit colormap, non-interlaced\012- data
Size
18 kB (17986 bytes)
Hash
825ccd29ac102fcadaf92b2343d5917b
24472e766cfac5b82a73b219796556a0a3702bd6
0878fb2875c0ad852de8fb3e8f443afdf3064890f1443b3feccc274382f913cd

HTTP Headers

GET /__media__/pics/29590/bg1.png HTTP/1.1
Host: i3.cdn-image.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfhshsp.com/

HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 17986
Last-Modified: Fri, 25 Nov 2022 12:16:35 GMT
ETag: "6380b223-4642"
Accept-Ranges: bytes
Cache-Control: public, max-age=80805
Expires: Thu, 01 Dec 2022 07:02:08 GMT
Date: Wed, 30 Nov 2022 08:35:23 GMT
Connection: keep-alive

i3.cdn-image.com/__media__/pics/28905/arrrow.png

95.101.11.113

200 OK

283 B

URL HTTP/1.1
i3.cdn-image.com/__media__/pics/28905/arrrow.png
IP
95.101.11.113:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 17 x 27, 8-bit colormap, non-interlaced\012- data
Size
283 B (283 bytes)
Hash
80d42c82a6c37da90210fd60a2f36128
554ba7c84d2a27ecf3b1f29d03e62101936b54d8
a1626e2d9160a0890a0a8d6e3af9e7095d68a24f9fb5ac8a166000c9a2581e10

HTTP Headers

GET /__media__/pics/28905/arrrow.png HTTP/1.1
Host: i3.cdn-image.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfhshsp.com/

HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 283
Last-Modified: Tue, 04 Jan 2022 14:44:27 GMT
ETag: "61d45d4b-11b"
Accept-Ranges: bytes
Cache-Control: public, max-age=21308
Expires: Wed, 30 Nov 2022 14:30:31 GMT
Date: Wed, 30 Nov 2022 08:35:23 GMT
Connection: keep-alive

i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.woff

95.101.11.113

200 OK

17 kB

URL HTTP/1.1
i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.woff
IP
95.101.11.113:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format, TrueType, length 17264, version 2.1\012- data
Size
17 kB (17264 bytes)
Hash
a43b107861b42ce1335e41e43d4e4d00
99bdb1cec4a68ebe29249c46fefefb6880d009e5
a6542dc92d71eb412bac89d8fb06c70f15be74a64b1b4ef1633288b78f4f2ff2

HTTP Headers

GET /__media__/fonts/montserrat-regular/montserrat-regular.woff HTTP/1.1
Host: i3.cdn-image.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://iyfhshsp.com
Connection: keep-alive
Referer: http://iyfhshsp.com/

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/font-woff
Content-Length: 17264
Last-Modified: Wed, 20 Jan 2021 10:45:11 GMT
ETag: "600809b7-4370"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Date: Wed, 30 Nov 2022 08:35:23 GMT
Connection: keep-alive

i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.woff

95.101.11.113

200 OK

17 kB

URL HTTP/1.1
i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.woff
IP
95.101.11.113:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format, TrueType, length 17312, version 2.1\012- data
Size
17 kB (17312 bytes)
Hash
bebe201d813feaad85a3e66607d0da3a
28b049502afa8e9db5340c1a92400591b39870e8
58bb75322beb862803b0d156e1a1d01fb1e7fde82ee93c929b08bf5aea9fc55b

HTTP Headers

GET /__media__/fonts/montserrat-bold/montserrat-bold.woff HTTP/1.1
Host: i3.cdn-image.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://iyfhshsp.com
Connection: keep-alive
Referer: http://iyfhshsp.com/

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/font-woff
Content-Length: 17312
Last-Modified: Wed, 20 Jan 2021 10:45:11 GMT
ETag: "600809b7-43a0"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Date: Wed, 30 Nov 2022 08:35:23 GMT
Connection: keep-alive

searchdiscovered.com/__media__/pics/657/hostergator.gif

208.91.196.4

302 Found

246 B

URL HTTP/1.1
searchdiscovered.com/__media__/pics/657/hostergator.gif
IP
208.91.196.4:0
ASN
#40034 CONFLUENCE-NETWORK-INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
246 B (246 bytes)
Hash
6d6711a966a709b625b99abda74a4256
f996b24c7b05bdee4a06c7049cb248445ec0677c
b1656c00a494af260c5e61ff2fc13af17ba49a0ca02aeba2c809fe4122ba01f3

HTTP Headers

GET /__media__/pics/657/hostergator.gif HTTP/1.1
Host: searchdiscovered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfhshsp.com/

HTTP/1.1 302 Found
Date: Wed, 30 Nov 2022 08:35:23 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Location: http://freeresultsguide.com/__media__/pics/657/hostergator.gif
Content-Length: 246
Keep-Alive: timeout=5, max=127
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

searchdiscovered.com/__media__/pics/657/error-bg.gif

208.91.196.4

302 Found

243 B

URL HTTP/1.1
searchdiscovered.com/__media__/pics/657/error-bg.gif
IP
208.91.196.4:0
ASN
#40034 CONFLUENCE-NETWORK-INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
243 B (243 bytes)
Hash
9cd9326e3e1614d22b75e8d32ea585c0
1f2cd244c4541bcd15e2943e23f135029aa7adb8
f1e045a975646a4d179b4bd606dab7d7136f33782be4ae53caee769d78c8cec3

HTTP Headers

GET /__media__/pics/657/error-bg.gif HTTP/1.1
Host: searchdiscovered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfhshsp.com/

HTTP/1.1 302 Found
Date: Wed, 30 Nov 2022 08:35:23 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Location: http://freeresultsguide.com/__media__/pics/657/error-bg.gif
Content-Length: 243
Keep-Alive: timeout=5, max=107
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

freeresultsguide.com/__media__/pics/657/error-bg.gif

208.91.196.4

200 OK

2.0 kB

URL HTTP/1.1
freeresultsguide.com/__media__/pics/657/error-bg.gif
IP
208.91.196.4:0
ASN
#40034 CONFLUENCE-NETWORK-INC

File type
GIF image data, version 89a, 526 x 2\012- data
Size
2.0 kB (2007 bytes)
Hash
2a0b3de86b6c212e0220f3a9757a5dbf
493f8e5c7a8c7c11645a99d22cfa8d637da6fe3e
76261ee6190ec30c36b297048d62eeb55240baa74253c6756c746d07d1fd8154

HTTP Headers

GET /__media__/pics/657/error-bg.gif HTTP/1.1
Host: freeresultsguide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfhshsp.com/

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 08:35:24 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Last-Modified: Wed, 20 Jan 2021 10:46:09 GMT
ETag: "7d7-5b952a9b9b24e"
Accept-Ranges: bytes
Content-Length: 2007
Keep-Alive: timeout=5, max=128
Connection: Keep-Alive
Content-Type: image/gif

freeresultsguide.com/__media__/pics/657/hostergator.gif

208.91.196.4

200 OK

8.0 kB

URL HTTP/1.1
freeresultsguide.com/__media__/pics/657/hostergator.gif
IP
208.91.196.4:0
ASN
#40034 CONFLUENCE-NETWORK-INC

File type
GIF image data, version 89a, 220 x 63\012- data
Size
8.0 kB (8007 bytes)
Hash
1898aad5d11be03025f15b9137efa371
f61413766a2adcd018174b407e3e8e7e6f76feae
c91b0f2a8767a2c2dfb64ee200bd110a476b613a855a0c8982dd3c9b93095bb3

HTTP Headers

GET /__media__/pics/657/hostergator.gif HTTP/1.1
Host: freeresultsguide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfhshsp.com/

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 08:35:24 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Last-Modified: Wed, 20 Jan 2021 10:46:09 GMT
ETag: "1f47-5b952a9b9b24e"
Accept-Ranges: bytes
Content-Length: 8007
Keep-Alive: timeout=5, max=113
Connection: Keep-Alive
Content-Type: image/gif

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations