Report - sho.cat/Ae

Report Overview

Submitted URL
sho.cat/Ae
IP
172.67.156.214
ASN
#13335 CLOUDFLARENET
Submitted
2023-02-09 12:55:51
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
26

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
sho.cat	unknown	2020-04-21T20:26:26Z	2023-03-10T00:18:23Z	7.0 kB	130 kB	172.67.156.214
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1.0 kB	1.8 kB	93.184.220.29
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	1.6 kB	24 kB	34.120.237.76
www.hcaptcha.com	91052	2019-09-05T07:55:07Z	2023-03-13T07:24:56Z	352 B	753 B	104.16.169.131
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.184.50.153

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-09	medium	sho.cat/Ae	Phishing
2023-02-09	medium	sho.cat/js/tablesorte.js?v=1.9	Phishing
2023-02-09	medium	sho.cat/js/jquery.notifybar.js?v=1.9	Phishing
2023-02-09	medium	sho.cat/	Phishing
2023-02-09	medium	sho.cat/css/tablesorter.css?v=1.9	Phishing
2023-02-09	medium	sho.cat/Ae	Phishing
2023-02-09	medium	sho.cat/js/clipboard.min.js?v=1.9	Phishing
2023-02-09	medium	sho.cat/js/share.js?v=1.9	Phishing
2023-02-09	medium	sho.cat/images/favicon.svg	Phishing
2023-02-09	medium	sho.cat/css/style.css?v=1.9	Phishing
2023-02-09	medium	sho.cat/css/cal.css?v=1.9	Phishing
2023-02-09	medium	sho.cat/js/jquery-3.5.1.min.js?v=1.9	Phishing
2023-02-09	medium	sho.cat/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	sho.cat/js/share.js?v=1.9	1.4 kB	2023-03-07	2023-12-04
Pretty URL sho.cat/js/share.js?v=1.9 IP 172.67.156.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:55:33 Last Seen2023-12-04 23:57:21 Times Seen73 Hash 625e1fb9d5e74ee7bf404c757921deca c6ea5cb22a85909eb43b869f529d2194ec44e4aa dc2705487d7260c4b169954babd647da21098a586337faf627f9a07a05a9e236 Loading...

	newassets.hcaptcha.com/c/b2a3a9e/hsw.js	449 kB	2023-03-13	2023-03-13
Pretty URL newassets.hcaptcha.com/c/b2a3a9e/hsw.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:25:10 Last Seen2023-03-13 22:59:10 Times Seen1 Hash 5afd2413122ddd32c45342d47d3d035b 2807a5b9e03a15e816cd57da68c039c9f42a47ae 1b470c55d348d65a256e4b886c8543b4ddfe45b60f0b3a77433318bb63fbccdf Loading...

	sho.cat/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-04-19
Pretty URL sho.cat/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 172.67.156.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-19 10:49:24 Times Seen42898 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	sho.cat/js/tablesorte.js?v=1.9	1.5 kB	2023-03-07	2024-02-02
Pretty URL sho.cat/js/tablesorte.js?v=1.9 IP 172.67.156.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:55:33 Last Seen2024-02-02 05:53:49 Times Seen81 Hash 3a68359d01c5d4275b0bd6f575963409 e60fb537c5070ad641b174a95058b57120b2b3e2 18bd63b43a39c05862245b57321ef9b4328b30c540069af58ab397a5661608d7 Loading...

	sho.cat/js/jquery-3.5.1.min.js?v=1.9	90 kB	2023-03-07	2024-04-19
Pretty URL sho.cat/js/jquery-3.5.1.min.js?v=1.9 IP 172.67.156.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-19 10:31:36 Times Seen138267 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	sho.cat/js/insert.js?v=1.9	7.2 kB	2023-03-07	2023-12-04
Pretty URL sho.cat/js/insert.js?v=1.9 IP 172.67.156.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:55:33 Last Seen2023-12-04 23:57:21 Times Seen65 Hash 60e5f160ccb899765ea0dab6b4ff3baa 88194eb5eee790ccfda2763c097c21ab6437807f 72316d13f4c918e99c25bade857a8a270bf48b43ed86df1eca722ca841543d25 Loading...

	sho.cat/	79 B	2023-03-10	2024-02-07
Pretty URL sho.cat/ IP 172.67.156.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:55:36 Last Seen2024-02-07 04:56:11 Times Seen1 Hash 2e4e144e4fd7feb271b6197c9c5e493f 6aa5105dbd7ebcfc30d5e54fda14153a49b5edbf 2164e0494f8f5feaab4f69c1b05286323be5e923ea1449451d673b18fda8525d Loading...

	www.hcaptcha.com/1/api.js	291 kB	2023-03-13	2023-03-13
Pretty URL www.hcaptcha.com/1/api.js IP 104.16.169.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:43:41 Last Seen2023-03-13 20:36:29 Times Seen1 Hash fdbd94bfc9fcf670f00757b94c6a7a76 e149213dfff419a7bc3d6940839015416ea310d0 57342be701dc3f6708fb8088d0beb6569eabfd5ce46780b01e8f05798155e804 Loading...

	sho.cat/js/jquery.notifybar.js?v=1.9	2.6 kB	2023-03-07	2024-02-02
Pretty URL sho.cat/js/jquery.notifybar.js?v=1.9 IP 172.67.156.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:51 Last Seen2024-02-02 05:53:49 Times Seen118 Hash d1a66bb296e8ba1c79f9bf5b820161ae db6b1a4b4b79b9070365de81da5cd3a9c4a91a30 e387ee1319f99dd0223452d9ac7cfa7608eb0ada7082037c6b89bd4afce8c345 Loading...

	sho.cat/js/jquery.cal.js?v=1.9	13 kB	2023-03-07	2024-02-02
Pretty URL sho.cat/js/jquery.cal.js?v=1.9 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:55:33 Last Seen2024-02-02 05:53:50 Times Seen109 Hash 38851fc575f42bd14836da70d43da8bf c3e9f93c98cb9b353d1ae47144e602a3bb792af8 d82c4e9a1aa8627c5d710158c3c8db949079b9ffee2aa4461fd53c95c4a73b29 Loading...

	sho.cat/js/clipboard.min.js?v=1.9	10 kB	2023-03-07	2024-04-19
Pretty URL sho.cat/js/clipboard.min.js?v=1.9 IP 172.67.156.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:44 Last Seen2024-04-19 07:41:34 Times Seen575 Hash af8ab36589315582ccdd82f22e84bffb 6371ec0a8e242395c7d4d008d2b98e472c9dcc52 8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2 Loading...

	sho.cat/	246 B	2023-03-07	2023-04-02
Pretty URL sho.cat/ IP 172.67.156.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:55:33 Last Seen2023-04-02 21:26:32 Times Seen4 Hash a81831e8f462ab097f40805ad6e8c1b7 e25ed7f09f8a23ef8948832d9785ba88a942cf8f 7357f580ca4d36a58ada83181690574dfad7a79ee55b9eecc3cfd96082405fee Loading...

	sho.cat/js/common.js?v=1.9	5.3 kB	2023-03-07	2024-02-02
Pretty URL sho.cat/js/common.js?v=1.9 IP 172.67.156.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:51 Last Seen2024-02-02 05:53:49 Times Seen101 Hash ae0ea91cb831088760aa939601c5a6b1 5c55eaa87eed4bee303512acae7397e2105d34f3 b545cf763ecbecdb9bcae4c2ad888b1fd2e4b533e1bcb73d84798e7332b2cae8 Loading...

	sho.cat/js/jquery-3.tablesorter.min.js?v=1.9	44 kB	2023-03-07	2024-02-02
Pretty URL sho.cat/js/jquery-3.tablesorter.min.js?v=1.9 IP 172.67.156.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:55:33 Last Seen2024-02-02 05:53:49 Times Seen83 Hash 0f3722d1800e24867ea0360d893dff42 0e51d2483e517a1af246c2ab263ef97f2c19d955 b82d49316e5ed54e43dbcfa65c5c734f3e1248c0b2c2a871408a1da8b1029df5 Loading...

HTTP Transactions (37)

URL IP Response Size

sho.cat/Ae

172.67.156.214

301 Moved Permanently

0 B

URL HTTP/1.1
sho.cat/Ae
IP
172.67.156.214:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /Ae HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 09 Feb 2023 12:55:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 09 Feb 2023 13:55:40 GMT
Location: https://sho.cat/Ae
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80D7pnNTz5fHZNhVOJ0ouVFomBFFh%2BvuMD1e4oGGvJyPIqH4X5nSQ1cHeIijLUIUE5R6FQxoTJ8snDU4%2BUT1dI70tsvSWVuN1dDmZ58yTLFYcfK4D4A%2FMfTf"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796cc2bcaa711c02-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3513
Expires: Thu, 09 Feb 2023 13:54:13 GMT
Date: Thu, 09 Feb 2023 12:55:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5628
Expires: Thu, 09 Feb 2023 14:29:28 GMT
Date: Thu, 09 Feb 2023 12:55:40 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Feb 2023 12:34:15 GMT
content-type: application/json
age: 1285
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
50a2f8cdbbd1059f5318753155bba7ef
405e63ea4683be44f876feae34b5cb645ff751f2
f6ac743a5a17d64d2858fec5791050d2dc8074ddd823826c93e67bffdb2f0868

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6AC743A5A17D64D2858FEC5791050D2DC8074DDD823826C93E67BFFDB2F0868"
Last-Modified: Thu, 09 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18015
Expires: Thu, 09 Feb 2023 17:55:55 GMT
Date: Thu, 09 Feb 2023 12:55:40 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: EZUqYUz/5frU7y8VXKg1JdmJOKhfU6uIkQn0+hboWnci3361+iigY34EW3QwHIf5moSCuGLCByo=
x-amz-request-id: 00GP62SZWX54AAHP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Feb 2023 12:36:22 GMT
age: 1158
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:55:40 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
91f7c892e1e3cbb971093d1d03e0f755
d50543d91ccb1c65256487bf2dc4cdd81809b29a
5214dd28d97ce4081ef266b876245c779dcc8885156f9ed8e9c118bdb50f8946

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=163793
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:55:40 GMT
Etag: "63e4ca1d-116"
Expires: Sat, 11 Feb 2023 10:25:33 GMT
Last-Modified: Thu, 09 Feb 2023 10:25:33 GMT
Server: nginx
Content-Length: 278

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 12:51:21 GMT
age: 259
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

sho.cat/Leaderboard.gif

172.67.156.214

200 OK

25 kB

URL HTTP/2
sho.cat/Leaderboard.gif
IP
172.67.156.214:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 728 x 90\012- data
Size
25 kB (24755 bytes)
Hash
e85f61f40ab570e9d3fc66941e187430
c6e8320cda03dd56be4fb5f900d3164a7cfa9c60
adbbb381c75b999f98e948832172a67e495785bcff726e92d9a2017649e516c2

HTTP Headers

GET /Leaderboard.gif HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: image/gif
content-length: 24755
last-modified: Sun, 05 Dec 2021 16:32:15 GMT
etag: "60b3-5d268aede2e53"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jm8vdsyZUXHyw%2F3tXx%2F839mCCcnAEI3KrmVki4l1JmjBkSV16ECiX5od3TPdDD%2FaWF9Bh%2F7si9q2a2LkyAgySqfqA9p9Sw9O4g12voKoQgvzDApScZsK%2F770"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 796cc2c15949b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sho.cat/images/header.png

172.67.156.214

200 OK

41 kB

URL HTTP/2
sho.cat/images/header.png
IP
172.67.156.214:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 950 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
41 kB (40779 bytes)
Hash
6f40e71cb8a7c4b48864fe9a9a7df227
14f2bf5a489a34b94f4fe08aaa4835d29ae95e3f
c961f453329272dce432447832e39a9586c4d3d82122cbe64b53df97056c08e1

HTTP Headers

GET /images/header.png HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: image/png
content-length: 40779
last-modified: Wed, 22 May 2019 18:40:50 GMT
etag: "9f4b-5897e4df4435b"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3E%2Fc%2FgMJOyvy5TKhFV6c7VmbltxfVw5xRDnb7cZJrUZk2vpg3n4kLU7axEvCjg4YvBD9AWBBn75We5sXDWt1QTnzTCttbGuN6V24gHh0R6QjgYJseZTcdj4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 796cc2c14946b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
248ce16379b12f11927ecc3142aec450
fa5b189f2d9182479170cb61cc1723571e437bd2
a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2715
Expires: Thu, 09 Feb 2023 13:40:56 GMT
Date: Thu, 09 Feb 2023 12:55:41 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
398b6ca4cd4c5367983ab51a08eeb9c8
e351dff75f249f925847b978e39fb3af4ff20af6
c307c25aa2fc2e20a7ae8e00773c7cd82952b6f582d1fd9c493eb47834ef8cc8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 866
Cache-Control: max-age=120697
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:55:41 GMT
Etag: "63e41e64-118"
Expires: Fri, 10 Feb 2023 22:27:18 GMT
Last-Modified: Wed, 08 Feb 2023 22:12:52 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
398b6ca4cd4c5367983ab51a08eeb9c8
e351dff75f249f925847b978e39fb3af4ff20af6
c307c25aa2fc2e20a7ae8e00773c7cd82952b6f582d1fd9c493eb47834ef8cc8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 866
Cache-Control: max-age=120697
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:55:41 GMT
Etag: "63e41e64-118"
Expires: Fri, 10 Feb 2023 22:27:18 GMT
Last-Modified: Wed, 08 Feb 2023 22:12:52 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280

push.services.mozilla.com/

54.184.50.153

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.184.50.153:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rNJLy4YbnANwDtUZPhy8YA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IqHb+AwTAqIMZlL9KyT8IKxiTM4=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fa3b80f6c5e48935acba628afd26f4ce
f69397ac7d88fc285d79b1a17ec28340c8a5c564
6019b3d5a40f38c020b87c2bc5d25b3646b7cccd3bf005f835cb74b46869100d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6019B3D5A40F38C020B87C2BC5D25B3646B7CCCD3BF005F835CB74B46869100D"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6000
Expires: Thu, 09 Feb 2023 14:35:42 GMT
Date: Thu, 09 Feb 2023 12:55:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fa3b80f6c5e48935acba628afd26f4ce
f69397ac7d88fc285d79b1a17ec28340c8a5c564
6019b3d5a40f38c020b87c2bc5d25b3646b7cccd3bf005f835cb74b46869100d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6019B3D5A40F38C020B87C2BC5D25B3646B7CCCD3BF005F835CB74B46869100D"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6000
Expires: Thu, 09 Feb 2023 14:35:42 GMT
Date: Thu, 09 Feb 2023 12:55:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fa3b80f6c5e48935acba628afd26f4ce
f69397ac7d88fc285d79b1a17ec28340c8a5c564
6019b3d5a40f38c020b87c2bc5d25b3646b7cccd3bf005f835cb74b46869100d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6019B3D5A40F38C020B87C2BC5D25B3646B7CCCD3BF005F835CB74B46869100D"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6000
Expires: Thu, 09 Feb 2023 14:35:42 GMT
Date: Thu, 09 Feb 2023 12:55:42 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5241 bytes)
Hash
403cadd5f6beb14f5d2a4dd9eafc68d3
4724b4929c1afcc134ead274238725e4ce729b26
13d7b7ca88de8341e3ec835a5a7d8c79bc50a136aff8eb90aa3c2267f3e8cc08

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5241
x-amzn-requestid: 3ffb8a54-178e-4574-9662-8dc7696203fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ACiy0FOqIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e41811-26219fa14a85f6e81e4cf129;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:45:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8U_d5u2rtXAyLLBhRZ3BbQkFOc5gxZIPhnyL5XOvjGV6-8KqWyn8FQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:45:53 GMT
etag: "4724b4929c1afcc134ead274238725e4ce729b26"
content-type: image/jpeg
age: 54589
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe40cbcc3-f3e1-4c53-87ef-2b07e5039a1c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6061 bytes)
Hash
ea55fd1053c19123cb789a7d14479ccc
45fb06a6feeceff6a06c8c3f37e259ddf6e09820
393290f5ec8379a09da72b2554c30023b688489ffda79f5edfe6f114250ee4c7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe40cbcc3-f3e1-4c53-87ef-2b07e5039a1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6061
x-amzn-requestid: cf552847-17d0-4820-9711-3fb129090686
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f8xbCG8jIAMF7Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1c913-0f2af41d6063340d483c3a55;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 03:44:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3WFg806rwKxFrS_8AcUHawHWXa5ED-6AOEZPlp1R2_Sm7Owm1x_jMg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 05:14:13 GMT
age: 27689
etag: "45fb06a6feeceff6a06c8c3f37e259ddf6e09820"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

sho.cat/js/tablesorte.js?v=1.9

172.67.156.214

200 OK

16 kB

URL HTTP/2
sho.cat/js/tablesorte.js?v=1.9
IP
172.67.156.214:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
16 kB (15761 bytes)
Hash
a890df8cc6fa71af3499e089d04af0ed
48a81689ad7719dd28a2423d9a4e4631ecca1061
23aaa380d08e19ba6417ba830dd21be96a2fe6bc8e24d578a1e046ff19043fdf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/tablesorte.js?v=1.9 HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: application/javascript
last-modified: Sat, 23 Apr 2022 11:07:48 GMT
etag: W/"5c2-5dd505a708900-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LiiZielza6kAV5%2FhqoVTvO8sijSdekyic%2FqM%2Bpa6UzUu0qegY8uID1lnCX6VfPbIht6Mt5oxQYruw8X%2FmvwNqHvBE%2Bn1ngdv4VcUTCUa5JBFadlkYKY7OR%2Fr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2c24a8db4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sho.cat/js/jquery.notifybar.js?v=1.9

172.67.156.214

200 OK

12 kB

URL HTTP/2
sho.cat/js/jquery.notifybar.js?v=1.9
IP
172.67.156.214:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text
Size
12 kB (12176 bytes)
Hash
e2e7add8293f7f8f9efec86afbfe591d
fb6d6b4a377f18784be71a50d54115433c0601bb
473764aff33fa2ccfb619476920a17a8541b55ca542895762706fa270263bb69

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery.notifybar.js?v=1.9 HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: application/javascript
last-modified: Sat, 23 Apr 2022 11:07:48 GMT
etag: W/"a1e-5dd505a708900-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0m7cCsKX0XroSJX07TfAQwSfT%2BSUqTEoVInXOlSE9Mb%2FmbC0MQDR%2B6UUtmvd7XXSzcm6NVId3xKuWcp9zLA57p53hCI7U%2Bqab8Iyp1YGfcfe%2FnEfi7uw2FP3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2c24a99b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d76b3c3-ea90-47d3-83f3-8f1550aa26fa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9846 bytes)
Hash
1d7814305f961caded310b6f2089219b
efcb6a067bb023865823625e67d9de60d44685e0
3c01637a052e2394774fc8f6dd37a284afaf76b423219ecd26a89c2d8b69c121

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d76b3c3-ea90-47d3-83f3-8f1550aa26fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9846
x-amzn-requestid: 4e6cc2be-bc18-4d66-b338-833a05d0d998
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fsaDlGV4oAMFoZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db3d49-14fc32183d3c6afb3a64c27d;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 04:34:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BNBH60bI_wBqaKAFD_FeZHbzfIeJh9-x-JiMsF0Uh9pxKHFPdAH6Vw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:02:08 GMT
age: 53614
etag: "efcb6a067bb023865823625e67d9de60d44685e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

sho.cat/js/jquery-3.tablesorter.min.js?v=1.9

172.67.156.214

200 OK

25 kB

URL HTTP/2
sho.cat/js/jquery-3.tablesorter.min.js?v=1.9
IP
172.67.156.214:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (44303), with no line terminators
Size
25 kB (24637 bytes)
Hash
92ada2f386c576e44105108a2b6cc589
27b1e7aa0cd6fd4074bf5c274cb8c47d72426502
6afe7974a4b3447ddf41bbaab229ed9078b4dec289fb6ca47e2b49e647b94973

HTTP Headers

GET /js/jquery-3.tablesorter.min.js?v=1.9 HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: application/javascript
last-modified: Sat, 23 Apr 2022 11:07:48 GMT
etag: W/"ad53-5dd505a708900-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omXN7U1Uw9C4EBmkH2LdlTxu1TV%2BKgpPudCvOye0Fi%2FR8I%2BfBw4jFARuQLlrIzevXeKPsymgtLUneijLRZJJGMV0uNmhW2Z8M8cWET11VIc4MIvYE%2FBFeUWl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2c24a94b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sho.cat/

172.67.156.214

200 OK

0 B

URL HTTP/2
sho.cat/
IP
172.67.156.214:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OnEAFweU52lvHCkJIHlHbe2A%2B%2Bdzga1VihfIGqivAzPNbDRSNTLVXko35GLinhSdSkGMn1W9fk%2B2w4Wni3cPTIII2bR%2Bqak9wpcLxRy31IRuz56BluAyN4Dk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2c0680fb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sho.cat/css/tablesorter.css?v=1.9

172.67.156.214

200 OK

0 B

URL HTTP/2
sho.cat/css/tablesorter.css?v=1.9
IP
172.67.156.214:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /css/tablesorter.css?v=1.9 HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: text/css
last-modified: Sat, 23 Apr 2022 11:07:48 GMT
etag: W/"9bb-5dd505a708900-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngoAO6%2BhwKmqunPWxMspbB3dF%2FaLH9wcNWefF7OXPQxkT1293R%2BIz5vcdxbug44PVNQs0NIMblu7G46EtG02aNqRtF9D%2F%2F%2BEPlYJI5J4XcwVSRF1V8faijeq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2c14942b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sho.cat/Ae

172.67.156.214

302 Found

0 B

URL HTTP/2
sho.cat/Ae
IP
172.67.156.214:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /Ae HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Thu, 09 Feb 2023 12:55:40 GMT
content-type: text/html; charset=UTF-8
location: https://sho.cat
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kwy4Fz5dzF1g7Nk%2F2c9xYC%2BLM1Y8eW29aDdxw43ZHxAA76xlHcOk%2Fyzsvp5DvEe718Baf%2BVUVSpfHRUvevdm%2FgQsjj%2Bd481Ji0WXadyr0e2BrwgL9Nbf7l5j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2bfaf07b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sho.cat/js/insert.js?v=1.9

172.67.156.214

200 OK

0 B

URL HTTP/2
sho.cat/js/insert.js?v=1.9
IP
172.67.156.214:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/insert.js?v=1.9 HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: application/javascript
last-modified: Sat, 23 Apr 2022 11:07:48 GMT
etag: W/"1c19-5dd505a708900-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BP9mAa7QNfxCI3Unl%2FhbDQEyVB%2BeSxgtPJ3m5h8AC%2BQP94redXhi%2FmpGrnpcNtHkRhPg87yhK5UyR%2FjUy%2ByL7RN0t2ndCwBTniEt6cNX9ZGn4ysdUpDGX5pZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2c24a89b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sho.cat/js/clipboard.min.js?v=1.9

172.67.156.214

200 OK

0 B

URL HTTP/2
sho.cat/js/clipboard.min.js?v=1.9
IP
172.67.156.214:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/clipboard.min.js?v=1.9 HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: application/javascript
last-modified: Sat, 23 Apr 2022 11:07:48 GMT
etag: W/"28d5-5dd505a708900-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZzTyhlfKJ%2BLTXGB4r45MpLN4bLfjGMJisDZGh01YxDrulC0HXkpV6tgnzD01Xh0n%2BlmcczLQ4%2FP5hb8eSqKce4yXUig7sS%2BV6xIvOntWjBIdylJgWVsKOfT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2c24a81b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sho.cat/js/share.js?v=1.9

172.67.156.214

200 OK

0 B

URL HTTP/2
sho.cat/js/share.js?v=1.9
IP
172.67.156.214:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/share.js?v=1.9 HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: application/javascript
last-modified: Sat, 23 Apr 2022 11:07:48 GMT
etag: W/"58d-5dd505a708900-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sJVSbzyS%2F3U7YFxdZF%2BomGEooFGn5ymRig0Ujyr0MemUBx%2Fs7bKbmlQIjKqr897Y20ERjC4MqCYo6u0Mh4GXr%2BBVJYPyciPIBeR9D2raWlYOhnW0mp7iZkP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2c24a82b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sho.cat/js/common.js?v=1.9

172.67.156.214

200 OK

0 B

URL HTTP/2
sho.cat/js/common.js?v=1.9
IP
172.67.156.214:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/common.js?v=1.9 HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: application/javascript
last-modified: Sat, 23 Apr 2022 11:07:48 GMT
etag: W/"14a3-5dd505a708900-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQiE%2FbX05YZuFWcQXeITr899pJn8EFWk959b06CB%2FIRW2DxGVGv8JtGAlZCit2hF95Yki%2F1rnskH7nOA%2BCo9lXBwNdGCXCVn8I1Dv2qKYZlInMGUS2mOCkLK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2c24a9cb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sho.cat/images/favicon.svg

172.67.156.214

200 OK

0 B

URL HTTP/2
sho.cat/images/favicon.svg
IP
172.67.156.214:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /images/favicon.svg HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/css/style.css?v=1.9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: image/svg+xml
last-modified: Sat, 23 Apr 2022 11:07:48 GMT
etag: W/"199e-5dd505a708900"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9TtQov89z3NiojDf0TFwVEjKN6Q8vJqjebxguVs4AG%2FY6me2oatbawslQPwQo%2BKlCVB8Lm1s20V%2FH2rHVXK6E%2FVEJRyw8Ptp%2F5ZntALWHBx9cmIJhAjZvJs9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 796cc2c24a7eb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sho.cat/css/style.css?v=1.9

172.67.156.214

200 OK

0 B

URL HTTP/2
sho.cat/css/style.css?v=1.9
IP
172.67.156.214:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /css/style.css?v=1.9 HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: text/css
last-modified: Sat, 23 Apr 2022 11:07:48 GMT
etag: W/"1ad4-5dd505a708900-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zgfQ6%2BU8IMh0V8nZXX%2F%2FrnohO4%2F10ciroBwBf2ylcfqksLdV2f2dHXTzBFtko8SV5vjoQHrX4%2BauHN6ek2NPyGAt4SKGutM6%2BdJIPeeSZV93g9qU92GzyzH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2c14940b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sho.cat/css/cal.css?v=1.9

172.67.156.214

200 OK

0 B

URL HTTP/2
sho.cat/css/cal.css?v=1.9
IP
172.67.156.214:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /css/cal.css?v=1.9 HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: text/css
last-modified: Sat, 23 Apr 2022 11:07:48 GMT
etag: W/"3ab-5dd505a708900-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xyAo%2FXn3cbdsmR73aPBBE6905LXxUp7kIUGfP8IoWu8gmMZOxmt%2BRFu%2F2wChcXm76YGKeDrKMokegLSo3xW%2Fi0U1LeGKnI9Erdsxx0GYFGiVIL6MXXLjL1vU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2c14945b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.hcaptcha.com/1/api.js

104.16.169.131

200 OK

0 B

URL HTTP/2
www.hcaptcha.com/1/api.js
IP
104.16.169.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /1/api.js HTTP/1.1
Host: www.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: application/javascript
cf-ray: 796cc2c29bf6b50b-OSL
age: 0
cache-control: max-age=120
etag: W/"dea91810490e83c91353522d7d4d09c2"
last-modified: Wed, 08 Feb 2023 10:53:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
cf-cache-status: HIT
cross-origin-resource-policy: cross-origin
x-amz-cf-id: a8vrfhnsEHR5iSqF5AKZ8-Qw7SNaeJeyXiB4J1LxT9uj0luqbMt-zg==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sho.cat/js/jquery-3.5.1.min.js?v=1.9

172.67.156.214

200 OK

0 B

URL HTTP/2
sho.cat/js/jquery-3.5.1.min.js?v=1.9
IP
172.67.156.214:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery-3.5.1.min.js?v=1.9 HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: application/javascript
last-modified: Sat, 23 Apr 2022 11:07:48 GMT
etag: W/"15d84-5dd505a708900-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LoUKsd5ttOWQE%2FSBymGoBu4ff3cQw36qIOe%2F%2BISY70BFT4ryDMs4rSCejp%2FysmYaOgUsvGwRsO2K5lHWM8tD2GxO6g6FrOFemwFovqNHO9v1663ck00Rwwf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2c24a9db4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sho.cat/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

172.67.156.214

200 OK

0 B

URL HTTP/2
sho.cat/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
172.67.156.214:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: application/javascript
last-modified: Wed, 08 Feb 2023 15:16:43 GMT
etag: W/"63e3bcdb-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bC55V7aigsBmZuMyTmKZCMTaZwDSX4CPFhjShS1bilOAT9ySQNPKXr454UKxRZUGnqaQPMEv2Y2z5ZyDUi2MzLC77%2FlDl%2F%2Br1MOekrGI8HKRzkPHKwBP7fWV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 796cc2c1594bb4ee-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 11 Feb 2023 12:55:41 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML