Report - hifansee.co.jp/net/check/home/login.php

Report Overview

Submitted URL
hifansee.co.jp/net/check/home/login.php
IP
160.251.71.125
ASN
#7506 GMO Internet,Inc
Submitted
2024-04-18 12:43:24
Access
public
Website Title
ハイファンシー | 気軽に学習して楽しむウェブメディア事業を展開
Final URL
hifansee.co.jp/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
44

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-18	9.6 kB	389 kB	216.58.207.227
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15	2024-04-18	960 B	201 kB	104.18.10.207
hifansee.co.jp	unknown	2022-01-27	2022-03-11	2024-03-13	10 kB	15 MB	160.251.71.125
code.jquery.com	634	2005-12-10	2012-05-21	2024-04-18	418 B	32 kB	151.101.66.137
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-04-17	462 B	8.6 kB	151.101.193.229
ajaxzip3.github.io	214640	2013-03-08	2015-03-23	2024-04-18	413 B	3.2 kB	185.199.111.153
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-18	895 B	80 kB	142.250.74.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	hifansee.co.jp	Sinkholed
2024-04-18	medium	hifansee.co.jp	Sinkholed
2024-04-18	medium	hifansee.co.jp	Sinkholed
2024-04-18	medium	hifansee.co.jp	Sinkholed
2024-04-18	medium	hifansee.co.jp	Sinkholed
2024-04-18	medium	hifansee.co.jp	Sinkholed
2024-04-18	medium	hifansee.co.jp	Sinkholed
2024-04-18	medium	hifansee.co.jp	Sinkholed
2024-04-18	medium	hifansee.co.jp	Sinkholed
2024-04-18	medium	hifansee.co.jp	Sinkholed
2024-04-18	medium	hifansee.co.jp	Sinkholed
2024-04-18	medium	hifansee.co.jp	Sinkholed
2024-04-18	medium	hifansee.co.jp	Sinkholed
2024-04-18	medium	hifansee.co.jp	Sinkholed
2024-04-18	medium	hifansee.co.jp	Sinkholed
2024-04-18	medium	hifansee.co.jp	Sinkholed
2024-04-18	medium	hifansee.co.jp	Sinkholed
2024-04-18	medium	hifansee.co.jp	Sinkholed
2024-04-18	medium	hifansee.co.jp	Sinkholed
2024-04-18	medium	hifansee.co.jp	Sinkholed
2024-04-18	medium	hifansee.co.jp	Sinkholed
2024-04-18	medium	hifansee.co.jp	Sinkholed

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.5.1.min.js?ver=3.5.1	90 kB	2023-03-07	2024-05-01
Pretty URL code.jquery.com/jquery-3.5.1.min.js?ver=3.5.1 IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-01 18:05:18 Times Seen140606 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	hifansee.co.jp/	3.3 kB	2024-04-18	2024-04-18
Pretty URL hifansee.co.jp/ IP 160.251.71.125 ASN #7506 GMO Internet,Inc Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 14:43:27 Last Seen2024-04-18 14:43:27 Times Seen1 Hash dbb4d199b7a68b573dfdde1f2176d164 a0e33d40fb508cf77c6fedf872c13e279d3ee100 8e04150f6909aea0e8e2097cf443ef655439a5cc53de2902e0cf5fe26f8bdf85 Loading...

	hifansee.co.jp/	128 B	2023-07-28	2024-04-18
Pretty URL hifansee.co.jp/ IP 160.251.71.125 ASN #7506 GMO Internet,Inc Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-28 13:47:18 Last Seen2024-04-18 14:43:27 Times Seen4 Hash e15d5cfec420032df91ab03b18e59b70 082e42f97448c6d314a979dbe7b42c20401d5556 dacacc1c1e8241279f6759706942754db3a6e5f68c84b603b154f9af47c3c71d Loading...

	hifansee.co.jp/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.6	11 kB	2023-11-16	2024-05-01
Pretty URL hifansee.co.jp/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.6 IP 160.251.71.125 ASN #7506 GMO Internet,Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-16 07:59:27 Last Seen2024-05-01 05:41:45 Times Seen8056 Hash a53a916adf48efefd5a2aa0861ebbc07 46acfa0be9dd623a7aa9bceb1344c152a8adc13b 9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d Loading...

	hifansee.co.jp/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.6	13 kB	2023-11-16	2024-05-01
Pretty URL hifansee.co.jp/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.6 IP 160.251.71.125 ASN #7506 GMO Internet,Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-16 07:59:28 Last Seen2024-05-01 05:41:45 Times Seen7988 Hash 83a062cf6545b990c13b4398035a29d0 5cf24bc45fcbc6f416ea9671e089ca00ef0080d2 7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1 Loading...

	ajaxzip3.github.io/ajaxzip3.js?ver=6.5.2	5.6 kB	2023-03-09	2024-04-18
Pretty URL ajaxzip3.github.io/ajaxzip3.js?ver=6.5.2 IP 185.199.111.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 10:01:09 Last Seen2024-04-18 14:43:27 Times Seen151 Hash 99b222f41e6e066035c583aeb8a77194 3bbad766ebd2b3561600197cd92a401c20842db6 89d4412040a2276e6d969ff72a8ca0d070af055b804e9711cc0d77b89b9a70c1 Loading...

	hifansee.co.jp/wp-content/themes/floatflat/assets/js/autozip.js?ver=6.5.2	125 B	2024-03-14	2024-04-18
Pretty URL hifansee.co.jp/wp-content/themes/floatflat/assets/js/autozip.js?ver=6.5.2 IP 160.251.71.125 ASN #7506 GMO Internet,Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-14 03:51:45 Last Seen2024-04-18 14:43:27 Times Seen2 Hash 865194f2814aca7d54c31c9783ea0784 0770b16797ee47990d091c7f000ebb39420a6778 557b157e51bc1133609744ecca574c5807058b8500f7a61f0afbcfe319733e8d Loading...

	cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js	21 kB	2023-03-07	2024-05-01
Pretty URL cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-05-01 08:36:03 Times Seen10599 Hash 84415b7368fd6fc764cbe86039ce0626 62f238e73348c77eb9e865426a7d1b7de23cbb2d c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060 Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.min.js	60 kB	2023-03-07	2024-04-30
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:32 Last Seen2024-04-30 22:24:40 Times Seen6385 Hash 6bea60c34c5db6797150610dacdc6bce 544afefd148715da7dd52d368a414703390ca0e0 38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff Loading...

	hifansee.co.jp/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2	19 kB	2024-03-13	2024-05-01
Pretty URL hifansee.co.jp/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 IP 160.251.71.125 ASN #7506 GMO Internet,Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-13 16:02:37 Last Seen2024-05-01 17:56:54 Times Seen2283 Hash b976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3 Loading...

	hifansee.co.jp/wp-content/themes/floatflat/assets/js/libs.js	70 kB	2024-03-14	2024-04-18
Pretty URL hifansee.co.jp/wp-content/themes/floatflat/assets/js/libs.js IP 160.251.71.125 ASN #7506 GMO Internet,Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-14 03:51:45 Last Seen2024-04-18 14:43:28 Times Seen4 Hash 923874942a2839e5ffe5e6a2e21a5b25 aaaa5696002b2ce624b977b80318a8149948666d c7785d242b4bcd5899a6a8080d5669127c29a07ffbc624b83022255de6b2e42a Loading...

	hifansee.co.jp/wp-content/themes/floatflat/assets/js/script.js	1.1 kB	2024-03-14	2024-04-18
Pretty URL hifansee.co.jp/wp-content/themes/floatflat/assets/js/script.js IP 160.251.71.125 ASN #7506 GMO Internet,Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-14 03:51:45 Last Seen2024-04-18 14:43:27 Times Seen2 Hash 4fcd30cb63b6e96e6f1e4e964e7068d4 f1173dac796106271025c274ac5b1f039857be16 76e24ea10fd412a2e4652c6cb4642261e9cf1790d6cdcf1c2f50cb1716aff322 Loading...

HTTP Transactions (46)

URL IP Response Size

hifansee.co.jp/net/check/home/login.php

160.251.71.125

301 Moved Permanently

0 B

URL User Request GET HTTP/2
hifansee.co.jp/net/check/home/login.php
IP
160.251.71.125:443
ASN
#7506 GMO Internet,Inc

Certificate
IssuerLet's Encrypt
Subjecthifansee.co.jp
Fingerprint39:B3:F1:59:3B:DD:0C:AF:7B:04:D5:6C:D5:CF:01:99:0E:A5:C1:88
ValidityTue, 12 Mar 2024 11:36:26 GMT - Mon, 10 Jun 2024 11:36:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /net/check/home/login.php HTTP/1.1
Host: hifansee.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 18 Apr 2024 12:42:56 GMT
content-type: text/html; charset=UTF-8
content-length: 0
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://hifansee.co.jp/wp-json/>; rel="https://api.w.org/"
location: https://hifansee.co.jp
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

hifansee.co.jp/

160.251.71.125

200 OK

14 kB

URL User Request GET HTTP/2
hifansee.co.jp/
IP
160.251.71.125:443
ASN
#7506 GMO Internet,Inc

Certificate
IssuerLet's Encrypt
Subjecthifansee.co.jp
Fingerprint39:B3:F1:59:3B:DD:0C:AF:7B:04:D5:6C:D5:CF:01:99:0E:A5:C1:88
ValidityTue, 12 Mar 2024 11:36:26 GMT - Mon, 10 Jun 2024 11:36:25 GMT

File type
gzip compressed data, max speed, from Unix
Size
14 kB (13709 bytes)
Hash
2461188faede3225671b060f3c0e3885
7eeb9268b2f76144f0a6cacedbf236386762244a
ce9892ff6fef49d2673aef1f6db7169506265ee556161418fd64bab3ca221605

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: hifansee.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:42:57 GMT
content-type: text/html; charset=UTF-8
link: <https://hifansee.co.jp/wp-json/>; rel="https://api.w.org/", <https://hifansee.co.jp/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://hifansee.co.jp/>; rel=shortlink
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.5.1.min.js?ver=3.5.1

151.101.66.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.5.1.min.js?ver=3.5.1
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://hifansee.co.jp/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (30879 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /jquery-3.5.1.min.js?ver=3.5.1 HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d84"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 18 Apr 2024 12:42:57 GMT
age: 3401018
x-served-by: cache-lga21981-LGA, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 36, 353963
x-timer: S1713444178.581436,VS0,VE0
vary: Accept-Encoding
content-length: 30879
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js

151.101.193.229

200 OK

7.8 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://hifansee.co.jp/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (21084)
Size
7.8 kB (7835 bytes)
Hash
84415b7368fd6fc764cbe86039ce0626
62f238e73348c77eb9e865426a7d1b7de23cbb2d
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

HTTP Headers

GET /npm/popper.js@1.16.0/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hifansee.co.jp
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.16.0
x-jsd-version-type: version
etag: W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
content-encoding: br
accept-ranges: bytes
date: Thu, 18 Apr 2024 12:42:57 GMT
age: 27981070
x-served-by: cache-fra-eddf8230104-FRA, cache-hel1410028-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7835
X-Firefox-Spdy: h2

ajaxzip3.github.io/ajaxzip3.js?ver=6.5.2

185.199.111.153

200 OK

2.5 kB

URL GET HTTP/2
ajaxzip3.github.io/ajaxzip3.js?ver=6.5.2
IP
185.199.111.153:443
ASN
#54113 FASTLY

Requested by
https://hifansee.co.jp/
Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (3825)
Size
2.5 kB (2504 bytes)
Hash
99b222f41e6e066035c583aeb8a77194
3bbad766ebd2b3561600197cd92a401c20842db6
89d4412040a2276e6d969ff72a8ca0d070af055b804e9711cc0d77b89b9a70c1

HTTP Headers

GET /ajaxzip3.js?ver=6.5.2 HTTP/1.1
Host: ajaxzip3.github.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Sun, 08 May 2016 08:44:56 GMT
access-control-allow-origin: *
etag: W/"572efc88-15fd"
expires: Sun, 07 Apr 2024 01:24:44 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: B4EE:28BB2E:873ACB2:8951964:6611F384
accept-ranges: bytes
age: 324
date: Thu, 18 Apr 2024 12:42:57 GMT
via: 1.1 varnish
x-served-by: cache-hel1410024-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1713444178.640088,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: ebde42ec9b4263ace9fac9d1a1aa0c1d6821d2b7
content-length: 2504
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@300;400&display=swap

142.250.74.74

200 OK

62 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@300;400&display=swap
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://hifansee.co.jp/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
62 kB (61928 bytes)
Hash
98f4a7b1aded0191984c8e3e4e57eae1
ed93f66134a40ba2520a16ea2bd2063b0c7444b8
4c77be52c83374f5b904a616eced80d4654586bb691c74580cfffe561dc62ce3

HTTP Headers

GET /css2?family=Noto+Sans+JP:wght@300;400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 12:42:57 GMT
date: Thu, 18 Apr 2024 12:42:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

hifansee.co.jp/wp-content/uploads/2024/02/sysad-408x250.jpg

160.251.71.125

200 OK

12 kB

URL GET HTTP/2
hifansee.co.jp/wp-content/uploads/2024/02/sysad-408x250.jpg
IP
160.251.71.125:443
ASN
#7506 GMO Internet,Inc

Requested by
https://hifansee.co.jp/
Certificate
IssuerLet's Encrypt
Subjecthifansee.co.jp
Fingerprint39:B3:F1:59:3B:DD:0C:AF:7B:04:D5:6C:D5:CF:01:99:0E:A5:C1:88
ValidityTue, 12 Mar 2024 11:36:26 GMT - Mon, 10 Jun 2024 11:36:25 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 408x250, components 3
Size
12 kB (11761 bytes)
Hash
8d32317e80bcc2cdb6b743363451777d
c20725dcefae0ebde1682ddf3b9af757b4d5f766
4866c84fb3ef8727843b5a383422bc4239f229b9096caa02cd5a727a63061ebe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/02/sysad-408x250.jpg HTTP/1.1
Host: hifansee.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:42:57 GMT
content-type: image/jpeg
content-length: 11761
last-modified: Sat, 03 Feb 2024 04:40:40 GMT
etag: "2df1-61072d4a5c2b7"
accept-ranges: bytes
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.116.woff2

216.58.207.227

200 OK

17 kB

URL GET HTTP/2
fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.116.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hifansee.co.jp/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17256, version 1.0
Size
17 kB (17256 bytes)
Hash
63dfc8cea87f72834fd1bf9246f7c3ff
882d0e8a7f0fddaef410227649ce4134522fa1d4
b5fbbc607f7c2098efd768968f63eb1df6496cf5861eadb3d20cfc37731d5046

HTTP Headers

GET /s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.116.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hifansee.co.jp
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17256
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:40:58 GMT
expires: Fri, 18 Apr 2025 02:40:58 GMT
cache-control: public, max-age=31536000
age: 36120
last-modified: Tue, 02 May 2023 15:57:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Jost&display=swap

142.250.74.74

200 OK

17 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Jost&display=swap
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://hifansee.co.jp/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
17 kB (16887 bytes)
Hash
df0cf3d18e9860a0850d548405a4fa69
d4aec5aee378eb2958ea541f87b7b29feb104cba
313322d107be01e003624b5a751b81193f13d20d26c6e74636e62e9c852a6980

HTTP Headers

GET /css2?family=Jost&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 12:42:57 GMT
date: Thu, 18 Apr 2024 12:42:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFYwQgP.woff2

216.58.207.227

200 OK

25 kB

URL GET HTTP/2
fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFYwQgP.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hifansee.co.jp/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24732, version 1.0
Size
25 kB (24732 bytes)
Hash
2e9fd7002d7cbdf4c7bcd3d91826a5ff
c11c17cd55164b7f453c77124e08b92a4eb26a22
25db414d0891e93b2785f5891165beef2537aa17d153c28b84b14fe59cd451c2

HTTP Headers

GET /s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFYwQgP.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hifansee.co.jp
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24732
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 07:20:34 GMT
expires: Wed, 16 Apr 2025 07:20:34 GMT
cache-control: public, max-age=31536000
age: 192144
last-modified: Tue, 02 May 2023 15:39:33 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/jost/v15/92zPtBhPNqw79Ij1E865zBUv7myjJTVBNIg.woff2

216.58.207.227

200 OK

9.5 kB

URL GET HTTP/2
fonts.gstatic.com/s/jost/v15/92zPtBhPNqw79Ij1E865zBUv7myjJTVBNIg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hifansee.co.jp/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9488, version 1.0
Size
9.5 kB (9488 bytes)
Hash
cd0ebcef3ea4f87dc87a0423ebe0f97b
fa784f0672406029f6b0129e7a96034abda4cef5
03aaf59e6679227a8a368c02dfb5554b3681c7b5c932123e0b35d08992674909

HTTP Headers

GET /s/jost/v15/92zPtBhPNqw79Ij1E865zBUv7myjJTVBNIg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hifansee.co.jp
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9488
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:44:24 GMT
expires: Fri, 18 Apr 2025 02:44:24 GMT
cache-control: public, max-age=31536000
age: 35914
last-modified: Wed, 13 Sep 2023 22:39:29 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

hifansee.co.jp/wp-content/themes/floatflat/assets/js/script.js

160.251.71.125

200 OK

20 kB

URL GET HTTP/2
hifansee.co.jp/wp-content/themes/floatflat/assets/js/script.js
IP
160.251.71.125:443
ASN
#7506 GMO Internet,Inc

Requested by
https://hifansee.co.jp/
Certificate
IssuerLet's Encrypt
Subjecthifansee.co.jp
Fingerprint39:B3:F1:59:3B:DD:0C:AF:7B:04:D5:6C:D5:CF:01:99:0E:A5:C1:88
ValidityTue, 12 Mar 2024 11:36:26 GMT - Mon, 10 Jun 2024 11:36:25 GMT

File type
gzip compressed data, max speed, from Unix
Size
20 kB (19519 bytes)
Hash
a5a5e610d3099fcc68ca01125b09a0f8
c8b7daf840392fa810b2a9b788efbacd84a5f92c
238fc0497b64044fe4a92dbd12503dc162bb06723004fc1feb554bdf0cf35ee5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/floatflat/assets/js/script.js HTTP/1.1
Host: hifansee.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:42:57 GMT
content-type: application/javascript
last-modified: Tue, 22 Mar 2022 06:43:00 GMT
etag: W/"455-5dac8ec84e500"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.min.js

104.18.10.207

200 OK

38 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.min.js
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hifansee.co.jp/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
JavaScript source, ASCII text, with very long lines (59893)
Size
38 kB (38443 bytes)
Hash
6bea60c34c5db6797150610dacdc6bce
544afefd148715da7dd52d368a414703390ca0e0
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff

HTTP Headers

GET /bootstrap/4.5.0/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hifansee.co.jp
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:42:57 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"6bea60c34c5db6797150610dacdc6bce"
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
cdn-cachedat: 03/18/2024 13:06:56
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 860
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: e44a1a3b630ede17f9ebb0813e23ec26
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8764bcddbabbb51e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.112.woff2

216.58.207.227

200 OK

17 kB

URL GET HTTP/2
fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.112.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hifansee.co.jp/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17328, version 1.0
Size
17 kB (17328 bytes)
Hash
1bd918d65bbe23f2a713780ca3dfe6f2
1b51ef75760df213848563a8dc3ebf2141318da0
7b2ccc0deff1602197e5aeee1b4a3a97222ac2f6c78ab087893f0637d66d1f5f

HTTP Headers

GET /s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.112.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hifansee.co.jp
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:59:32 GMT
expires: Wed, 16 Apr 2025 01:59:32 GMT
cache-control: public, max-age=31536000
age: 211406
last-modified: Tue, 02 May 2023 15:37:33 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.111.woff2

216.58.207.227

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.111.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hifansee.co.jp/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18744, version 1.0
Size
19 kB (18744 bytes)
Hash
e27f9f6f25d0eb09c51abdfe12a9b5bc
79c27ff535f61aa759d581be95164db98bce8690
fbac721ae2224160c24262bab0f8b7336e109408f66952861e2b6d3efe24dc3a

HTTP Headers

GET /s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.111.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hifansee.co.jp
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:28:59 GMT
expires: Fri, 11 Apr 2025 17:28:59 GMT
cache-control: public, max-age=31536000
age: 587639
last-modified: Tue, 02 May 2023 16:11:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.92.woff2

216.58.207.227

200 OK

21 kB

URL GET HTTP/2
fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.92.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hifansee.co.jp/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 21064, version 1.0
Size
21 kB (21064 bytes)
Hash
7583ed978c801e95def147efb05cfaf6
666cea3822b83b7c9d8a2669a40fe68f43664c2b
e3922c9a13dfc1e4c7d3bb6cd8aa8535a242fb94354f8c37219337886157b855

HTTP Headers

GET /s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.92.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hifansee.co.jp
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21064
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:33:33 GMT
expires: Fri, 18 Apr 2025 02:33:33 GMT
cache-control: public, max-age=31536000
age: 36565
last-modified: Tue, 02 May 2023 15:40:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.106.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.106.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hifansee.co.jp/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23840, version 1.0
Size
24 kB (23840 bytes)
Hash
651afda263cf1b1bc466664f3d19929c
0b56fbcff064f8d2d3c1ef20ee4ede89aa18254d
2cb966702a3fecf38105c4be4447fd022eeeadce469e9d84deaf6e835d2f3db6

HTTP Headers

GET /s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.106.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hifansee.co.jp
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:51:36 GMT
expires: Fri, 18 Apr 2025 02:51:36 GMT
cache-control: public, max-age=31536000
age: 35482
last-modified: Tue, 02 May 2023 15:36:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.118.woff2

216.58.207.227

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.118.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hifansee.co.jp/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18284, version 1.0
Size
18 kB (18284 bytes)
Hash
3a424ba11ffc44a32c51b7b73ec927e2
d86ee30f7b7371c53eeb3aaf5ec423ce0aae6d0a
117fff37ba6ea3e99b22807af3436c5053aff3d6c8280d9b8c70b05fa86a56f8

HTTP Headers

GET /s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.118.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hifansee.co.jp
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18284
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:49:04 GMT
expires: Fri, 18 Apr 2025 02:49:04 GMT
cache-control: public, max-age=31536000
age: 35634
last-modified: Tue, 02 May 2023 15:29:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.108.woff2

216.58.207.227

200 OK

21 kB

URL GET HTTP/2
fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.108.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hifansee.co.jp/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 21424, version 1.0
Size
21 kB (21424 bytes)
Hash
4227ff59af9ead8efc375e76d725129d
5367f4e8e4b3e7530ed127885cdc6a295230c7b5
849cf9478c1258c47789e081934d8b94a3b02e8abab241b9e830a7efc7924d8d

HTTP Headers

GET /s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.108.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hifansee.co.jp
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21424
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:26:25 GMT
expires: Fri, 11 Apr 2025 17:26:25 GMT
cache-control: public, max-age=31536000
age: 587793
last-modified: Tue, 02 May 2023 16:02:51 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.113.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.113.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hifansee.co.jp/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 16496, version 1.0
Size
16 kB (16496 bytes)
Hash
5bdae07a6793f00c272a44933f7b2255
7f34bfb953d7e6d28e3684815bff637337f7e255
b6d5f75ea106a67b07d2fc06425ee2d90131cf97f850afeabf77dcfaefae91b1

HTTP Headers

GET /s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.113.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hifansee.co.jp
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16496
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:48:18 GMT
expires: Fri, 18 Apr 2025 02:48:18 GMT
cache-control: public, max-age=31536000
age: 35680
last-modified: Tue, 02 May 2023 16:17:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.119.woff2

216.58.207.227

200 OK

79 kB

URL GET HTTP/2
fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.119.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hifansee.co.jp/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 78972, version 1.0
Size
79 kB (78972 bytes)
Hash
217dc33c822eb6c0923a99892a905258
12f0ce73476f3ece58e1b240d239bd7517334054
9151040be84927c7e12fe497ef65d29af26874d9df53c4e62bcbc43c4a668e83

HTTP Headers

GET /s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.119.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hifansee.co.jp
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 78972
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:00:14 GMT
expires: Fri, 18 Apr 2025 03:00:14 GMT
cache-control: public, max-age=31536000
age: 34964
last-modified: Tue, 02 May 2023 15:42:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.115.woff2

216.58.207.227

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.115.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hifansee.co.jp/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19684, version 1.0
Size
20 kB (19684 bytes)
Hash
7f498cf7c7a259e329a1a7ac7a4f6eeb
76ac3173694ff53411bf838faeacede92455e18b
2f4611b598af12323855fc5300325fd72987d10296222285778ee5aa79a1b670

HTTP Headers

GET /s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.115.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hifansee.co.jp
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19684
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:33:36 GMT
expires: Wed, 16 Apr 2025 16:33:36 GMT
cache-control: public, max-age=31536000
age: 158962
last-modified: Tue, 02 May 2023 15:33:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

hifansee.co.jp/wp-content/themes/floatflat/images/logo.svg

160.251.71.125

200 OK

6.7 kB

URL GET HTTP/2
hifansee.co.jp/wp-content/themes/floatflat/images/logo.svg
IP
160.251.71.125:443
ASN
#7506 GMO Internet,Inc

Requested by
https://hifansee.co.jp/
Certificate
IssuerLet's Encrypt
Subjecthifansee.co.jp
Fingerprint39:B3:F1:59:3B:DD:0C:AF:7B:04:D5:6C:D5:CF:01:99:0E:A5:C1:88
ValidityTue, 12 Mar 2024 11:36:26 GMT - Mon, 10 Jun 2024 11:36:25 GMT

File type
SVG Scalable Vector Graphics image
Size
6.7 kB (6666 bytes)
Hash
2dc71ddfc973b940a4c6bf317519ced4
6680936e5482b9698d337f2e909188cd52865861
91294fc463e2b6b264cd2c8125e44af1f08046d866a690242223ac7edaf67d70

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/floatflat/images/logo.svg HTTP/1.1
Host: hifansee.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:42:57 GMT
content-type: image/svg+xml
content-length: 6666
last-modified: Mon, 28 Mar 2022 03:23:00 GMT
etag: "1a0a-5db3ed44fad00"
accept-ranges: bytes
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

hifansee.co.jp/wp-content/themes/floatflat/images/logo-w.svg

160.251.71.125

200 OK

6.6 kB

URL GET HTTP/2
hifansee.co.jp/wp-content/themes/floatflat/images/logo-w.svg
IP
160.251.71.125:443
ASN
#7506 GMO Internet,Inc

Requested by
https://hifansee.co.jp/
Certificate
IssuerLet's Encrypt
Subjecthifansee.co.jp
Fingerprint39:B3:F1:59:3B:DD:0C:AF:7B:04:D5:6C:D5:CF:01:99:0E:A5:C1:88
ValidityTue, 12 Mar 2024 11:36:26 GMT - Mon, 10 Jun 2024 11:36:25 GMT

File type
SVG Scalable Vector Graphics image
Size
6.6 kB (6612 bytes)
Hash
cdf328de4c7e7e6b7e0e285f2e0e7275
45a600439f237a01c033d1d75d7f22cb21d15088
9a2cd41e556e751e4ed9f6cf24fd0c4fdd43211091806696db71bb6398d0cea4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/floatflat/images/logo-w.svg HTTP/1.1
Host: hifansee.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:42:57 GMT
content-type: image/svg+xml
content-length: 6612
last-modified: Mon, 28 Mar 2022 09:36:00 GMT
etag: "19d4-5db440a436000"
accept-ranges: bytes
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.117.woff2

216.58.207.227

200 OK

13 kB

URL GET HTTP/2
fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.117.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hifansee.co.jp/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 12996, version 1.0
Size
13 kB (12996 bytes)
Hash
88cfb88a2e9d1299483ad43f84de76b4
22c49a3aa9b2d622da5fee109a19c82a648df5c7
e4ef32d9cbe1aae87a030055a413910355b58d0bd381b110e2d989900bbe18cf

HTTP Headers

GET /s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.117.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hifansee.co.jp
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12996
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 23:07:23 GMT
expires: Tue, 15 Apr 2025 23:07:23 GMT
cache-control: public, max-age=31536000
age: 221735
last-modified: Tue, 02 May 2023 15:40:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.110.woff2

216.58.207.227

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.110.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hifansee.co.jp/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17752, version 1.0
Size
18 kB (17752 bytes)
Hash
082b88eaecfa4738ad7a795a1654826c
ad6de6c561cd199641852cea4836abc66e9d57fa
57dcfcf81ff0f2534bfcabf76ed0406f8e82325295fabe105b5b4f45d6ce7eb4

HTTP Headers

GET /s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.110.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hifansee.co.jp
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:26:25 GMT
expires: Fri, 11 Apr 2025 17:26:25 GMT
cache-control: public, max-age=31536000
age: 587793
last-modified: Tue, 02 May 2023 15:42:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

hifansee.co.jp/wp-content/uploads/2024/01/img_sdgs-408x250.jpg

160.251.71.125

200 OK

42 kB

URL GET HTTP/2
hifansee.co.jp/wp-content/uploads/2024/01/img_sdgs-408x250.jpg
IP
160.251.71.125:443
ASN
#7506 GMO Internet,Inc

Requested by
https://hifansee.co.jp/
Certificate
IssuerLet's Encrypt
Subjecthifansee.co.jp
Fingerprint39:B3:F1:59:3B:DD:0C:AF:7B:04:D5:6C:D5:CF:01:99:0E:A5:C1:88
ValidityTue, 12 Mar 2024 11:36:26 GMT - Mon, 10 Jun 2024 11:36:25 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 408x250, components 3
Size
42 kB (42114 bytes)
Hash
242b2511fdceb686b82a639913494828
c98f6f3b21bb98f86dd8c8bed9524a6dd1ce58bd
1a8370d9647aa9d7de5bc9e1f2a19b8f1131a4c28c7d5ecac06d1831f425a33b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/01/img_sdgs-408x250.jpg HTTP/1.1
Host: hifansee.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:42:57 GMT
content-type: image/jpeg
content-length: 42114
last-modified: Thu, 04 Jan 2024 03:36:11 GMT
etag: "a482-60e166ed21b14"
accept-ranges: bytes
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

hifansee.co.jp/wp-content/uploads/2024/01/my-jinken-format-408x250.jpg

160.251.71.125

200 OK

27 kB

URL GET HTTP/2
hifansee.co.jp/wp-content/uploads/2024/01/my-jinken-format-408x250.jpg
IP
160.251.71.125:443
ASN
#7506 GMO Internet,Inc

Requested by
https://hifansee.co.jp/
Certificate
IssuerLet's Encrypt
Subjecthifansee.co.jp
Fingerprint39:B3:F1:59:3B:DD:0C:AF:7B:04:D5:6C:D5:CF:01:99:0E:A5:C1:88
ValidityTue, 12 Mar 2024 11:36:26 GMT - Mon, 10 Jun 2024 11:36:25 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 110x103, segment length 16, baseline, precision 8, 408x250, components 3
Size
27 kB (26698 bytes)
Hash
b57c8e2d06285e791aa725aec84070ac
05665462891de9449dd612a05de4623a3c6cdaac
9f4532db3b0ba54cb6568ba7261bc90283acb716361b8ba805191642aa277d5b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/01/my-jinken-format-408x250.jpg HTTP/1.1
Host: hifansee.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:42:57 GMT
content-type: image/jpeg
content-length: 26698
last-modified: Fri, 05 Jan 2024 04:28:50 GMT
etag: "684a-60e2b48edc2e5"
accept-ranges: bytes
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

hifansee.co.jp/wp-content/themes/floatflat/images/favicon.ico

160.251.71.125

200 OK

106 kB

URL GET HTTP/2
hifansee.co.jp/wp-content/themes/floatflat/images/favicon.ico
IP
160.251.71.125:443
ASN
#7506 GMO Internet,Inc

Requested by
https://hifansee.co.jp/
Certificate
IssuerLet's Encrypt
Subjecthifansee.co.jp
Fingerprint39:B3:F1:59:3B:DD:0C:AF:7B:04:D5:6C:D5:CF:01:99:0E:A5:C1:88
ValidityTue, 12 Mar 2024 11:36:26 GMT - Mon, 10 Jun 2024 11:36:25 GMT

File type
Targa image data - Map 32 x 40081 x 1 +1
Size
106 kB (105639 bytes)
Hash
b12bef6487faba0111f5fbd5e324b1e1
1923414db7a1cbebd77bfa3eae7308e127fd7cc0
e91afed6f7fabcd6aef4550b7b5072f99b23d423fde34a83d3d422a55b54dfe9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/floatflat/images/favicon.ico HTTP/1.1
Host: hifansee.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:42:59 GMT
content-type: image/vnd.microsoft.icon
content-length: 105639
last-modified: Sun, 12 Jun 2022 04:56:00 GMT
etag: "19ca7-5e138fcd83800"
accept-ranges: bytes
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

hifansee.co.jp/wp-content/themes/floatflat/assets/js/autozip.js?ver=6.5.2

160.251.71.125

200 OK

3.2 MB

URL GET HTTP/2
hifansee.co.jp/wp-content/themes/floatflat/assets/js/autozip.js?ver=6.5.2
IP
160.251.71.125:443
ASN
#7506 GMO Internet,Inc

Requested by
https://hifansee.co.jp/
Certificate
IssuerLet's Encrypt
Subjecthifansee.co.jp
Fingerprint39:B3:F1:59:3B:DD:0C:AF:7B:04:D5:6C:D5:CF:01:99:0E:A5:C1:88
ValidityTue, 12 Mar 2024 11:36:26 GMT - Mon, 10 Jun 2024 11:36:25 GMT

File type
gzip compressed data, max speed, from Unix
Size
3.2 MB (3165912 bytes)
Hash
ff06301350703e20679c80dc55055c43
3186db23290d63bda5d6763e1216b0787948d171
180a0549ce10b5ee6aa2b528aee791f61833f85ef111f43c07481ef7dfddb0a9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/floatflat/assets/js/autozip.js?ver=6.5.2 HTTP/1.1
Host: hifansee.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:42:57 GMT
content-type: application/javascript
last-modified: Mon, 01 Feb 2021 15:00:00 GMT
etag: W/"7d-5ba479ba0bc00"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

hifansee.co.jp/wp-content/themes/floatflat/assets/css/responsive.css?20220330213300

160.251.71.125

200 OK

919 kB

URL GET HTTP/2
hifansee.co.jp/wp-content/themes/floatflat/assets/css/responsive.css?20220330213300
IP
160.251.71.125:443
ASN
#7506 GMO Internet,Inc

Requested by
https://hifansee.co.jp/
Certificate
IssuerLet's Encrypt
Subjecthifansee.co.jp
Fingerprint39:B3:F1:59:3B:DD:0C:AF:7B:04:D5:6C:D5:CF:01:99:0E:A5:C1:88
ValidityTue, 12 Mar 2024 11:36:26 GMT - Mon, 10 Jun 2024 11:36:25 GMT

File type
gzip compressed data, max speed, from Unix
Size
919 kB (918581 bytes)
Hash
a4b309a40776478114c9c25d66fe7a9e
baf98c6fe9bdd9473e31fd802ca4d52ebe09e7d0
3061073c2bc211be7f65f81845cfb7b0d66314d24624e65063b9805d7cca5f12

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/floatflat/assets/css/responsive.css?20220330213300 HTTP/1.1
Host: hifansee.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:42:57 GMT
content-type: text/css
last-modified: Wed, 30 Mar 2022 21:33:00 GMT
etag: W/"167a-5db764a233b00"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

hifansee.co.jp/wp-content/themes/floatflat/images/bg-sec02.png

160.251.71.125

200 OK

6.6 MB

URL GET HTTP/2
hifansee.co.jp/wp-content/themes/floatflat/images/bg-sec02.png
IP
160.251.71.125:443
ASN
#7506 GMO Internet,Inc

Requested by
https://hifansee.co.jp/
Certificate
IssuerLet's Encrypt
Subjecthifansee.co.jp
Fingerprint39:B3:F1:59:3B:DD:0C:AF:7B:04:D5:6C:D5:CF:01:99:0E:A5:C1:88
ValidityTue, 12 Mar 2024 11:36:26 GMT - Mon, 10 Jun 2024 11:36:25 GMT

File type
PNG image data, 3200 x 1858, 8-bit/color RGBA, non-interlaced
Size
6.6 MB (6561482 bytes)
Hash
ab50acb010fdc2a379d9de00f7624d8e
654fc10e95e587557bb9ba16e3a8d444a7c0cda3
c58cf7edc95b5415235b8f0ed320be1e45aa4f59307fbeea90cc0ae16936217d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/floatflat/images/bg-sec02.png HTTP/1.1
Host: hifansee.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/wp-content/themes/floatflat/assets/css/common.css?20220331020200
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:42:58 GMT
content-type: image/png
content-length: 6561482
last-modified: Tue, 22 Mar 2022 04:07:00 GMT
etag: "641eca-5dac6be9ea100"
accept-ranges: bytes
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

hifansee.co.jp/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2

160.251.71.125

200 OK

14 kB

URL GET HTTP/2
hifansee.co.jp/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2
IP
160.251.71.125:443
ASN
#7506 GMO Internet,Inc

Requested by
https://hifansee.co.jp/
Certificate
IssuerLet's Encrypt
Subjecthifansee.co.jp
Fingerprint39:B3:F1:59:3B:DD:0C:AF:7B:04:D5:6C:D5:CF:01:99:0E:A5:C1:88
ValidityTue, 12 Mar 2024 11:36:26 GMT - Mon, 10 Jun 2024 11:36:25 GMT

File type
gzip compressed data, max speed, from Unix
Size
14 kB (13521 bytes)
Hash
a61a4c5e39247e902207f94dc6571460
089a66c07fbb7ec89b80bceb8ec7bd07dda0da66
08c459a4b8c65885f9c3fb5468f65eaf3dc68cd8202baba7e098327b435b8f85

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 HTTP/1.1
Host: hifansee.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:42:58 GMT
content-type: application/javascript
last-modified: Tue, 02 Apr 2024 21:28:32 GMT
etag: W/"4926-61523c9b77250"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

hifansee.co.jp/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.6

160.251.71.125

200 OK

2.9 kB

URL GET HTTP/2
hifansee.co.jp/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.6
IP
160.251.71.125:443
ASN
#7506 GMO Internet,Inc

Requested by
https://hifansee.co.jp/
Certificate
IssuerLet's Encrypt
Subjecthifansee.co.jp
Fingerprint39:B3:F1:59:3B:DD:0C:AF:7B:04:D5:6C:D5:CF:01:99:0E:A5:C1:88
ValidityTue, 12 Mar 2024 11:36:26 GMT - Mon, 10 Jun 2024 11:36:25 GMT

File type
ASCII text, with very long lines (3172), with no line terminators
Size
2.9 kB (2894 bytes)
Hash
4ff394b4fc55e546c2457e1a49a044fa
0f3fe404c0821a795cb73aa6bb5c062d52af7e68
4858dafdb763b5027e97ca50c5747329e16d4c19ecc575aff7454335e71cba33

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.6 HTTP/1.1
Host: hifansee.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:42:57 GMT
content-type: text/css
last-modified: Sat, 03 Feb 2024 04:44:22 GMT
etag: W/"b4e-61072e1e2e635"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

hifansee.co.jp/wp-content/themes/floatflat/images/bg-sec01.png

160.251.71.125

200 OK

3.2 MB

URL GET HTTP/2
hifansee.co.jp/wp-content/themes/floatflat/images/bg-sec01.png
IP
160.251.71.125:443
ASN
#7506 GMO Internet,Inc

Requested by
https://hifansee.co.jp/
Certificate
IssuerLet's Encrypt
Subjecthifansee.co.jp
Fingerprint39:B3:F1:59:3B:DD:0C:AF:7B:04:D5:6C:D5:CF:01:99:0E:A5:C1:88
ValidityTue, 12 Mar 2024 11:36:26 GMT - Mon, 10 Jun 2024 11:36:25 GMT

File type

Size
3.2 MB (3165792 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/floatflat/images/bg-sec01.png HTTP/1.1
Host: hifansee.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/wp-content/themes/floatflat/assets/css/common.css?20220331020200
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:42:58 GMT
content-type: image/png
content-length: 3165792
last-modified: Tue, 22 Mar 2022 08:05:00 GMT
etag: "304e60-5daca11c62300"
accept-ranges: bytes
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

hifansee.co.jp/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.6

160.251.71.125

200 OK

13 kB

URL GET HTTP/2
hifansee.co.jp/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.6
IP
160.251.71.125:443
ASN
#7506 GMO Internet,Inc

Requested by
https://hifansee.co.jp/
Certificate
IssuerLet's Encrypt
Subjecthifansee.co.jp
Fingerprint39:B3:F1:59:3B:DD:0C:AF:7B:04:D5:6C:D5:CF:01:99:0E:A5:C1:88
ValidityTue, 12 Mar 2024 11:36:26 GMT - Mon, 10 Jun 2024 11:36:25 GMT

File type
JavaScript source, ASCII text, with very long lines (13182), with no line terminators
Size
13 kB (13182 bytes)
Hash
83a062cf6545b990c13b4398035a29d0
5cf24bc45fcbc6f416ea9671e089ca00ef0080d2
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.6 HTTP/1.1
Host: hifansee.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:42:57 GMT
content-type: application/javascript
last-modified: Sat, 03 Feb 2024 04:44:22 GMT
etag: W/"337e-61072e1e2ea1d"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

hifansee.co.jp/wp-content/themes/floatflat/assets/css/slicknav.css

160.251.71.125

200 OK

3.9 kB

URL GET HTTP/2
hifansee.co.jp/wp-content/themes/floatflat/assets/css/slicknav.css
IP
160.251.71.125:443
ASN
#7506 GMO Internet,Inc

Requested by
https://hifansee.co.jp/
Certificate
IssuerLet's Encrypt
Subjecthifansee.co.jp
Fingerprint39:B3:F1:59:3B:DD:0C:AF:7B:04:D5:6C:D5:CF:01:99:0E:A5:C1:88
ValidityTue, 12 Mar 2024 11:36:26 GMT - Mon, 10 Jun 2024 11:36:25 GMT

File type
Unicode text, UTF-8 text, with very long lines (4189), with no line terminators
Size
3.9 kB (3947 bytes)
Hash
bd8298213d9c9d216ac33b4133745e3e
33ffb440731aba3af3caf64ff8ba60ff4ecbd611
a7c443a1b95f91bcbba731297659a64e6e1a3c917c6b9af4848ea1df71031616

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/floatflat/assets/css/slicknav.css HTTP/1.1
Host: hifansee.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:42:57 GMT
content-type: text/css
last-modified: Wed, 23 Mar 2022 02:00:00 GMT
etag: W/"f6b-5dad916460800"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.114.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.114.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hifansee.co.jp/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 16480, version 1.0
Size
16 kB (16480 bytes)
Hash
317806d60c71f3cbe50dcb6b58757d4d
fb98f0058b76a8c647ccdbd7f2bd43d0c9a92628
50c4024d69d2d909cd32d1027438401f9b3412ded19a00235db3bd59c920a1e5

HTTP Headers

GET /s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.114.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hifansee.co.jp
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16480
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:25:18 GMT
expires: Fri, 11 Apr 2025 17:25:18 GMT
cache-control: public, max-age=31536000
age: 587860
last-modified: Tue, 02 May 2023 16:15:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

hifansee.co.jp/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2

160.251.71.125

200 OK

113 kB

URL GET HTTP/2
hifansee.co.jp/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2
IP
160.251.71.125:443
ASN
#7506 GMO Internet,Inc

Requested by
https://hifansee.co.jp/
Certificate
IssuerLet's Encrypt
Subjecthifansee.co.jp
Fingerprint39:B3:F1:59:3B:DD:0C:AF:7B:04:D5:6C:D5:CF:01:99:0E:A5:C1:88
ValidityTue, 12 Mar 2024 11:36:26 GMT - Mon, 10 Jun 2024 11:36:25 GMT

File type

Size
113 kB (113381 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 HTTP/1.1
Host: hifansee.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:42:57 GMT
content-type: text/css
last-modified: Tue, 02 Apr 2024 21:28:32 GMT
etag: W/"1bae5-61523c9b93b58"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

hifansee.co.jp/wp-content/themes/floatflat/assets/js/libs.js

160.251.71.125

200 OK

70 kB

URL GET HTTP/2
hifansee.co.jp/wp-content/themes/floatflat/assets/js/libs.js
IP
160.251.71.125:443
ASN
#7506 GMO Internet,Inc

Requested by
https://hifansee.co.jp/
Certificate
IssuerLet's Encrypt
Subjecthifansee.co.jp
Fingerprint39:B3:F1:59:3B:DD:0C:AF:7B:04:D5:6C:D5:CF:01:99:0E:A5:C1:88
ValidityTue, 12 Mar 2024 11:36:26 GMT - Mon, 10 Jun 2024 11:36:25 GMT

File type
JavaScript source, ASCII text, with very long lines (41011)
Size
70 kB (70041 bytes)
Hash
923874942a2839e5ffe5e6a2e21a5b25
aaaa5696002b2ce624b977b80318a8149948666d
c7785d242b4bcd5899a6a8080d5669127c29a07ffbc624b83022255de6b2e42a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/floatflat/assets/js/libs.js HTTP/1.1
Host: hifansee.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:42:57 GMT
content-type: application/javascript
last-modified: Wed, 02 Dec 2020 15:00:00 GMT
etag: W/"11199-5b57c7f4edc00"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

hifansee.co.jp/wp-content/themes/floatflat/assets/css/common.css?20220331020200

160.251.71.125

200 OK

14 kB

URL GET HTTP/2
hifansee.co.jp/wp-content/themes/floatflat/assets/css/common.css?20220331020200
IP
160.251.71.125:443
ASN
#7506 GMO Internet,Inc

Requested by
https://hifansee.co.jp/
Certificate
IssuerLet's Encrypt
Subjecthifansee.co.jp
Fingerprint39:B3:F1:59:3B:DD:0C:AF:7B:04:D5:6C:D5:CF:01:99:0E:A5:C1:88
ValidityTue, 12 Mar 2024 11:36:26 GMT - Mon, 10 Jun 2024 11:36:25 GMT

File type

Size
14 kB (14299 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/floatflat/assets/css/common.css?20220331020200 HTTP/1.1
Host: hifansee.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:42:57 GMT
content-type: text/css
last-modified: Thu, 31 Mar 2022 02:02:00 GMT
etag: W/"37db-5db7a0c281600"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

hifansee.co.jp/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.6

160.251.71.125

200 OK

11 kB

URL GET HTTP/2
hifansee.co.jp/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.6
IP
160.251.71.125:443
ASN
#7506 GMO Internet,Inc

Requested by
https://hifansee.co.jp/
Certificate
IssuerLet's Encrypt
Subjecthifansee.co.jp
Fingerprint39:B3:F1:59:3B:DD:0C:AF:7B:04:D5:6C:D5:CF:01:99:0E:A5:C1:88
ValidityTue, 12 Mar 2024 11:36:26 GMT - Mon, 10 Jun 2024 11:36:25 GMT

File type
JavaScript source, ASCII text, with very long lines (11117), with no line terminators
Size
11 kB (11117 bytes)
Hash
a53a916adf48efefd5a2aa0861ebbc07
46acfa0be9dd623a7aa9bceb1344c152a8adc13b
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.6 HTTP/1.1
Host: hifansee.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:42:57 GMT
content-type: application/javascript
last-modified: Sat, 03 Feb 2024 04:44:22 GMT
etag: W/"2b6d-61072e1e2f5d5"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.82.woff2

216.58.207.227

200 OK

22 kB

URL GET HTTP/2
fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.82.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hifansee.co.jp/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 21580, version 1.0
Size
22 kB (21580 bytes)
Hash
6cc7b9492e85ed23b24e2ee63726e641
09922d99a58126c9c5f314f4d734892f97c800d8
063b8da70c60c2faa769fed3cad93c006415a0663e9a40418d7153fb54fc3375

HTTP Headers

GET /s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.82.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hifansee.co.jp
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 13 Apr 2024 13:58:21 GMT
expires: Sun, 13 Apr 2025 13:58:21 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:51:20 GMT
content-type: font/woff2
age: 427477
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css

104.18.10.207

200 OK

160 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hifansee.co.jp/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (65324)
Size
160 kB (160403 bytes)
Hash
3afe15e976734d9daac26310110c4594
4f14a09a606c99a11f8fda15564ef66f70402826
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

HTTP Headers

GET /bootstrap/4.5.0/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hifansee.co.jp
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:42:57 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"3afe15e976734d9daac26310110c4594"
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
cdn-cachedat: 03/18/2024 12:28:50
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 1d106650fe15738b1facaeca0356ab01
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8764bcddaab0b51e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

hifansee.co.jp/wp-content/themes/floatflat/images/corporate.png

160.251.71.125

200 OK

917 kB

URL GET HTTP/2
hifansee.co.jp/wp-content/themes/floatflat/images/corporate.png
IP
160.251.71.125:443
ASN
#7506 GMO Internet,Inc

Requested by
https://hifansee.co.jp/
Certificate
IssuerLet's Encrypt
Subjecthifansee.co.jp
Fingerprint39:B3:F1:59:3B:DD:0C:AF:7B:04:D5:6C:D5:CF:01:99:0E:A5:C1:88
ValidityTue, 12 Mar 2024 11:36:26 GMT - Mon, 10 Jun 2024 11:36:25 GMT

File type
PNG image data, 800 x 604, 8-bit/color RGBA, non-interlaced
Size
917 kB (916903 bytes)
Hash
70c74f348052b20e5a03d9bc3279ec1e
954aec1f940d372dca1bdc99662407ca73516dbf
196b1449214991f77c13166fa1d41e376120542e0a009f72ce71d20067aca601

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/floatflat/images/corporate.png HTTP/1.1
Host: hifansee.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hifansee.co.jp/wp-content/themes/floatflat/assets/css/common.css?20220331020200
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:42:58 GMT
content-type: image/png
content-length: 916903
last-modified: Tue, 22 Mar 2022 08:16:00 GMT
etag: "dfda7-5daca391cf000"
accept-ranges: bytes
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.105.woff2

216.58.207.227

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.105.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hifansee.co.jp/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18920, version 1.0
Size
19 kB (18920 bytes)
Hash
a3dee95dd632092215ac17eeff95ff52
716ccb295ea021535924035b037641461f7c2c47
f84550c0d234bee6a1d8c3a8a4575c751631f155d1b03c741bc383e4d5b4f865

HTTP Headers

GET /s/notosansjp/v52/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.105.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hifansee.co.jp
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 09:52:55 GMT
expires: Fri, 18 Apr 2025 09:52:55 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 16:15:45 GMT
content-type: font/woff2
age: 10203
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML