Report - h-freed.ru/go/url=-aHR0cHM6Ly91LnRvL29Ha2xJQQ

Report Overview

Visitedpublic

2023-12-03 20:13:45

Tags

Submit Tags

URL

h-freed.ru/go/url=-aHR0cHM6Ly91LnRvL29Ha2xJQQ

Finishing URL

www.ajinomotofoods.com/wp-content/uploads/2023/06/2023.html

IP / ASN

Estonia

5.45.116.14

#198068 P.a.g.m. Ou

Title

Confirm your age

Detections

urlquery

0

Network Intrusion Detection

7

Threat Detection Systems

0

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
h-freed.ru	unknown	unknown	No data	No data	427 B	512 B	5.45.116.14
u.to	155534	unknown	2012-05-21 21:16:51	2023-12-02 04:26:06	477 B	607 B	195.216.243.155
www.ajinomotofoods.com	unknown	2002-01-29	2013-11-13 05:59:01	2023-10-15 20:10:41	1.6 kB	7.3 kB	23.185.0.1
seeklogo.com	56607	2008-08-23	2012-05-31 05:47:38	2023-11-30 14:53:53	471 B	8.8 kB	172.67.190.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-03 20:13:34	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-12-03 20:13:34	low	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (u .to)
2023-12-03 20:13:34	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-12-03 20:13:34	low	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (u .to)
2023-12-03 20:13:34	low	Client IP	Internal IP	ET INFO Custom Logo Domain in DNS Lookup (seeklogo .com)
2023-12-03 20:13:34	low	Client IP	Internal IP	ET INFO Custom Logo Domain in DNS Lookup (seeklogo .com)
2023-12-03 20:13:34	low	Client IP	172.67.190.76	ET INFO Observed Custom Logo Domain (seeklogo .com in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (1)

	URL	From	Size	First Seen	Last Seen
	www.ajinomotofoods.com/wp-content/uploads/2023/06/2023.html	ScriptElement	0 B	0001-01-01	2025-08-10
URL www.ajinomotofoods.com/wp-content/uploads/2023/06/2023.html IP / ASN 23.185.0.1 #54113 FASTLY Introduced by ScriptElement Embedded true Resource Info First Seen 0001-01-01 Last Seen 2025-08-10 Times Seen 5753505 Size 0 B (0 bytes) MD5 d41d8cd98f00b204e9800998ecf8427e SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Format Code Loading...

HTTP Transactions (6)

	URL	IP	Response	Size
	GET h-freed.ru/go/url=-aHR0cHM6Ly91LnRvL29Ha2xJQQ	5.45.116.14		0 B
URL User Request GET HTTP h-freed.ru/go/url=-aHR0cHM6Ly91LnRvL29Ha2xJQQ IP / ASN 5.45.116.14 #198068 P.a.g.m. Ou Requested byN/A Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-10 Times Seen5753505 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /go/url=-aHR0cHM6Ly91LnRvL29Ha2xJQQ HTTP/1.1 Host: h-freed.ru User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 303 See Other Server: nginx/1.16.1 Date: Sun, 03 Dec 2023 20:13:28 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive X-Powered-By: PHP/5.4.45 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: PHPSESSID=ccb2499fe07acac9143ccd2b3e394fa2; path=/ InstantCMS[logdate]=1701634408; expires=Tue, 02-Jan-2024 20:13:28 GMT; path=/; httponly Location: https://u.to/oGklIA`

	GET u.to/oGklIA	195.216.243.155	302 Found	247 B
URL User Request GET HTTPS u.to/oGklIA IP / ASN 195.216.243.155 #57724 Ddos-guard Ltd Requested byN/A Resource Info File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text First Seen2023-12-03 Last Seen2023-12-11 Times Seen4 Size247 B (247 bytes) MD57d2f3df4c18a9e4bcbe196f2d88ef3bc SHA1966d3896307c4a14bfa99b06a37776fb98bf3464 SHA25601a4e14862ec87ffc0def6a025eaf8079fd28209e2bd047d6e776234626515ea Certificate Info IssuerGoGetSSL Subjectu.to Fingerprint5F:34:9B:CA:9B:9B:07:E0:65:E5:80:E3:F9:98:A2:66:0C:E3:59:A8 ValidityTue, 24 Oct 2023 00:00:00 GMT - Thu, 24 Oct 2024 23:59:59 GMT HTTP Headers `GET /oGklIA HTTP/1.1 Host: u.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 302 Found Server: nginx/1.8.0 Date: Sun, 03 Dec 2023 20:13:26 GMT Content-Type: text/html; charset=iso-8859-1 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 Set-Cookie: lng=en; path=/; expires=Mon, 02-Dec-2024 20:13:26 GMT; domain=.u.to; Location: https://www.ajinomotofoods.com/wp-content/uploads/2023/06/2023.html`

	GET www.ajinomotofoods.com/wp-content/uploads/2023/06/2023.html	23.185.0.1	200 OK	1.2 kB
URL User Request GET HTTPS www.ajinomotofoods.com/wp-content/uploads/2023/06/2023.html IP / ASN 23.185.0.1 #54113 FASTLY Requested byN/A Resource Info File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators First Seen2023-12-03 Last Seen2023-12-06 Times Seen2 Size1.2 kB (1245 bytes) MD525e5cc4cc148b5db0775f98041454ffb SHA184c6ca7d925a90ae84a7a916e7a9cac7a5fc0bbb SHA256e4359d06d70311fe6a0c2b5af9f7e720c11d0941ca5875613266de8803a90414 Certificate Info IssuerLet's Encrypt Subjectajinomotofoods.com Fingerprint96:50:AD:4E:15:B2:4E:A3:04:05:3B:87:85:A2:48:43:97:DA:8E:B0 ValidityMon, 18 Sep 2023 20:03:06 GMT - Sun, 17 Dec 2023 20:03:05 GMT HTTP Headers GET /wp-content/uploads/2023/06/2023.html HTTP/1.1 Host: www.ajinomotofoods.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-encoding: gzip content-type: text/html etag: W/"656ca5f3-bab" last-modified: Sun, 03 Dec 2023 15:59:47 GMT server: nginx strict-transport-security: max-age=300 x-pantheon-styx-hostname: styx-fe1-b-64d45f6b77-n75mk x-styx-req-id: 020d500d-91f5-11ee-a436-66d8f04c1865 date: Sun, 03 Dec 2023 20:13:29 GMT x-served-by: cache-chi-kigq8000038-CHI, cache-bma1639-BMA x-cache: HIT, MISS x-cache-hits: 135, 0 x-timer: S1701634409.084728,VS0,VE106 vary: Accept-Encoding, Cookie, Cookie age: 0 accept-ranges: bytes via: 1.1 varnish, 1.1 varnish content-length: 1245 X-Firefox-Spdy: h2

	GET seeklogo.com/images/1/18-logo-4F480408C7-seeklogo.com.png	172.67.190.76	200 OK	7.6 kB
URL GET HTTPS seeklogo.com/images/1/18-logo-4F480408C7-seeklogo.com.png IP / ASN 172.67.190.76 #13335 CLOUDFLARENET Requested byhttps://www.ajinomotofoods.com/wp-content/uploads/2023/06/2023.html Resource Info File typePNG image data, 300 x 300, 8-bit colormap, non-interlaced\012- data First Seen2023-12-03 Last Seen2025-04-28 Times Seen6 Size7.6 kB (7609 bytes) MD5506915b9f4a17ae0078f220452183672 SHA122c0e29c1128ffcd340161372d29655016276540 SHA25618167a6cd84014179c63d623e98156255b0d5a00a7f7cc52314b8aaa4469d604 Certificate Info IssuerLet's Encrypt Subjectseeklogo.com FingerprintF6:9F:72:09:74:1F:0C:02:A2:FB:49:4D:2C:47:59:7B:87:BF:C1:69 ValidityFri, 06 Oct 2023 09:28:18 GMT - Thu, 04 Jan 2024 09:28:17 GMT HTTP Headers `GET /images/1/18-logo-4F480408C7-seeklogo.com.png HTTP/1.1 Host: seeklogo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.ajinomotofoods.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 03 Dec 2023 20:13:29 GMT content-type: image/png content-length: 7609 cache-control: public, max-age=31536000 last-modified: Sun, 27 Nov 2022 19:03:24 GMT etag: "1d90292ec797bb9" x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-permitted-cross-domain-policies: none x-download-options: noopen content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 697960 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7nScEb9y72aDmY1tb3%2BJTTtjthISP%2FFO7pNIo34GlFHbP7kQ1VwBygsbek%2B5G6TmxcfXIvR9LjaqBXoUXrI7HhXw7jvxHYUQPw7pW9uSb%2Fytg%2BZPLJV%2FQS2%2BnGgWkJQ%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 82fe78737ef6b4f3-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	GET www.ajinomotofoods.com/favicon.ico	23.185.0.1	302 Found	0 B
URL GET HTTPS www.ajinomotofoods.com/favicon.ico IP / ASN 23.185.0.1 #54113 FASTLY Requested byhttps://www.ajinomotofoods.com/wp-content/uploads/2023/06/2023.html Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-10 Times Seen5753505 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerLet's Encrypt Subjectajinomotofoods.com Fingerprint96:50:AD:4E:15:B2:4E:A3:04:05:3B:87:85:A2:48:43:97:DA:8E:B0 ValidityMon, 18 Sep 2023 20:03:06 GMT - Sun, 17 Dec 2023 20:03:05 GMT HTTP Headers `GET /favicon.ico HTTP/1.1 Host: www.ajinomotofoods.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.ajinomotofoods.com/wp-content/uploads/2023/06/2023.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 302 Found cache-control: public, max-age=600 content-type: text/html; charset=UTF-8 link: <https://www.ajinomotofoods.com/wp-json/>; rel="https://api.w.org/" location: https://www.ajinomotofoods.com/wp-includes/images/w-logo-blue-white-bg.png server: nginx strict-transport-security: max-age=300 x-pantheon-styx-hostname: styx-fe1-a-68cf799c75-fp879 x-redirect-by: WordPress x-styx-req-id: b13ab0cc-9217-11ee-9bbf-be66bd65d93b date: Sun, 03 Dec 2023 20:13:29 GMT x-served-by: cache-chi-klot8100055-CHI, cache-bma1639-BMA x-cache: HIT, MISS x-cache-hits: 3, 0 x-timer: S1701634410.569397,VS0,VE107 vary: Cookie, Cookie age: 314 accept-ranges: bytes via: 1.1 varnish, 1.1 varnish content-length: 0 X-Firefox-Spdy: h2

	GET www.ajinomotofoods.com/wp-includes/images/w-logo-blue-white-bg.png	23.185.0.1	200 OK	4.1 kB
URL GET HTTPS www.ajinomotofoods.com/wp-includes/images/w-logo-blue-white-bg.png IP / ASN 23.185.0.1 #54113 FASTLY Requested byhttps://www.ajinomotofoods.com/wp-content/uploads/2023/06/2023.html Resource Info File typePNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data First Seen2023-04-08 Last Seen2025-08-10 Times Seen24535 Size4.1 kB (4119 bytes) MD5000bf649cc8f6bf27cfb04d1bcdcd3c7 SHA1d73d2f6d74ec6cdcbae07955592962e77d8ae814 SHA2566bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0 Certificate Info IssuerLet's Encrypt Subjectajinomotofoods.com Fingerprint96:50:AD:4E:15:B2:4E:A3:04:05:3B:87:85:A2:48:43:97:DA:8E:B0 ValidityMon, 18 Sep 2023 20:03:06 GMT - Sun, 17 Dec 2023 20:03:05 GMT HTTP Headers GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1 Host: www.ajinomotofoods.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.ajinomotofoods.com/wp-content/uploads/2023/06/2023.html DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK cache-control: max-age=31622400 content-type: image/png etag: "6567b31c-1017" expires: Sat, 30 Nov 2024 13:31:26 GMT last-modified: Wed, 29 Nov 2023 21:54:36 GMT server: nginx strict-transport-security: max-age=300 x-pantheon-styx-hostname: styx-fe1-b-64d45f6b77-l8cdf x-styx-req-id: c327ebbd-8f84-11ee-b437-122fe0ec41ef date: Sun, 03 Dec 2023 20:13:29 GMT x-served-by: cache-chi-kigq8000085-CHI, cache-bma1639-BMA x-cache: HIT, HIT x-cache-hits: 1, 1 x-timer: S1701634410.689142,VS0,VE4 age: 283323 accept-ranges: bytes via: 1.1 varnish, 1.1 varnish content-length: 4119 X-Firefox-Spdy: h2