Report - sushibistro.ca/gasai/rider-university-notable-alumni

Report Overview

Visited public
2024-12-29 18:40:01
Tags
Submit Tags
URL
sushibistro.ca/gasai/rider-university-notable-alumni
Finishing URL
sushibistro.ca/gasai/rider-university-notable-alumni
IP / ASN
172.67.140.127
#13335 CLOUDFLARENET
Title
rider university notable alumni

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
sushibistro.ca	unknown	2024-12-25	2021-01-24	2023-11-20	3.2 kB	347 kB	104.21.49.27
cdn.storageimagedisplay.com	unknown	2024-09-13	2024-09-13	2024-12-24	944 B	151 kB	45.133.44.2
recordedthereby.com	unknown	2024-05-08	2024-05-08	2024-12-29	399 B	86 kB	185.196.197.71
noisesperusemotel.com	unknown	2024-01-19	2024-01-19	2024-12-23	874 B	22 kB	172.240.108.68
cramlastfasten.com	unknown	2024-11-26	2024-12-24	2024-12-24	4.4 kB	41 kB	172.240.253.132
lazy.agczn.my.id	unknown	2023-10-22	2024-05-12	2024-12-23	903 B	2.4 kB	104.21.80.1
stereospoutfireextinguisher.com	unknown	2024-08-19	2024-12-23	2024-12-23	2.5 kB	6.2 kB	192.243.61.227
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27	2024-12-29	413 B	375 B	185.196.197.71
yummyadvertiseexploded.com	unknown	2024-08-19	2024-10-07	2024-10-10	493 B	501 B	172.240.108.68
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-12-27	734 B	495 B	192.243.59.12
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-12-29	872 B	842 B	3.74.85.4

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-29	medium	stereospoutfireextinguisher.com	Sinkholed
2024-12-29	medium	stereospoutfireextinguisher.com	Sinkholed
2024-12-29	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	From	Size	First Seen	Last Seen
	capaciousdrewreligion.com/advertisers.js	ScriptElement	0 B	0001-01-01	2025-07-16
Pretty URL capaciousdrewreligion.com/advertisers.js IP 185.196.197.71 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-07-16 08:29 Times Seen5434289 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	sushibistro.ca/gasai/rider-university-notable-alumni	ScriptElement	331 B	2024-04-10	2024-12-30
Pretty URL sushibistro.ca/gasai/rider-university-notable-alumni IP 104.21.49.27 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-10 17:35 Last Seen2024-12-30 02:55 Times Seen286 Hash fa3c78fb72e524df0dd06cb9615fb353 d810a6bd489d5cabe5f49050a8890f118c608af2 9cd071e14d9fc4ce751551f653d30f35cb1af8689e427f9ebabf5a3dd0f8788b Loading...

	cramlastfasten.com/de/40/74/de40747527625eb4f2cfd573cb92ac16.js	ScriptElement	95 kB	2024-12-28	2024-12-29
Pretty URL cramlastfasten.com/de/40/74/de40747527625eb4f2cfd573cb92ac16.js IP 172.240.253.132 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-28 16:58 Last Seen2024-12-29 18:40 Times Seen2 Hash ff43c6606e01f822cf8d4479934c7035 e44a1ac89531b43c2eb90b41680c4971d6e413e6 fa14b316efb3b19e1ec968c3bc2597739327202e62256f2de940b6d93f7af411 Loading...

	unknown	ScriptElement	145 B	2024-04-10	2025-01-08
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-10 17:35 Last Seen2025-01-08 08:00 Times Seen345 Hash 76389ae0d77274c26f00362c534bcd9f bc0f50806c254f8fd5be99843357c6a9637d5d3f 982d76832b490215d621bd9f712da7c6a6cc9ab0d16adef0203885492f8678fe Loading...

	unknown	ScriptElement	3.8 kB	2024-12-29	2024-12-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-29 18:40 Last Seen2024-12-29 18:40 Times Seen1 Hash 97a9c7f137aa0ff8c7bfcff745492b38 b18c01c7f07b2cfdb1e35b70dd41391f7f8ed89f c94b9a2850d8339bf288f7e31b8e7c018e8f169e9b0dc465991b8d2aae40c7ee Loading...

	noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/invoke.js	ScriptElement	24 kB	2024-12-25	2024-12-30
Pretty URL noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/invoke.js IP 172.240.108.68 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-25 06:02 Last Seen2024-12-30 18:13 Times Seen6 Hash d2353fd55e7b4b79fffb007974afc3f4 d57e63aceee50c98309d8ad0d090d8717c86d5ba 6057c5f49e0b4fb85c12e4fdae355d19a8d303b689af71f52d5b733ee3d370d9 Loading...

	sushibistro.ca/gasai/rider-university-notable-alumni	ScriptElement	98 B	2024-04-10	2025-05-18
Pretty URL sushibistro.ca/gasai/rider-university-notable-alumni IP 104.21.49.27 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-10 17:35 Last Seen2025-05-18 14:52 Times Seen659 Hash 943d0828305b7fffcee63720ab297353 0af67ef5eeb188730502b4885f171e4c343fb22e ac5930440fe8be9005bae09ce1c2e9458c90f7428bcd7c7eb0191df1e90c71d6 Loading...

	sushibistro.ca/js/highlight.min.js	ScriptElement	123 kB	2024-08-28	2025-05-18
Pretty URL sushibistro.ca/js/highlight.min.js IP 104.21.49.27 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-28 15:34 Last Seen2025-05-18 14:52 Times Seen292 Hash ce552ffc8630869b9d3a215fca292098 6324f32bee04e9925adde9522dfe78eeae4858d5 30ecef6c6f78426a75fa5f60f92780501a3619ec11367e3b67331576f3370812 Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2024-05-17	2025-01-21
Pretty URL recordedthereby.com/sfp.js IP 185.196.197.71 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-17 16:43 Last Seen2025-01-21 11:22 Times Seen13574 Hash 7e3e44049654b6e244c1777e68ffb8e7 8f2a8298666d607afd92a0baa362ef4dc9ccd039 4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b Loading...

	sushibistro.ca/gasai/rider-university-notable-alumni	ScriptElement	424 B	2024-06-14	2025-01-27
Pretty URL sushibistro.ca/gasai/rider-university-notable-alumni IP 104.21.49.27 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-06-14 22:48 Last Seen2025-01-27 20:51 Times Seen16 Hash 82905bda8790f328e9cbcfb4eb421944 1fd6d002acd1520c91f4381dd153108dad295e65 49be9b66b97539df3a5aaf6fde036e48405768ae0dc7a31dee53afae3515332b Loading...

	noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js	ScriptElement	25 kB	2024-12-24	2025-01-08
Pretty URL noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js IP 172.240.108.68 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-24 04:26 Last Seen2025-01-08 08:00 Times Seen25 Hash 8b05cb2a1b53f9fec21edcdb9e0dedab b5e3c5ab8a6d61bcafc2b404170046ea8043d0dd 5b69649a56df26cec226f8e5577dac6f6b87e84c4af0122df8bc2b686f771e22 Loading...

	sushibistro.ca/gasai/rider-university-notable-alumni	ScriptElement	358 B	2024-08-28	2025-05-18
Pretty URL sushibistro.ca/gasai/rider-university-notable-alumni IP 104.21.49.27 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-28 15:34 Last Seen2025-05-18 14:52 Times Seen290 Hash 307edac2bd62b6f19385c5536829d90b 6f9190c70649d6e3ba068981d500e0b002e44a95 9fa7264cd962450aea00f182bf47d25821832bf69b4b7df75a049abfb510efc0 Loading...

	lazy.agczn.my.id/tag.js	ScriptElement	904 B	2024-10-11	2025-05-18
Pretty URL lazy.agczn.my.id/tag.js IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-11 05:13 Last Seen2025-05-18 14:52 Times Seen275 Hash f613be6d1cb212afb7ae84007056445d 2fb9979f24cd6cfd3b959630aeb5c3e7b784d9cb a240184536984e9c3a0c758f14a57cbda4fefd001cb3a0379c52b5f1b2e498a9 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 565f99e08e94f6af5cced334372a4bd6	2.1 kB	2024-12-29 18:40	2024-12-29 18:40
Pretty Observations First Seen2024-12-29 18:40 Last Seen2024-12-29 18:40 Times Seen1 Hash 565f99e08e94f6af5cced334372a4bd6 d1b52cc90414eca0ce971a6db6027e589b24d18a ec95f848c822125222bbdce0e741709c3a9d6b50cc5ce5c8b44c386173b63ab8 Loading...

		Size	First Seen	Last Seen
	#1 Write - 6defbbaf352e34a9d2124cf0c1e55791	113 B	2024-04-10 17:35	2024-12-30 02:55
Pretty Observations First Seen2024-04-10 17:35 Last Seen2024-12-30 02:55 Times Seen286 Hash 6defbbaf352e34a9d2124cf0c1e55791 547089e9ec285313ce862da13689cd23f7d7119b 5dc4f940c224807d139769648b9a4f19057d318dc9846b0ef2c5b7c69a4380cc Loading...

HTTP Transactions (24)

URL IP Response Size

GET noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js

172.240.108.68

200 OK

11 kB

URL GET HTTP/1.1
noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://sushibistro.ca/gasai/rider-university-notable-alumni
Certificate
IssuerLet's Encrypt
Subjectnoisesperusemotel.com
Fingerprint54:73:A3:19:E8:BD:79:0A:44:2D:45:D4:4B:AE:AA:41:6E:3D:24:33
ValidityFri, 15 Nov 2024 21:30:30 GMT - Thu, 13 Feb 2025 21:30:29 GMT

File type
JavaScript source, ASCII text, with very long lines (25169), with no line terminators
Size
11 kB (11324 bytes)
Hash
8b05cb2a1b53f9fec21edcdb9e0dedab
b5e3c5ab8a6d61bcafc2b404170046ea8043d0dd
5b69649a56df26cec226f8e5577dac6f6b87e84c4af0122df8bc2b686f771e22

HTTP Headers

GET /d1a5e500ed255cc4ebf822ff2ae48229/invoke.js HTTP/1.1
Host: noisesperusemotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sushibistro.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 29 Dec 2024 18:39:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: noisesperusemotel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 42e01bb9340d6bd7d46d9266bccf644d
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/invoke.js

172.240.108.68

200 OK

9.4 kB

URL GET HTTP/1.1
noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/invoke.js
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://sushibistro.ca/gasai/rider-university-notable-alumni
Certificate
IssuerLet's Encrypt
Subjectnoisesperusemotel.com
Fingerprint54:73:A3:19:E8:BD:79:0A:44:2D:45:D4:4B:AE:AA:41:6E:3D:24:33
ValidityFri, 15 Nov 2024 21:30:30 GMT - Thu, 13 Feb 2025 21:30:29 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (23562), with no line terminators
Size
9.4 kB (9434 bytes)
Hash
d2353fd55e7b4b79fffb007974afc3f4
d57e63aceee50c98309d8ad0d090d8717c86d5ba
6057c5f49e0b4fb85c12e4fdae355d19a8d303b689af71f52d5b733ee3d370d9

HTTP Headers

GET /0a4243b915b6aef7ce6409f3497d95fb/invoke.js HTTP/1.1
Host: noisesperusemotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sushibistro.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 29 Dec 2024 18:39:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: noisesperusemotel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: ce83908458376b9ea88921a1ffadfc28
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET proftrafficcounter.com/stats

3.74.85.4

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
3.74.85.4:443
ASN
#16509 AMAZON-02

Requested by
https://sushibistro.ca/gasai/rider-university-notable-alumni
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40
ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
1fd1c208cc4417f49fd6a2980038cfa5
d81f39cd6dba040b2ecd1bd68fbaebba46a7d02a
00bb462cb513945ab1bb051020d27b6fb1f734d7c601c14379dc8a503810c1da

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sushibistro.ca
DNT: 1
Connection: keep-alive
Referer: https://sushibistro.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 29 Dec 2024 18:39:35 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://sushibistro.ca
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=162651bc-d04e-4ce6-b2c1-db117d9f9cd8:1:1; expires=Wed, 27 Dec 2034 18:39:35 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET proftrafficcounter.com/stats

3.74.85.4

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
3.74.85.4:443
ASN
#16509 AMAZON-02

Requested by
https://sushibistro.ca/gasai/rider-university-notable-alumni
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40
ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
489b813c3df237f0f56584a4e79e8f27
1401fce567bed53d3516fdf9458714a1ea2a9acc
f29b1551c538f7b2b5b2bc4674e8dad9e24af25068313a5a2fc078d6eea33c9b

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sushibistro.ca
DNT: 1
Connection: keep-alive
Referer: https://sushibistro.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Dec 2024 18:39:35 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://sushibistro.ca
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=834aaed1-66a7-4bb6-b72b-afcd9c0e1ab5:1:1; expires=Wed, 27 Dec 2034 18:39:35 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET cramlastfasten.com/ntv.json?key=0a4243b915b6aef7ce6409f3497d95fb&vstc=1

172.240.253.132

200 OK

4.2 kB

URL GET HTTP/1.1
cramlastfasten.com/ntv.json?key=0a4243b915b6aef7ce6409f3497d95fb&vstc=1
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://sushibistro.ca/gasai/rider-university-notable-alumni
Certificate
IssuerLet's Encrypt
Subjectcramlastfasten.com
Fingerprint13:98:0E:72:7E:69:93:22:A5:EA:91:22:CB:78:C6:0E:4B:F6:62:B6
ValidityTue, 26 Nov 2024 08:25:22 GMT - Mon, 24 Feb 2025 08:25:21 GMT

File type
JSON text data
Size
4.2 kB (4152 bytes)
Hash
6e2f76da862af54a10e51c9f4d006752
550e3f18df76ddacfda7862e3488e879affed135
803dfd177648116138a782b3a247efb121a4a071b0046070d057b6a07ea65699

HTTP Headers

GET /ntv.json?key=0a4243b915b6aef7ce6409f3497d95fb&vstc=1 HTTP/1.1
Host: cramlastfasten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sushibistro.ca
DNT: 1
Connection: keep-alive
Referer: https://sushibistro.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 29 Dec 2024 18:39:35 GMT
Content-Type: application/json
Content-Length: 4152
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sushibistro.ca
Access-Control-Allow-Origin: https://sushibistro.ca
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl22784088=1; expires=Mon, 30 Dec 2024 18:39:35 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Mon, 30 Dec 2024 18:39:35 GMT; path=/; secure; SameSite=None
uncs=1; expires=Mon, 30 Dec 2024 18:39:35 GMT; path=/; secure; SameSite=None
pdhtkv49=true; expires=Mon, 30 Dec 2024 18:39:35 GMT; path=/; secure; SameSite=None
uncs49=1; expires=Mon, 30 Dec 2024 18:39:35 GMT; path=/; secure; SameSite=None
Host: cramlastfasten.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: e0786aea2099e3aee8bebc73a4d1462d
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET lazy.agczn.my.id/js15_as.js?hash=EjSFkWJQgwQr&host=sushibistro.ca&path=%2Fgasai%2Frider-university-notable-alumni&ref=

104.21.80.1

200 OK

0 B

URL GET HTTP/3
lazy.agczn.my.id/js15_as.js?hash=EjSFkWJQgwQr&host=sushibistro.ca&path=%2Fgasai%2Frider-university-notable-alumni&ref=
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sushibistro.ca/gasai/rider-university-notable-alumni
Certificate
IssuerGoogle Trust Services
Subjectagczn.my.id
Fingerprint15:37:71:50:43:B8:56:49:C3:9C:10:6B:95:FA:98:27:AA:92:1A:79
ValiditySun, 08 Dec 2024 15:30:45 GMT - Sat, 08 Mar 2025 15:30:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js15_as.js?hash=EjSFkWJQgwQr&host=sushibistro.ca&path=%2Fgasai%2Frider-university-notable-alumni&ref= HTTP/1.1
Host: lazy.agczn.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sushibistro.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 29 Dec 2024 18:39:35 GMT
content-length: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fsmYRpmwchd%2B83kj4pcjPyqTuHdoRkZvPyvqvRAQfZ2hKEUznG2Ay3vgNZnXfdR%2BfEGXaPrCfRcm2izonrOOCxv7UG8CX4t7mhbWUcLaOkZuA8RoKYmkT%2BKbxiZMgjeeZuSw"}],"group":"cf-nel","max_age":604800}
x-powered-by: Express
cf-cache-status: DYNAMIC
cf-ray: 8f9be9e6dafd1c0e-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

GET cramlastfasten.com/de/40/74/de40747527625eb4f2cfd573cb92ac16.js

172.240.253.132

200 OK

34 kB

URL GET HTTP/1.1
cramlastfasten.com/de/40/74/de40747527625eb4f2cfd573cb92ac16.js
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://sushibistro.ca/gasai/rider-university-notable-alumni
Certificate
IssuerLet's Encrypt
Subjectcramlastfasten.com
Fingerprint13:98:0E:72:7E:69:93:22:A5:EA:91:22:CB:78:C6:0E:4B:F6:62:B6
ValidityTue, 26 Nov 2024 08:25:22 GMT - Mon, 24 Feb 2025 08:25:21 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (33699 bytes)
Hash
ff43c6606e01f822cf8d4479934c7035
e44a1ac89531b43c2eb90b41680c4971d6e413e6
fa14b316efb3b19e1ec968c3bc2597739327202e62256f2de940b6d93f7af411

HTTP Headers

GET /de/40/74/de40747527625eb4f2cfd573cb92ac16.js HTTP/1.1
Host: cramlastfasten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sushibistro.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 29 Dec 2024 18:39:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: cramlastfasten.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 72638a0d717068938d9e6e3adcd175bc
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET sushibistro.ca/js/highlight.min.js

104.21.49.27

200 OK

43 kB

URL GET HTTP/3
sushibistro.ca/js/highlight.min.js
IP
104.21.49.27:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sushibistro.ca/gasai/rider-university-notable-alumni
Certificate
IssuerGoogle Trust Services
Subjectsushibistro.ca
Fingerprint7D:C2:8C:C2:91:9E:4A:67:20:8C:E6:8E:B6:E3:D4:E1:00:7A:13:A6
ValidityThu, 26 Dec 2024 13:14:49 GMT - Wed, 26 Mar 2025 14:12:26 GMT

File type
JavaScript source, ASCII text, with very long lines (7910), with CRLF line terminators
Size
43 kB (42710 bytes)
Hash
ce552ffc8630869b9d3a215fca292098
6324f32bee04e9925adde9522dfe78eeae4858d5
30ecef6c6f78426a75fa5f60f92780501a3619ec11367e3b67331576f3370812

HTTP Headers

GET /js/highlight.min.js HTTP/1.1
Host: sushibistro.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sushibistro.ca/gasai/rider-university-notable-alumni
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 29 Dec 2024 18:39:36 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Sat, 17 Aug 2024 14:47:12 GMT
etag: W/"1e03b-19160ce8180"
cf-cache-status: EXPIRED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hh1liU1ozGKg0IRRR1GWcKEFXBBY5%2F3HmvZCBxmALYDV9HKX8bES%2BX8x0HinPI9g5tIT0I%2BcV%2B6YH6Udn%2Bj9tKXhsgu%2FuPAEn8rMLXPg7hJUmkyruV7Qvpx4A83HcNqJIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f9be9e6fdef712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3214&min_rtt=1290&rtt_var=1781&sent=53&recv=14&lost=0&retrans=0&sent_bytes=50683&recv_bytes=1972&delivery_rate=6265996&cwnd=48000&unsent_bytes=0&cid=de3227e3a5216280&ts=1362&x=1", cfExtPri, cfHdrFlush;dur=0

GET stereospoutfireextinguisher.com/watch.323123863057.js?key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%5D&refer=https%3A%2F%2Fsushibistro.ca%2Fgasai%2Frider-university-notable-alumni&tz=0&dev=e&res=14.2071&rb=&uuid=162651bc-d04e-4ce6-b2c1-db117d9f9cd8%3A1%3A1

192.243.61.227

307 Temporary Redirect

0 B

URL GET HTTP/1.1
stereospoutfireextinguisher.com/watch.323123863057.js?key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%5D&refer=https%3A%2F%2Fsushibistro.ca%2Fgasai%2Frider-university-notable-alumni&tz=0&dev=e&res=14.2071&rb=&uuid=162651bc-d04e-4ce6-b2c1-db117d9f9cd8%3A1%3A1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sushibistro.ca/gasai/rider-university-notable-alumni
Certificate
IssuerLet's Encrypt
Subjectstereospoutfireextinguisher.com
FingerprintC5:2E:10:49:A7:54:62:C2:76:32:76:44:BB:73:B5:4E:C2:01:2C:0F
ValidityWed, 18 Dec 2024 21:16:38 GMT - Tue, 18 Mar 2025 21:16:37 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.323123863057.js?key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%5D&refer=https%3A%2F%2Fsushibistro.ca%2Fgasai%2Frider-university-notable-alumni&tz=0&dev=e&res=14.2071&rb=&uuid=162651bc-d04e-4ce6-b2c1-db117d9f9cd8%3A1%3A1 HTTP/1.1
Host: stereospoutfireextinguisher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sushibistro.ca
DNT: 1
Connection: keep-alive
Referer: https://sushibistro.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sun, 29 Dec 2024 18:39:36 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sushibistro.ca
Access-Control-Allow-Origin: https://sushibistro.ca
Access-Control-Allow-Credentials: true
Location: https://stereospoutfireextinguisher.com/watch.323123863057.js?dev=e&key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%5D&pst=1735497636&rb=&refer=https%3A%2F%2Fsushibistro.ca%2Fgasai%2Frider-university-notable-alumni&res=14.2071&rmtc=t&shu=231bcccfead71abb38124f87c98fc3a4d9d7553ebd0d1dfde4598d75c272207e41fa6944a093cb9acf7c5e4d037a3efdb66490fdd3fee2822472744aa0a0c8f979a1f3cc1119682e30e3637cb5eab0937f1278377f5f9db20155c1&tz=0&uuid=162651bc-d04e-4ce6-b2c1-db117d9f9cd8%3A1%3A1
Set-Cookie: u_pl22609139=1; expires=Mon, 30 Dec 2024 18:39:36 GMT; path=/; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjYwOTEzOSwiayI6ImQxYTVlNTAwZWQyNTVjYzRlYmY4MjJmZjJhZTQ4MjI5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjM2MDIzLCJwaWQiOjI0Njc3MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6Img1MjBmMWJneXMiLCJjcGtzIjp7IjI4IjoiNjllNzllMjQ4Y2Y2YzY0OTE3YmQwZDE3MDhiNzEzOTIifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc3VzaGliaXN0cm8uY2EvZ2FzYWkvcmlkZXItdW5pdmVyc2l0eS1ub3RhYmxlLWFsdW1uaSIsImFyIjpbXX19.1j-jxId6Q0GyF7XEm8jscn2xdwz2K9zpBktPf21ItLk; expires=Sun, 29 Dec 2024 18:40:36 GMT; path=/; secure; SameSite=None
Host: stereospoutfireextinguisher.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 460c6aa1b74a37e77c1e28f502ce52ed
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET cramlastfasten.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2skxRuu%2Fm1%2BHvSk7M3L4ElFJt0zk56MexBjjATjZt1VXBCR6q7qSTk1Vb31Z3oyXoIB2eN4UfTUeSbZ%2BGcV%2FQAu0lkQWRAytxzMl1hY9igzGxx9oXjf533egqeetz4%2F8OekCU%2FP1t%2FRIyElXV6ph7UXb0bRldqWUH5YG67GH8etKzUzeLUT18OXam%2FxtKeXG2EUhlEY1TaE4ZkeLs9IiPxuJ6p3wnqrUY9WWhia%2F2LrA1gagA3OyXMQbLp0P7gMkVZQ%2FZ%2FXue05nb%2FyZt9L6rTBgB2%2Fr3pKFwr9RZmZAJk6vpiGtqcb96DV0Vwu9OCfwURMSfD7PSTq%2BEIkksHhXGciwRUS9gyKQQUuKwhaIdX7EOyUACnD1W2o%2Fp2r2hR09wlLZ%2ByULD16CFFMydJfl6H6P61JMazd0NI7oZXFMCshhhVEt0LuT%2BBGAURxgtR9BsH%2BJMuPtqD6h9tWaghWzt8uRAWRVZB8DGoD%2BNkRAXwWwOcB%2BuyslkZR1A5ZSsPVTpo2WZsnMQsj2s4iGoXxKnw6kzeGy8dI5Rip2UNu9tATYxj%2FG%2BxOCcsCWDclwbt7GLASBScoLEFBCQpBUDiCYlAeMWkbtrzDpPVJdJEbF7lZTrTrHtAj7bpcEVAzhmHlochv2X2k7tJklNmPJjqz7CA%2FJ8%2FOPAs%2B%2FPYmevysFtJWo9VMOtFKElOetVMet8JO1mx12qyzkiWwooSw%2F5vbMBJT0v60jVxMyaWTh0joCaw8QSougfoItChBd0qM1I%2FUG%2Bp4T%2Bm64g5Ml8jdEtxucCDPyfPztW2JM%2FD0AbkIpKZEbkp8Iu4TdOXtyXVdkMPrurDkl%2B3cib4Y0dlKbzjq%2BFPfv813C23Y5rodf%2Fd6OiNm5d33uHVbVDGhupb8sCYY42ZDm5STXzftBzy55u3OmjfK51vX3tjY7OeGWyu0qkDF6fZjpGJK%2Fv%2F4hflfffnLCYSpYHyJvl8oFbpCmu%2FB5oue1QRGLnCSByh8OTGNZNGUgkDyBaZJCfsvnCzqiaGz21SUB%2FY2uiYAdftQ%2FRIDU2IgS1A5hvVPT1xuHrz2x9ez%2BAaJDCaJNMFhIo384onJVpzV2s1mSOPOStRuU95OWo3VLI4YpY1W3Ihj2oSz0%2B6tr7p%2FBwAA%2F%2F9ClqQrgAQAAA%3D%3D

172.240.253.132

200 OK

7 B

URL GET HTTP/1.1
cramlastfasten.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2skxRuu%2Fm1%2BHvSk7M3L4ElFJt0zk56MexBjjATjZt1VXBCR6q7qSTk1Vb31Z3oyXoIB2eN4UfTUeSbZ%2BGcV%2FQAu0lkQWRAytxzMl1hY9igzGxx9oXjf533egqeetz4%2F8OekCU%2FP1t%2FRIyElXV6ph7UXb0bRldqWUH5YG67GH8etKzUzeLUT18OXam%2FxtKeXG2EUhlEY1TaE4ZkeLs9IiPxuJ6p3wnqrUY9WWhia%2F2LrA1gagA3OyXMQbLp0P7gMkVZQ%2FZ%2FXue05nb%2FyZt9L6rTBgB2%2Fr3pKFwr9RZmZAJk6vpiGtqcb96DV0Vwu9OCfwURMSfD7PSTq%2BEIkksHhXGciwRUS9gyKQQUuKwhaIdX7EOyUACnD1W2o%2Fp2r2hR09wlLZ%2ByULD16CFFMydJfl6H6P61JMazd0NI7oZXFMCshhhVEt0LuT%2BBGAURxgtR9BsH%2BJMuPtqD6h9tWaghWzt8uRAWRVZB8DGoD%2BNkRAXwWwOcB%2BuyslkZR1A5ZSsPVTpo2WZsnMQsj2s4iGoXxKnw6kzeGy8dI5Rip2UNu9tATYxj%2FG%2BxOCcsCWDclwbt7GLASBScoLEFBCQpBUDiCYlAeMWkbtrzDpPVJdJEbF7lZTrTrHtAj7bpcEVAzhmHlochv2X2k7tJklNmPJjqz7CA%2FJ8%2FOPAs%2B%2FPYmevysFtJWo9VMOtFKElOetVMet8JO1mx12qyzkiWwooSw%2F5vbMBJT0v60jVxMyaWTh0joCaw8QSougfoItChBd0qM1I%2FUG%2Bp4T%2Bm64g5Ml8jdEtxucCDPyfPztW2JM%2FD0AbkIpKZEbkp8Iu4TdOXtyXVdkMPrurDkl%2B3cib4Y0dlKbzjq%2BFPfv813C23Y5rodf%2Fd6OiNm5d33uHVbVDGhupb8sCYY42ZDm5STXzftBzy55u3OmjfK51vX3tjY7OeGWyu0qkDF6fZjpGJK%2Fv%2F4hflfffnLCYSpYHyJvl8oFbpCmu%2FB5oue1QRGLnCSByh8OTGNZNGUgkDyBaZJCfsvnCzqiaGz21SUB%2FY2uiYAdftQ%2FRIDU2IgS1A5hvVPT1xuHrz2x9ez%2BAaJDCaJNMFhIo384onJVpzV2s1mSOPOStRuU95OWo3VLI4YpY1W3Ihj2oSz0%2B6tr7p%2FBwAA%2F%2F9ClqQrgAQAAA%3D%3D
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://sushibistro.ca/gasai/rider-university-notable-alumni
Certificate
IssuerLet's Encrypt
Subjectcramlastfasten.com
Fingerprint13:98:0E:72:7E:69:93:22:A5:EA:91:22:CB:78:C6:0E:4B:F6:62:B6
ValidityTue, 26 Nov 2024 08:25:22 GMT - Mon, 24 Feb 2025 08:25:21 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST2skxRuu%2Fm1%2BHvSk7M3L4ElFJt0zk56MexBjjATjZt1VXBCR6q7qSTk1Vb31Z3oyXoIB2eN4UfTUeSbZ%2BGcV%2FQAu0lkQWRAytxzMl1hY9igzGxx9oXjf533egqeetz4%2F8OekCU%2FP1t%2FRIyElXV6ph7UXb0bRldqWUH5YG67GH8etKzUzeLUT18OXam%2FxtKeXG2EUhlEY1TaE4ZkeLs9IiPxuJ6p3wnqrUY9WWhia%2F2LrA1gagA3OyXMQbLp0P7gMkVZQ%2FZ%2FXue05nb%2FyZt9L6rTBgB2%2Fr3pKFwr9RZmZAJk6vpiGtqcb96DV0Vwu9OCfwURMSfD7PSTq%2BEIkksHhXGciwRUS9gyKQQUuKwhaIdX7EOyUACnD1W2o%2Fp2r2hR09wlLZ%2ByULD16CFFMydJfl6H6P61JMazd0NI7oZXFMCshhhVEt0LuT%2BBGAURxgtR9BsH%2BJMuPtqD6h9tWaghWzt8uRAWRVZB8DGoD%2BNkRAXwWwOcB%2BuyslkZR1A5ZSsPVTpo2WZsnMQsj2s4iGoXxKnw6kzeGy8dI5Rip2UNu9tATYxj%2FG%2BxOCcsCWDclwbt7GLASBScoLEFBCQpBUDiCYlAeMWkbtrzDpPVJdJEbF7lZTrTrHtAj7bpcEVAzhmHlochv2X2k7tJklNmPJjqz7CA%2FJ8%2FOPAs%2B%2FPYmevysFtJWo9VMOtFKElOetVMet8JO1mx12qyzkiWwooSw%2F5vbMBJT0v60jVxMyaWTh0joCaw8QSougfoItChBd0qM1I%2FUG%2Bp4T%2Bm64g5Ml8jdEtxucCDPyfPztW2JM%2FD0AbkIpKZEbkp8Iu4TdOXtyXVdkMPrurDkl%2B3cib4Y0dlKbzjq%2BFPfv813C23Y5rodf%2Fd6OiNm5d33uHVbVDGhupb8sCYY42ZDm5STXzftBzy55u3OmjfK51vX3tjY7OeGWyu0qkDF6fZjpGJK%2Fv%2F4hflfffnLCYSpYHyJvl8oFbpCmu%2FB5oue1QRGLnCSByh8OTGNZNGUgkDyBaZJCfsvnCzqiaGz21SUB%2FY2uiYAdftQ%2FRIDU2IgS1A5hvVPT1xuHrz2x9ez%2BAaJDCaJNMFhIo384onJVpzV2s1mSOPOStRuU95OWo3VLI4YpY1W3Ihj2oSz0%2B6tr7p%2FBwAA%2F%2F9ClqQrgAQAAA%3D%3D HTTP/1.1
Host: cramlastfasten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sushibistro.ca/
Cookie: u_pl22784088=1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 29 Dec 2024 18:39:36 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: cramlastfasten.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 4e3377c873a3e3621a256f072cfde15a
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET cdn.storageimagedisplay.com/cti/52/24/c0/5224c0f51c54e2ff9f28165788d329a7/1708428628.jpg

45.133.44.2

200 OK

26 kB

URL GET HTTP/2
cdn.storageimagedisplay.com/cti/52/24/c0/5224c0f51c54e2ff9f28165788d329a7/1708428628.jpg
IP
45.133.44.2:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sushibistro.ca/gasai/rider-university-notable-alumni
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
FingerprintF9:20:E7:90:5F:37:8A:CE:B4:58:90:7D:E5:7E:FD:5E:B8:11:6E:FE
ValidityTue, 12 Nov 2024 03:04:34 GMT - Mon, 10 Feb 2025 03:04:33 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3
Size
26 kB (26266 bytes)
Hash
31b52bef5d57fc26fe0ca41fcc253863
a520eb9c2ce6680349c2879c03e5c45688979bef
e5976704a53fb2eaad3664b708bf8d18da662eeed50f6a5dbd9508ebc9c92ca7

HTTP Headers

GET /cti/52/24/c0/5224c0f51c54e2ff9f28165788d329a7/1708428628.jpg HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sushibistro.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 29 Dec 2024 18:39:36 GMT
content-type: image/jpeg
content-length: 26266
server: nginx/1.21.6
last-modified: Tue, 20 Feb 2024 11:30:36 GMT
etag: "65d48d5c-669a"
expires: Tue, 31 Dec 2024 18:39:36 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
x-cdn-host-id: ah0543
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cramlastfasten.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuNtGDnpS9eRk8qcike35m3IMYYyQYN%2Buu4oKI1K%2BelFPT1VvVNT0ZL8GA7HG8KHrqfJNs%2FLGK%2FgEu0lkQWRAytxzMP7Gw7FFmNjjug%2BK9732v4Kvv1ZcH%2FpzU4enZ%2BntmpLSmK81qWHn5RhRdrmypxA8rw9XWp63G5YodvN5pVcNXKu9I3jMrtTAKwyiMKhvKytgMV2YkVHqnE1U7YbVRq0bNBob2Sex8AEcDiME5eQFKTJfvBZegeImk%2F%2Bu6dL3MpK%2B93feaZsZiII4%2FTHqJyRP0F2VsA8TJ8cU0jDvduAuTHM3lwgz%2BG2RqSoI%2F74IlxxciwQaHc51MQyZg4jnkgxJSl1C0BDf7UOKUAFzgyjaS%2Fu0rxuZ09zFLZ%2ByULD98AJVPyfI%2Fl5D0f1nTali5brTPlEkchnEBNSyhuiVSf4JsFEDlJ%2BDZF1Dib7LycAtJ%2F3DbaQMlivnblSqh4hJajkFdAD87KoCPA%2Fg0QF%2BcVXgURe1QcBqudjivi7ZkLRFGtB1HNApbq%2FB8Jm%2BMLB2D6zG43UNq99BTY1j%2FB9xOAScCuGxKgvf3MBAFckmQO4KcEuSKIM8I8kFxJLSrueK20M6z6CLXLnK9mJise0CPTNaVCQG1Y1hRHKr0ptsHz5Ymo9h9MjGxEwfpOXl%2B5lnw8fc30JNnlZA2ao0660RN1qIybnPZaoSduN7otEWnGTM4VUC5p%2BY2jNSUtD9vI1VTsnTyAIyewOkTcLUE6iPQvADdKTBKfqbe0kz2ElNNZAZhCqTZMrLd4ECfkxfna9tSZ5D8PrkIcFsgtQU%2BU%2FcIuvrW5JrJyeE1kzvy23aaqb4a0dlKr2c0k8%2F8%2BK7czY0Vm%2Btu%2FMObfEbMyjsfSJdt0USopOvIT2tKCGk3jOWS%2FL7pPpLsqnc7a94mPt26%2BtbGZj%2B10jllkhJUnW4%2FAldT8vSjl%2BZ%2F9dWvJ1C2hPUF%2Bn6hVJkSPN2DSxc9ZwisXmCWBsh9MbE1tmhqRaDlAlNWwP0Ps0U9sXR2m6riwN1C1wag2T6SfoGBLTDQBagew%2FlnJ1lq77%2Fx17ez%2BA5MBxOmbXDItNVfPTbZqbNKPRRtJmPZZrLRbMSSC9ZsspDHnNXF6ipH5qbdm990%2Fw0AAP%2F%2FwkJxw4AEAAA%3D

172.240.253.132

200 OK

7 B

URL GET HTTP/1.1
cramlastfasten.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuNtGDnpS9eRk8qcike35m3IMYYyQYN%2Buu4oKI1K%2BelFPT1VvVNT0ZL8GA7HG8KHrqfJNs%2FLGK%2FgEu0lkQWRAytxzMP7Gw7FFmNjjug%2BK9732v4Kvv1ZcH%2FpzU4enZ%2BntmpLSmK81qWHn5RhRdrmypxA8rw9XWp63G5YodvN5pVcNXKu9I3jMrtTAKwyiMKhvKytgMV2YkVHqnE1U7YbVRq0bNBob2Sex8AEcDiME5eQFKTJfvBZegeImk%2F%2Bu6dL3MpK%2B93feaZsZiII4%2FTHqJyRP0F2VsA8TJ8cU0jDvduAuTHM3lwgz%2BG2RqSoI%2F74IlxxciwQaHc51MQyZg4jnkgxJSl1C0BDf7UOKUAFzgyjaS%2Fu0rxuZ09zFLZ%2ByULD98AJVPyfI%2Fl5D0f1nTali5brTPlEkchnEBNSyhuiVSf4JsFEDlJ%2BDZF1Dib7LycAtJ%2F3DbaQMlivnblSqh4hJajkFdAD87KoCPA%2Fg0QF%2BcVXgURe1QcBqudjivi7ZkLRFGtB1HNApbq%2FB8Jm%2BMLB2D6zG43UNq99BTY1j%2FB9xOAScCuGxKgvf3MBAFckmQO4KcEuSKIM8I8kFxJLSrueK20M6z6CLXLnK9mJise0CPTNaVCQG1Y1hRHKr0ptsHz5Ymo9h9MjGxEwfpOXl%2B5lnw8fc30JNnlZA2ao0660RN1qIybnPZaoSduN7otEWnGTM4VUC5p%2BY2jNSUtD9vI1VTsnTyAIyewOkTcLUE6iPQvADdKTBKfqbe0kz2ElNNZAZhCqTZMrLd4ECfkxfna9tSZ5D8PrkIcFsgtQU%2BU%2FcIuvrW5JrJyeE1kzvy23aaqb4a0dlKr2c0k8%2F8%2BK7czY0Vm%2Btu%2FMObfEbMyjsfSJdt0USopOvIT2tKCGk3jOWS%2FL7pPpLsqnc7a94mPt26%2BtbGZj%2B10jllkhJUnW4%2FAldT8vSjl%2BZ%2F9dWvJ1C2hPUF%2Bn6hVJkSPN2DSxc9ZwisXmCWBsh9MbE1tmhqRaDlAlNWwP0Ps0U9sXR2m6riwN1C1wag2T6SfoGBLTDQBagew%2FlnJ1lq77%2Fx17ez%2BA5MBxOmbXDItNVfPTbZqbNKPRRtJmPZZrLRbMSSC9ZsspDHnNXF6ipH5qbdm990%2Fw0AAP%2F%2FwkJxw4AEAAA%3D
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://sushibistro.ca/gasai/rider-university-notable-alumni
Certificate
IssuerLet's Encrypt
Subjectcramlastfasten.com
Fingerprint13:98:0E:72:7E:69:93:22:A5:EA:91:22:CB:78:C6:0E:4B:F6:62:B6
ValidityTue, 26 Nov 2024 08:25:22 GMT - Mon, 24 Feb 2025 08:25:21 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuNtGDnpS9eRk8qcike35m3IMYYyQYN%2Buu4oKI1K%2BelFPT1VvVNT0ZL8GA7HG8KHrqfJNs%2FLGK%2FgEu0lkQWRAytxzMP7Gw7FFmNjjug%2BK9732v4Kvv1ZcH%2FpzU4enZ%2BntmpLSmK81qWHn5RhRdrmypxA8rw9XWp63G5YodvN5pVcNXKu9I3jMrtTAKwyiMKhvKytgMV2YkVHqnE1U7YbVRq0bNBob2Sex8AEcDiME5eQFKTJfvBZegeImk%2F%2Bu6dL3MpK%2B93feaZsZiII4%2FTHqJyRP0F2VsA8TJ8cU0jDvduAuTHM3lwgz%2BG2RqSoI%2F74IlxxciwQaHc51MQyZg4jnkgxJSl1C0BDf7UOKUAFzgyjaS%2Fu0rxuZ09zFLZ%2ByULD98AJVPyfI%2Fl5D0f1nTali5brTPlEkchnEBNSyhuiVSf4JsFEDlJ%2BDZF1Dib7LycAtJ%2F3DbaQMlivnblSqh4hJajkFdAD87KoCPA%2Fg0QF%2BcVXgURe1QcBqudjivi7ZkLRFGtB1HNApbq%2FB8Jm%2BMLB2D6zG43UNq99BTY1j%2FB9xOAScCuGxKgvf3MBAFckmQO4KcEuSKIM8I8kFxJLSrueK20M6z6CLXLnK9mJise0CPTNaVCQG1Y1hRHKr0ptsHz5Ymo9h9MjGxEwfpOXl%2B5lnw8fc30JNnlZA2ao0660RN1qIybnPZaoSduN7otEWnGTM4VUC5p%2BY2jNSUtD9vI1VTsnTyAIyewOkTcLUE6iPQvADdKTBKfqbe0kz2ElNNZAZhCqTZMrLd4ECfkxfna9tSZ5D8PrkIcFsgtQU%2BU%2FcIuvrW5JrJyeE1kzvy23aaqb4a0dlKr2c0k8%2F8%2BK7czY0Vm%2Btu%2FMObfEbMyjsfSJdt0USopOvIT2tKCGk3jOWS%2FL7pPpLsqnc7a94mPt26%2BtbGZj%2B10jllkhJUnW4%2FAldT8vSjl%2BZ%2F9dWvJ1C2hPUF%2Bn6hVJkSPN2DSxc9ZwisXmCWBsh9MbE1tmhqRaDlAlNWwP0Ps0U9sXR2m6riwN1C1wag2T6SfoGBLTDQBagew%2FlnJ1lq77%2Fx17ez%2BA5MBxOmbXDItNVfPTbZqbNKPRRtJmPZZrLRbMSSC9ZsspDHnNXF6ipH5qbdm990%2Fw0AAP%2F%2FwkJxw4AEAAA%3D HTTP/1.1
Host: cramlastfasten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sushibistro.ca/
Cookie: u_pl22784088=1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 29 Dec 2024 18:39:36 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: cramlastfasten.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 62973127cf280198636919e1a47f8f4d
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET sushibistro.ca/profil.png

104.21.49.27

200 OK

194 kB

URL GET HTTP/3
sushibistro.ca/profil.png
IP
104.21.49.27:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sushibistro.ca/gasai/rider-university-notable-alumni
Certificate
IssuerGoogle Trust Services
Subjectsushibistro.ca
Fingerprint7D:C2:8C:C2:91:9E:4A:67:20:8C:E6:8E:B6:E3:D4:E1:00:7A:13:A6
ValidityThu, 26 Dec 2024 13:14:49 GMT - Wed, 26 Mar 2025 14:12:26 GMT

File type
PNG image data, 923 x 740, 8-bit/color RGBA, non-interlaced
Size
194 kB (194148 bytes)
Hash
0ecb16fcde3387b3713c23171a893d09
cfe3c161fb283b1edaad6d93d60b538dfb4fd26e
4a82536fd7a10df27764bc1d956a7423736b4e2c09332d7fabfe25c15f7119c6

HTTP Headers

GET /profil.png HTTP/1.1
Host: sushibistro.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sushibistro.ca/gasai/rider-university-notable-alumni
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 29 Dec 2024 18:39:36 GMT
content-type: image/png
content-length: 194148
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Sat, 17 Aug 2024 14:47:12 GMT
etag: W/"2f664-19160ce8180"
cf-cache-status: EXPIRED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TFdXM67jJXlAlv2Fxu3qzmP8Fb7VyWqRIHYXJ57swkYr0Tnlb%2BjwRpjY4a%2BSJfIdVXRn%2FHw702WFjQ12lNLYNHG7zz42LcT%2FU6rJe7pi9PbmMG%2B2%2BU9AHkVT90%2Bape7Nzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f9be9e6ddcb712e-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3654&min_rtt=1290&rtt_var=1753&sent=26&recv=12&lost=0&retrans=0&sent_bytes=18413&recv_bytes=1885&delivery_rate=388919&cwnd=24000&unsent_bytes=0&cid=de3227e3a5216280&ts=1321&x=1", cfExtPri, cfHdrFlush;dur=0

GET stereospoutfireextinguisher.com/watch.323123863057.js?dev=e&key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%5D&pst=1735497636&rb=&refer=https%3A%2F%2Fsushibistro.ca%2Fgasai%2Frider-university-notable-alumni&res=14.2071&rmtc=t&shu=231bcccfead71abb38124f87c98fc3a4d9d7553ebd0d1dfde4598d75c272207e41fa6944a093cb9acf7c5e4d037a3efdb66490fdd3fee2822472744aa0a0c8f979a1f3cc1119682e30e3637cb5eab0937f1278377f5f9db20155c1&tz=0&uuid=162651bc-d04e-4ce6-b2c1-db117d9f9cd8%3A1%3A1

192.243.61.227

200 OK

2.4 kB

URL GET HTTP/1.1
stereospoutfireextinguisher.com/watch.323123863057.js?dev=e&key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%5D&pst=1735497636&rb=&refer=https%3A%2F%2Fsushibistro.ca%2Fgasai%2Frider-university-notable-alumni&res=14.2071&rmtc=t&shu=231bcccfead71abb38124f87c98fc3a4d9d7553ebd0d1dfde4598d75c272207e41fa6944a093cb9acf7c5e4d037a3efdb66490fdd3fee2822472744aa0a0c8f979a1f3cc1119682e30e3637cb5eab0937f1278377f5f9db20155c1&tz=0&uuid=162651bc-d04e-4ce6-b2c1-db117d9f9cd8%3A1%3A1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sushibistro.ca/gasai/rider-university-notable-alumni
Certificate
IssuerLet's Encrypt
Subjectstereospoutfireextinguisher.com
FingerprintC5:2E:10:49:A7:54:62:C2:76:32:76:44:BB:73:B5:4E:C2:01:2C:0F
ValidityWed, 18 Dec 2024 21:16:38 GMT - Tue, 18 Mar 2025 21:16:37 GMT

File type
JavaScript source, ASCII text, with very long lines (2959)
Size
2.4 kB (2362 bytes)
Hash
0cbda573999b72da4f00ccf2669423bc
3d7f8423fda95f561e64d9961ab9302ec4d67edf
350c8b400ae11867df43cb26608c8abf1d3d21e906d33621c2547682416360b0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.323123863057.js?dev=e&key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%5D&pst=1735497636&rb=&refer=https%3A%2F%2Fsushibistro.ca%2Fgasai%2Frider-university-notable-alumni&res=14.2071&rmtc=t&shu=231bcccfead71abb38124f87c98fc3a4d9d7553ebd0d1dfde4598d75c272207e41fa6944a093cb9acf7c5e4d037a3efdb66490fdd3fee2822472744aa0a0c8f979a1f3cc1119682e30e3637cb5eab0937f1278377f5f9db20155c1&tz=0&uuid=162651bc-d04e-4ce6-b2c1-db117d9f9cd8%3A1%3A1 HTTP/1.1
Host: stereospoutfireextinguisher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sushibistro.ca
Referer: https://sushibistro.ca/
DNT: 1
Connection: keep-alive
Cookie: u_pl22609139=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjYwOTEzOSwiayI6ImQxYTVlNTAwZWQyNTVjYzRlYmY4MjJmZjJhZTQ4MjI5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjM2MDIzLCJwaWQiOjI0Njc3MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6Img1MjBmMWJneXMiLCJjcGtzIjp7IjI4IjoiNjllNzllMjQ4Y2Y2YzY0OTE3YmQwZDE3MDhiNzEzOTIifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc3VzaGliaXN0cm8uY2EvZ2FzYWkvcmlkZXItdW5pdmVyc2l0eS1ub3RhYmxlLWFsdW1uaSIsImFyIjpbXX19.1j-jxId6Q0GyF7XEm8jscn2xdwz2K9zpBktPf21ItLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 29 Dec 2024 18:39:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sushibistro.ca
Access-Control-Allow-Origin: https://sushibistro.ca
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=162651bc-d04e-4ce6-b2c1-db117d9f9cd8:1:1; expires=Sun, 05 Jan 2025 18:39:36 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Mon, 30 Dec 2024 18:39:36 GMT; path=/; secure; SameSite=None
uncs=1; expires=Mon, 30 Dec 2024 18:39:36 GMT; path=/; secure; SameSite=None
pdhtkv5=true; expires=Mon, 30 Dec 2024 18:39:36 GMT; path=/; secure; SameSite=None
uncs5=1; expires=Mon, 30 Dec 2024 18:39:36 GMT; path=/; secure; SameSite=None
Host: stereospoutfireextinguisher.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 53e0b39099a45adc331f8ea8e63fded2
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET recordedthereby.com/sfp.js

185.196.197.71

200 OK

85 kB

URL GET HTTP/1.1
recordedthereby.com/sfp.js
IP
185.196.197.71:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sushibistro.ca/gasai/rider-university-notable-alumni
Certificate
IssuerLet's Encrypt
Subjectrecordedthereby.com
FingerprintE0:09:99:E3:0E:A5:83:8D:96:1B:26:8A:2E:AC:12:98:C6:D3:E1:76
ValidityWed, 06 Nov 2024 14:09:18 GMT - Tue, 04 Feb 2025 14:09:17 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
85 kB (85378 bytes)
Hash
7e3e44049654b6e244c1777e68ffb8e7
8f2a8298666d607afd92a0baa362ef4dc9ccd039
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sushibistro.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 29 Dec 2024 18:39:36 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 85378
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: ee6958ef2bb2c9ad9d39563536d53d06
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET cdn.storageimagedisplay.com/cti/6f/ac/e2/6face2b831b0e3cd06dc1ece6991acd6/1722092056.png

45.133.44.2

200 OK

124 kB

URL GET HTTP/2
cdn.storageimagedisplay.com/cti/6f/ac/e2/6face2b831b0e3cd06dc1ece6991acd6/1722092056.png
IP
45.133.44.2:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sushibistro.ca/gasai/rider-university-notable-alumni
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
FingerprintF9:20:E7:90:5F:37:8A:CE:B4:58:90:7D:E5:7E:FD:5E:B8:11:6E:FE
ValidityTue, 12 Nov 2024 03:04:34 GMT - Mon, 10 Feb 2025 03:04:33 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced
Size
124 kB (123624 bytes)
Hash
0316a73c188b68cc1d6eb8677ba3f42d
9be5605b074a39fd233eb7c8e8ecfca00d65c54b
565002538b70d07ec8f082b8977242296ac3d7df6ef27c1a3f0defdf010fb490

HTTP Headers

GET /cti/6f/ac/e2/6face2b831b0e3cd06dc1ece6991acd6/1722092056.png HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Dec 2024 18:39:36 GMT
content-type: image/png
content-length: 123624
server: nginx/1.21.6
last-modified: Sat, 27 Jul 2024 14:54:17 GMT
etag: "66a50a19-1e2e8"
expires: Tue, 31 Dec 2024 18:39:36 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
x-cdn-host-id: ah0543
accept-ranges: bytes
X-Firefox-Spdy: h2

GET capaciousdrewreligion.com/advertisers.js

185.196.197.71

200 OK

0 B

URL GET HTTP/1.1
capaciousdrewreligion.com/advertisers.js
IP
185.196.197.71:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sushibistro.ca/gasai/rider-university-notable-alumni
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
FingerprintD9:49:50:C3:1F:23:A3:E8:75:32:16:6A:76:DE:28:2B:93:73:31:80
ValiditySun, 03 Nov 2024 04:28:34 GMT - Sat, 01 Feb 2025 04:28:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sushibistro.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 29 Dec 2024 18:39:36 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 233a3e67ccfab969fdba3fa3c6940389
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET yummyadvertiseexploded.com/pixel/purst?dl=0&th=0&sc=0&rs=1848&rd=1848&fd=538&bv=24.12.6652&tmpl=136

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
yummyadvertiseexploded.com/pixel/purst?dl=0&th=0&sc=0&rs=1848&rd=1848&fd=538&bv=24.12.6652&tmpl=136
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://sushibistro.ca/gasai/rider-university-notable-alumni
Certificate
IssuerLet's Encrypt
Subjectyummyadvertiseexploded.com
Fingerprint3D:4F:15:D7:2D:87:5D:A8:62:F5:7D:9A:F0:D8:21:2F:E5:D3:CC:DE
ValidityWed, 18 Dec 2024 21:23:41 GMT - Tue, 18 Mar 2025 21:23:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1848&rd=1848&fd=538&bv=24.12.6652&tmpl=136 HTTP/1.1
Host: yummyadvertiseexploded.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sushibistro.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 29 Dec 2024 18:39:36 GMT
Content-Length: 0
Connection: keep-alive
Host: yummyadvertiseexploded.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET unseenreport.com/pxf.gif?uuid=834aaed1-66a7-4bb6-b72b-afcd9c0e1ab5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=de40747527625eb4f2cfd573cb92ac16&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18

192.243.59.12

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=834aaed1-66a7-4bb6-b72b-afcd9c0e1ab5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=de40747527625eb4f2cfd573cb92ac16&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sushibistro.ca/gasai/rider-university-notable-alumni
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintB3:C3:D3:00:AB:EE:F9:2F:2C:9A:5D:74:A9:E1:4E:36:06:3F:B6:74
ValidityMon, 18 Nov 2024 22:38:22 GMT - Sun, 16 Feb 2025 22:38:21 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=834aaed1-66a7-4bb6-b72b-afcd9c0e1ab5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=de40747527625eb4f2cfd573cb92ac16&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sushibistro.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 29 Dec 2024 18:39:37 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 0c857016b9579a79872e4a75305c8b06
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET sushibistro.ca/apple-touch-icon.png

104.21.49.27

404 Not Found

13 kB

URL GET HTTP/3
sushibistro.ca/apple-touch-icon.png
IP
104.21.49.27:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sushibistro.ca/gasai/rider-university-notable-alumni
Certificate
IssuerGoogle Trust Services
Subjectsushibistro.ca
Fingerprint7D:C2:8C:C2:91:9E:4A:67:20:8C:E6:8E:B6:E3:D4:E1:00:7A:13:A6
ValidityThu, 26 Dec 2024 13:14:49 GMT - Wed, 26 Mar 2025 14:12:26 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (7920), with CRLF line terminators
Size
13 kB (12812 bytes)
Hash
5511542c719337f01398cf15a4981fad
27fea0402e13455b97f7408cbdc093455c3aa033
493438afcd0993c463584b7f14c623ce808ec137824b2be3a20b9a4df8292618

HTTP Headers

GET /apple-touch-icon.png HTTP/1.1
Host: sushibistro.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sushibistro.ca/gasai/rider-university-notable-alumni
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=834aaed1-66a7-4bb6-b72b-afcd9c0e1ab5%3A1%3A1; m5a4xojbcp2nx3gptmm633qal3gzmadn=cramlastfasten.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sun, 29 Dec 2024 18:39:36 GMT
content-type: text/html; charset=UTF-8
x-powered-by: Express
cf-cache-status: EXPIRED
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BoIDnE55tNgA1%2Ffsn4Us3D18KGrnu9EwxNcOkQdUerL7o1NdwXXSx7X8RsTBP3GavezjH%2BWuVoEPaVdt8zXN%2B8H1LBGHjlJrBWQOUD1unbOu61n1DL9EiE2WikA2SRgr3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f9be9ed1c60712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3884&min_rtt=1290&rtt_var=3180&sent=233&recv=21&lost=0&retrans=0&sent_bytes=264024&recv_bytes=2989&delivery_rate=124549&cwnd=127200&unsent_bytes=0&cid=de3227e3a5216280&ts=2077&x=1", cfExtPri, cfHdrFlush;dur=0

GET sushibistro.ca/favicon.ico

104.21.49.27

200 OK

1.3 kB

URL GET HTTP/3
sushibistro.ca/favicon.ico
IP
104.21.49.27:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sushibistro.ca/gasai/rider-university-notable-alumni
Certificate
IssuerGoogle Trust Services
Subjectsushibistro.ca
Fingerprint7D:C2:8C:C2:91:9E:4A:67:20:8C:E6:8E:B6:E3:D4:E1:00:7A:13:A6
ValidityThu, 26 Dec 2024 13:14:49 GMT - Wed, 26 Mar 2025 14:12:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 60x60, components 3
Size
1.3 kB (1287 bytes)
Hash
5bc3c89007872a12312123f6a11d65a8
8343b76544d647f14552b0d6375bdf65f67a1653
391c13bde68e43f9e641cdf7621053abf84ca2a922e640e57c8a1b55bad1ffc1

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: sushibistro.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sushibistro.ca/gasai/rider-university-notable-alumni
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=834aaed1-66a7-4bb6-b72b-afcd9c0e1ab5%3A1%3A1; m5a4xojbcp2nx3gptmm633qal3gzmadn=cramlastfasten.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 29 Dec 2024 18:39:36 GMT
content-type: image/jpeg
x-powered-by: Express
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 190443
last-modified: Fri, 27 Dec 2024 13:45:33 GMT
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=say5JE2OThbRYGrbmfZ1uB3uvcGQY0pFX0s0tFH3T1mPJikXtkl%2F5TNFuUxbvxDqR8gbl5j21SK6%2FumjEb%2FRRlAaEII3iGi%2Fr7yAgLmSLWlaW4O%2B3QNYOO1%2F9Ktdzgqibg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f9be9ed1c64712e-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4218&min_rtt=1290&rtt_var=3350&sent=231&recv=20&lost=0&retrans=0&sent_bytes=262135&recv_bytes=2943&delivery_rate=2458737&cwnd=127200&unsent_bytes=0&cid=de3227e3a5216280&ts=1822&x=1", cfExtPri, cfHdrFlush;dur=0

GET lazy.agczn.my.id/tag.js

104.21.80.1

200 OK

904 B

URL GET HTTP/2
lazy.agczn.my.id/tag.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sushibistro.ca/gasai/rider-university-notable-alumni
Certificate
IssuerGoogle Trust Services
Subjectagczn.my.id
Fingerprint15:37:71:50:43:B8:56:49:C3:9C:10:6B:95:FA:98:27:AA:92:1A:79
ValiditySun, 08 Dec 2024 15:30:45 GMT - Sat, 08 Mar 2025 15:30:44 GMT

File type
ASCII text, with very long lines (1087), with no line terminators
Size
904 B (904 bytes)
Hash
838afb2c0623f31fd65038374b242898
8993bbea96f758e09898a01227b3b3bac42da25b
f76d845560c84df04db23c9880b2b0c1450533c811069ca04d84bea867c2895b

HTTP Headers

GET /tag.js HTTP/1.1
Host: lazy.agczn.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sushibistro.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 29 Dec 2024 18:39:35 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=120
last-modified: Thu, 10 Oct 2024 17:00:10 GMT
etag: W/"388-192775fa590"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ivVYfVyeYRvwhNRe3v5t1r5ALt9d%2Fgz7%2FFpgxpcekYpiRpN2qPB53QZcSvmEVLsO%2FV%2Bn1Z4B9Cw7itZYBpvUsg9EUX5q97yKE39I60i6z1SON9jKoQwfnlDLT6GxjQqZ36vT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f9be9e3a87a568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6439&min_rtt=428&rtt_var=11993&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3202&recv_bytes=1054&delivery_rate=6621951&cwnd=254&unsent_bytes=0&cid=4673771826cd8b60&ts=404&x=0"
X-Firefox-Spdy: h2

GET sushibistro.ca/gasai/rider-university-notable-alumni

104.21.49.27

200 OK

74 kB

URL User Request GET HTTP/2
sushibistro.ca/gasai/rider-university-notable-alumni
IP
104.21.49.27:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectsushibistro.ca
Fingerprint7D:C2:8C:C2:91:9E:4A:67:20:8C:E6:8E:B6:E3:D4:E1:00:7A:13:A6
ValidityThu, 26 Dec 2024 13:14:49 GMT - Wed, 26 Mar 2025 14:12:26 GMT

File type
HTML document, ASCII text, with very long lines (7920)
Size
74 kB (73877 bytes)
Hash
5b2331fc5e5ec754e0106f26303a7387
cde4bcd2e96cbbcec2086a9ed8bd938374c9bfdc
52edd427940d39beff0ce14608b39c59078e9c894c60c4afd86fc35f2b303092

HTTP Headers

GET /gasai/rider-university-notable-alumni HTTP/1.1
Host: sushibistro.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 29 Dec 2024 18:39:34 GMT
content-type: text/html; charset=UTF-8
x-powered-by: Express
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l48YXQ4A1aCJLBWWoYzSCBiN6jQAUGLxdCD0s24TDmNplvqTINjTLqho2i%2FZgI1aY8AcFja8m%2BMA3lQol0S0JI8Qgl2dZ1vpmgFUJqgSrQPICyq7RiTVo0rbGdWNC7ywiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f9be9df5ee7569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6452&min_rtt=459&rtt_var=12006&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3283&recv_bytes=1269&delivery_rate=7463917&cwnd=254&unsent_bytes=0&cid=fbdb146dfa8fe5d0&ts=408&x=0"
X-Firefox-Spdy: h2

GET sushibistro.ca/image/rider-university-notable-alumni.jpeg

104.21.49.27

200 OK

17 kB

URL GET HTTP/3
sushibistro.ca/image/rider-university-notable-alumni.jpeg
IP
104.21.49.27:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sushibistro.ca/gasai/rider-university-notable-alumni
Certificate
IssuerGoogle Trust Services
Subjectsushibistro.ca
Fingerprint7D:C2:8C:C2:91:9E:4A:67:20:8C:E6:8E:B6:E3:D4:E1:00:7A:13:A6
ValidityThu, 26 Dec 2024 13:14:49 GMT - Wed, 26 Mar 2025 14:12:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 828x300, components 3
Size
17 kB (16726 bytes)
Hash
778af74b8ce48268aa740c6e6dbdd194
f0548eff520ef476931605df96f03d1dcb3b5bc5
896475b9e94edb9a36f0c9e0c22bfa1e60e8011ca524794a28f8bc423859bc9d

HTTP Headers

GET /image/rider-university-notable-alumni.jpeg HTTP/1.1
Host: sushibistro.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sushibistro.ca/gasai/rider-university-notable-alumni
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 29 Dec 2024 18:39:35 GMT
content-type: image/jpeg
x-powered-by: Express
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: MISS
last-modified: Sun, 29 Dec 2024 18:39:35 GMT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BqdfaI70ntxtEYyWWRVXPAKZHuaET4xzmvGJ5LlPrwOSWYeet%2FcVMHlyTxxByjVzh5ozFPDX5L6eUHwx36Eoq1nQOY7zWm%2FthhTIerSx0rAQnksYP1pGeRjYhTZEO0q8MA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f9be9e6ddcc712e-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3432&min_rtt=1290&rtt_var=2013&sent=14&recv=10&lost=0&retrans=0&sent_bytes=4157&recv_bytes=1799&delivery_rate=460114&cwnd=12000&unsent_bytes=0&cid=de3227e3a5216280&ts=1063&x=1", cfExtPri, cfHdrFlush;dur=0

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by