Report - ememe.zip

Report Overview

Visited public
2025-05-12 12:28:53
Tags
URL
ememe.zip
Finishing URL
ememe.zip/
IP / ASN
198.54.117.242
#22612 NAMECHEAP-NET
Title
ememe.zip - ICANN Verification Needed | Namecheap.com

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
static.nc-img.com	159061	2017-08-29	2020-04-24	2025-05-09	7.0 kB	1.2 MB	104.18.173.57
www.namecheap.com	134857	2000-08-11	2012-05-21	2025-05-09	450 B	1.8 kB	104.16.100.56
ememe.zip	unknown	2025-01-30	2025-04-02	2025-05-03	872 B	184 kB	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-05-12 12:28:20	medium	198.54.117.242	Client IP	ET Threatview.io High Confidence Cobalt Strike C2 IP group 4
2025-05-12 12:28:21	low	Client IP	198.54.117.242	ET INFO HTTP Request to a *.zip Domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	static.nc-img.com/uiraa/libs/polyfills_469970f8ffedace1b5b8.js	ScriptElement	187 kB	2023-03-07	2025-06-05
Pretty URL static.nc-img.com/uiraa/libs/polyfills_469970f8ffedace1b5b8.js IP 104.18.173.57 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-06-05 00:24 Times Seen1603 Hash bbb0a7562a948ca06bcebb419b7b31fa c2bf2b3b01d60231d96d422fb1e93eb9871a1f78 9c0bd44b3d16140158eb5f52b28e48cbdfdb7215b06dfeeb2cd07078361e1016 Loading...

	static.nc-img.com/uiraa/libs/vendors_70ac76496c2b0e5ed06c.js	ScriptElement	612 kB	2023-03-07	2025-06-05
Pretty URL static.nc-img.com/uiraa/libs/vendors_70ac76496c2b0e5ed06c.js IP 104.18.173.57 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-06-05 00:24 Times Seen1603 Hash 0b789b1da2ae8daafb7dbe161f39b121 0f6e5d831cce369b5ab370c48c0cb94c59068d5c 1230ad30ea6bbcc22f8e08d8a496c66aac8266db7a4b72b2c465e0ec89c2c658 Loading...

	static.nc-img.com/uiraa/app.987bc2c8f8959bbb732c.js	ScriptElement	76 kB	2024-12-05	2025-06-05
Pretty URL static.nc-img.com/uiraa/app.987bc2c8f8959bbb732c.js IP 104.18.173.57 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-05 14:44 Last Seen2025-06-05 00:24 Times Seen481 Hash 80826fc2763d20322be9b5b7a3fddd54 7784fcf802595516d81d5b8a1b58d131fc46af1e 59b3cf18fcdb1242d5bc5e02b6d7537ea50c9bec9b8eb818a35da80ebca3696e Loading...

	ememe.zip/	ScriptElement	176 kB	2025-04-04	2025-06-05
Pretty URL ememe.zip/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-04 20:50 Last Seen2025-06-05 00:24 Times Seen70 Hash e35ee5bec68f1561568912baaadec6e0 b0cd88e9569cc326c27d31c77142584f7d245b7f 1c55a0299e8795769630093013315138b3cfa25b549181607ea152fec6bbea78 Loading...

	ememe.zip/	ScriptElement	2.7 kB	2023-03-07	2025-06-05
Pretty URL ememe.zip/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:07 Last Seen2025-06-05 00:24 Times Seen1645 Hash bb1164d2fca41ca00ca27d34fd1ab1cb 0e3f953750a22364386aca4b83b074f3e3999d7f 672dc833729d0d59ff27afc40f835bf10b92caf61f861e2080fbe673a81e11e3 Loading...

	ememe.zip/	ScriptElement	952 B	2023-03-07	2025-06-05
Pretty URL ememe.zip/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:07 Last Seen2025-06-05 00:24 Times Seen1644 Hash f064828a007cdf4690951436a912d401 5a85f7f26bec5a251bf0f950088297dfba7cf9f2 0ab881506bf32f1e39434c44b518170be116dc2f4c87f01625cfb1f561dadd03 Loading...

	ememe.zip/	ScriptElement	1.4 kB	2025-05-12	2025-05-12
Pretty URL ememe.zip/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-12 12:28 Last Seen2025-05-12 12:28 Times Seen1 Hash 5917dbe6839304bbd3d5035c8d1de2e4 64dfd0d735bcbd1334c1ab2118c448eb3960590a 563a5e4ef283693bf0c7a9494e17c7c1abc53aa4167341f4c8a97ddb880e0f34 Loading...

HTTP Transactions (17)

URL IP Response Size

static.nc-img.com/pp/nc-ui-globalenv/mainLegacy.9ae3506f667fa81c57fd3a39a6c17986.css

104.18.173.57

200 OK

175 kB

URL GET
static.nc-img.com/pp/nc-ui-globalenv/mainLegacy.9ae3506f667fa81c57fd3a39a6c17986.css
IP
104.18.173.57:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ememe.zip/
Certificate
IssuerGoogle Trust Services
Subjectstatic.nc-img.com
Fingerprint26:09:6E:D4:CA:BE:9C:71:ED:B1:2B:FF:B1:FC:46:DC:C4:A3:C1:03
ValidityMon, 12 May 2025 01:08:08 GMT - Sun, 10 Aug 2025 02:08:04 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
175 kB (174855 bytes)
Hash
9ae3506f667fa81c57fd3a39a6c17986
07fe5b07dd4664beb9a974b6a4f1223d6e21cca8
00938d08b228eafceae6f5cdc0cb39612544711f54a3b6de3705c5cae13a1195

HTTP Headers

GET /pp/nc-ui-globalenv/mainLegacy.9ae3506f667fa81c57fd3a39a6c17986.css HTTP/1.1
Host: static.nc-img.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ememe.zip
DNT: 1
Connection: keep-alive
Referer: http://ememe.zip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 May 2025 12:28:22 GMT
content-type: text/css
last-modified: Thu, 03 Apr 2025 14:29:24 GMT
vary: Accept-Encoding, Origin
etag: W/"67ee9b44-2ab07"
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 93e9ea5bdb1a0b61-OSL
X-Firefox-Spdy: h2

static.nc-img.com/uiraa/email.168aa475ec312d6c7a976ba66ef4e982.png

104.18.173.57

200 OK

3.3 kB

URL GET
static.nc-img.com/uiraa/email.168aa475ec312d6c7a976ba66ef4e982.png
IP
104.18.173.57:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ememe.zip/
Certificate
IssuerGoogle Trust Services
Subjectstatic.nc-img.com
Fingerprint26:09:6E:D4:CA:BE:9C:71:ED:B1:2B:FF:B1:FC:46:DC:C4:A3:C1:03
ValidityMon, 12 May 2025 01:08:08 GMT - Sun, 10 Aug 2025 02:08:04 GMT

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3286 bytes)
Hash
168aa475ec312d6c7a976ba66ef4e982
32c327ae4ca72aae61cf5fe5929a8950503f28d5
cbbda36462bd705a3377cc1a607db2382c033161e16c56a8aadfe93f292874e0

HTTP Headers

GET /uiraa/email.168aa475ec312d6c7a976ba66ef4e982.png HTTP/1.1
Host: static.nc-img.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ememe.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 May 2025 12:28:25 GMT
content-type: image/png
content-length: 3286
last-modified: Mon, 16 Jan 2023 13:20:17 GMT
etag: "63c54f11-cd6"
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
age: 28774912
accept-ranges: bytes
server: cloudflare
cf-ray: 93e9ea71f91d0b61-OSL
X-Firefox-Spdy: h2

static.nc-img.com/pp/nc-ui-globalenv/gb-icon.7c7e42b4651569ae117e5438b7b9e309.woff2

104.18.173.57

200 OK

26 kB

URL GET
static.nc-img.com/pp/nc-ui-globalenv/gb-icon.7c7e42b4651569ae117e5438b7b9e309.woff2
IP
104.18.173.57:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ememe.zip/
Certificate
IssuerGoogle Trust Services
Subjectstatic.nc-img.com
Fingerprint26:09:6E:D4:CA:BE:9C:71:ED:B1:2B:FF:B1:FC:46:DC:C4:A3:C1:03
ValidityMon, 12 May 2025 01:08:08 GMT - Sun, 10 Aug 2025 02:08:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 26236, version 1.0
Size
26 kB (26236 bytes)
Hash
7c7e42b4651569ae117e5438b7b9e309
0fca9df6001c03b7eed2743ed0886990881273d6
548143cf76678d32e4114ef887086d6016156e54be13d4d1069349b408f5047c

HTTP Headers

GET /pp/nc-ui-globalenv/gb-icon.7c7e42b4651569ae117e5438b7b9e309.woff2 HTTP/1.1
Host: static.nc-img.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ememe.zip
DNT: 1
Connection: keep-alive
Referer: https://static.nc-img.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 May 2025 12:28:26 GMT
content-type: font/woff2
content-length: 26236
last-modified: Thu, 03 Apr 2025 14:29:24 GMT
etag: "67ee9b44-667c"
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 93e9ea7229570b61-OSL
X-Firefox-Spdy: h2

static.nc-img.com/pp/nc-ui-globalenv/museo-sans-500-webfont.5d9883d92e2eaa724e4e6beb0ef6728a.woff2

104.18.173.57

200 OK

21 kB

URL GET
static.nc-img.com/pp/nc-ui-globalenv/museo-sans-500-webfont.5d9883d92e2eaa724e4e6beb0ef6728a.woff2
IP
104.18.173.57:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ememe.zip/
Certificate
IssuerGoogle Trust Services
Subjectstatic.nc-img.com
Fingerprint26:09:6E:D4:CA:BE:9C:71:ED:B1:2B:FF:B1:FC:46:DC:C4:A3:C1:03
ValidityMon, 12 May 2025 01:08:08 GMT - Sun, 10 Aug 2025 02:08:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20920, version 1.0
Size
21 kB (20920 bytes)
Hash
5d9883d92e2eaa724e4e6beb0ef6728a
3e36376942825aaaa32279175fdb34a4b7bc9435
9c0749dc1deb3275e1846a462c0dcb83df2b5fec30112eacdf5530fa51e3160f

HTTP Headers

GET /pp/nc-ui-globalenv/museo-sans-500-webfont.5d9883d92e2eaa724e4e6beb0ef6728a.woff2 HTTP/1.1
Host: static.nc-img.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ememe.zip/
Origin: http://ememe.zip
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 May 2025 12:28:22 GMT
content-type: font/woff2
content-length: 20920
last-modified: Thu, 03 Apr 2025 14:29:24 GMT
etag: "67ee9b44-51b8"
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 93e9ea5bdb180b61-OSL
X-Firefox-Spdy: h2

static.nc-img.com/pp/nc-ui-globalenv/museo-sans-700-webfont.b125dc012841fa8a23b98c37499ca5e8.woff2

104.18.173.57

200 OK

18 kB

URL GET
static.nc-img.com/pp/nc-ui-globalenv/museo-sans-700-webfont.b125dc012841fa8a23b98c37499ca5e8.woff2
IP
104.18.173.57:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ememe.zip/
Certificate
IssuerGoogle Trust Services
Subjectstatic.nc-img.com
Fingerprint26:09:6E:D4:CA:BE:9C:71:ED:B1:2B:FF:B1:FC:46:DC:C4:A3:C1:03
ValidityMon, 12 May 2025 01:08:08 GMT - Sun, 10 Aug 2025 02:08:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18128, version 1.0
Size
18 kB (18128 bytes)
Hash
b125dc012841fa8a23b98c37499ca5e8
2ea271a80f6a93b9888a34797db75cee3e627673
177c4f2826cbc2cc24a9d8018e6c9848ed73178a76fd3aabe99b44ee9458514c

HTTP Headers

GET /pp/nc-ui-globalenv/museo-sans-700-webfont.b125dc012841fa8a23b98c37499ca5e8.woff2 HTTP/1.1
Host: static.nc-img.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ememe.zip/
Origin: http://ememe.zip
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 May 2025 12:28:22 GMT
content-type: font/woff2
content-length: 18128
last-modified: Thu, 03 Apr 2025 14:29:24 GMT
etag: "67ee9b44-46d0"
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 93e9ea5bdb140b61-OSL
X-Firefox-Spdy: h2

static.nc-img.com/uiraa/logo.4072d8d7bfca34be693eb0e573c3b7fe.png

104.18.173.57

200 OK

1.4 kB

URL GET
static.nc-img.com/uiraa/logo.4072d8d7bfca34be693eb0e573c3b7fe.png
IP
104.18.173.57:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ememe.zip/
Certificate
IssuerGoogle Trust Services
Subjectstatic.nc-img.com
Fingerprint26:09:6E:D4:CA:BE:9C:71:ED:B1:2B:FF:B1:FC:46:DC:C4:A3:C1:03
ValidityMon, 12 May 2025 01:08:08 GMT - Sun, 10 Aug 2025 02:08:04 GMT

File type
PNG image data, 219 x 43, 8-bit colormap, non-interlaced
Size
1.4 kB (1418 bytes)
Hash
4072d8d7bfca34be693eb0e573c3b7fe
6b2d4c85693daa99c1ab6b1d6134f10ec6c13a88
9b69072496fa454b46c2e91ea0bcfeeedc8a47b268a07863c9eee88082aa6937

HTTP Headers

GET /uiraa/logo.4072d8d7bfca34be693eb0e573c3b7fe.png HTTP/1.1
Host: static.nc-img.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ememe.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 May 2025 12:28:25 GMT
content-type: image/png
content-length: 1418
last-modified: Mon, 10 Feb 2025 16:00:23 GMT
etag: "67aa2297-58a"
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
age: 5216348
accept-ranges: bytes
server: cloudflare
cf-ray: 93e9ea71d8ff0b61-OSL
X-Firefox-Spdy: h2

static.nc-img.com/uiraa/hero.369b97593fa5f939cfc8fd458c458737.png

104.18.173.57

200 OK

19 kB

URL GET
static.nc-img.com/uiraa/hero.369b97593fa5f939cfc8fd458c458737.png
IP
104.18.173.57:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ememe.zip/
Certificate
IssuerGoogle Trust Services
Subjectstatic.nc-img.com
Fingerprint26:09:6E:D4:CA:BE:9C:71:ED:B1:2B:FF:B1:FC:46:DC:C4:A3:C1:03
ValidityMon, 12 May 2025 01:08:08 GMT - Sun, 10 Aug 2025 02:08:04 GMT

File type
PNG image data, 1440 x 225, 8-bit/color RGBA, interlaced
Size
19 kB (19182 bytes)
Hash
369b97593fa5f939cfc8fd458c458737
1ba24e9dccad4820d7036d40849f3a3661882b6b
f9b75086bd476abd93292b689dff7eef57d037834e7d0926107421492e22fa2c

HTTP Headers

GET /uiraa/hero.369b97593fa5f939cfc8fd458c458737.png HTTP/1.1
Host: static.nc-img.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ememe.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 May 2025 12:28:25 GMT
content-type: image/png
content-length: 19182
last-modified: Mon, 24 Feb 2025 18:11:47 GMT
etag: "67bcb663-4aee"
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
age: 481919
accept-ranges: bytes
server: cloudflare
cf-ray: 93e9ea71e9070b61-OSL
X-Firefox-Spdy: h2

static.nc-img.com/uiraa/app.987bc2c8f8959bbb732c.js

104.18.173.57

200 OK

76 kB

URL GET
static.nc-img.com/uiraa/app.987bc2c8f8959bbb732c.js
IP
104.18.173.57:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ememe.zip/
Certificate
IssuerGoogle Trust Services
Subjectstatic.nc-img.com
Fingerprint26:09:6E:D4:CA:BE:9C:71:ED:B1:2B:FF:B1:FC:46:DC:C4:A3:C1:03
ValidityMon, 12 May 2025 01:08:08 GMT - Sun, 10 Aug 2025 02:08:04 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (64880), with no line terminators
Size
76 kB (76178 bytes)
Hash
80826fc2763d20322be9b5b7a3fddd54
7784fcf802595516d81d5b8a1b58d131fc46af1e
59b3cf18fcdb1242d5bc5e02b6d7537ea50c9bec9b8eb818a35da80ebca3696e

HTTP Headers

GET /uiraa/app.987bc2c8f8959bbb732c.js HTTP/1.1
Host: static.nc-img.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ememe.zip
DNT: 1
Connection: keep-alive
Referer: http://ememe.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 May 2025 12:28:22 GMT
content-type: application/javascript
last-modified: Mon, 24 Feb 2025 18:11:47 GMT
vary: Accept-Encoding, Origin
etag: W/"67bcb663-12992"
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 93e9ea5bcb0f0b61-OSL
X-Firefox-Spdy: h2

static.nc-img.com/uiraa/libs/polyfills_469970f8ffedace1b5b8.js

104.18.173.57

200 OK

187 kB

URL GET
static.nc-img.com/uiraa/libs/polyfills_469970f8ffedace1b5b8.js
IP
104.18.173.57:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ememe.zip/
Certificate
IssuerGoogle Trust Services
Subjectstatic.nc-img.com
Fingerprint26:09:6E:D4:CA:BE:9C:71:ED:B1:2B:FF:B1:FC:46:DC:C4:A3:C1:03
ValidityMon, 12 May 2025 01:08:08 GMT - Sun, 10 Aug 2025 02:08:04 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (36846)
Size
187 kB (187309 bytes)
Hash
bbb0a7562a948ca06bcebb419b7b31fa
c2bf2b3b01d60231d96d422fb1e93eb9871a1f78
9c0bd44b3d16140158eb5f52b28e48cbdfdb7215b06dfeeb2cd07078361e1016

HTTP Headers

GET /uiraa/libs/polyfills_469970f8ffedace1b5b8.js HTTP/1.1
Host: static.nc-img.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ememe.zip
DNT: 1
Connection: keep-alive
Referer: http://ememe.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 May 2025 12:28:23 GMT
content-type: application/javascript
last-modified: Mon, 24 Feb 2025 18:11:47 GMT
vary: Accept-Encoding, Origin
etag: W/"67bcb663-2dbad"
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 93e9ea615b4c0b61-OSL
X-Firefox-Spdy: h2

www.namecheap.com/assets/img/nc-icon/favicon.ico

104.16.100.56

403 Forbidden

0 B

URL GET
www.namecheap.com/assets/img/nc-icon/favicon.ico
IP
104.16.100.56:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ememe.zip/
Certificate
IssuerSectigo Limited
Subjectwww.namecheap.com
Fingerprint40:0D:97:3F:80:06:D1:3F:F7:06:ED:0D:EA:30:D4:FD:5A:C1:8A:2A
ValidityTue, 10 Dec 2024 00:00:00 GMT - Wed, 07 Jan 2026 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/img/nc-icon/favicon.ico HTTP/1.1
Host: www.namecheap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ememe.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Mon, 12 May 2025 12:28:22 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server-timing: chlray;desc="93e9ea63a8d9b4f4"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: __cf_bm=jnpyK_nv0r7S4Pff8u8ATN1_lm7FaBTHA18addtOow0-1747052902-1.0.1.1-TxhTgwBw0Zili6PspCFbVx98JaRPwcTgONUYYOYR8zYvyaBsXs_3WvzpMpLuq1halrMkX.LbnOd_8QwDs92fpHQpKJcOCBAbX3UtS19IUBk; path=/; expires=Mon, 12-May-25 12:58:22 GMT; domain=.namecheap.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 93e9ea63a8d9b4f4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

static.nc-img.com/pp/nc-ui-globalenv/museo-sans-300-webfont.96dd56ebb50aa0150f6630360d8d69cf.woff2

104.18.173.57

200 OK

21 kB

URL GET
static.nc-img.com/pp/nc-ui-globalenv/museo-sans-300-webfont.96dd56ebb50aa0150f6630360d8d69cf.woff2
IP
104.18.173.57:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ememe.zip/
Certificate
IssuerGoogle Trust Services
Subjectstatic.nc-img.com
Fingerprint26:09:6E:D4:CA:BE:9C:71:ED:B1:2B:FF:B1:FC:46:DC:C4:A3:C1:03
ValidityMon, 12 May 2025 01:08:08 GMT - Sun, 10 Aug 2025 02:08:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20848, version 1.0
Size
21 kB (20848 bytes)
Hash
96dd56ebb50aa0150f6630360d8d69cf
8ada6284514db2f56a084733eed649b9c7d41f1f
93467f75842330c3502fc0268a7a62151f3744221ca7ffa6dc5057dac4a64cee

HTTP Headers

GET /pp/nc-ui-globalenv/museo-sans-300-webfont.96dd56ebb50aa0150f6630360d8d69cf.woff2 HTTP/1.1
Host: static.nc-img.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ememe.zip/
Origin: http://ememe.zip
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 May 2025 12:28:22 GMT
content-type: font/woff2
content-length: 20848
last-modified: Thu, 03 Apr 2025 14:29:24 GMT
etag: "67ee9b44-5170"
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 93e9ea5bdb170b61-OSL
X-Firefox-Spdy: h2

static.nc-img.com/pp/nc-ui-globalenv/museo-sans-300-webfont.79d75c0208e298dce66a21f77de03ef7.woff

104.18.173.57

200 OK

35 kB

URL GET
static.nc-img.com/pp/nc-ui-globalenv/museo-sans-300-webfont.79d75c0208e298dce66a21f77de03ef7.woff
IP
104.18.173.57:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ememe.zip/
Certificate
IssuerGoogle Trust Services
Subjectstatic.nc-img.com
Fingerprint26:09:6E:D4:CA:BE:9C:71:ED:B1:2B:FF:B1:FC:46:DC:C4:A3:C1:03
ValidityMon, 12 May 2025 01:08:08 GMT - Sun, 10 Aug 2025 02:08:04 GMT

File type
Web Open Font Format, TrueType, length 35241, version 0.0
Size
35 kB (35241 bytes)
Hash
79d75c0208e298dce66a21f77de03ef7
14541a65f08834b16aca7d79eb78300a65f1eda2
6a382a283c77b7e93e7bb5b0b1902242082a4800dac20da3334d641093b33005

HTTP Headers

GET /pp/nc-ui-globalenv/museo-sans-300-webfont.79d75c0208e298dce66a21f77de03ef7.woff HTTP/1.1
Host: static.nc-img.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ememe.zip
DNT: 1
Connection: keep-alive
Referer: https://static.nc-img.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 May 2025 12:28:22 GMT
content-type: font/woff
content-length: 35241
last-modified: Thu, 03 Apr 2025 14:29:24 GMT
etag: "67ee9b44-89a9"
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 93e9ea616b630b61-OSL
X-Firefox-Spdy: h2

static.nc-img.com/uiraa/libs/vendors_70ac76496c2b0e5ed06c.js

104.18.173.57

200 OK

612 kB

URL GET
static.nc-img.com/uiraa/libs/vendors_70ac76496c2b0e5ed06c.js
IP
104.18.173.57:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ememe.zip/
Certificate
IssuerGoogle Trust Services
Subjectstatic.nc-img.com
Fingerprint26:09:6E:D4:CA:BE:9C:71:ED:B1:2B:FF:B1:FC:46:DC:C4:A3:C1:03
ValidityMon, 12 May 2025 01:08:08 GMT - Sun, 10 Aug 2025 02:08:04 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (28860)
Size
612 kB (612502 bytes)
Hash
0b789b1da2ae8daafb7dbe161f39b121
0f6e5d831cce369b5ab370c48c0cb94c59068d5c
1230ad30ea6bbcc22f8e08d8a496c66aac8266db7a4b72b2c465e0ec89c2c658

HTTP Headers

GET /uiraa/libs/vendors_70ac76496c2b0e5ed06c.js HTTP/1.1
Host: static.nc-img.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ememe.zip
DNT: 1
Connection: keep-alive
Referer: http://ememe.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 May 2025 12:28:24 GMT
content-type: application/javascript
last-modified: Mon, 24 Feb 2025 18:11:47 GMT
vary: Accept-Encoding, Origin
etag: W/"67bcb663-95896"
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 93e9ea67dc110b61-OSL
X-Firefox-Spdy: h2

static.nc-img.com/uiraa/user.9c3b83fd37ab617bbe55d0fdc0222fa9.png

104.18.173.57

200 OK

3.4 kB

URL GET
static.nc-img.com/uiraa/user.9c3b83fd37ab617bbe55d0fdc0222fa9.png
IP
104.18.173.57:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ememe.zip/
Certificate
IssuerGoogle Trust Services
Subjectstatic.nc-img.com
Fingerprint26:09:6E:D4:CA:BE:9C:71:ED:B1:2B:FF:B1:FC:46:DC:C4:A3:C1:03
ValidityMon, 12 May 2025 01:08:08 GMT - Sun, 10 Aug 2025 02:08:04 GMT

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced
Size
3.4 kB (3384 bytes)
Hash
9c3b83fd37ab617bbe55d0fdc0222fa9
880e8419e745ea307cfd7b813b4c53590a893373
7307ff8fce6be70dbd3c6ec226910961f863b26f4abce662a7f757821e7b9b1f

HTTP Headers

GET /uiraa/user.9c3b83fd37ab617bbe55d0fdc0222fa9.png HTTP/1.1
Host: static.nc-img.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ememe.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 May 2025 12:28:25 GMT
content-type: image/png
content-length: 3384
last-modified: Fri, 16 Feb 2024 14:34:33 GMT
etag: "65cf7279-d38"
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
age: 14364864
accept-ranges: bytes
server: cloudflare
cf-ray: 93e9ea71f91f0b61-OSL
X-Firefox-Spdy: h2

ememe.zip/

0.0.0.0

0 B

URL User Request GET
ememe.zip/
IP
0.0.0.0:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

NIDS	Severity	Alert
suricata	low	ET INFO HTTP Request to a *.zip Domain

HTTP Headers

GET / HTTP/1.1
Host: ememe.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

ememe.zip/

198.54.117.242

200 OK

183 kB

URL User Request GET
ememe.zip/
IP
198.54.117.242:80
ASN
#22612 NAMECHEAP-NET

File type
HTML document, Unicode text, UTF-8 text, with very long lines (28512), with LF, NEL line terminators
Size
183 kB (183098 bytes)
Hash
0291c7e8ccc60ee68b5eed93f3082e2c
9cb8c6ad52a56920b959471716b9a761974fdff9
2aa0a001905519044c7ddb96cb9c30bcc83300eaea31ae91cc3fcd4f52afb1e6

Detections

NIDS	Severity	Alert
suricata	low	ET INFO HTTP Request to a *.zip Domain

HTTP Headers

GET / HTTP/1.1
Host: ememe.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 12 May 2025 12:28:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: SessionId=0111c74bff884ce39e781d047faac7a0; domain=.www.namecheap.com; path=/; httponly
x-ncpl-csrf=86798ea2133f48ee9b555d4987a9e358; domain=.www.namecheap.com; path=/; secure; samesite=none
X-Proxy-Cache: HIT
Server: namecheap-nginx
Content-Encoding: gzip

static.nc-img.com/uiraa/app.ab29bfd164428d10f32bc34df1cad4ed.css

104.18.173.57

200 OK

32 kB

URL GET
static.nc-img.com/uiraa/app.ab29bfd164428d10f32bc34df1cad4ed.css
IP
104.18.173.57:443
ASN
#13335 CLOUDFLARENET

Requested by
http://ememe.zip/
Certificate
IssuerGoogle Trust Services
Subjectstatic.nc-img.com
Fingerprint26:09:6E:D4:CA:BE:9C:71:ED:B1:2B:FF:B1:FC:46:DC:C4:A3:C1:03
ValidityMon, 12 May 2025 01:08:08 GMT - Sun, 10 Aug 2025 02:08:04 GMT

File type
ASCII text, with very long lines (31921), with no line terminators
Size
32 kB (31921 bytes)
Hash
ab29bfd164428d10f32bc34df1cad4ed
2429f345b1af2501e68724a011be327b63108edb
1c4e83808bf28a02416bfb12ee9fab3c5c55e075376a472d64fcfdbbfab01a51

HTTP Headers

GET /uiraa/app.ab29bfd164428d10f32bc34df1cad4ed.css HTTP/1.1
Host: static.nc-img.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ememe.zip
DNT: 1
Connection: keep-alive
Referer: http://ememe.zip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 May 2025 12:28:22 GMT
content-type: text/css
last-modified: Mon, 24 Feb 2025 18:11:47 GMT
vary: Accept-Encoding, Origin
etag: W/"67bcb663-7cb1"
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 93e9ea5beb230b61-OSL
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (17)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers