Report - 185.83.249.119/u/z/o6p-jq2eVJLp-yC7Vy7rq7jypVgy4bJ2prqq2pgi5qEPGcEktCoxfpei5TgjnQ9iOQ9rnnBL9Ip

Report Overview

Visitedpublic

2023-11-18 02:28:57

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
affablely.com	unknown	2023-04-13	2023-06-17 16:21:11	2023-11-12 12:31:40	489 B	216 B	37.72.130.12
www.seedleafitem.com	unknown	2019-03-15	2019-03-29 04:29:32	2023-11-13 13:20:28	1.0 kB	3.9 kB	188.114.97.1
sentry.io	2743	2012-04-07	2016-08-31 07:38:44	2023-11-17 18:12:28	618 B	552 B	35.186.247.156
api.optoutsystem.com	97848	2009-03-06	2018-11-08 12:41:51	2023-11-17 18:36:30	2.4 kB	2.0 kB	35.162.132.76
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-11-17 18:38:01	1.1 kB	33 kB	216.58.207.227
ds2r9mr2r4h38.cloudfront.net	unknown	2008-04-25	2021-01-14 13:16:14	2023-11-17 18:36:29	922 B	937 kB	54.230.241.174
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-11-17 18:13:22	447 B	7.0 kB	142.250.74.106
185.83.249.119	unknown	unknown	No data	No data	490 B	299 B	185.83.249.119

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-18	medium	185.83.249.119	Sinkholed
2023-11-18	medium	seedleafitem.com	Sinkholed
2023-11-18	medium	seedleafitem.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (2)

	URL	From	Size	First Seen	Last Seen
	ds2r9mr2r4h38.cloudfront.net/assets/index-49edbe01.js	ScriptElement	748 kB	2023-11-18	2024-08-20
URL ds2r9mr2r4h38.cloudfront.net/assets/index-49edbe01.js IP / ASN 54.230.241.174 #16509 AMAZON-02 Introduced by ScriptElement Embedded false Resource Info First Seen 2023-11-18 Last Seen 2024-08-20 Times Seen 13 Size 748 kB (747605 bytes) MD5 29a6c2c60428cd1b988c2cd829cc2fa3 SHA1 7d24688e88693157b4c42dddf41b2850dfb289fc SHA256 1b1dcb2df68cbdee79788291e3bc38d3596c0a15e07a3fb4f4bf6c114afdb8fd Format Code Loading...

	unknown	Function	37 B	2023-04-11	2025-08-02
URL IP / ASN 0.0.0.0 #0 Introduced by Function Embedded false Resource Info First Seen 2023-04-11 Last Seen 2025-08-02 Times Seen 322036 Size 37 B (37 bytes) MD5 29d0c84b9d1d8da446a6062c6a840ad9 SHA1 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 SHA256 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Format Code Loading...

HTTP Transactions (14)

URL IP Response Size

GET 185.83.249.119/u/z/o6p-jq2eVJLp-yC7Vy7rq7jypVgy4bJ2prqq2pgi5qEPGcEktCoxfpei5TgjnQ9iOQ9rnnBL9Ip_rrMbMJ0JpEPvN0|gHpVCLDV

185.83.249.119

0 B

URL

185.83.249.119/u/z/o6p-jq2eVJLp-yC7Vy7rq7jypVgy4bJ2prqq2pgi5qEPGcEktCoxfpei5TgjnQ9iOQ9rnnBL9Ip_rrMbMJ0JpEPvN0|gHpVCLDV

IP / ASN

185.83.249.119

#43652 100 Limite - Servicos De Internet Online Lda

Requested byN/A

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5606204

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /u/z/o6p-jq2eVJLp-yC7Vy7rq7jypVgy4bJ2prqq2pgi5qEPGcEktCoxfpei5TgjnQ9iOQ9rnnBL9Ip_rrMbMJ0JpEPvN0|gHpVCLDV HTTP/1.1
Host: 185.83.249.119
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Sat, 18 Nov 2023 02:28:40 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Location: https://affablely.com/uff07419367669f9800
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET affablely.com/uff07419367669f9800

37.72.130.12

302 Found

0 B

URL

affablely.com/uff07419367669f9800

IP / ASN

37.72.130.12

Requested byN/A

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5606204

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerSectigo Limited

Subjectaffablely.com

Fingerprint4C:25:24:1A:7B:A9:D3:D3:BD:96:19:8A:93:2C:34:FE:A7:6E:BD:CC

ValidityWed, 19 Apr 2023 00:00:00 GMT - Thu, 18 Apr 2024 23:59:59 GMT

HTTP Headers

GET /uff07419367669f9800 HTTP/1.1
Host: affablely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Sat, 18 Nov 2023 02:28:48 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Server: Apache
Location: https://www.seedleafitem.com/o-tgfk-n15-f05f37509cc6e8ba8970e902ed62e13f

GET www.seedleafitem.com/o-tgfk-n15-f05f37509cc6e8ba8970e902ed62e13f

188.114.97.1

200 OK

1.5 kB

URL

www.seedleafitem.com/o-tgfk-n15-f05f37509cc6e8ba8970e902ed62e13f

IP / ASN

188.114.97.1

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

First Seen2023-11-18

Last Seen2023-11-26

Times Seen3

Size1.5 kB (1467 bytes)

MD5a2fffe8398ed69f1606e26abd07fcbe5

SHA12f5af8bae3bf966447289dd079b62701830c0965

SHA256630585d35f52a687d318a4f835ead066923eef5675c3b3735695f671a59fa2e6

Certificate Info

IssuerGoogle Trust Services LLC

Subjectseedleafitem.com

FingerprintA2:0C:00:AF:56:67:36:68:9F:F5:FE:7D:02:F4:89:00:39:93:3D:D7

ValidityTue, 07 Nov 2023 12:49:57 GMT - Mon, 05 Feb 2024 12:49:56 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /o-tgfk-n15-f05f37509cc6e8ba8970e902ed62e13f HTTP/1.1
Host: www.seedleafitem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 18 Nov 2023 02:28:49 GMT
content-type: text/html
last-modified: Thu, 16 Nov 2023 06:16:45 GMT
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Error from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ES_Dpe5IolSzwnMRj75gvr6lmHWuaYJqN9kIZbDjOGJL2fXZas0Z_w==
age: 72708
domain-integrity-check: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCChwfcv6wcKqklp5KyiErYDH8qL8fLHb7utwGSoCYenqLYQz4mcEq8jSctjdj82OIiqkwSTS6Xg52qx0e0dX2JShQdWWXe0K%2BCsVvNW%2BzLqar3bS5MZNHG00lG2s7gl5aipdQ5UQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 827cc83ebd030b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

POST sentry.io/api/1314267/envelope/?sentry_key=6c20ba397902400f9d47007cf6200a24&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.64.0

35.186.247.156

200 OK

2 B

URL

sentry.io/api/1314267/envelope/?sentry_key=6c20ba397902400f9d47007cf6200a24&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.64.0

IP / ASN

35.186.247.156

#15169 GOOGLE

Requested byhttps://www.seedleafitem.com/o-tgfk-n15-f05f37509cc6e8ba8970e902ed62e13f

Resource Info

File typeJSON data\012- , ASCII text, with no line terminators

First Seen2023-03-07

Last Seen2025-08-02

Times Seen257406

Size2 B (2 bytes)

MD599914b932bd37a50b983c5e7c90ae93b

SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Certificate Info

IssuerDigiCert Inc

Subjectsentry.io

Fingerprint18:3C:11:53:56:65:8B:09:02:F1:6B:26:E3:C2:C9:37:E0:E8:72:98

ValidityTue, 08 Aug 2023 00:00:00 GMT - Sat, 07 Sep 2024 23:59:59 GMT

HTTP Headers

POST /api/1314267/envelope/?sentry_key=6c20ba397902400f9d47007cf6200a24&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.64.0 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.seedleafitem.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 460
Origin: https://www.seedleafitem.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 18 Nov 2023 02:28:50 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: *
vary: origin,access-control-request-method,access-control-request-headers
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

POST api.optoutsystem.com/auth/legacy/optout-key

35.162.132.76

200 OK

0 B

URL

api.optoutsystem.com/auth/legacy/optout-key

IP / ASN

35.162.132.76

#16509 AMAZON-02

Requested byhttps://www.seedleafitem.com/o-tgfk-n15-f05f37509cc6e8ba8970e902ed62e13f

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5606204

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerAmazon

Subject*.optoutsystem.com

FingerprintD4:B7:39:B2:70:80:2A:62:D0:8F:29:A7:C4:B9:4F:38:7A:F7:F8:02

ValidityWed, 31 May 2023 00:00:00 GMT - Fri, 28 Jun 2024 23:59:59 GMT

HTTP Headers

OPTIONS /auth/legacy/optout-key HTTP/1.1
Host: api.optoutsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.seedleafitem.com/
Origin: https://www.seedleafitem.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 18 Nov 2023 02:28:50 GMT
vary: Origin
access-control-allow-origin: https://www.seedleafitem.com
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
X-Firefox-Spdy: h2

POST api.optoutsystem.com/auth/legacy/optout-key

35.162.132.76

200 OK

398 B

URL

api.optoutsystem.com/auth/legacy/optout-key

IP / ASN

35.162.132.76

#16509 AMAZON-02

Requested byhttps://www.seedleafitem.com/o-tgfk-n15-f05f37509cc6e8ba8970e902ed62e13f

Resource Info

File typeJSON data\012- , ASCII text, with very long lines (398), with no line terminators

First Seen2023-11-18

Last Seen2023-11-18

Times Seen1

Size398 B (398 bytes)

MD5f463b7dcaf8fc6c1eef9daa9d7461aca

SHA12b0aecc1fb2c37cecb80df8375985100cf8cfc83

SHA2564e60152fd5c49be069958b93accbba5e0e90907e173b26b07f2e7cca398e3733

Certificate Info

IssuerAmazon

Subject*.optoutsystem.com

FingerprintD4:B7:39:B2:70:80:2A:62:D0:8F:29:A7:C4:B9:4F:38:7A:F7:F8:02

ValidityWed, 31 May 2023 00:00:00 GMT - Fri, 28 Jun 2024 23:59:59 GMT

HTTP Headers

POST /auth/legacy/optout-key HTTP/1.1
Host: api.optoutsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 91
Origin: https://www.seedleafitem.com
DNT: 1
Connection: keep-alive
Referer: https://www.seedleafitem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 18 Nov 2023 02:28:50 GMT
content-type: application/json; charset=utf-8
content-length: 398
vary: Origin
access-control-allow-origin: https://www.seedleafitem.com
access-control-allow-credentials: true
x-ratelimit-remaining: 1499
x-ratelimit-reset: 1700274590
x-ratelimit-limit: 1500
cache-control: no-cache
pragma: no-cache
expires: -1
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

IP / ASN

216.58.207.227

#15169 GOOGLE

Requested byhttps://www.seedleafitem.com/o-tgfk-n15-f05f37509cc6e8ba8970e902ed62e13f

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data

First Seen2023-04-05

Last Seen2025-08-02

Times Seen151637

Size16 kB (15744 bytes)

MD515d9f621c3bd1599f0169dcf0bd5e63e

SHA17ca9c5967f3bb8bffeab24b639b49c1e7d03fa52

SHA256f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Certificate Info

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD

ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.seedleafitem.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 04:57:34 GMT
expires: Fri, 15 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 163877
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

OPTIONS api.optoutsystem.com/campaigns/240888/optout-page

35.162.132.76

204 No Content

0 B

URL

api.optoutsystem.com/campaigns/240888/optout-page

IP / ASN

35.162.132.76

#16509 AMAZON-02

Requested byhttps://www.seedleafitem.com/o-tgfk-n15-f05f37509cc6e8ba8970e902ed62e13f

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5606204

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerAmazon

Subject*.optoutsystem.com

FingerprintD4:B7:39:B2:70:80:2A:62:D0:8F:29:A7:C4:B9:4F:38:7A:F7:F8:02

ValidityWed, 31 May 2023 00:00:00 GMT - Fri, 28 Jun 2024 23:59:59 GMT

HTTP Headers

OPTIONS /campaigns/240888/optout-page HTTP/1.1
Host: api.optoutsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://www.seedleafitem.com/
Origin: https://www.seedleafitem.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 18 Nov 2023 02:28:51 GMT
vary: Origin
access-control-allow-origin: https://www.seedleafitem.com
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: authorization
X-Firefox-Spdy: h2

OPTIONS api.optoutsystem.com/campaigns/240888/optout-page

35.162.132.76

204 No Content

172 B

URL

api.optoutsystem.com/campaigns/240888/optout-page

IP / ASN

35.162.132.76

#16509 AMAZON-02

Requested byhttps://www.seedleafitem.com/o-tgfk-n15-f05f37509cc6e8ba8970e902ed62e13f

Resource Info

File typeJSON data\012- , ASCII text, with no line terminators

First Seen2023-04-05

Last Seen2025-08-01

Times Seen834

Size172 B (172 bytes)

MD5f138aa519c0af778da470765aea3514e

SHA13192ff5f13ccf822a1a4ed5f33d3ac695e26e318

SHA256dd6d49a44dc3392bc0c6b2e93705c201ed8c700962257cd7fb2b516cc0d76e09

Certificate Info

IssuerAmazon

Subject*.optoutsystem.com

FingerprintD4:B7:39:B2:70:80:2A:62:D0:8F:29:A7:C4:B9:4F:38:7A:F7:F8:02

ValidityWed, 31 May 2023 00:00:00 GMT - Fri, 28 Jun 2024 23:59:59 GMT

HTTP Headers

GET /campaigns/240888/optout-page HTTP/1.1
Host: api.optoutsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0eXBlIjoib3B0b3V0IiwiY2FtcGFpZ25faWQiOjI0MDg4OCwibWFpbGVyX2lkIjo1NDE5MSwiY21hX2lkIjo1NDczNTMwNSwiaWF0IjoxNzAwMjc0NTMwLCJleHAiOjE3MDIwODg5MzB9.Shsvr7HYvF4gNZE2m5SgZrdsh3TuzoXMKI8MN3Ad5w0
Origin: https://www.seedleafitem.com
DNT: 1
Connection: keep-alive
Referer: https://www.seedleafitem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 18 Nov 2023 02:28:51 GMT
content-type: application/json; charset=utf-8
content-length: 172
vary: Origin
access-control-allow-origin: https://www.seedleafitem.com
access-control-allow-credentials: true
x-ratelimit-remaining: 1498
x-ratelimit-reset: 1700274590
x-ratelimit-limit: 1500
cache-control: no-cache
pragma: no-cache
expires: -1
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

IP / ASN

216.58.207.227

#15169 GOOGLE

Requested byhttps://www.seedleafitem.com/o-tgfk-n15-f05f37509cc6e8ba8970e902ed62e13f

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data

First Seen2023-04-05

Last Seen2025-08-01

Times Seen60853

Size16 kB (15920 bytes)

MD53a44e06eb954b96aa043227f3534189d

SHA123cef6993ddb2b2979e8e7647fc3763694e2ba7d

SHA256b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Certificate Info

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD

ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.seedleafitem.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 17:28:13 GMT
expires: Fri, 15 Nov 2024 17:28:13 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 118838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET ds2r9mr2r4h38.cloudfront.net/assets/index-47a7c854.css

54.230.241.174

200 OK

188 kB

URL

ds2r9mr2r4h38.cloudfront.net/assets/index-47a7c854.css

IP / ASN

54.230.241.174

#16509 AMAZON-02

Requested byhttps://www.seedleafitem.com/o-tgfk-n15-f05f37509cc6e8ba8970e902ed62e13f

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5606204

Size188 kB (188447 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerAmazon

Subject*.cloudfront.net

FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52

ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

HTTP Headers

GET /assets/index-47a7c854.css HTTP/1.1
Host: ds2r9mr2r4h38.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.seedleafitem.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
date: Thu, 16 Nov 2023 06:17:03 GMT
last-modified: Thu, 16 Nov 2023 06:16:48 GMT
etag: W/"6e362b0a408e9e5227ace5e257e607ed"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: AmazonS3
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7Zjj4gUUAM7-zGpi4iN6dK4e2lCiKpP9YYtk8GhK-Z2ZHum2uYQZKA==
age: 159107
domain-integrity-check: true
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

GET www.seedleafitem.com/favicon.ico

188.114.97.1

404 Not Found

559 B

URL

www.seedleafitem.com/favicon.ico

IP / ASN

188.114.97.1

#13335 CLOUDFLARENET

Requested byhttps://www.seedleafitem.com/o-tgfk-n15-f05f37509cc6e8ba8970e902ed62e13f

Resource Info

File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (600), with no line terminators

First Seen2023-10-19

Last Seen2023-11-19

Times Seen26

Size559 B (559 bytes)

MD529619360e204e1951fc21b0cf2584571

SHA18edfe0a477661cfd423e648ee7f8bfea39ee4999

SHA2569e8651033aec08b12baeb1d8563379e791db0e3aa362c2da66f7306b167aaa3e

Certificate Info

IssuerGoogle Trust Services LLC

Subjectseedleafitem.com

FingerprintA2:0C:00:AF:56:67:36:68:9F:F5:FE:7D:02:F4:89:00:39:93:3D:D7

ValidityTue, 07 Nov 2023 12:49:57 GMT - Mon, 05 Feb 2024 12:49:56 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.seedleafitem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.seedleafitem.com/o-tgfk-n15-f05f37509cc6e8ba8970e902ed62e13f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sat, 18 Nov 2023 02:28:49 GMT
content-type: text/html
cache-control: public, max-age=31536000, immutable
x-ms-error-code: WebContentNotFound
x-ms-request-id: 019b86ac-c01e-00eb-36f4-061755000000
x-ms-version: 2018-03-28
x-cache: CONFIG_NOCACHE
domain-integrity-check: true
x-azure-ref: 0gow4ZQAAAADpaZtHbKs3SbhKscEAxaV4U1RPRURHRTE5MTcANjQ0YmM3NjAtOGNlMS00Y2EyLWJiMTYtODg0MTFmOWE0ZDhh
cf-cache-status: HIT
age: 2069726
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJtwgRPo29UGP8I0%2BMBKq6QhTzuys0Kjs92FycFdFnGVvZwZ9KTaSpPqhlxarU%2B6mB5xr7Riq0zOHd3z97m5NQG%2FV9UmL62c%2FytI%2FiSPnYPJOix04HCzYu8zhp3GrYZOSqFbXGnAsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 827cc843fdd756a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET ds2r9mr2r4h38.cloudfront.net/assets/index-49edbe01.js

54.230.241.174

200 OK

748 kB

URL

ds2r9mr2r4h38.cloudfront.net/assets/index-49edbe01.js

IP / ASN

54.230.241.174

#16509 AMAZON-02

Requested byhttps://www.seedleafitem.com/o-tgfk-n15-f05f37509cc6e8ba8970e902ed62e13f

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5606204

Size748 kB (747605 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerAmazon

Subject*.cloudfront.net

FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52

ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

HTTP Headers

GET /assets/index-49edbe01.js HTTP/1.1
Host: ds2r9mr2r4h38.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seedleafitem.com
DNT: 1
Connection: keep-alive
Referer: https://www.seedleafitem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Thu, 16 Nov 2023 06:17:03 GMT
last-modified: Thu, 16 Nov 2023 06:16:48 GMT
etag: W/"29a6c2c60428cd1b988c2cd829cc2fa3"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JgSA1IGtis_LWYzZFAWToMFVwV8USolXNGw8jvPbVfPwpuutYPIOvA==
age: 159107
domain-integrity-check: true
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css?family=Roboto:300,400,500

142.250.74.106

200 OK

6.4 kB

URL

fonts.googleapis.com/css?family=Roboto:300,400,500

IP / ASN

142.250.74.106

#15169 GOOGLE

Requested byhttps://www.seedleafitem.com/o-tgfk-n15-f05f37509cc6e8ba8970e902ed62e13f

Resource Info

File typeASCII text, with very long lines (6530), with no line terminators

First Seen2023-05-05

Last Seen2024-08-21

Times Seen3181

Size6.4 kB (6362 bytes)

MD5feddc562097e437af08febef83792dbe

SHA14d1d430f50e555657f1a135bcf655877597b38ca

SHA256284e88ea80c2a259fedfeb2cd060bd55616e22a73693c779061741385239c46b

Certificate Info

IssuerGoogle Trust Services LLC

Subjectupload.video.google.com

FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42

ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

HTTP Headers

GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.seedleafitem.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 18 Nov 2023 02:28:49 GMT
date: Sat, 18 Nov 2023 02:28:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2