doc.bitninja.io Open in urlscan Pro
199.217.118.30 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
Submission: On July 09 via api (July 9th 2019, 1:43:54 am UTC) from AU

Summary HTTP 23 Redirects Links 4 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 23 HTTP transactions. The main IP is 199.217.118.30, located in St Louis, United States and belongs to HEG-US - HEG US Inc., US. The main domain is doc.bitninja.io.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on September 13th 2018. Valid for: 2 years.

This is the only time doc.bitninja.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
23	199.217.118.30 199.217.118.30		30083 (HEG-US) (HEG-US - HEG US Inc.)
23	1

23 199.217.118.30 (St Louis, United States)

ASN30083 (HEG-US - HEG US Inc., US)
PTR: usloft4934.serverprofi24.com

doc.bitninja.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	bitninja.io doc.bitninja.io	2 MB
23	1

	Domain	Requested by
23	doc.bitninja.io	doc.bitninja.io
23	1

This site contains links to these domains. Also see Links.

Domain
bitninja.io
sphinx-doc.org
github.com
readthedocs.org

Subject Issuer	Validity	Valid
*.bitninja.io COMODO RSA Domain Validation Secure Server CA	`2018-09-13` - `2020-09-27`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
Frame ID: 763EAF21D9F4D583B706823A5A5553DF
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

Pygments (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+pygments\.css["']/i

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /underscore.*\.js(?:\?ver=([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1938 kB
Transfer

1948 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://bitninja.io/blog/2016/01/11/how-botnets-expand-and-how-protect-against-them
Title: https://bitninja.io/blog/2016/01/11/how-botnets-expand-and-how-protect-against-them

Search URL Search Domain Scan URL

URL: http://sphinx-doc.org/
Title: Sphinx

Search URL Search Domain Scan URL

URL: https://github.com/rtfd/sphinx_rtd_theme
Title: theme

Search URL Search Domain Scan URL

URL: https://readthedocs.org/
Title: Read the Docs

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request investigations.html Show response
doc.bitninja.io/ 25 KB
8 KB 574ms
138ms Document
text/html 199.217.118.30
HEG US Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.217.118.30 St Louis, United States, ASN30083 (HEG-US - HEG US Inc., US),
Reverse DNS: usloft4934.serverprofi24.com
Software: nginx /
Resource Hash: dea4581d230de4c255799ecb6f36ade3f5d900727fb014a1a53374dcea701ff7

Request headers

Host: doc.bitninja.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Tue, 09 Jul 2019 01:43:35 GMT
Content-Type: text/html; charset=UTF-8
Last-Modified: Wed, 03 Jul 2019 13:02:18 GMT
Transfer-Encoding: chunked
ETag: W/"5d1ca75a-6510"
Expires: Tue, 09 Jul 2019 01:53:35 GMT
Cache-Control: max-age=600 public
Pragma: public
Content-Encoding: gzip

GET
H/1.1 200
OK modernizr.min.js Show response
doc.bitninja.io/_static/js/ 15 KB
15 KB 140ms
138ms Script
application/javascript 199.217.118.30
HEG US Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://doc.bitninja.io/_static/js/modernizr.min.js
Requested by: Host: doc.bitninja.io
URL: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.217.118.30 St Louis, United States, ASN30083 (HEG-US - HEG US Inc., US),
Reverse DNS: usloft4934.serverprofi24.com
Software: nginx /
Resource Hash: cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Request headers

Referer: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Tue, 09 Jul 2019 01:43:35 GMT
Last-Modified: Wed, 03 Jul 2019 13:01:58 GMT
Server: nginx
ETag: "5d1ca746-3c36"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=600, public
Accept-Ranges: bytes
Content-Length: 15414
Expires: Tue, 09 Jul 2019 01:53:35 GMT

GET
H/1.1 200
OK documentation_options.js Show response
doc.bitninja.io/_static/ 310 B
652 B 830ms
138ms Script
application/javascript 199.217.118.30
HEG US Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://doc.bitninja.io/_static/documentation_options.js
Requested by: Host: doc.bitninja.io
URL: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.217.118.30 St Louis, United States, ASN30083 (HEG-US - HEG US Inc., US),
Reverse DNS: usloft4934.serverprofi24.com
Software: nginx /
Resource Hash: 64a11d27c29ed0341842c0dda5a69b694889d6ab952e8a11e25c96120f1ca06b

Request headers

Referer: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Tue, 09 Jul 2019 01:43:36 GMT
Last-Modified: Wed, 03 Jul 2019 13:02:22 GMT
Server: nginx
ETag: "5d1ca75e-136"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=600, public
Accept-Ranges: bytes
Content-Length: 310
Expires: Tue, 09 Jul 2019 01:53:36 GMT

GET
H/1.1 200
OK jquery.js Show response
doc.bitninja.io/_static/ 85 KB
85 KB 968ms
138ms Script
application/javascript 199.217.118.30
HEG US Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://doc.bitninja.io/_static/jquery.js
Requested by: Host: doc.bitninja.io
URL: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.217.118.30 St Louis, United States, ASN30083 (HEG-US - HEG US Inc., US),
Reverse DNS: usloft4934.serverprofi24.com
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Tue, 09 Jul 2019 01:43:36 GMT
Last-Modified: Wed, 03 Jul 2019 13:00:53 GMT
Server: nginx
ETag: "5d1ca705-15283"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=600, public
Accept-Ranges: bytes
Content-Length: 86659
Expires: Tue, 09 Jul 2019 01:53:36 GMT

GET
H/1.1 200
OK underscore.js Show response
doc.bitninja.io/_static/ 12 KB
12 KB 1112ms
138ms Script
application/javascript 199.217.118.30
HEG US Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://doc.bitninja.io/_static/underscore.js
Requested by: Host: doc.bitninja.io
URL: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.217.118.30 St Louis, United States, ASN30083 (HEG-US - HEG US Inc., US),
Reverse DNS: usloft4934.serverprofi24.com
Software: nginx /
Resource Hash: 42d8fad13bc28fc726775196ec9ab953febf9bde175c5845128361c953fa17f4

Request headers

Referer: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Tue, 09 Jul 2019 01:43:36 GMT
Last-Modified: Wed, 03 Jul 2019 13:00:53 GMT
Server: nginx
ETag: "5d1ca705-2f6c"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=600, public
Accept-Ranges: bytes
Content-Length: 12140
Expires: Tue, 09 Jul 2019 01:53:36 GMT

GET
H/1.1 200
OK doctools.js Show response
doc.bitninja.io/_static/ 9 KB
9 KB 1251ms
138ms Script
application/javascript 199.217.118.30
HEG US Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://doc.bitninja.io/_static/doctools.js
Requested by: Host: doc.bitninja.io
URL: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.217.118.30 St Louis, United States, ASN30083 (HEG-US - HEG US Inc., US),
Reverse DNS: usloft4934.serverprofi24.com
Software: nginx /
Resource Hash: f63a9274a946b68069af217f81e270b89473c8c61280d4fd5dc663d46a00bc6e

Request headers

Referer: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Tue, 09 Jul 2019 01:43:36 GMT
Last-Modified: Wed, 03 Jul 2019 13:00:53 GMT
Server: nginx
ETag: "5d1ca705-2461"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=600, public
Accept-Ranges: bytes
Content-Length: 9313
Expires: Tue, 09 Jul 2019 01:53:36 GMT

GET
H/1.1 200
OK language_data.js Show response
doc.bitninja.io/_static/ 11 KB
11 KB 1390ms
138ms Script
application/javascript 199.217.118.30
HEG US Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://doc.bitninja.io/_static/language_data.js
Requested by: Host: doc.bitninja.io
URL: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.217.118.30 St Louis, United States, ASN30083 (HEG-US - HEG US Inc., US),
Reverse DNS: usloft4934.serverprofi24.com
Software: nginx /
Resource Hash: 4cd39856438b0eae2c0155ad15e281513959f7ccf998784e83e803b9be5b1b47

Request headers

Referer: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Tue, 09 Jul 2019 01:43:36 GMT
Last-Modified: Wed, 03 Jul 2019 13:02:22 GMT
Server: nginx
ETag: "5d1ca75e-2a5f"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=600, public
Accept-Ranges: bytes
Content-Length: 10847
Expires: Tue, 09 Jul 2019 01:53:36 GMT

GET
H/1.1 200
OK theme.js Show response
doc.bitninja.io/_static/js/ 4 KB
5 KB 1531ms
139ms Script
application/javascript 199.217.118.30
HEG US Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://doc.bitninja.io/_static/js/theme.js
Requested by: Host: doc.bitninja.io
URL: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.217.118.30 St Louis, United States, ASN30083 (HEG-US - HEG US Inc., US),
Reverse DNS: usloft4934.serverprofi24.com
Software: nginx /
Resource Hash: 54ecd5e16634220f8d921af1da4a5383038cbfcbaadf4fa7d022781ffd0a5c4f

Request headers

Referer: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Tue, 09 Jul 2019 01:43:37 GMT
Last-Modified: Wed, 03 Jul 2019 13:01:58 GMT
Server: nginx
ETag: "5d1ca746-113e"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=600, public
Accept-Ranges: bytes
Content-Length: 4414
Expires: Tue, 09 Jul 2019 01:53:37 GMT

GET
H/1.1 200
OK theme.css
doc.bitninja.io/_static/css/ 116 KB
116 KB 277ms
137ms Stylesheet
text/css 199.217.118.30
HEG US Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://doc.bitninja.io/_static/css/theme.css
Requested by: Host: doc.bitninja.io
URL: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.217.118.30 St Louis, United States, ASN30083 (HEG-US - HEG US Inc., US),
Reverse DNS: usloft4934.serverprofi24.com
Software: nginx /
Resource Hash: 4c69fd4e74dd3eb002a6c5998638270627ac61ae2a341c2e46f61b33ffc4f970

Request headers

Referer: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Tue, 09 Jul 2019 01:43:35 GMT
Last-Modified: Wed, 03 Jul 2019 13:01:58 GMT
Server: nginx
ETag: "5d1ca746-1ce44"
Content-Type: text/css
Cache-Control: max-age=600, public
Accept-Ranges: bytes
Content-Length: 118340
Expires: Tue, 09 Jul 2019 01:53:35 GMT

GET
H/1.1 200
OK pygments.css
doc.bitninja.io/_static/ 4 KB
5 KB 691ms
140ms Stylesheet
text/css 199.217.118.30
HEG US Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://doc.bitninja.io/_static/pygments.css
Requested by: Host: doc.bitninja.io
URL: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.217.118.30 St Louis, United States, ASN30083 (HEG-US - HEG US Inc., US),
Reverse DNS: usloft4934.serverprofi24.com
Software: nginx /
Resource Hash: 7029cabd6297c2a33d33024ab77167f9d7b2dafd5445ee24ca6e13a366426d46

Request headers

Referer: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Tue, 09 Jul 2019 01:43:36 GMT
Last-Modified: Wed, 03 Jul 2019 13:02:22 GMT
Server: nginx
ETag: "5d1ca75e-1110"
Content-Type: text/css
Cache-Control: max-age=600, public
Accept-Ranges: bytes
Content-Length: 4368
Expires: Tue, 09 Jul 2019 01:53:36 GMT

GET
H/1.1 200
OK bitninja-incident-report-1.jpg
doc.bitninja.io/_images/ 658 KB
658 KB 839ms
138ms Image
image/jpeg 199.217.118.30
HEG US Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc.bitninja.io/_images/bitninja-incident-report-1.jpg
Requested by: Host: doc.bitninja.io
URL: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.217.118.30 St Louis, United States, ASN30083 (HEG-US - HEG US Inc., US),
Reverse DNS: usloft4934.serverprofi24.com
Software: nginx /
Resource Hash: b2a8070510a76fb779809aff9a9cbc48e309960852bdcadc620da5c9129ae3fd

Request headers

Referer: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Tue, 09 Jul 2019 01:43:37 GMT
Last-Modified: Wed, 03 Jul 2019 12:57:13 GMT
Server: nginx
ETag: "5d1ca629-a4725"
Content-Type: image/jpeg
Cache-Control: max-age=600, public
Accept-Ranges: bytes
Content-Length: 673573
Expires: Tue, 09 Jul 2019 01:53:37 GMT

GET
H/1.1 200
OK bitninja-incident-report-public-page.PNG
doc.bitninja.io/_images/ 80 KB
80 KB 1829ms
139ms Image
image/png 199.217.118.30
HEG US Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc.bitninja.io/_images/bitninja-incident-report-public-page.PNG
Requested by: Host: doc.bitninja.io
URL: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.217.118.30 St Louis, United States, ASN30083 (HEG-US - HEG US Inc., US),
Reverse DNS: usloft4934.serverprofi24.com
Software: nginx /
Resource Hash: d4daa511a966d7f814c99d36baca026af651606f1927b2446aab95775d15ea81

Request headers

Referer: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Tue, 09 Jul 2019 01:43:38 GMT
Last-Modified: Wed, 03 Jul 2019 12:57:13 GMT
Server: nginx
ETag: "5d1ca629-13fc7"
Content-Type: image/png
Cache-Control: max-age=600, public
Accept-Ranges: bytes
Content-Length: 81863
Expires: Tue, 09 Jul 2019 01:53:38 GMT

GET
H/1.1 200
OK incident_explained.png
doc.bitninja.io/_images/ 62 KB
62 KB 1408ms
138ms Image
image/png 199.217.118.30
HEG US Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc.bitninja.io/_images/incident_explained.png
Requested by: Host: doc.bitninja.io
URL: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.217.118.30 St Louis, United States, ASN30083 (HEG-US - HEG US Inc., US),
Reverse DNS: usloft4934.serverprofi24.com
Software: nginx /
Resource Hash: 437e2b5c135222725efc24c4978091ffc77a31f2fcb208d8ba05372d49b43744

Request headers

Referer: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Tue, 09 Jul 2019 01:43:38 GMT
Last-Modified: Wed, 03 Jul 2019 12:57:13 GMT
Server: nginx
ETag: "5d1ca629-f649"
Content-Type: image/png
Cache-Control: max-age=600, public
Accept-Ranges: bytes
Content-Length: 63049
Expires: Tue, 09 Jul 2019 01:53:38 GMT

GET
H/1.1 200
OK incident_http_spam.png
doc.bitninja.io/_images/ 170 KB
171 KB 1550ms
138ms Image
image/png 199.217.118.30
HEG US Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc.bitninja.io/_images/incident_http_spam.png
Requested by: Host: doc.bitninja.io
URL: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.217.118.30 St Louis, United States, ASN30083 (HEG-US - HEG US Inc., US),
Reverse DNS: usloft4934.serverprofi24.com
Software: nginx /
Resource Hash: 71a43ae6667f832d3c44fac35f80fd053ad9094a45d24d2e4425c5f51dc7c867

Request headers

Referer: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Tue, 09 Jul 2019 01:43:38 GMT
Last-Modified: Wed, 03 Jul 2019 12:57:13 GMT
Server: nginx
ETag: "5d1ca629-2a8e9"
Content-Type: image/png
Cache-Control: max-age=600, public
Accept-Ranges: bytes
Content-Length: 174313
Expires: Tue, 09 Jul 2019 01:53:38 GMT

GET
H/1.1 200
OK incident_http_bruteforce.png
doc.bitninja.io/_images/ 52 KB
52 KB 1696ms
138ms Image
image/png 199.217.118.30
HEG US Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc.bitninja.io/_images/incident_http_bruteforce.png
Requested by: Host: doc.bitninja.io
URL: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.217.118.30 St Louis, United States, ASN30083 (HEG-US - HEG US Inc., US),
Reverse DNS: usloft4934.serverprofi24.com
Software: nginx /
Resource Hash: 852b58105158513ef6251f17bdcaddc730f72eb58051436482d1884b6fd22897

Request headers

Referer: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Tue, 09 Jul 2019 01:43:38 GMT
Last-Modified: Wed, 03 Jul 2019 12:57:13 GMT
Server: nginx
ETag: "5d1ca629-ce63"
Content-Type: image/png
Cache-Control: max-age=600, public
Accept-Ranges: bytes
Content-Length: 52835
Expires: Tue, 09 Jul 2019 01:53:38 GMT

GET
H/1.1 200
OK incident_http_script_injection.png
doc.bitninja.io/_images/ 28 KB
28 KB 1837ms
137ms Image
image/png 199.217.118.30
HEG US Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc.bitninja.io/_images/incident_http_script_injection.png
Requested by: Host: doc.bitninja.io
URL: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.217.118.30 St Louis, United States, ASN30083 (HEG-US - HEG US Inc., US),
Reverse DNS: usloft4934.serverprofi24.com
Software: nginx /
Resource Hash: 35d01816c6b9d6787d60e1979c91ee8b2218d07e98c97aae5abeb296aa75b57b

Request headers

Referer: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Tue, 09 Jul 2019 01:43:38 GMT
Last-Modified: Wed, 03 Jul 2019 12:57:13 GMT
Server: nginx
ETag: "5d1ca629-6ec5"
Content-Type: image/png
Cache-Control: max-age=600, public
Accept-Ranges: bytes
Content-Length: 28357
Expires: Tue, 09 Jul 2019 01:53:38 GMT

GET
H/1.1 200
OK incident_http_wpconfig.png
doc.bitninja.io/_images/ 23 KB
23 KB 848ms
138ms Image
image/png 199.217.118.30
HEG US Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc.bitninja.io/_images/incident_http_wpconfig.png
Requested by: Host: doc.bitninja.io
URL: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.217.118.30 St Louis, United States, ASN30083 (HEG-US - HEG US Inc., US),
Reverse DNS: usloft4934.serverprofi24.com
Software: nginx /
Resource Hash: ed49bc5124c78601f5c3c24b672b84f0eeda0d39470e0394b70c57c028b798eb

Request headers

Referer: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Tue, 09 Jul 2019 01:43:39 GMT
Last-Modified: Wed, 03 Jul 2019 12:57:13 GMT
Server: nginx
ETag: "5d1ca629-5a60"
Content-Type: image/png
Cache-Control: max-age=600, public
Accept-Ranges: bytes
Content-Length: 23136
Expires: Tue, 09 Jul 2019 01:53:39 GMT

GET
H/1.1 200
OK incident_dos.png
doc.bitninja.io/_images/ 30 KB
31 KB 845ms
138ms Image
image/png 199.217.118.30
HEG US Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc.bitninja.io/_images/incident_dos.png
Requested by: Host: doc.bitninja.io
URL: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.217.118.30 St Louis, United States, ASN30083 (HEG-US - HEG US Inc., US),
Reverse DNS: usloft4934.serverprofi24.com
Software: nginx /
Resource Hash: 5a736b31967607e84a0a84696cc8693ef1e8cf1cd4c640c74fdce80f480630ab

Request headers

Referer: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Tue, 09 Jul 2019 01:43:39 GMT
Last-Modified: Wed, 03 Jul 2019 12:57:13 GMT
Server: nginx
ETag: "5d1ca629-7953"
Content-Type: image/png
Cache-Control: max-age=600, public
Accept-Ranges: bytes
Content-Length: 31059
Expires: Tue, 09 Jul 2019 01:53:39 GMT

GET
H/1.1 200
OK lato-regular.woff2
doc.bitninja.io/_static/fonts/Lato/ 178 KB
179 KB 545ms
138ms Font
application/octet-stream 199.217.118.30
HEG US Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://doc.bitninja.io/_static/fonts/Lato/lato-regular.woff2

Requested by

Host: doc.bitninja.io
URL: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.217.118.30 St Louis, United States, ASN30083 (HEG-US - HEG US Inc., US),

Reverse DNS

usloft4934.serverprofi24.com

Software

nginx /

Resource Hash

983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://doc.bitninja.io/_static/css/theme.css
Origin: https://doc.bitninja.io

Response headers

Date: Tue, 09 Jul 2019 01:43:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 03 Jul 2019 13:01:58 GMT
Server: nginx
ETag: "5d1ca746-2c9b4"
X-Frame-Options: DENY
Content-Type: application/octet-stream
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Content-Length: 182708
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fontawesome-webfont.woff2
doc.bitninja.io/_static/fonts/ 75 KB
76 KB 688ms
138ms Font
application/octet-stream 199.217.118.30
HEG US Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://doc.bitninja.io/_static/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: doc.bitninja.io
URL: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.217.118.30 St Louis, United States, ASN30083 (HEG-US - HEG US Inc., US),

Reverse DNS

usloft4934.serverprofi24.com

Software

nginx /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://doc.bitninja.io/_static/css/theme.css
Origin: https://doc.bitninja.io

Response headers

Date: Tue, 09 Jul 2019 01:43:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 03 Jul 2019 13:01:58 GMT
Server: nginx
ETag: "5d1ca746-12d68"
X-Frame-Options: DENY
Content-Type: application/octet-stream
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Content-Length: 77160
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK lato-bold.woff2
doc.bitninja.io/_static/fonts/Lato/ 181 KB
181 KB 830ms
138ms Font
application/octet-stream 199.217.118.30
HEG US Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://doc.bitninja.io/_static/fonts/Lato/lato-bold.woff2

Requested by

Host: doc.bitninja.io
URL: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.217.118.30 St Louis, United States, ASN30083 (HEG-US - HEG US Inc., US),

Reverse DNS

usloft4934.serverprofi24.com

Software

nginx /

Resource Hash

ae88fc0d7a961832f809527d30bd3983a6866d42f66a56ade23f543681594db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://doc.bitninja.io/_static/css/theme.css
Origin: https://doc.bitninja.io

Response headers

Date: Tue, 09 Jul 2019 01:43:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 03 Jul 2019 13:01:58 GMT
Server: nginx
ETag: "5d1ca746-2d250"
X-Frame-Options: DENY
Content-Type: application/octet-stream
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Content-Length: 184912
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK roboto-slab-v7-bold.woff2
doc.bitninja.io/_static/fonts/RobotoSlab/ 66 KB
66 KB 975ms
138ms Font
application/octet-stream 199.217.118.30
HEG US Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://doc.bitninja.io/_static/fonts/RobotoSlab/roboto-slab-v7-bold.woff2

Requested by

Host: doc.bitninja.io
URL: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.217.118.30 St Louis, United States, ASN30083 (HEG-US - HEG US Inc., US),

Reverse DNS

usloft4934.serverprofi24.com

Software

nginx /

Resource Hash

1a0c024dd1a267c52d5575469ffe8570d1e84164de7d393cf3414bafd17d7a0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://doc.bitninja.io/_static/css/theme.css
Origin: https://doc.bitninja.io

Response headers

Date: Tue, 09 Jul 2019 01:43:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 03 Jul 2019 13:01:58 GMT
Server: nginx
ETag: "5d1ca746-106f0"
X-Frame-Options: DENY
Content-Type: application/octet-stream
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Content-Length: 67312
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK roboto-slab-v7-regular.woff2
doc.bitninja.io/_static/fonts/RobotoSlab/ 65 KB
65 KB 1118ms
138ms Font
application/octet-stream 199.217.118.30
HEG US Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://doc.bitninja.io/_static/fonts/RobotoSlab/roboto-slab-v7-regular.woff2

Requested by

Host: doc.bitninja.io
URL: https://doc.bitninja.io/investigations.html?utm_source=incident&utm_campaign=investigation&utm_content=documentation

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.217.118.30 St Louis, United States, ASN30083 (HEG-US - HEG US Inc., US),

Reverse DNS

usloft4934.serverprofi24.com

Software

nginx /

Resource Hash

874e42222856d7af03b3f438d21d923a4280d47fe67c48510e2174a1579795ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://doc.bitninja.io/_static/css/theme.css
Origin: https://doc.bitninja.io

Response headers

Date: Tue, 09 Jul 2019 01:43:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 03 Jul 2019 13:01:58 GMT
Server: nginx
ETag: "5d1ca746-1038c"
X-Frame-Options: DENY
Content-Type: application/octet-stream
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Content-Length: 66444
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| html5 object| Modernizr function| yepnope object| DOCUMENTATION_OPTIONS function| $ function| jQuery function| _ object| Documentation function| $u object| stopwords function| Stemmer object| splitChars function| splitQuery object| SphinxRtdTheme function| require object| expand

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

doc.bitninja.io
199.217.118.30
1a0c024dd1a267c52d5575469ffe8570d1e84164de7d393cf3414bafd17d7a0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
35d01816c6b9d6787d60e1979c91ee8b2218d07e98c97aae5abeb296aa75b57b
42d8fad13bc28fc726775196ec9ab953febf9bde175c5845128361c953fa17f4
437e2b5c135222725efc24c4978091ffc77a31f2fcb208d8ba05372d49b43744
4c69fd4e74dd3eb002a6c5998638270627ac61ae2a341c2e46f61b33ffc4f970
4cd39856438b0eae2c0155ad15e281513959f7ccf998784e83e803b9be5b1b47
54ecd5e16634220f8d921af1da4a5383038cbfcbaadf4fa7d022781ffd0a5c4f
5a736b31967607e84a0a84696cc8693ef1e8cf1cd4c640c74fdce80f480630ab
64a11d27c29ed0341842c0dda5a69b694889d6ab952e8a11e25c96120f1ca06b
7029cabd6297c2a33d33024ab77167f9d7b2dafd5445ee24ca6e13a366426d46
71a43ae6667f832d3c44fac35f80fd053ad9094a45d24d2e4425c5f51dc7c867
852b58105158513ef6251f17bdcaddc730f72eb58051436482d1884b6fd22897
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
874e42222856d7af03b3f438d21d923a4280d47fe67c48510e2174a1579795ef
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f
ae88fc0d7a961832f809527d30bd3983a6866d42f66a56ade23f543681594db6
b2a8070510a76fb779809aff9a9cbc48e309960852bdcadc620da5c9129ae3fd
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
d4daa511a966d7f814c99d36baca026af651606f1927b2446aab95775d15ea81
dea4581d230de4c255799ecb6f36ade3f5d900727fb014a1a53374dcea701ff7
ed49bc5124c78601f5c3c24b672b84f0eeda0d39470e0394b70c57c028b798eb
f63a9274a946b68069af217f81e270b89473c8c61280d4fd5dc663d46a00bc6e