| evilsite.com/r57.txt?nbsp | 5.100.253.64 | 404 Not Found | 178 B |
URL User Request GET HTTP/2evilsite.com/r57.txt?nbsp IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashcd2e0e43980a00fb6a2742d3afd803b8 81ffbd1712afe8cdf138b570c0fc9934742c33c1 bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /r57.txt?nbsp HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Tue, 16 Apr 2024 05:13:06 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=20
Location: https://evilsite.com/r57.txt?nbsp
Server: uPressPowerEdge
|
|
| evilsite.com/r57.txt?nbsp | 5.100.253.64 | 404 Not Found | 21 kB |
URL User Request GET HTTP/2evilsite.com/r57.txt?nbsp IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typegzip compressed data, from Unix Hash36ec86869f1fee0eff52471cd020a65f 25b66fac4f24ee5cdb2027ccce44906fd3879131 3d5bed17e2a0d01021ebacd0a3b140fb000d6666c6bc9b2f25597113b653abef
GET /r57.txt?nbsp HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://evilsite.com/wp-json/>; rel="https://api.w.org/"
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/themes/twentyseventeen/style.css | 5.100.253.64 | 200 OK | 16 kB |
URL GET HTTP/2evilsite.com/wp-content/themes/twentyseventeen/style.css IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typegzip compressed data, from Unix Hash27a7a78157babff02b1c181873ef7e9b efa6e666315ec135389ec33465bb026ea5bf883f d7f4253f2bd20bac14c36828ec7b56d692aaf91343304de36f823ecddae4d7c2
GET /wp-content/themes/twentyseventeen/style.css HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: text/css
last-modified: Thu, 17 Jan 2019 07:40:59 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5c40318b-1445c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/uploads/2019/01/OT-WEB-DESIGN-SITE-square.png | 5.100.253.64 | 200 OK | 4.8 kB |
URL GET HTTP/2evilsite.com/wp-content/uploads/2019/01/OT-WEB-DESIGN-SITE-square.png IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typePNG image data, 400 x 40, 8-bit/color RGBA, non-interlaced Hashb2d7eae7a8207a9f15c71007794d0535 b4e4d572ec8bfc01add68a3e76db6ed0884621c4 e36378c50df9886f60ffa951dbe4c45d67832ae944452d894cea898d5ad65df4
GET /wp-content/uploads/2019/01/OT-WEB-DESIGN-SITE-square.png HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: image/png
content-length: 4760
last-modified: Sun, 20 Jan 2019 04:28:37 GMT
etag: "5c43f8f5-1298"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/uploads/2019/01/cropped-ossn-logo-W.png | 5.100.253.64 | 200 OK | 44 kB |
URL GET HTTP/2evilsite.com/wp-content/uploads/2019/01/cropped-ossn-logo-W.png IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typePNG image data, 741 x 250, 8-bit/color RGBA, non-interlaced Hash97faed7f44d8c26ded845a345f965aa3 2fcf39600bd3a58244142b71cd915015cdbf2ced 5f0d8c5bb1aa5366df3ae40bd32eb2d9e89c977c886d0f29ddee419533acf2b6
GET /wp-content/uploads/2019/01/cropped-ossn-logo-W.png HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: image/png
content-length: 44242
last-modified: Sun, 20 Jan 2019 04:34:00 GMT
etag: "5c43fa38-acd2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 | 5.100.253.64 | 200 OK | 77 kB |
URL GET HTTP/2evilsite.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:08 GMT
content-type: application/octet-stream
content-length: 77160
last-modified: Wed, 23 Jan 2019 02:41:42 GMT
etag: "5c47d466-12d68"
expires: Tue, 15 Apr 2025 00:23:42 GMT
cache-control: max-age=31536000
server: uPressPowerEdge
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/plugins/ultimate-elementor/assets/min-css/uael-frontend-rtl.min.css | 5.100.253.64 | 200 OK | 28 kB |
URL GET HTTP/2evilsite.com/wp-content/plugins/ultimate-elementor/assets/min-css/uael-frontend-rtl.min.css IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typegzip compressed data, from Unix Hash73e00381eaa183f3294e928d7c29ff74 38c7c1da5ae9be8c11558a407da7d10b11b7c310 b9260b13a5b5064ead11ff1b8d2f50a0a9ecc230bd9f3d11c380dedba541d7c3
GET /wp-content/plugins/ultimate-elementor/assets/min-css/uael-frontend-rtl.min.css HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: text/css
last-modified: Fri, 18 Jan 2019 01:01:19 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5c41255f-3b105"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css | 5.100.253.64 | 200 OK | 38 kB |
URL GET HTTP/2evilsite.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typegzip compressed data, from Unix Hash277da5bab34fff75e047507d8951e464 38c7db39b6c2e3a46e69f90aad3d578b86eae4ff 4daad7782051e72d2b89c154135850ff3662e2845607961ee17faa610836bdc6
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: text/css
last-modified: Wed, 23 Jan 2019 02:41:40 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5c47d464-4824"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/plugins/elementor/assets/css/frontend-rtl.min.css | 5.100.253.64 | 200 OK | 48 kB |
URL GET HTTP/2evilsite.com/wp-content/plugins/elementor/assets/css/frontend-rtl.min.css IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typegzip compressed data, from Unix Hashac0d2e219531418ebf5b200cdd54042e 49b1cc115e5967498174f5ce6a5a1e86582c1d2d 3bb03c815f00f4fd8f2428f0d45f32e7cd2960eb1bb46906affe445de5282609
GET /wp-content/plugins/elementor/assets/css/frontend-rtl.min.css HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: text/css
last-modified: Wed, 23 Jan 2019 02:41:40 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5c47d464-16b1c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nDrXyi0A.woff2 | 216.58.207.227 | 200 OK | 8.7 kB |
URL GET HTTP/2fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nDrXyi0A.woff2 IP216.58.207.227:443
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 8704, version 1.0 Hash01efc0081fad32ac8384bce84e9c1255 ea05ee1335e201975df33be38c329a9a6dede9af 95d333fe759e20b583db9f83f3c1c9ada96da201f38f9c917e70d92bf711753b
GET /s/rubik/v28/iJWKBXyIfDnIV7nDrXyi0A.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://evilsite.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:46:21 GMT
expires: Fri, 11 Apr 2025 02:46:21 GMT
cache-control: public, max-age=31536000
age: 440807
last-modified: Thu, 29 Jun 2023 16:18:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/plugins/elementor/assets/js/frontend.min.js | 5.100.253.64 | 200 OK | 20 kB |
URL GET HTTP/2evilsite.com/wp-content/plugins/elementor/assets/js/frontend.min.js IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typegzip compressed data, from Unix Hasha16569c83d98eb033f3382cd99f2a31e 382c00c0ad3ec335a2750c1ab368fc5bd09435f1 4cc1397fb6ec0d16db99bf678ff2c82672e80e16e6d872ccf6a7270cdb245817
GET /wp-content/plugins/elementor/assets/js/frontend.min.js HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: application/javascript
last-modified: Wed, 23 Jan 2019 02:41:38 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5c47d462-a415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css | 5.100.253.64 | 200 OK | 74 kB |
URL GET HTTP/2evilsite.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typegzip compressed data, from Unix Hash64efd989e8852a98949b04b7503a243e ea4d0032b1d69fd93698939810c3360d785bacb9 05c6526b9a4a46bfb895d28ae0a786ba712b997815c5031a6e8814a4fbaa8ce1
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: text/css
last-modified: Wed, 23 Jan 2019 02:41:42 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5c47d466-2cd6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/uploads/2019/01/cropped-ossn-logo-W-1-192x192.png | 5.100.253.64 | 200 OK | 14 kB |
URL GET HTTP/2evilsite.com/wp-content/uploads/2019/01/cropped-ossn-logo-W-1-192x192.png IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hashb70cde9d1fb7c02a0beabaa4f3c669bd 97b7e832e23a2c1a7d9b423012f0f684708be738 0cad365eeb3a31d264536839e890ad541897d93bc95d18109dc4d4306625eb12
GET /wp-content/uploads/2019/01/cropped-ossn-logo-W-1-192x192.png HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:08 GMT
content-type: image/png
content-length: 14394
last-modified: Sun, 20 Jan 2019 04:34:56 GMT
etag: "5c43fa70-383a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/uploads/2019/01/cropped-ossn-logo-W-1-32x32.png | 5.100.253.64 | 200 OK | 1.5 kB |
URL GET HTTP/2evilsite.com/wp-content/uploads/2019/01/cropped-ossn-logo-W-1-32x32.png IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hashb633248c20532ec79c6ccab05e14afab acedbd9ca11b3fab71be427116d3790294011bef 935706d8736580cd4c0575c3bb27f126d6363747fa13314a288be160a054af1a
GET /wp-content/uploads/2019/01/cropped-ossn-logo-W-1-32x32.png HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:08 GMT
content-type: image/png
content-length: 1517
last-modified: Sun, 20 Jan 2019 04:34:56 GMT
etag: "5c43fa70-5ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js | 216.58.207.234 | 200 OK | 31 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js IP216.58.207.234:443
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hash220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 09 Apr 2024 07:26:45 GMT
expires: Wed, 09 Apr 2025 07:26:45 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 596783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/uploads/elementor/css/post-16.css | 5.100.253.64 | 200 OK | 5.3 kB |
URL GET HTTP/2evilsite.com/wp-content/uploads/elementor/css/post-16.css IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typeASCII text, with very long lines (5316), with no line terminators Hashcca4ab9650f0d9935e0c00dc1fe892e2 a59c4e07eff724be94cafb17cc62987ba100ee3e 2f280b984dc25c15d7515fe52ac2f09172ec3101fc82ef71caf3506ca8b915a2
GET /wp-content/uploads/elementor/css/post-16.css HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: text/css
last-modified: Thu, 28 Mar 2019 04:42:27 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5c9c50b3-14c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Rubik%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=hebrew&ver=4.9.25 | 142.250.74.106 | 200 OK | 33 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Rubik%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=hebrew&ver=4.9.25 IP142.250.74.106:443
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (634) Hash526a73e87d7c67388013eb7c840fafd2 262324c27f1c25f81fbe17822a116c388fec5915 e55a2fbca0063b3c0e83ed0ffa8f70f6a66290e6327c63c7643b471b8a9e87fa
GET /css?family=Rubik%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=hebrew&ver=4.9.25 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 05:13:07 GMT
date: Tue, 16 Apr 2024 05:13:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-includes/js/jquery/jquery-migrate.min.js | 5.100.253.64 | 200 OK | 10 kB |
URL GET HTTP/2evilsite.com/wp-includes/js/jquery/jquery-migrate.min.js IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typeJavaScript source, ASCII text, with very long lines (9959) Hash7121994eec5320fbe6586463bf9651c2 90532aff6d4121954254cdf04994d834f7ec169b 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: application/javascript
last-modified: Thu, 17 Jan 2019 07:43:53 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5c403239-2748"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js | 5.100.253.64 | 200 OK | 80 kB |
URL GET HTTP/2evilsite.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typeJavaScript source, ASCII text, with very long lines (65493) Hashbc597389f26a02a9c60d7cb5dbb81613 52742a63753e85068ce94c8eddfd215721b96755 4a98c73b345ac00aa3f59b7e2e688012bed66e1169012819c96aa5be7852935e
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: application/javascript
last-modified: Wed, 23 Jan 2019 02:41:48 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5c47d46c-137e0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/plugins/elementor-pro/assets/css/frontend-rtl.min.css | 5.100.253.64 | 200 OK | 188 kB |
URL GET HTTP/2evilsite.com/wp-content/plugins/elementor-pro/assets/css/frontend-rtl.min.css IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
Size188 kB (187607 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/plugins/elementor-pro/assets/css/frontend-rtl.min.css HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: text/css
last-modified: Wed, 23 Jan 2019 02:41:48 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5c47d46c-2dcd7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/uploads/elementor/css/post-10.css | 5.100.253.64 | 200 OK | 13 kB |
URL GET HTTP/2evilsite.com/wp-content/uploads/elementor/css/post-10.css IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typeASCII text, with very long lines (4066) Hash0e57c433cca603e0a3b85d7a64f6fbee 38cf5394c7fc446cef8ff953da434a51f976c907 4652d319121ac7cda42fbaec1405ca02026b09db0612e7a433908548220dc76c
GET /wp-content/uploads/elementor/css/post-10.css HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: text/css
last-modified: Thu, 28 Mar 2019 04:42:27 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5c9c50b3-31c3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js | 5.100.253.64 | 200 OK | 5.8 kB |
URL GET HTTP/2evilsite.com/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typeJavaScript source, ASCII text, with very long lines (6626), with no line terminators Hash84c4498bce9021e92a166160d2e6ca3e 2afdc5678718905d3cac3869fe26d035799e94fa de12b0bd462c6f412ac6f0d33995c9ea7051ffa827733790baf33c61a649453a
GET /wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: application/javascript
last-modified: Thu, 17 Jan 2019 07:41:30 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5c4031aa-16cc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js | 5.100.253.64 | 200 OK | 12 kB |
URL GET HTTP/2evilsite.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typeJavaScript source, ASCII text, with very long lines (12198), with no line terminators Hash3819c3569da71daec283a75483735f7e ecd40a5cc6f0b76200c454ca880210dc301cfab8 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: application/javascript
last-modified: Wed, 23 Jan 2019 02:41:40 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5c47d464-2fa6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2 | 216.58.207.227 | 200 OK | 35 kB |
URL GET HTTP/2fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2 IP216.58.207.227:443
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 35448, version 1.0 Hash5c138044f30b8c78119264cd744e686a 7605e014180d49087785350bd1906c16c389690d 47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
GET /s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://evilsite.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35448
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 12 Apr 2024 17:04:23 GMT
expires: Sat, 12 Apr 2025 17:04:23 GMT
cache-control: public, max-age=31536000
age: 302925
last-modified: Thu, 29 Jun 2023 16:14:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-N5P4T8T | 142.250.74.168 | 200 OK | 198 kB |
URL GET HTTP/2www.googletagmanager.com/gtm.js?id=GTM-N5P4T8T IP142.250.74.168:443
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (2165) Size198 kB (197801 bytes) Hash42ffbcfb77a058c48dcfd02640f2f3eb e8080b09e470a02fd4956be46e9884f7d468cac8 ab720838164c7b7d0378f6d6d8653cb70e3acf3b2c6b375b3f487d97ecd847ef
GET /gtm.js?id=GTM-N5P4T8T HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 05:13:08 GMT
expires: Tue, 16 Apr 2024 05:13:08 GMT
cache-control: private, max-age=900
last-modified: Tue, 16 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71917
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| http//p46312-453-8598.s453.upress.link/wp-content/uploads/2019/01/road.jpg | 0.0.0.0 | | 0 B |
URL GET http//p46312-453-8598.s453.upress.link/wp-content/uploads/2019/01/road.jpg IP0.0.0.0:0
Requested byhttps://evilsite.com/r57.txt?nbsp
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET //p46312-453-8598.s453.upress.link/wp-content/uploads/2019/01/road.jpg HTTP/1.1
Host: http
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| evilsite.com/wp-content/themes/twentyseventeen/rtl.css | 5.100.253.64 | 200 OK | 9.6 kB |
URL GET HTTP/2evilsite.com/wp-content/themes/twentyseventeen/rtl.css IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typeASCII text, with very long lines (10499), with no line terminators Hash984ec98c4beba913d9b7fa1f02577ee2 5dfc46991cac0a3c07a847355d6a80e81c73bda5 3e7bb6f32ea378e069b7a4875be1041bcc21c16ae554e47470cc3656b16e4764
GET /wp-content/themes/twentyseventeen/rtl.css HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: text/css
last-modified: Thu, 17 Jan 2019 07:40:57 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5c403189-2567"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js | 5.100.253.64 | 200 OK | 25 kB |
URL GET HTTP/2evilsite.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typeJavaScript source, ASCII text, with very long lines (25115) Hash046405de007ff73e52d17dab2af75258 887cfb8a9de27005875f6e1c1d1ead43bd0865c8 533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020
GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: application/javascript
last-modified: Wed, 23 Jan 2019 02:41:48 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5c47d46c-6272"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js | 5.100.253.64 | 200 OK | 11 kB |
URL GET HTTP/2evilsite.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typeJavaScript source, ASCII text, with very long lines (10431) Hashf35bcfbfb08f566275e49dc57bdfab76 b5c3761225e1ec5c16af7666840270faf9fcae9c 226493c7f7a033b43e24d0ce2115ef8d2be36fe6de4dbf6a3cbba6dca53be7c3
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: application/javascript
last-modified: Wed, 23 Jan 2019 02:41:40 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5c47d464-2948"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js | 5.100.253.64 | 200 OK | 1.5 kB |
URL GET HTTP/2evilsite.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typeASCII text, with very long lines (1715), with no line terminators Hashd7d3b1fd0fb6469e09e9a52edf58fa00 0389be694e711c9097aa464b781d9a0e7ce47c23 3a9476dbc865c1788c127eb5088e30e4cefc75f1de842567ca2c863ac085db65
GET /wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: application/javascript
last-modified: Mon, 21 Oct 2019 08:32:34 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5dad6d22-5cf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js | 5.100.253.64 | 200 OK | 683 B |
URL GET HTTP/2evilsite.com/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typeJavaScript source, ASCII text, with very long lines (764), with no line terminators Hashdd786d8ce7d6818efc49c23556cb9e7c 8483b4b256a3933e21bcb4f886720bc7be5345b5 9883d893befe1cd5c78b0d9260ebffcf81b1973de9cc5c57837ec3b91781ed0a
GET /wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: application/javascript
last-modified: Thu, 17 Jan 2019 07:41:31 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5c4031ab-2ab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/themes/twentyseventeen/assets/js/navigation.js | 5.100.253.64 | 200 OK | 3.8 kB |
URL GET HTTP/2evilsite.com/wp-content/themes/twentyseventeen/assets/js/navigation.js IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typeJavaScript source, ASCII text, with very long lines (4078), with no line terminators Hash6dd5178a4c8d7279510923382e0a9fda 9a474bb8aaf9462780e14a927dfd6e59da85806c 8b4621b25ca73af1d0cb5509c399ca260cb47a736c87ec8cbbd8659c96f8013d
GET /wp-content/themes/twentyseventeen/assets/js/navigation.js HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: application/javascript
last-modified: Thu, 17 Jan 2019 07:41:30 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5c4031aa-eaa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js | 5.100.253.64 | 200 OK | 6.4 kB |
URL GET HTTP/2evilsite.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typeJavaScript source, ASCII text, with very long lines (6571), with no line terminators Hash27046d3a878fb7c6809fc6d8d29145e4 03dd7b93f5c145c0eb8cad3cd20e1717eb2588f1 bea9d4ef0eb3afbca099caf27d0c1fd5148da608322bf03650ab4a0daef17415
GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: application/javascript
last-modified: Wed, 23 Jan 2019 02:41:48 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5c47d46c-191f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.jquery.min.js | 5.100.253.64 | 200 OK | 123 kB |
URL GET HTTP/2evilsite.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.jquery.min.js IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typeJavaScript source, ASCII text, with very long lines (65275) Size123 kB (122695 bytes) Hash00e93736ce410d9a36fb7d376a6524c4 476c60b640e5a4cdc8aa04eda4750d914419d068 4715ff946aa9fdcf7e3385799a479fc6c5d88e6d070f0c62aaf473e5f791fa41
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.jquery.min.js HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: application/javascript
last-modified: Wed, 23 Jan 2019 02:41:42 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5c47d466-1df47"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/themes/twentyseventeen/assets/js/global.js | 5.100.253.64 | 200 OK | 7.7 kB |
URL GET HTTP/2evilsite.com/wp-content/themes/twentyseventeen/assets/js/global.js IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typeJavaScript source, ASCII text, with very long lines (8425), with no line terminators Hashc64b48571e13b320501b085a9083e282 8d5bc6aa2a88cdbcfe8060b695a1bf3c18489c6b d01fe392f06b83545f8d6d4715e20f48a9f1270ab9be150dc8a3a0e06da6baa1
GET /wp-content/themes/twentyseventeen/assets/js/global.js HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: application/javascript
last-modified: Thu, 17 Jan 2019 07:41:30 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5c4031aa-1e02"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| evilsite.com/r57.txt?  | 5.100.253.64 | 301 Moved Permanently | 77 kB |
URL User Request GET HTTP/2evilsite.com/r57.txt?  IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r57.txt?  HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Tue, 16 Apr 2024 05:13:04 GMT
content-type: text/html; charset=UTF-8
location: https://evilsite.com/r57.txt?nbsp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/plugins/elementor/assets/js/frontend-modules.js | 5.100.253.64 | 200 OK | 18 kB |
URL GET HTTP/2evilsite.com/wp-content/plugins/elementor/assets/js/frontend-modules.js IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typeJavaScript source, ASCII text, with very long lines (564) Hashed442bde63ee5cc81d9afed86513fc75 b0926f8236432da1d8ad7c8c7c4b6fccb44d577f 3ec85c5964819c600a4f8d2c0eda7e9f61646c8be3d76cd983f17180a3eb2ffe
GET /wp-content/plugins/elementor/assets/js/frontend-modules.js HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: application/javascript
last-modified: Wed, 23 Jan 2019 02:41:38 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5c47d462-4502"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-includes/js/jquery/ui/position.min.js | 5.100.253.64 | 200 OK | 6.4 kB |
URL GET HTTP/2evilsite.com/wp-includes/js/jquery/ui/position.min.js IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typeJavaScript source, ASCII text, with very long lines (6596), with no line terminators Hashb0b15b2f97b702ef200a18b5fee86391 12a972c98d2fcab6a7e82ee4ed2cde8678964361 ff124440a07ffc4194f0738bef889bb2b22f79d99de573798332c882c5f40c4a
GET /wp-includes/js/jquery/ui/position.min.js HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 11:27:03 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"60782307-1928"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| omritamir.com/seo-out/tech.js | 104.21.42.103 | 404 Not Found | 0 B |
URL GET HTTP/2omritamir.com/seo-out/tech.js IP104.21.42.103:443
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectomritamir.com Fingerprint70:45:C9:0D:07:EF:FA:75:52:F0:06:0D:FF:65:35:BA:3B:56:2D:8B ValiditySat, 23 Mar 2024 13:21:38 GMT - Fri, 21 Jun 2024 13:21:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seo-out/tech.js HTTP/1.1
Host: omritamir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Tue, 16 Apr 2024 05:13:08 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://omritamir.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
x-cache: HIT
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hrEs%2BWovf5f9%2BMfcaoAipI8Ty%2Fuvy62ay%2FDPISek2RLWfo2kIFUVseJAHWuZJihDJjmsS1XEKr%2BR4T1YlG3CPAO37xq6LHpMiZ7ntZt2Zhi%2B4jRO8tPUIhks%2F22Hvoje"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8751af347936b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css | 5.100.253.64 | 200 OK | 31 kB |
URL GET HTTP/2evilsite.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: text/css
last-modified: Wed, 23 Jan 2019 02:41:44 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5c47d468-7918"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-content/uploads/elementor/css/global.css | 5.100.253.64 | 200 OK | 36 kB |
URL GET HTTP/2evilsite.com/wp-content/uploads/elementor/css/global.css IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typeASCII text, with very long lines (19926) Hash79b82a3ce863f25454fc01f917b34c4c 8a4f1de825cbb4554d5eee3b336edc831fbeee05 3d56e84bce2264c16956a4ba42fde256ba6b4ae216e06288ceba27db6855dd01
GET /wp-content/uploads/elementor/css/global.css HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: text/css
last-modified: Thu, 28 Mar 2019 04:42:26 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5c9c50b2-8ae3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| evilsite.com/wp-includes/js/jquery/jquery.js | 5.100.253.64 | 200 OK | 97 kB |
URL GET HTTP/2evilsite.com/wp-includes/js/jquery/jquery.js IP5.100.253.64:443 ASN#44709 O.m.c. Computers & Communications Ltd
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerLet's Encrypt Subjectevilsite.com FingerprintD7:37:01:28:69:E6:3A:F7:B8:D1:9A:0F:4D:BD:EB:1D:4C:5E:F7:78 ValidityTue, 12 Mar 2024 21:34:07 GMT - Mon, 10 Jun 2024 21:34:06 GMT
File typeJavaScript source, ASCII text, with very long lines (31997) Hashdc5ba5044fccc0297be7b262ce669a7c f137ff98ae379e35b0702967d3b6866a0a40e3be cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
GET /wp-includes/js/jquery/jquery.js HTTP/1.1
Host: evilsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evilsite.com/r57.txt?nbsp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 05:13:07 GMT
content-type: application/javascript
last-modified: Thu, 05 Sep 2019 11:30:04 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5d70f1bc-17a6a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
server: uPressPowerEdge
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2 | 216.58.207.227 | 200 OK | 35 kB |
URL GET HTTP/2fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2 IP216.58.207.227:443
Requested byhttps://evilsite.com/r57.txt?nbsp CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 35448, version 1.0 Hash5c138044f30b8c78119264cd744e686a 7605e014180d49087785350bd1906c16c389690d 47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
GET /s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://evilsite.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35448
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 12 Apr 2024 17:04:23 GMT
expires: Sat, 12 Apr 2025 17:04:23 GMT
cache-control: public, max-age=31536000
age: 302925
last-modified: Thu, 29 Jun 2023 16:14:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|