| | 91.215.85.51 | 200 OK | 317 B |
URL User Request GET HTTP/1.1IP91.215.85.51:443
CertificateIssuerLet's Encrypt Subject0atlas.com FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT
File typeHTML document, ASCII text Hasha9f4217f6407e3e49fbd00b73c3a4a01 a565d43e5e1e70a47d8ca5b91a27507f5bc80bdc d9997d7b6b08e1bc7a6217026deb0f86a524662aed079b97ca83962fcc9a714c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:43 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://certified-biz.com/
|
|
| | 91.215.85.51 | 200 OK | 26 kB |
URL User Request GET HTTP/1.1IP91.215.85.51:443
CertificateIssuerLet's Encrypt Subject0atlas.com FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (2894) Hash5f7f91462bd89e0eccd4819a432d4eec 5932a1f56f776036aa0aa30cad428d398a38c0d9 cc1e1bbce3867f24573b5c09007532829177ab69867811b14e6e71879991cd8b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
|
|
| certified-biz.com/index2_files/blockbase.css | 91.215.85.51 | 200 OK | 247 B |
URL GET HTTP/1.1certified-biz.com/index2_files/blockbase.css IP91.215.85.51:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subject0atlas.com FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT
File typeASCII text, with no line terminators Hashc992f8cb96e600cbba1529817e4e6d60 bd4a93935a6703da9a323013442a0c8f2b44154d 0f4d4bd26f87f9de21091d5ad2e75369c4073df001a86393551d8cd4fffc157d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index2_files/blockbase.css HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:45 GMT
Content-Type: text/css
Content-Length: 247
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
Connection: keep-alive
ETag: "662c29c3-f7"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
|
|
| smallcatstest1.files.wordpress.com/2023/03/swccf_logo-final-low-res.jpg?w=300&h=152 | 192.0.72.18 | 302 Found | 138 B |
URL GET HTTP/2smallcatstest1.files.wordpress.com/2023/03/swccf_logo-final-low-res.jpg?w=300&h=152 IP192.0.72.18:443
Requested byhttps://certified-biz.com/ CertificateIssuerSectigo Limited Subject*.files.wordpress.com FingerprintC0:8D:DA:1D:78:59:02:AA:18:87:8A:02:6C:67:24:E4:30:8F:C4:97 ValidityTue, 05 Dec 2023 00:00:00 GMT - Sat, 04 Jan 2025 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashaff950cab4c0265e21d401db15f1026d f03e18461817f7a6546c8bf8fa8d686d7e30aca0 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /2023/03/swccf_logo-final-low-res.jpg?w=300&h=152 HTTP/1.1
Host: smallcatstest1.files.wordpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sat, 04 May 2024 18:55:45 GMT
content-type: text/html
content-length: 138
location: https://smallcats.org/wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=300&h=152
x-nc: arn 18 np
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| smallcatstest1.files.wordpress.com/2023/03/manul-tambako-the-jaguar.jpg?w=1024 | 192.0.72.18 | 302 Found | 138 B |
URL GET HTTP/2smallcatstest1.files.wordpress.com/2023/03/manul-tambako-the-jaguar.jpg?w=1024 IP192.0.72.18:443
Requested byhttps://certified-biz.com/ CertificateIssuerSectigo Limited Subject*.files.wordpress.com FingerprintC0:8D:DA:1D:78:59:02:AA:18:87:8A:02:6C:67:24:E4:30:8F:C4:97 ValidityTue, 05 Dec 2023 00:00:00 GMT - Sat, 04 Jan 2025 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashaff950cab4c0265e21d401db15f1026d f03e18461817f7a6546c8bf8fa8d686d7e30aca0 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /2023/03/manul-tambako-the-jaguar.jpg?w=1024 HTTP/1.1
Host: smallcatstest1.files.wordpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sat, 04 May 2024 18:55:45 GMT
content-type: text/html
content-length: 138
location: https://smallcats.org/wp-content/uploads/2023/03/manul-tambako-the-jaguar.jpg?w=1024
x-nc: arn 18 np
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| smallcatstest1.files.wordpress.com/2023/03/agc-tambako-the-jaguar.jpg?w=683 | 192.0.72.18 | 302 Found | 138 B |
URL GET HTTP/2smallcatstest1.files.wordpress.com/2023/03/agc-tambako-the-jaguar.jpg?w=683 IP192.0.72.18:443
Requested byhttps://certified-biz.com/ CertificateIssuerSectigo Limited Subject*.files.wordpress.com FingerprintC0:8D:DA:1D:78:59:02:AA:18:87:8A:02:6C:67:24:E4:30:8F:C4:97 ValidityTue, 05 Dec 2023 00:00:00 GMT - Sat, 04 Jan 2025 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashaff950cab4c0265e21d401db15f1026d f03e18461817f7a6546c8bf8fa8d686d7e30aca0 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /2023/03/agc-tambako-the-jaguar.jpg?w=683 HTTP/1.1
Host: smallcatstest1.files.wordpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sat, 04 May 2024 18:55:45 GMT
content-type: text/html
content-length: 138
location: https://smallcats.org/wp-content/uploads/2023/03/agc-tambako-the-jaguar.jpg?w=683
x-nc: arn 18 np
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| smallcatstest1.files.wordpress.com/2023/03/232614106_2954918754826947_7920712400157063320_n.jpg?w=1024 | 192.0.72.18 | 302 Found | 138 B |
URL GET HTTP/2smallcatstest1.files.wordpress.com/2023/03/232614106_2954918754826947_7920712400157063320_n.jpg?w=1024 IP192.0.72.18:443
Requested byhttps://certified-biz.com/ CertificateIssuerSectigo Limited Subject*.files.wordpress.com FingerprintC0:8D:DA:1D:78:59:02:AA:18:87:8A:02:6C:67:24:E4:30:8F:C4:97 ValidityTue, 05 Dec 2023 00:00:00 GMT - Sat, 04 Jan 2025 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashaff950cab4c0265e21d401db15f1026d f03e18461817f7a6546c8bf8fa8d686d7e30aca0 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /2023/03/232614106_2954918754826947_7920712400157063320_n.jpg?w=1024 HTTP/1.1
Host: smallcatstest1.files.wordpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sat, 04 May 2024 18:55:45 GMT
content-type: text/html
content-length: 138
location: https://smallcats.org/wp-content/uploads/2023/03/232614106_2954918754826947_7920712400157063320_n.jpg?w=1024
x-nc: arn 18 np
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| smallcatstest1.files.wordpress.com/2023/03/swccf_logo-final-low-res.jpg?w=50 | 192.0.72.18 | 302 Found | 138 B |
URL GET HTTP/2smallcatstest1.files.wordpress.com/2023/03/swccf_logo-final-low-res.jpg?w=50 IP192.0.72.18:443
Requested byhttps://certified-biz.com/ CertificateIssuerSectigo Limited Subject*.files.wordpress.com FingerprintC0:8D:DA:1D:78:59:02:AA:18:87:8A:02:6C:67:24:E4:30:8F:C4:97 ValidityTue, 05 Dec 2023 00:00:00 GMT - Sat, 04 Jan 2025 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashaff950cab4c0265e21d401db15f1026d f03e18461817f7a6546c8bf8fa8d686d7e30aca0 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /2023/03/swccf_logo-final-low-res.jpg?w=50 HTTP/1.1
Host: smallcatstest1.files.wordpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sat, 04 May 2024 18:55:45 GMT
content-type: text/html
content-length: 138
location: https://smallcats.org/wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=50
x-nc: arn 18 np
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| certified-biz.com/index2_files/style.css | 91.215.85.51 | 200 OK | 16 kB |
URL GET HTTP/1.1certified-biz.com/index2_files/style.css IP91.215.85.51:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subject0atlas.com FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT
File typeASCII text, with very long lines (16469), with no line terminators Hashdffeff471eb8017b13347656275795d3 d7900c28d9ad4557ff34434f608a29351b0ac873 c8c8de9f2c25e4e47071bf4a48cc25a3e776962b0c4de8c02f70c6e4d2aa9551
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index2_files/style.css HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:45 GMT
Content-Type: text/css
Content-Length: 16469
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
Connection: keep-alive
ETag: "662c29c3-4055"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
|
|
| certified-biz.com/index2_files/global.css | 91.215.85.51 | 200 OK | 311 B |
URL GET HTTP/1.1certified-biz.com/index2_files/global.css IP91.215.85.51:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subject0atlas.com FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT
File typeASCII text, with very long lines (311), with no line terminators Hashd29c41f4a6c13f38c2bdeb009c5dcf09 3f3db604bacf02b91aaa59cf223990b727600045 947d703f577549cbb0b1a4143f3b363ec9c7cf309587d5b12b87f0e64ff99db4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index2_files/global.css HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:45 GMT
Content-Type: text/css
Content-Length: 311
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
Connection: keep-alive
ETag: "662c29c3-137"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
|
|
| certified-biz.com/index2_files/style(1).css | 91.215.85.51 | 200 OK | 7.0 kB |
URL GET HTTP/1.1certified-biz.com/index2_files/style(1).css IP91.215.85.51:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subject0atlas.com FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT
File typeASCII text, with very long lines (7035), with no line terminators Hashbdc54341a86f19e1ef7b04def33d8786 fec491899134bb3f8a8f2a5c03d8cae489d71a30 cfc8e93f66ef2c267fc704ded21ed726541e1e8985c89e16185a94c26d4711ef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index2_files/style(1).css HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:45 GMT
Content-Type: text/css
Content-Length: 7035
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
Connection: keep-alive
ETag: "662c29c3-1b7b"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
|
|
| certified-biz.com/index2_files/saved_resource(1) | 91.215.85.51 | 200 OK | 369 B |
URL GET HTTP/1.1certified-biz.com/index2_files/saved_resource(1) IP91.215.85.51:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subject0atlas.com FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT
File typeASCII text, with very long lines (369), with no line terminators Hash70cd7908a2cc98d079d8e6d79484e95d 0f08cf1458ebf5bd79439de9a82df7c30d98287d 9c83b89ab9d2677980617afacb833a74da3050a2d3d711176b500d7922e49ab5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index2_files/saved_resource(1) HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:45 GMT
Content-Length: 369
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
ETag: "171-617076043be96"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;
|
|
| certified-biz.com/index2_files/saved_resource(3) | 91.215.85.51 | 200 OK | 29 kB |
URL GET HTTP/1.1certified-biz.com/index2_files/saved_resource(3) IP91.215.85.51:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subject0atlas.com FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (10122) Hash3e0c38696f92d250f105a4dde4845c62 b40ed6ec83d49ad6a779f81e6aac9e356744da96 d45f60b3a22e1de301361656b1bccb608453302cb7ccd278eb1f17fc5f6ec74c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index2_files/saved_resource(3) HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:45 GMT
Content-Length: 29433
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
ETag: "72f9-617076043be96"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;
|
|
| certified-biz.com/index2_files/saved_resource | 91.215.85.51 | 200 OK | 32 kB |
URL GET HTTP/1.1certified-biz.com/index2_files/saved_resource IP91.215.85.51:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subject0atlas.com FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT
File typeASCII text, with very long lines (32388), with no line terminators Hashd3ff6427fd6d66d35da131eec76f4732 556d2dd5f3b2170844120811e5d555251479dd1c 25ee8903d79dafe188d9b51dcf4de5e43d8bfdb39c3cbd19d725fd15a5cb3000
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index2_files/saved_resource HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:45 GMT
Content-Length: 32388
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
ETag: "7e84-617076043be96"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;
|
|
| certified-biz.com/index2_files/navigation.min.js.nedladdning | 91.215.85.51 | 200 OK | 1.2 kB |
URL GET HTTP/1.1certified-biz.com/index2_files/navigation.min.js.nedladdning IP91.215.85.51:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subject0atlas.com FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT
File typeJava source, ASCII text, with very long lines (3271) Hash7013eb34e5e3e421b57b6f6990516b2d f9a2f71989d6dd280707ca80b91499940eb0bdcb c27cedcef30775c40553cf19d71e928b8fd359fe52c7df0cf78badb483d17ba5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index2_files/navigation.min.js.nedladdning HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:45 GMT
Content-Type: application/javascript
Content-Length: 1152
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
ETag: "cf2-617076043aef6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
|
|
| smallcats.org/wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=300&h=152 | 192.0.78.25 | 200 OK | 11 kB |
URL GET HTTP/2smallcats.org/wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=300&h=152 IP192.0.78.25:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subjecttls.automattic.com Fingerprint1C:84:DA:76:FF:BD:2E:E0:D0:53:93:ED:86:7F:28:01:20:23:8B:27 ValidityFri, 15 Mar 2024 19:11:27 GMT - Thu, 13 Jun 2024 19:11:26 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 300x152, Scaling: [none]x[none], YUV color, decoders should clamp Hash80cf2a0376354e813ac1251407510598 b1b2f969e9e63b1b9fe7c63d298e97f87f4a1acc 8ccc9790a2372ba01f394fa547513519f841844f5ff4cc01246e91c3b8170aeb
GET /wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=300&h=152 HTTP/1.1
Host: smallcats.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://certified-biz.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: image/webp
content-length: 10922
strict-transport-security: max-age=31536000
last-modified: Sun, 12 Mar 2023 06:08:20 GMT
expires: Fri, 31 May 2024 23:15:33 GMT
x-orig-src: 0_imageresize
vary: Accept
x-ac: 3.arn _dca HIT
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| smallcats.org/wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=50 | 192.0.78.25 | 200 OK | 920 B |
URL GET HTTP/2smallcats.org/wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=50 IP192.0.78.25:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subjecttls.automattic.com Fingerprint1C:84:DA:76:FF:BD:2E:E0:D0:53:93:ED:86:7F:28:01:20:23:8B:27 ValidityFri, 15 Mar 2024 19:11:27 GMT - Thu, 13 Jun 2024 19:11:26 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x25, Scaling: [none]x[none], YUV color, decoders should clamp Hash6d337aa2448fa705caaf337e03f505fb 2aafe8c51f45a428a9b60a4a52c3f88bd1c01075 946c0c4492118d8d2456e8e23f875838f9a701cfc6ba430fec34c2cf1651b8cd
GET /wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=50 HTTP/1.1
Host: smallcats.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://certified-biz.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: image/webp
content-length: 920
strict-transport-security: max-age=31536000
last-modified: Sun, 12 Mar 2023 06:08:20 GMT
expires: Tue, 04 Jun 2024 14:33:00 GMT
x-orig-src: 0_imageresize
vary: Accept
x-ac: 3.arn _dca HIT
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| certified-biz.com/index2_files/hovercards.min.css | 91.215.85.51 | 200 OK | 3.6 kB |
URL GET HTTP/1.1certified-biz.com/index2_files/hovercards.min.css IP91.215.85.51:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subject0atlas.com FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT
File typeASCII text, with very long lines (3330) Hashad7fac739d3ad465e69e52c989d6746e d929f5ecff97ea24556cbda6c539e4a1bf784ab1 4845f9cdb0fbf13f3cf2fbb844bd4152071e338703f737c988051b154529d201
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index2_files/hovercards.min.css HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:46 GMT
Content-Type: text/css
Content-Length: 3613
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
Connection: keep-alive
ETag: "662c29c3-e1d"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
|
|
| certified-biz.com/index2_files/wp-emoji-release.min.js.nedladdning | 91.215.85.51 | 200 OK | 5.1 kB |
URL GET HTTP/1.1certified-biz.com/index2_files/wp-emoji-release.min.js.nedladdning IP91.215.85.51:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subject0atlas.com FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT
File typeJavaScript source, ASCII text, with very long lines (15752) Hashb976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index2_files/wp-emoji-release.min.js.nedladdning HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:46 GMT
Content-Type: application/javascript
Content-Length: 5062
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
ETag: "4926-617076043be96-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
|
|
| certified-biz.com/index2_files/actionbar.css | 91.215.85.51 | 200 OK | 16 kB |
URL GET HTTP/1.1certified-biz.com/index2_files/actionbar.css IP91.215.85.51:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subject0atlas.com FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT
File typeUnicode text, UTF-8 text, with very long lines (15502), with no line terminators Hash529e6a6014b4f3e655d1237f5061b157 6dec17ca6212584fe4e9e3413d98aa109851de34 c1e62caa83381d8a3c58be2a17f28bff4176e8ddcd882bb923f3152852c06df9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index2_files/actionbar.css HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:46 GMT
Content-Type: text/css
Content-Length: 15504
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
Connection: keep-alive
ETag: "662c29c3-3c90"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
|
|
| smallcats.org/wp-content/uploads/2023/03/agc-tambako-the-jaguar.jpg?w=683 | 192.0.78.25 | 200 OK | 67 kB |
URL GET HTTP/2smallcats.org/wp-content/uploads/2023/03/agc-tambako-the-jaguar.jpg?w=683 IP192.0.78.25:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subjecttls.automattic.com Fingerprint1C:84:DA:76:FF:BD:2E:E0:D0:53:93:ED:86:7F:28:01:20:23:8B:27 ValidityFri, 15 Mar 2024 19:11:27 GMT - Thu, 13 Jun 2024 19:11:26 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 683x1024, Scaling: [none]x[none], YUV color, decoders should clamp Hashaddb5319488abf1d72960a9cd7c79f61 d28d756b55205e6f14a2b50d9ba0719f4864df8c 4cd20191fc607708645f469f8925f486b6c8a5b55c3cfa1a56b8eab8f593f8a9
GET /wp-content/uploads/2023/03/agc-tambako-the-jaguar.jpg?w=683 HTTP/1.1
Host: smallcats.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://certified-biz.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: image/webp
content-length: 67164
strict-transport-security: max-age=31536000
last-modified: Sun, 12 Mar 2023 06:40:41 GMT
expires: Fri, 07 Jun 2024 19:19:00 GMT
x-orig-src: 0_imageresize
vary: Accept
x-ac: 3.arn _dca HIT
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| smallcats.org/wp-content/uploads/2023/03/manul-tambako-the-jaguar.jpg?w=1024 | 192.0.78.25 | 200 OK | 208 kB |
URL GET HTTP/2smallcats.org/wp-content/uploads/2023/03/manul-tambako-the-jaguar.jpg?w=1024 IP192.0.78.25:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subjecttls.automattic.com Fingerprint1C:84:DA:76:FF:BD:2E:E0:D0:53:93:ED:86:7F:28:01:20:23:8B:27 ValidityFri, 15 Mar 2024 19:11:27 GMT - Thu, 13 Jun 2024 19:11:26 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1024x768, Scaling: [none]x[none], YUV color, decoders should clamp Size208 kB (208402 bytes) Hashc0ce56d40b9e2a175aa6013ba9713ebc 2269c4f2453ad495f75e5ed367b95d846f52585f 10d17a82444458740935ad0b35281724d1eb7378ece33f1a1f79b88c6f687343
GET /wp-content/uploads/2023/03/manul-tambako-the-jaguar.jpg?w=1024 HTTP/1.1
Host: smallcats.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://certified-biz.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: image/webp
content-length: 208402
strict-transport-security: max-age=31536000
last-modified: Sun, 12 Mar 2023 06:38:06 GMT
expires: Wed, 05 Jun 2024 13:15:28 GMT
x-orig-src: 0_imageresize
vary: Accept
x-ac: 3.arn _dca HIT
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| smallcats.org/wp-content/uploads/2023/03/232614106_2954918754826947_7920712400157063320_n.jpg?w=1024 | 192.0.78.25 | 200 OK | 157 kB |
URL GET HTTP/2smallcats.org/wp-content/uploads/2023/03/232614106_2954918754826947_7920712400157063320_n.jpg?w=1024 IP192.0.78.25:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subjecttls.automattic.com Fingerprint1C:84:DA:76:FF:BD:2E:E0:D0:53:93:ED:86:7F:28:01:20:23:8B:27 ValidityFri, 15 Mar 2024 19:11:27 GMT - Thu, 13 Jun 2024 19:11:26 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp Size157 kB (157190 bytes) Hashf215ce1aa70e3c801bf376e58a25384c 9759fde97edaa77bb00e3d82b7cdc879fc7d20e0 162ecd96fc05bb9a482828f5db6ab74d3e3214f3177bbce77baefb075d1974e2
GET /wp-content/uploads/2023/03/232614106_2954918754826947_7920712400157063320_n.jpg?w=1024 HTTP/1.1
Host: smallcats.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://certified-biz.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: image/webp
content-length: 157190
strict-transport-security: max-age=31536000
last-modified: Sun, 12 Mar 2023 07:01:42 GMT
expires: Wed, 12 Jun 2024 16:53:22 GMT
x-orig-src: 0_imageresize
vary: Accept
x-ac: 3.arn _dca HIT
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| certified-biz.com/index2_files/hovercards.min.js.nedladdning | 91.215.85.51 | 200 OK | 4.7 kB |
URL GET HTTP/1.1certified-biz.com/index2_files/hovercards.min.js.nedladdning IP91.215.85.51:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subject0atlas.com FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT
File typeJavaScript source, ASCII text, with very long lines (13065), with no line terminators Hash42e1c5cd9eeafe8d5f7960ebc0b5e009 8ef61d3f16881a010e0f431b63013d0c7dcc954f 4d47d929f88574eb4a47e5b1778b683b87e7f6078bb6a33f34c1178752e83406
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index2_files/hovercards.min.js.nedladdning HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:46 GMT
Content-Type: application/javascript
Content-Length: 4674
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
ETag: "3309-617076043aef6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
|
|
| certified-biz.com/index2_files/saved_resource(2) | 91.215.85.51 | 200 OK | 66 kB |
URL GET HTTP/1.1certified-biz.com/index2_files/saved_resource(2) IP91.215.85.51:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subject0atlas.com FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash538977628b3c5529618d9a391f10d45e 02ff24ba2551668022761e3b2b43e4ee5be85f22 5796b7f74eae457395224d4775b948b3d7db2ef0a9edb6c9006223c8e4c8ae12
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index2_files/saved_resource(2) HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:45 GMT
Content-Length: 65589
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
ETag: "10035-617076043be96"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;
|
|
| certified-biz.com/index2_files/wpgroho.js.nedladdning | 91.215.85.51 | 200 OK | 389 B |
URL GET HTTP/1.1certified-biz.com/index2_files/wpgroho.js.nedladdning IP91.215.85.51:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subject0atlas.com FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT
File typeJavaScript source, ASCII text, with very long lines (655), with no line terminators Hash5048b7bf6f335c259cae5d653d50726e 96f45044f726eef7c8e7c7f21f6368bf23a2b3f0 b6e4492d3b8358a81b80908b1f84e6bd2f64a7a46d48793af99d27bf29f4c2e8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index2_files/wpgroho.js.nedladdning HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:46 GMT
Content-Type: application/javascript
Content-Length: 389
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
ETag: "28f-617076043be96-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
|
|
| certified-biz.com/index2_files/w.js.nedladdning | 91.215.85.51 | 200 OK | 4.9 kB |
URL GET HTTP/1.1certified-biz.com/index2_files/w.js.nedladdning IP91.215.85.51:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subject0atlas.com FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT
File typeJavaScript source, ASCII text, with very long lines (12788), with no line terminators Hashef880be61458e4e89c9cb9d99d2d300e c7740f6524cfab6084682b1ce320b2e5e9c4d4cc 79674b01741c3978417b6b9b4b98d125755e7bb468979d5cd593eac4b94cdb91
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index2_files/w.js.nedladdning HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:46 GMT
Content-Type: application/javascript
Content-Length: 4855
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
ETag: "31f4-617076043be96-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
|
|
| certified-biz.com/index2_files/bilmur.min.js.nedladdning | 91.215.85.51 | 200 OK | 2.4 kB |
URL GET HTTP/1.1certified-biz.com/index2_files/bilmur.min.js.nedladdning IP91.215.85.51:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subject0atlas.com FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT
File typeJavaScript source, ASCII text, with very long lines (5659), with no line terminators Hashef5e963b2137525d2759bc87459d3d23 176d5c1e6325dbb037ddc949d58d0d217b5299c6 216728e33a7de4be9b784eff527c6ccf1658319ea78fe66a7864c0b923200252
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index2_files/bilmur.min.js.nedladdning HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:46 GMT
Content-Type: application/javascript
Content-Length: 2350
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
ETag: "161b-6170760439f56-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
|
|
| certified-biz.com/index2_files/actionbar.js.nedladdning | 91.215.85.51 | 200 OK | 2.6 kB |
URL GET HTTP/1.1certified-biz.com/index2_files/actionbar.js.nedladdning IP91.215.85.51:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subject0atlas.com FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT
File typeJavaScript source, ASCII text, with very long lines (8426), with no line terminators Hashf466cb6b256973317c2315741fad9f49 ea2c62047a1697c19b06be23871ca839849cb8a3 a6dc271cbdaa05e97c5144483628df9e30b68326e5b04a5fef3322af1c0f22e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index2_files/actionbar.js.nedladdning HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:46 GMT
Content-Type: application/javascript
Content-Length: 2583
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
ETag: "20ea-6170760439f56-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
|
|
| certified-biz.com/index2_files/block-editor.css | 91.215.85.51 | 200 OK | 336 kB |
URL GET HTTP/1.1certified-biz.com/index2_files/block-editor.css IP91.215.85.51:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subject0atlas.com FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT
File typeUnicode text, UTF-8 text, with very long lines (65532), with no line terminators Size336 kB (335465 bytes) Hash1ffd93e4c29d17168edab0317df9e16b c6c36c0c5df230ec44ce63ae1063f41e2a0ffc80 ef06ea2f8c619ca5e16fb552f0a7beba09b89dfdb671b2c5f16b4347af8a658c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index2_files/block-editor.css HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:45 GMT
Content-Type: text/css
Content-Length: 335465
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
Connection: keep-alive
ETag: "662c29c3-51e69"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
|
|
| certified-biz.com/index2_files/saved_resource(4) | 91.215.85.51 | 200 OK | 49 kB |
URL GET HTTP/1.1certified-biz.com/index2_files/saved_resource(4) IP91.215.85.51:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subject0atlas.com FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT
File typeJavaScript source, ASCII text, with very long lines (23946) Hash3a750815a1a36d2fab256975ee20e6d6 a5cce91ca7550e8cb3fe7a73fa1fd18313ecc031 dfc865b1f380dee91d92100160a8d4ad0d9a4e1d1765c434ec6994e3ee5373e9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index2_files/saved_resource(4) HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:46 GMT
Content-Length: 48860
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
ETag: "bedc-617076043be96"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;
|
|
| certified-biz.com/index2_files/g.gif | 91.215.85.51 | 200 OK | 50 B |
URL GET HTTP/1.1certified-biz.com/index2_files/g.gif IP91.215.85.51:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subject0atlas.com FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT
File typeGIF image data, version 89a, 6 x 5 Hashe4d673a55c5656f19ef81563fb10884c 1f2d8ed221d39329251ad3a6ff1edb20b7219443 f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index2_files/g.gif HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:46 GMT
Content-Type: image/gif
Content-Length: 50
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
Connection: keep-alive
ETag: "662c29c3-32"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
|
|
| s0.wp.com/wp-content/themes/pub/blockbase/assets/fonts/fira-sans/fira-sans-Regular.woff2 | 192.0.77.32 | 200 OK | 16 kB |
URL GET HTTP/2s0.wp.com/wp-content/themes/pub/blockbase/assets/fonts/fira-sans/fira-sans-Regular.woff2 IP192.0.77.32:443
Requested byhttps://certified-biz.com/ CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2 ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16192, version 1.0 Hash997908b255110fbe1437979bb79248c3 96a375298ac2c034b86c7b1b7eb5b63ddbebbc26 458fb61ccaee6f92ad6849e8bc61b73fdfc7ff4667c40c62a6bd1620f9d734f4
GET /wp-content/themes/pub/blockbase/assets/fonts/fira-sans/fira-sans-Regular.woff2 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://certified-biz.com
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: application/font-woff2
content-length: 16192
last-modified: Fri, 19 May 2023 01:48:52 GMT
etag: "6466d584-3f40"
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
expires: Sat, 20 Jul 2024 06:07:46 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-nc: HIT arn 2
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| s0.wp.com/wp-content/themes/pub/blockbase/assets/fonts/eb-garamond/eb-garamond-400-800.woff2 | 192.0.77.32 | 200 OK | 40 kB |
URL GET HTTP/2s0.wp.com/wp-content/themes/pub/blockbase/assets/fonts/eb-garamond/eb-garamond-400-800.woff2 IP192.0.77.32:443
Requested byhttps://certified-biz.com/ CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2 ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 40148, version 1.0 Hash6684490f59b97a582221fddebaba53bd d46200da51e6b5093d627ee181936db4c947ffb8 90e4038fbd361af9447b836e25ae3fb0740c575fd847f352711f21459a502fc1
GET /wp-content/themes/pub/blockbase/assets/fonts/eb-garamond/eb-garamond-400-800.woff2 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://certified-biz.com
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: application/font-woff2
content-length: 40148
last-modified: Fri, 19 May 2023 02:58:37 GMT
etag: "6466e5dd-9cd4"
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
expires: Sat, 20 Jul 2024 06:07:46 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-nc: HIT arn 2
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| s0.wp.com/wp-content/themes/pub/blockbase/assets/fonts/fira-sans/fira-sans-Bold.woff2 | 192.0.77.32 | 200 OK | 16 kB |
URL GET HTTP/2s0.wp.com/wp-content/themes/pub/blockbase/assets/fonts/fira-sans/fira-sans-Bold.woff2 IP192.0.77.32:443
Requested byhttps://certified-biz.com/ CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2 ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16536, version 1.0 Hasha7375a2405fc91919c78f11b9069662f 9753af0913f902e8ae4b5b7b38915043549989e1 3479e7b0413ee94421af73f3541c4652e29a666b8fdfe9f690ece56dfbd80641
GET /wp-content/themes/pub/blockbase/assets/fonts/fira-sans/fira-sans-Bold.woff2 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://certified-biz.com
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: application/font-woff2
content-length: 16536
last-modified: Fri, 19 May 2023 01:54:16 GMT
etag: "6466d6c8-4098"
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
expires: Sat, 20 Jul 2024 06:07:46 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-nc: HIT arn 2
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| pixel.wp.com/g.gif?blog=214337663&v=wpcom&tz=-7&user_id=0&post=4&subd=smallcatstest1&host=certified-biz.com&ref=&rand=0.8443181434264886 | 192.0.76.3 | 200 OK | 50 B |
URL GET HTTP/2pixel.wp.com/g.gif?blog=214337663&v=wpcom&tz=-7&user_id=0&post=4&subd=smallcatstest1&host=certified-biz.com&ref=&rand=0.8443181434264886 IP192.0.76.3:443
Requested byhttps://certified-biz.com/ CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2 ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
File typeGIF image data, version 89a, 6 x 5 Hashe4d673a55c5656f19ef81563fb10884c 1f2d8ed221d39329251ad3a6ff1edb20b7219443 f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?blog=214337663&v=wpcom&tz=-7&user_id=0&post=4&subd=smallcatstest1&host=certified-biz.com&ref=&rand=0.8443181434264886 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.4588183110491856 | 192.0.76.3 | 200 OK | 50 B |
URL GET HTTP/2pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.4588183110491856 IP192.0.76.3:443
Requested byhttps://certified-biz.com/ CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2 ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
File typeGIF image data, version 89a, 6 x 5 Hashe4d673a55c5656f19ef81563fb10884c 1f2d8ed221d39329251ad3a6ff1edb20b7219443 f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.4588183110491856 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| pixel.wp.com/g.gif?crypt=UE40eW5QN0p8M2Y%2FRE1mNzc2NTVTamdsd0xoLz9RQkM2K298TXY9bERQMXc2MjhEaVZfb2wwakRoSj0mUkp1THptM1NdbkV1WjZIcU9mVWQmPUIvMlN6Jk8wW3NYVEJ3dWZOWExuWD83c29WVT0zQUJFTlFOL1FMVmUrN1JaMndtNGw4LUhzSDZkVC8lTUM0eWVddkQ4QkNHWGVGeWwsSC9xeT1uJj02c3YlZ0dQVmFQeVZ0alhaRGNEciZ4bFM2LlI9S1FUPVRoajBFeFpjMjVTLltUYVRwRE13Wmp6MGFUdHZ8X3I%2FYVFTcTF4MkRfb1ZRcUY5aUEmYltUdW5BUHdPYXU%2FPWhtUkpJVjZjLEVn&v=wpcom-no-pv&rand=0.30101056889920685 | 192.0.76.3 | 200 OK | 50 B |
URL GET HTTP/2pixel.wp.com/g.gif?crypt=UE40eW5QN0p8M2Y%2FRE1mNzc2NTVTamdsd0xoLz9RQkM2K298TXY9bERQMXc2MjhEaVZfb2wwakRoSj0mUkp1THptM1NdbkV1WjZIcU9mVWQmPUIvMlN6Jk8wW3NYVEJ3dWZOWExuWD83c29WVT0zQUJFTlFOL1FMVmUrN1JaMndtNGw4LUhzSDZkVC8lTUM0eWVddkQ4QkNHWGVGeWwsSC9xeT1uJj02c3YlZ0dQVmFQeVZ0alhaRGNEciZ4bFM2LlI9S1FUPVRoajBFeFpjMjVTLltUYVRwRE13Wmp6MGFUdHZ8X3I%2FYVFTcTF4MkRfb1ZRcUY5aUEmYltUdW5BUHdPYXU%2FPWhtUkpJVjZjLEVn&v=wpcom-no-pv&rand=0.30101056889920685 IP192.0.76.3:443
Requested byhttps://certified-biz.com/ CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2 ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
File typeGIF image data, version 89a, 6 x 5 Hashe4d673a55c5656f19ef81563fb10884c 1f2d8ed221d39329251ad3a6ff1edb20b7219443 f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?crypt=UE40eW5QN0p8M2Y%2FRE1mNzc2NTVTamdsd0xoLz9RQkM2K298TXY9bERQMXc2MjhEaVZfb2wwakRoSj0mUkp1THptM1NdbkV1WjZIcU9mVWQmPUIvMlN6Jk8wW3NYVEJ3dWZOWExuWD83c29WVT0zQUJFTlFOL1FMVmUrN1JaMndtNGw4LUhzSDZkVC8lTUM0eWVddkQ4QkNHWGVGeWwsSC9xeT1uJj02c3YlZ0dQVmFQeVZ0alhaRGNEciZ4bFM2LlI9S1FUPVRoajBFeFpjMjVTLltUYVRwRE13Wmp6MGFUdHZ8X3I%2FYVFTcTF4MkRfb1ZRcUY5aUEmYltUdW5BUHdPYXU%2FPWhtUkpJVjZjLEVn&v=wpcom-no-pv&rand=0.30101056889920685 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| certified-biz.com/index2_files/remote-login.html | 91.215.85.51 | 200 OK | 309 B |
URL GET HTTP/1.1certified-biz.com/index2_files/remote-login.html IP91.215.85.51:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subject0atlas.com FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT
File typeHTML document, ASCII text Hash1eff333c5ebf8fa34ebfea98ef2dd25d a98b05063a55e58898762607675e9c75e018a1bc 8357bbdb07c1e282941cbf9e6633826ab507ed0fffe351f5682bb5687a1b442b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index2_files/remote-login.html HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
|
|
| smallcatstest1.files.wordpress.com/2023/03/swccf_logo-final-low-res.jpg?w=192 | 192.0.72.18 | 302 Found | 138 B |
URL GET HTTP/3smallcatstest1.files.wordpress.com/2023/03/swccf_logo-final-low-res.jpg?w=192 IP192.0.72.18:443
Requested byhttps://certified-biz.com/ CertificateIssuerSectigo Limited Subject*.files.wordpress.com FingerprintC0:8D:DA:1D:78:59:02:AA:18:87:8A:02:6C:67:24:E4:30:8F:C4:97 ValidityTue, 05 Dec 2023 00:00:00 GMT - Sat, 04 Jan 2025 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashaff950cab4c0265e21d401db15f1026d f03e18461817f7a6546c8bf8fa8d686d7e30aca0 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /2023/03/swccf_logo-final-low-res.jpg?w=192 HTTP/1.1
Host: smallcatstest1.files.wordpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: text/html
content-length: 138
location: https://smallcats.org/wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=192
x-nc: arn 18 np
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
|
|
| smallcatstest1.files.wordpress.com/2023/03/swccf_logo-final-low-res.jpg?w=32 | 192.0.72.18 | 302 Found | 138 B |
URL GET HTTP/3smallcatstest1.files.wordpress.com/2023/03/swccf_logo-final-low-res.jpg?w=32 IP192.0.72.18:443
Requested byhttps://certified-biz.com/ CertificateIssuerSectigo Limited Subject*.files.wordpress.com FingerprintC0:8D:DA:1D:78:59:02:AA:18:87:8A:02:6C:67:24:E4:30:8F:C4:97 ValidityTue, 05 Dec 2023 00:00:00 GMT - Sat, 04 Jan 2025 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashaff950cab4c0265e21d401db15f1026d f03e18461817f7a6546c8bf8fa8d686d7e30aca0 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /2023/03/swccf_logo-final-low-res.jpg?w=32 HTTP/1.1
Host: smallcatstest1.files.wordpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: text/html
content-length: 138
location: https://smallcats.org/wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=32
x-nc: arn 18 np
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
|
|
| smallcats.org/wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=192 | 192.0.78.25 | 200 OK | 5.8 kB |
URL GET HTTP/3smallcats.org/wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=192 IP192.0.78.25:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subjecttls.automattic.com Fingerprint1C:84:DA:76:FF:BD:2E:E0:D0:53:93:ED:86:7F:28:01:20:23:8B:27 ValidityFri, 15 Mar 2024 19:11:27 GMT - Thu, 13 Jun 2024 19:11:26 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 192x97, Scaling: [none]x[none], YUV color, decoders should clamp Hash64f5b4bda41e35dfe273ea8270876b05 08302b2a64a802ccd43f2e277716d1e5223075e7 d03fa871e6684139faa533ec79729d04def65aee2c073402792c6f989852dd54
GET /wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=192 HTTP/1.1
Host: smallcats.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://certified-biz.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:47 GMT
content-type: image/webp
content-length: 5780
strict-transport-security: max-age=31536000
last-modified: Sun, 12 Mar 2023 06:08:20 GMT
expires: Wed, 05 Jun 2024 06:26:51 GMT
x-orig-src: 0_imageresize
vary: Accept
x-ac: 3.arn _dca MISS
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
|
|
| smallcats.org/wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=32 | 192.0.78.25 | 200 OK | 526 B |
URL GET HTTP/3smallcats.org/wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=32 IP192.0.78.25:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subjecttls.automattic.com Fingerprint1C:84:DA:76:FF:BD:2E:E0:D0:53:93:ED:86:7F:28:01:20:23:8B:27 ValidityFri, 15 Mar 2024 19:11:27 GMT - Thu, 13 Jun 2024 19:11:26 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 32x16, Scaling: [none]x[none], YUV color, decoders should clamp Hash93cd28df94b8ce61412656932a48a6f9 e76dcea0a0f59b7324b66158838abf21e956ce13 b2c97094729147259f4474eea720a94698d30ac674d5b5adafe2e38304b2a31b
GET /wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=32 HTTP/1.1
Host: smallcats.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://certified-biz.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:47 GMT
content-type: image/webp
content-length: 526
strict-transport-security: max-age=31536000
last-modified: Sun, 12 Mar 2023 06:08:20 GMT
expires: Sun, 02 Jun 2024 12:16:07 GMT
x-orig-src: 0_imageresize
vary: Accept
x-ac: 3.arn _dca MISS
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
|
|
| pixel.wp.com/boom.gif?bilmur=1&batcache_hit=0&provider=wordpress.com&service=simple&custom_properties=%7B%22logged_in%22%3A%220%22%2C%22wptheme%22%3A%22pub%2Fmarl%22%2C%22wptheme_is_block%22%3A%221%22%7D&host_name=certified-biz.com&url_path=%2F&nt_unloadEventStart=1533&nt_unloadEventEnd=1533&nt_fetchStart=1090&nt_domainLookupStart=1100&nt_domainLookupEnd=1101&nt_connectStart=1101&nt_connectEnd=1210&nt_secureConnectionStart=1155&nt_requestStart=1210&nt_responseStart=1260&nt_responseEnd=1448&nt_domLoading=8&nt_domInteractive=87&nt_domContentLoadedEventStart=211&nt_domContentLoadedEventEnd=212&nt_domComplete=2873&nt_loadEventStart=2873&nt_loadEventEnd=2874&nt_redirectCount=0&nt_nextHopProtocol=http%2F1.1&nt_api_level=2&first_contentful_paint=2311&resource_size=0&resource_transferred=0&js_size=0&js_transferred=0&blocking_size=0&blocking_transferred=0&last_resource_end=2909 | 192.0.76.3 | 204 No Content | 0 B |
URL GET HTTP/3pixel.wp.com/boom.gif?bilmur=1&batcache_hit=0&provider=wordpress.com&service=simple&custom_properties=%7B%22logged_in%22%3A%220%22%2C%22wptheme%22%3A%22pub%2Fmarl%22%2C%22wptheme_is_block%22%3A%221%22%7D&host_name=certified-biz.com&url_path=%2F&nt_unloadEventStart=1533&nt_unloadEventEnd=1533&nt_fetchStart=1090&nt_domainLookupStart=1100&nt_domainLookupEnd=1101&nt_connectStart=1101&nt_connectEnd=1210&nt_secureConnectionStart=1155&nt_requestStart=1210&nt_responseStart=1260&nt_responseEnd=1448&nt_domLoading=8&nt_domInteractive=87&nt_domContentLoadedEventStart=211&nt_domContentLoadedEventEnd=212&nt_domComplete=2873&nt_loadEventStart=2873&nt_loadEventEnd=2874&nt_redirectCount=0&nt_nextHopProtocol=http%2F1.1&nt_api_level=2&first_contentful_paint=2311&resource_size=0&resource_transferred=0&js_size=0&js_transferred=0&blocking_size=0&blocking_transferred=0&last_resource_end=2909 IP192.0.76.3:443
Requested byhttps://certified-biz.com/ CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2 ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /boom.gif?bilmur=1&batcache_hit=0&provider=wordpress.com&service=simple&custom_properties=%7B%22logged_in%22%3A%220%22%2C%22wptheme%22%3A%22pub%2Fmarl%22%2C%22wptheme_is_block%22%3A%221%22%7D&host_name=certified-biz.com&url_path=%2F&nt_unloadEventStart=1533&nt_unloadEventEnd=1533&nt_fetchStart=1090&nt_domainLookupStart=1100&nt_domainLookupEnd=1101&nt_connectStart=1101&nt_connectEnd=1210&nt_secureConnectionStart=1155&nt_requestStart=1210&nt_responseStart=1260&nt_responseEnd=1448&nt_domLoading=8&nt_domInteractive=87&nt_domContentLoadedEventStart=211&nt_domContentLoadedEventEnd=212&nt_domComplete=2873&nt_loadEventStart=2873&nt_loadEventEnd=2874&nt_redirectCount=0&nt_nextHopProtocol=http%2F1.1&nt_api_level=2&first_contentful_paint=2311&resource_size=0&resource_transferred=0&js_size=0&js_transferred=0&blocking_size=0&blocking_transferred=0&last_resource_end=2909 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
server: nginx
date: Sat, 04 May 2024 18:55:49 GMT
cache-control: no-cache
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
|
|
| smallcats.org/wp-admin/admin-ajax.php | 192.0.78.25 | 403 Forbidden | 10 kB |
URL OPTIONS HTTP/3smallcats.org/wp-admin/admin-ajax.php IP192.0.78.25:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subjecttls.automattic.com Fingerprint1C:84:DA:76:FF:BD:2E:E0:D0:53:93:ED:86:7F:28:01:20:23:8B:27 ValidityFri, 15 Mar 2024 19:11:27 GMT - Thu, 13 Jun 2024 19:11:26 GMT
Hash673605c6f081c7036a365d8ff574abed acea6fb38f86767cf787bcfca8b994273e27e16e 191742d0eb4871aeaa8d09113f163a1474498695abc3ce2fa2de2919509ba1ae
OPTIONS /wp-admin/admin-ajax.php HTTP/1.1
Host: smallcats.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Referer: https://certified-biz.com/
Origin: https://certified-biz.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
server: nginx
date: Sat, 04 May 2024 18:55:47 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-hacker: Want root? Visit join.a8c.com/hacker and mention this header.
host-header: WordPress.com
content-encoding: br
x-ac: 3.arn _dca BYPASS
alt-svc: h3=":443"; ma=86400
|
|
| certified-biz.com/index2_files/remote-login.html | 91.215.85.51 | 200 OK | 309 B |
URL GET HTTP/1.1certified-biz.com/index2_files/remote-login.html IP91.215.85.51:443
Requested byhttps://certified-biz.com/ CertificateIssuerLet's Encrypt Subject0atlas.com FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT
File typeHTML document, ASCII text Hash1eff333c5ebf8fa34ebfea98ef2dd25d a98b05063a55e58898762607675e9c75e018a1bc 8357bbdb07c1e282941cbf9e6633826ab507ed0fffe351f5682bb5687a1b442b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index2_files/remote-login.html HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:56:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
|
|
| s0.wp.com/wp-content/mu-plugins/actionbar/actionbar.js?v=20231122 | 192.0.77.32 | 200 OK | 8.4 kB |
URL GET HTTP/3s0.wp.com/wp-content/mu-plugins/actionbar/actionbar.js?v=20231122 IP192.0.77.32:443
Requested byhttps://certified-biz.com/ CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2 ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (8768), with no line terminators Hash13f5eaad864b86e556aa413bd411de48 e594a37fca4fe42447853b4a384aac2648f57936 f13d3fd96ae3e38a504113d203df8f310f2d527d992774fbca29d1e12d0ab969
GET /wp-content/mu-plugins/actionbar/actionbar.js?v=20231122 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:47 GMT
content-type: application/javascript
vary: Accept-Encoding
x-minify: t
x-minify-cache: hit
etag: W/15307-1700657605806.1843
content-encoding: br
expires: Thu, 21 Nov 2024 12:53:34 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca MISS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-nc: HIT arn 2
|
|
| s0.wp.com/wp-content/mu-plugins/actionbar/actionbar.css?v=20240115 | 192.0.77.32 | 200 OK | 16 kB |
URL GET HTTP/3s0.wp.com/wp-content/mu-plugins/actionbar/actionbar.css?v=20240115 IP192.0.77.32:443
Requested byhttps://certified-biz.com/ CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2 ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/mu-plugins/actionbar/actionbar.css?v=20240115 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:47 GMT
content-type: text/css
vary: Accept-Encoding
x-minify: t
x-minify-cache: hit
etag: W/18324-1705283922160.1887
content-encoding: br
expires: Tue, 14 Jan 2025 01:58:57 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca MISS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-nc: HIT arn 2
|
|
| r-login.wordpress.com/remote-login.php?wpcom_remote_login=key&origin=aHR0cHM6Ly9zbWFsbGNhdHMub3Jn&wpcomid=214337663&time=1712573150 | 192.0.78.18 | 200 OK | 131 B |
URL GET HTTP/2r-login.wordpress.com/remote-login.php?wpcom_remote_login=key&origin=aHR0cHM6Ly9zbWFsbGNhdHMub3Jn&wpcomid=214337663&time=1712573150 IP192.0.78.18:443
Requested byhttps://certified-biz.com/ CertificateIssuerSectigo Limited Subject*.wordpress.com FingerprintC1:48:1A:12:55:09:A2:A4:81:3F:8F:A4:23:9C:B3:41:78:C0:B6:52 ValidityTue, 05 Dec 2023 00:00:00 GMT - Sat, 04 Jan 2025 23:59:59 GMT
File typeHTML document, ASCII text, with no line terminators Hash6dfe15ce9571ca218e6cc0b9a67be172 09da3fce6f1b364ba13b10eb4300736a52645f0f c0503d07007316479c4f2ade0131899b9fd37fae1e327a1560c34bf387ab18dd
GET /remote-login.php?wpcom_remote_login=key&origin=aHR0cHM6Ly9zbWFsbGNhdHMub3Jn&wpcomid=214337663&time=1712573150 HTTP/1.1
Host: r-login.wordpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Cookie
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: br
x-ac: 2.arn _dfw MISS
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1710334132i&ver=6.5-RC3-57891 | 192.0.77.32 | 200 OK | 19 kB |
URL GET HTTP/3s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1710334132i&ver=6.5-RC3-57891 IP192.0.77.32:443
Requested byhttps://certified-biz.com/ CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2 ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (15752) Hashb976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
GET /wp-includes/js/wp-emoji-release.min.js?m=1710334132i&ver=6.5-RC3-57891 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: application/javascript
last-modified: Wed, 13 Mar 2024 12:48:59 GMT
vary: Accept-Encoding
etag: W/"65f1a0bb-4926"
content-encoding: br
expires: Fri, 28 Mar 2025 15:24:12 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca MISS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-nc: HIT arn 2
|
|