Report - certified-biz.com/

Report Overview

Submitted URL
certified-biz.com/
IP
91.215.85.51
ASN
#200593 Prospero Ooo
Submitted
2024-05-04 18:56:10
Access
public
Website Title
Small Wild Cat Conservation Foundation
Final URL
certified-biz.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
48

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
s0.wp.com	6184	1997-03-28	2017-01-30	2024-05-03	3.0 kB	118 kB	192.0.77.32
pixel.wp.com	2545	1997-03-28	2017-01-30	2024-05-03	3.1 kB	969 B	192.0.76.3
r-login.wordpress.com	138134	2000-03-03	2012-05-21	2024-05-03	622 B	504 B	192.0.78.18
certified-biz.com	unknown	unknown	No data	No data	10 kB	610 kB	91.215.85.51
smallcatstest1.files.wordpress.com	unknown	unknown	No data	No data	3.4 kB	3.1 kB	192.0.72.18
smallcats.org	unknown	unknown	No data	No data	4.0 kB	464 kB	192.0.78.25

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	certified-biz.com	Sinkholed
2024-05-04	medium	certified-biz.com	Sinkholed
2024-05-04	medium	certified-biz.com	Sinkholed
2024-05-04	medium	certified-biz.com	Sinkholed
2024-05-04	medium	certified-biz.com	Sinkholed
2024-05-04	medium	certified-biz.com	Sinkholed
2024-05-04	medium	certified-biz.com	Sinkholed
2024-05-04	medium	certified-biz.com	Sinkholed
2024-05-04	medium	certified-biz.com	Sinkholed
2024-05-04	medium	certified-biz.com	Sinkholed
2024-05-04	medium	certified-biz.com	Sinkholed
2024-05-04	medium	certified-biz.com	Sinkholed
2024-05-04	medium	certified-biz.com	Sinkholed
2024-05-04	medium	certified-biz.com	Sinkholed
2024-05-04	medium	certified-biz.com	Sinkholed
2024-05-04	medium	certified-biz.com	Sinkholed
2024-05-04	medium	certified-biz.com	Sinkholed
2024-05-04	medium	certified-biz.com	Sinkholed
2024-05-04	medium	certified-biz.com	Sinkholed
2024-05-04	medium	certified-biz.com	Sinkholed
2024-05-04	medium	certified-biz.com	Sinkholed
2024-05-04	medium	certified-biz.com	Sinkholed
2024-05-04	medium	certified-biz.com	Sinkholed
2024-05-04	medium	certified-biz.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (26)

	URL	Size	First Seen	Last Seen
	certified-biz.com/	5.5 kB	2024-04-28	2024-05-13
Pretty URL certified-biz.com/ IP 91.215.85.51 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-28 09:14:14 Last Seen2024-05-13 17:22:16 Times Seen6 Hash f2d316eafe9baa4a1dd545e617eef64d f0884c4d267647cc2afef01565130a73ccddca0c 32ee6e234c9a54d88c6ba3a658126870900cc382f3c8e9db9edbe758c7dd171c Loading...

	certified-biz.com/	261 B	2023-03-07	2024-05-18
Pretty URL certified-biz.com/ IP 91.215.85.51 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:43 Last Seen2024-05-18 08:32:13 Times Seen857 Hash 045d9793bea2147d49e2091523bca32f add12c4d76b79a2ac35faec35f62d29a95aba30f e08353fd145bf9e8bfd944b3d6f4ccfa8ee927eda9209edeb5b1744e3b3a85b7 Loading...

	certified-biz.com/index2_files/remote-login.html	0 B	2023-03-07	2024-05-18
Pretty URL certified-biz.com/index2_files/remote-login.html IP 91.215.85.51 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 12:41:44 Times Seen37785235 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	certified-biz.com/	3.3 kB	2024-03-29	2024-05-16
Pretty URL certified-biz.com/ IP 91.215.85.51 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-29 18:05:55 Last Seen2024-05-16 00:20:06 Times Seen10 Hash b11c625bced38bf87dc043bf4ea10543 14f72df10e2d111f0ee3e44e38f604f32a3ab734 7e4e0a5d6dd2665b6538a3e5e57dc96d837f44131ee32d94c2ef22dd5d5bed0e Loading...

	certified-biz.com/	253 B	2024-04-28	2024-05-13
Pretty URL certified-biz.com/ IP 91.215.85.51 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-28 09:14:14 Last Seen2024-05-13 17:22:16 Times Seen6 Hash e38ae153c02c78b07ff39b638c2e71bf ad4ce2c1bc6576fc8c388bd88b1796520a84b5df 6f0601a696361c39804442307c12fc6e77cefbc4e56c326340f867ea32e904e8 Loading...

	certified-biz.com/index2_files/saved_resource(3)	29 kB	2023-11-15	2024-05-16
Pretty URL certified-biz.com/index2_files/saved_resource(3) IP 91.215.85.51 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-15 05:20:59 Last Seen2024-05-16 08:37:42 Times Seen186 Hash 3e0c38696f92d250f105a4dde4845c62 b40ed6ec83d49ad6a779f81e6aac9e356744da96 d45f60b3a22e1de301361656b1bccb608453302cb7ccd278eb1f17fc5f6ec74c Loading...

	certified-biz.com/	563 B	2024-04-28	2024-05-13
Pretty URL certified-biz.com/ IP 91.215.85.51 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-28 09:14:14 Last Seen2024-05-13 17:22:16 Times Seen6 Hash 891f2a361e4414b7bd5531e46ed68762 9632bd41a03ba62999bcda1844c97a8860e40e6c 31c7405be92c8a59892e577b8a70f4ec60a54632719553586597cb9a40c79703 Loading...

	certified-biz.com/	146 B	2023-03-07	2024-05-16
Pretty URL certified-biz.com/ IP 91.215.85.51 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:43 Last Seen2024-05-16 18:48:56 Times Seen595 Hash 72f439fe6bf6582d8adf0d55188233de 378d954e6f18090933d44d706389c0c06a71be6f cef4c937f7ca9c40f6229250024c340ec4ddaf281d22416866f8a34b9cc933c3 Loading...

	certified-biz.com/	231 B	2024-03-23	2024-05-16
Pretty URL certified-biz.com/ IP 91.215.85.51 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-23 16:18:26 Last Seen2024-05-16 18:48:56 Times Seen30 Hash e64a1d035b767c2a8b41636fc31e9b54 6640dc5a485e838c537f233730db02787e09752a 939e7b9ac0cebc26ccc1803f15981732e52194676ba1317a186096b43f985dfe Loading...

	s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1710334132i&ver=6.5-RC3-57891	19 kB	2024-03-13	2024-05-18
Pretty URL s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1710334132i&ver=6.5-RC3-57891 IP 192.0.77.32 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-13 16:02:37 Last Seen2024-05-18 12:00:39 Times Seen5074 Hash b976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3 Loading...

	certified-biz.com/index2_files/wpgroho.js.nedladdning	655 B	2023-05-08	2024-05-18
Pretty URL certified-biz.com/index2_files/wpgroho.js.nedladdning IP 91.215.85.51 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-08 13:17:26 Last Seen2024-05-18 08:32:14 Times Seen718 Hash 5048b7bf6f335c259cae5d653d50726e 96f45044f726eef7c8e7c7f21f6368bf23a2b3f0 b6e4492d3b8358a81b80908b1f84e6bd2f64a7a46d48793af99d27bf29f4c2e8 Loading...

	certified-biz.com/	31 B	2023-03-07	2024-05-16
Pretty URL certified-biz.com/ IP 91.215.85.51 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:43 Last Seen2024-05-16 18:48:56 Times Seen502 Hash 4157bf26a5609634f3f2c1a8377c9deb db23b4aed4cb5b8fea2e78d0568308d0b8bba67f 27b2ab69381ccff549a515e554b6255aa0d071150c1b9578714ebcf8c243ce85 Loading...

	certified-biz.com/index2_files/saved_resource(4)	49 kB	2024-04-15	2024-05-13
Pretty URL certified-biz.com/index2_files/saved_resource(4) IP 91.215.85.51 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-15 15:39:14 Last Seen2024-05-13 17:22:16 Times Seen14 Hash 3a750815a1a36d2fab256975ee20e6d6 a5cce91ca7550e8cb3fe7a73fa1fd18313ecc031 dfc865b1f380dee91d92100160a8d4ad0d9a4e1d1765c434ec6994e3ee5373e9 Loading...

	certified-biz.com/	1.0 kB	2023-08-01	2024-05-17
Pretty URL certified-biz.com/ IP 91.215.85.51 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-01 21:35:00 Last Seen2024-05-17 05:32:20 Times Seen372 Hash 26d7dfcfe5dac8a11100faf16f15ab95 c02f802109281d3f3355c7e5f1d5c0f96125df76 09694c231ea869cf05a1de2dd482ff66fe38e3292726f12924609d9d55ed2f28 Loading...

	certified-biz.com/index2_files/bilmur.min.js.nedladdning	5.7 kB	2023-11-16	2024-05-18
Pretty URL certified-biz.com/index2_files/bilmur.min.js.nedladdning IP 91.215.85.51 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-16 23:23:22 Last Seen2024-05-18 06:46:39 Times Seen1001 Hash ef5e963b2137525d2759bc87459d3d23 176d5c1e6325dbb037ddc949d58d0d217b5299c6 216728e33a7de4be9b784eff527c6ccf1658319ea78fe66a7864c0b923200252 Loading...

	certified-biz.com/index2_files/actionbar.js.nedladdning	8.4 kB	2023-11-23	2024-05-18
Pretty URL certified-biz.com/index2_files/actionbar.js.nedladdning IP 91.215.85.51 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-23 00:26:49 Last Seen2024-05-18 08:32:13 Times Seen119 Hash f466cb6b256973317c2315741fad9f49 ea2c62047a1697c19b06be23871ca839849cb8a3 a6dc271cbdaa05e97c5144483628df9e30b68326e5b04a5fef3322af1c0f22e0 Loading...

	certified-biz.com/index2_files/w.js.nedladdning	13 kB	2024-01-18	2024-05-18
Pretty URL certified-biz.com/index2_files/w.js.nedladdning IP 91.215.85.51 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-18 16:29:14 Last Seen2024-05-18 09:40:46 Times Seen1418 Hash ef880be61458e4e89c9cb9d99d2d300e c7740f6524cfab6084682b1ce320b2e5e9c4d4cc 79674b01741c3978417b6b9b4b98d125755e7bb468979d5cd593eac4b94cdb91 Loading...

	certified-biz.com/	485 B	2024-01-16	2024-05-18
Pretty URL certified-biz.com/ IP 91.215.85.51 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-16 15:52:04 Last Seen2024-05-18 08:32:13 Times Seen62 Hash 5fd2449e62fa1791283e2f37c87b227d d79f93d0f1be53c43911b0470708070e7919bc82 e1108f63187fecf95519279c7730bc4a89c9667a37dbdd13e6a9016362793eee Loading...

	certified-biz.com/	1.6 kB	2024-04-28	2024-05-13
Pretty URL certified-biz.com/ IP 91.215.85.51 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-28 09:14:14 Last Seen2024-05-13 17:22:16 Times Seen6 Hash 74d3fecaaf0705411de845e91108d59c 42b7a1f315941452d32dc7c7bebdad14f7fd784e b44ad857dc124dbd9d7cec219fe442efa6660b3fdda8cc2cb250734230e4a220 Loading...

	certified-biz.com/	155 B	2023-03-07	2024-05-16
Pretty URL certified-biz.com/ IP 91.215.85.51 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:43 Last Seen2024-05-16 00:20:06 Times Seen101 Hash 5bb2f84c1c503a9bbfe5f1aaa7bd8fe1 409399316b097ad8c7d0b23cde36d685478a21a7 e0b70d1692b1f2cb966761a772028f9430981943b7839557fd44d68352c3c18e Loading...

	certified-biz.com/index2_files/hovercards.min.js.nedladdning	13 kB	2024-04-01	2024-05-18
Pretty URL certified-biz.com/index2_files/hovercards.min.js.nedladdning IP 91.215.85.51 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-01 15:02:03 Last Seen2024-05-18 08:32:14 Times Seen153 Hash 42e1c5cd9eeafe8d5f7960ebc0b5e009 8ef61d3f16881a010e0f431b63013d0c7dcc954f 4d47d929f88574eb4a47e5b1778b683b87e7f6078bb6a33f34c1178752e83406 Loading...

	certified-biz.com/	1.0 kB	2023-11-08	2024-05-17
Pretty URL certified-biz.com/ IP 91.215.85.51 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-08 09:30:36 Last Seen2024-05-17 08:59:44 Times Seen617 Hash b18ab1c7cbb44f317423b92b75a5d9ac 675c70d0a356d3870095b77c6990e65017982549 66246b04584a56860ade5e12c3469df29af8824d788a619e41907521a17a3bfc Loading...

	certified-biz.com/	953 B	2024-01-04	2024-05-18
Pretty URL certified-biz.com/ IP 91.215.85.51 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-04 11:49:58 Last Seen2024-05-18 08:32:13 Times Seen146 Hash b71c87d2a0f1cff364199e3b806c9f88 ac6c1f82084e7d56faabe25f7285f69580f2bad8 4cba90ab03982f0f3fcf5749c424ee5ea3d3307ac3deadbd20aa7ac311a40ab6 Loading...

	certified-biz.com/	441 B	2023-03-07	2024-05-18
Pretty URL certified-biz.com/ IP 91.215.85.51 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:43 Last Seen2024-05-18 08:32:13 Times Seen920 Hash 23ca0b3a0fde2fc9a555587728c5957c 7f0efa6919fb0217494430cb6bf1d363de29cb22 bf6041d623e98d8ce3224e766a2c61ac436ddefaab7f3363096553c1eb553114 Loading...

	certified-biz.com/	743 B	2024-04-28	2024-05-13
Pretty URL certified-biz.com/ IP 91.215.85.51 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-28 09:14:14 Last Seen2024-05-13 17:22:16 Times Seen6 Hash 36d1f4bd699c739d979fb2a35fd08ea5 fe59d4f20c2cb63bad5eb7997cd3ae8cd6617395 2cee13850d35b810eaf82be46662351918710d68c8d0d9060125c6d7e9b0fa5d Loading...

	certified-biz.com/	792 B	2023-03-07	2024-05-18
Pretty URL certified-biz.com/ IP 91.215.85.51 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:43 Last Seen2024-05-18 08:32:13 Times Seen498 Hash 428e7e32cb2aa31b23ff61053c640eaa 60571b5600bbc843e699117baabaa1a713eb6fec 79de8aae5d5cedc30ab538730eab164f13563253e9340c03b04a50d7624ac2dc Loading...

HTTP Transactions (50)

URL IP Response Size

certified-biz.com/

91.215.85.51

200 OK

317 B

URL User Request GET HTTP/1.1
certified-biz.com/
IP
91.215.85.51:443
ASN
#200593 Prospero Ooo

Certificate
IssuerLet's Encrypt
Subject0atlas.com
FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D
ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT

File type
HTML document, ASCII text
Size
317 B (317 bytes)
Hash
a9f4217f6407e3e49fbd00b73c3a4a01
a565d43e5e1e70a47d8ca5b91a27507f5bc80bdc
d9997d7b6b08e1bc7a6217026deb0f86a524662aed079b97ca83962fcc9a714c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:43 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://certified-biz.com/

certified-biz.com/

91.215.85.51

200 OK

26 kB

URL User Request GET HTTP/1.1
certified-biz.com/
IP
91.215.85.51:443
ASN
#200593 Prospero Ooo

Certificate
IssuerLet's Encrypt
Subject0atlas.com
FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D
ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2894)
Size
26 kB (25529 bytes)
Hash
5f7f91462bd89e0eccd4819a432d4eec
5932a1f56f776036aa0aa30cad428d398a38c0d9
cc1e1bbce3867f24573b5c09007532829177ab69867811b14e6e71879991cd8b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;

certified-biz.com/index2_files/blockbase.css

91.215.85.51

200 OK

247 B

URL GET HTTP/1.1
certified-biz.com/index2_files/blockbase.css
IP
91.215.85.51:443
ASN
#200593 Prospero Ooo

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subject0atlas.com
FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D
ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT

File type
ASCII text, with no line terminators
Size
247 B (247 bytes)
Hash
c992f8cb96e600cbba1529817e4e6d60
bd4a93935a6703da9a323013442a0c8f2b44154d
0f4d4bd26f87f9de21091d5ad2e75369c4073df001a86393551d8cd4fffc157d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index2_files/blockbase.css HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:45 GMT
Content-Type: text/css
Content-Length: 247
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
Connection: keep-alive
ETag: "662c29c3-f7"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

smallcatstest1.files.wordpress.com/2023/03/swccf_logo-final-low-res.jpg?w=300&h=152

192.0.72.18

302 Found

138 B

URL GET HTTP/2
smallcatstest1.files.wordpress.com/2023/03/swccf_logo-final-low-res.jpg?w=300&h=152
IP
192.0.72.18:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerSectigo Limited
Subject*.files.wordpress.com
FingerprintC0:8D:DA:1D:78:59:02:AA:18:87:8A:02:6C:67:24:E4:30:8F:C4:97
ValidityTue, 05 Dec 2023 00:00:00 GMT - Sat, 04 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
138 B (138 bytes)
Hash
aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0

HTTP Headers

GET /2023/03/swccf_logo-final-low-res.jpg?w=300&h=152 HTTP/1.1
Host: smallcatstest1.files.wordpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Sat, 04 May 2024 18:55:45 GMT
content-type: text/html
content-length: 138
location: https://smallcats.org/wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=300&h=152
x-nc: arn 18 np
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

smallcatstest1.files.wordpress.com/2023/03/manul-tambako-the-jaguar.jpg?w=1024

192.0.72.18

302 Found

138 B

URL GET HTTP/2
smallcatstest1.files.wordpress.com/2023/03/manul-tambako-the-jaguar.jpg?w=1024
IP
192.0.72.18:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerSectigo Limited
Subject*.files.wordpress.com
FingerprintC0:8D:DA:1D:78:59:02:AA:18:87:8A:02:6C:67:24:E4:30:8F:C4:97
ValidityTue, 05 Dec 2023 00:00:00 GMT - Sat, 04 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
138 B (138 bytes)
Hash
aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0

HTTP Headers

GET /2023/03/manul-tambako-the-jaguar.jpg?w=1024 HTTP/1.1
Host: smallcatstest1.files.wordpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Sat, 04 May 2024 18:55:45 GMT
content-type: text/html
content-length: 138
location: https://smallcats.org/wp-content/uploads/2023/03/manul-tambako-the-jaguar.jpg?w=1024
x-nc: arn 18 np
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

smallcatstest1.files.wordpress.com/2023/03/agc-tambako-the-jaguar.jpg?w=683

192.0.72.18

302 Found

138 B

URL GET HTTP/2
smallcatstest1.files.wordpress.com/2023/03/agc-tambako-the-jaguar.jpg?w=683
IP
192.0.72.18:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerSectigo Limited
Subject*.files.wordpress.com
FingerprintC0:8D:DA:1D:78:59:02:AA:18:87:8A:02:6C:67:24:E4:30:8F:C4:97
ValidityTue, 05 Dec 2023 00:00:00 GMT - Sat, 04 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
138 B (138 bytes)
Hash
aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0

HTTP Headers

GET /2023/03/agc-tambako-the-jaguar.jpg?w=683 HTTP/1.1
Host: smallcatstest1.files.wordpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Sat, 04 May 2024 18:55:45 GMT
content-type: text/html
content-length: 138
location: https://smallcats.org/wp-content/uploads/2023/03/agc-tambako-the-jaguar.jpg?w=683
x-nc: arn 18 np
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

smallcatstest1.files.wordpress.com/2023/03/232614106_2954918754826947_7920712400157063320_n.jpg?w=1024

192.0.72.18

302 Found

138 B

URL GET HTTP/2
smallcatstest1.files.wordpress.com/2023/03/232614106_2954918754826947_7920712400157063320_n.jpg?w=1024
IP
192.0.72.18:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerSectigo Limited
Subject*.files.wordpress.com
FingerprintC0:8D:DA:1D:78:59:02:AA:18:87:8A:02:6C:67:24:E4:30:8F:C4:97
ValidityTue, 05 Dec 2023 00:00:00 GMT - Sat, 04 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
138 B (138 bytes)
Hash
aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0

HTTP Headers

GET /2023/03/232614106_2954918754826947_7920712400157063320_n.jpg?w=1024 HTTP/1.1
Host: smallcatstest1.files.wordpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Sat, 04 May 2024 18:55:45 GMT
content-type: text/html
content-length: 138
location: https://smallcats.org/wp-content/uploads/2023/03/232614106_2954918754826947_7920712400157063320_n.jpg?w=1024
x-nc: arn 18 np
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

smallcatstest1.files.wordpress.com/2023/03/swccf_logo-final-low-res.jpg?w=50

192.0.72.18

302 Found

138 B

URL GET HTTP/2
smallcatstest1.files.wordpress.com/2023/03/swccf_logo-final-low-res.jpg?w=50
IP
192.0.72.18:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerSectigo Limited
Subject*.files.wordpress.com
FingerprintC0:8D:DA:1D:78:59:02:AA:18:87:8A:02:6C:67:24:E4:30:8F:C4:97
ValidityTue, 05 Dec 2023 00:00:00 GMT - Sat, 04 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
138 B (138 bytes)
Hash
aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0

HTTP Headers

GET /2023/03/swccf_logo-final-low-res.jpg?w=50 HTTP/1.1
Host: smallcatstest1.files.wordpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Sat, 04 May 2024 18:55:45 GMT
content-type: text/html
content-length: 138
location: https://smallcats.org/wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=50
x-nc: arn 18 np
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

certified-biz.com/index2_files/style.css

91.215.85.51

200 OK

16 kB

URL GET HTTP/1.1
certified-biz.com/index2_files/style.css
IP
91.215.85.51:443
ASN
#200593 Prospero Ooo

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subject0atlas.com
FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D
ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT

File type
ASCII text, with very long lines (16469), with no line terminators
Size
16 kB (16469 bytes)
Hash
dffeff471eb8017b13347656275795d3
d7900c28d9ad4557ff34434f608a29351b0ac873
c8c8de9f2c25e4e47071bf4a48cc25a3e776962b0c4de8c02f70c6e4d2aa9551

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index2_files/style.css HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:45 GMT
Content-Type: text/css
Content-Length: 16469
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
Connection: keep-alive
ETag: "662c29c3-4055"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

certified-biz.com/index2_files/global.css

91.215.85.51

200 OK

311 B

URL GET HTTP/1.1
certified-biz.com/index2_files/global.css
IP
91.215.85.51:443
ASN
#200593 Prospero Ooo

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subject0atlas.com
FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D
ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT

File type
ASCII text, with very long lines (311), with no line terminators
Size
311 B (311 bytes)
Hash
d29c41f4a6c13f38c2bdeb009c5dcf09
3f3db604bacf02b91aaa59cf223990b727600045
947d703f577549cbb0b1a4143f3b363ec9c7cf309587d5b12b87f0e64ff99db4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index2_files/global.css HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:45 GMT
Content-Type: text/css
Content-Length: 311
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
Connection: keep-alive
ETag: "662c29c3-137"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

certified-biz.com/index2_files/style(1).css

91.215.85.51

200 OK

7.0 kB

URL GET HTTP/1.1
certified-biz.com/index2_files/style(1).css
IP
91.215.85.51:443
ASN
#200593 Prospero Ooo

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subject0atlas.com
FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D
ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT

File type
ASCII text, with very long lines (7035), with no line terminators
Size
7.0 kB (7035 bytes)
Hash
bdc54341a86f19e1ef7b04def33d8786
fec491899134bb3f8a8f2a5c03d8cae489d71a30
cfc8e93f66ef2c267fc704ded21ed726541e1e8985c89e16185a94c26d4711ef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index2_files/style(1).css HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:45 GMT
Content-Type: text/css
Content-Length: 7035
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
Connection: keep-alive
ETag: "662c29c3-1b7b"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

certified-biz.com/index2_files/saved_resource(1)

91.215.85.51

200 OK

369 B

URL GET HTTP/1.1
certified-biz.com/index2_files/saved_resource(1)
IP
91.215.85.51:443
ASN
#200593 Prospero Ooo

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subject0atlas.com
FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D
ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT

File type
ASCII text, with very long lines (369), with no line terminators
Size
369 B (369 bytes)
Hash
70cd7908a2cc98d079d8e6d79484e95d
0f08cf1458ebf5bd79439de9a82df7c30d98287d
9c83b89ab9d2677980617afacb833a74da3050a2d3d711176b500d7922e49ab5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index2_files/saved_resource(1) HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:45 GMT
Content-Length: 369
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
ETag: "171-617076043be96"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;

certified-biz.com/index2_files/saved_resource(3)

91.215.85.51

200 OK

29 kB

URL GET HTTP/1.1
certified-biz.com/index2_files/saved_resource(3)
IP
91.215.85.51:443
ASN
#200593 Prospero Ooo

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subject0atlas.com
FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D
ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (10122)
Size
29 kB (29433 bytes)
Hash
3e0c38696f92d250f105a4dde4845c62
b40ed6ec83d49ad6a779f81e6aac9e356744da96
d45f60b3a22e1de301361656b1bccb608453302cb7ccd278eb1f17fc5f6ec74c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index2_files/saved_resource(3) HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:45 GMT
Content-Length: 29433
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
ETag: "72f9-617076043be96"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;

certified-biz.com/index2_files/saved_resource

91.215.85.51

200 OK

32 kB

URL GET HTTP/1.1
certified-biz.com/index2_files/saved_resource
IP
91.215.85.51:443
ASN
#200593 Prospero Ooo

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subject0atlas.com
FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D
ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT

File type
ASCII text, with very long lines (32388), with no line terminators
Size
32 kB (32388 bytes)
Hash
d3ff6427fd6d66d35da131eec76f4732
556d2dd5f3b2170844120811e5d555251479dd1c
25ee8903d79dafe188d9b51dcf4de5e43d8bfdb39c3cbd19d725fd15a5cb3000

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index2_files/saved_resource HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:45 GMT
Content-Length: 32388
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
ETag: "7e84-617076043be96"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;

certified-biz.com/index2_files/navigation.min.js.nedladdning

91.215.85.51

200 OK

1.2 kB

URL GET HTTP/1.1
certified-biz.com/index2_files/navigation.min.js.nedladdning
IP
91.215.85.51:443
ASN
#200593 Prospero Ooo

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subject0atlas.com
FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D
ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT

File type
Java source, ASCII text, with very long lines (3271)
Size
1.2 kB (1152 bytes)
Hash
7013eb34e5e3e421b57b6f6990516b2d
f9a2f71989d6dd280707ca80b91499940eb0bdcb
c27cedcef30775c40553cf19d71e928b8fd359fe52c7df0cf78badb483d17ba5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index2_files/navigation.min.js.nedladdning HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:45 GMT
Content-Type: application/javascript
Content-Length: 1152
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
ETag: "cf2-617076043aef6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;

smallcats.org/wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=300&h=152

192.0.78.25

200 OK

11 kB

URL GET HTTP/2
smallcats.org/wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=300&h=152
IP
192.0.78.25:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subjecttls.automattic.com
Fingerprint1C:84:DA:76:FF:BD:2E:E0:D0:53:93:ED:86:7F:28:01:20:23:8B:27
ValidityFri, 15 Mar 2024 19:11:27 GMT - Thu, 13 Jun 2024 19:11:26 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x152, Scaling: [none]x[none], YUV color, decoders should clamp
Size
11 kB (10922 bytes)
Hash
80cf2a0376354e813ac1251407510598
b1b2f969e9e63b1b9fe7c63d298e97f87f4a1acc
8ccc9790a2372ba01f394fa547513519f841844f5ff4cc01246e91c3b8170aeb

HTTP Headers

GET /wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=300&h=152 HTTP/1.1
Host: smallcats.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://certified-biz.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: image/webp
content-length: 10922
strict-transport-security: max-age=31536000
last-modified: Sun, 12 Mar 2023 06:08:20 GMT
expires: Fri, 31 May 2024 23:15:33 GMT
x-orig-src: 0_imageresize
vary: Accept
x-ac: 3.arn _dca HIT
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
X-Firefox-Spdy: h2

smallcats.org/wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=50

192.0.78.25

200 OK

920 B

URL GET HTTP/2
smallcats.org/wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=50
IP
192.0.78.25:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subjecttls.automattic.com
Fingerprint1C:84:DA:76:FF:BD:2E:E0:D0:53:93:ED:86:7F:28:01:20:23:8B:27
ValidityFri, 15 Mar 2024 19:11:27 GMT - Thu, 13 Jun 2024 19:11:26 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 50x25, Scaling: [none]x[none], YUV color, decoders should clamp
Size
920 B (920 bytes)
Hash
6d337aa2448fa705caaf337e03f505fb
2aafe8c51f45a428a9b60a4a52c3f88bd1c01075
946c0c4492118d8d2456e8e23f875838f9a701cfc6ba430fec34c2cf1651b8cd

HTTP Headers

GET /wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=50 HTTP/1.1
Host: smallcats.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://certified-biz.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: image/webp
content-length: 920
strict-transport-security: max-age=31536000
last-modified: Sun, 12 Mar 2023 06:08:20 GMT
expires: Tue, 04 Jun 2024 14:33:00 GMT
x-orig-src: 0_imageresize
vary: Accept
x-ac: 3.arn _dca HIT
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
X-Firefox-Spdy: h2

certified-biz.com/index2_files/hovercards.min.css

91.215.85.51

200 OK

3.6 kB

URL GET HTTP/1.1
certified-biz.com/index2_files/hovercards.min.css
IP
91.215.85.51:443
ASN
#200593 Prospero Ooo

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subject0atlas.com
FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D
ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT

File type
ASCII text, with very long lines (3330)
Size
3.6 kB (3613 bytes)
Hash
ad7fac739d3ad465e69e52c989d6746e
d929f5ecff97ea24556cbda6c539e4a1bf784ab1
4845f9cdb0fbf13f3cf2fbb844bd4152071e338703f737c988051b154529d201

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index2_files/hovercards.min.css HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:46 GMT
Content-Type: text/css
Content-Length: 3613
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
Connection: keep-alive
ETag: "662c29c3-e1d"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

certified-biz.com/index2_files/wp-emoji-release.min.js.nedladdning

91.215.85.51

200 OK

5.1 kB

URL GET HTTP/1.1
certified-biz.com/index2_files/wp-emoji-release.min.js.nedladdning
IP
91.215.85.51:443
ASN
#200593 Prospero Ooo

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subject0atlas.com
FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D
ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT

File type
JavaScript source, ASCII text, with very long lines (15752)
Size
5.1 kB (5062 bytes)
Hash
b976b651932bfd25b9ddb5b7693d88a7
7fcb7cb5c11227f9213b1e08a07d0212209e1432
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index2_files/wp-emoji-release.min.js.nedladdning HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:46 GMT
Content-Type: application/javascript
Content-Length: 5062
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
ETag: "4926-617076043be96-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;

certified-biz.com/index2_files/actionbar.css

91.215.85.51

200 OK

16 kB

URL GET HTTP/1.1
certified-biz.com/index2_files/actionbar.css
IP
91.215.85.51:443
ASN
#200593 Prospero Ooo

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subject0atlas.com
FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D
ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT

File type
Unicode text, UTF-8 text, with very long lines (15502), with no line terminators
Size
16 kB (15504 bytes)
Hash
529e6a6014b4f3e655d1237f5061b157
6dec17ca6212584fe4e9e3413d98aa109851de34
c1e62caa83381d8a3c58be2a17f28bff4176e8ddcd882bb923f3152852c06df9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index2_files/actionbar.css HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:46 GMT
Content-Type: text/css
Content-Length: 15504
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
Connection: keep-alive
ETag: "662c29c3-3c90"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

smallcats.org/wp-content/uploads/2023/03/agc-tambako-the-jaguar.jpg?w=683

192.0.78.25

200 OK

67 kB

URL GET HTTP/2
smallcats.org/wp-content/uploads/2023/03/agc-tambako-the-jaguar.jpg?w=683
IP
192.0.78.25:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subjecttls.automattic.com
Fingerprint1C:84:DA:76:FF:BD:2E:E0:D0:53:93:ED:86:7F:28:01:20:23:8B:27
ValidityFri, 15 Mar 2024 19:11:27 GMT - Thu, 13 Jun 2024 19:11:26 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 683x1024, Scaling: [none]x[none], YUV color, decoders should clamp
Size
67 kB (67164 bytes)
Hash
addb5319488abf1d72960a9cd7c79f61
d28d756b55205e6f14a2b50d9ba0719f4864df8c
4cd20191fc607708645f469f8925f486b6c8a5b55c3cfa1a56b8eab8f593f8a9

HTTP Headers

GET /wp-content/uploads/2023/03/agc-tambako-the-jaguar.jpg?w=683 HTTP/1.1
Host: smallcats.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://certified-biz.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: image/webp
content-length: 67164
strict-transport-security: max-age=31536000
last-modified: Sun, 12 Mar 2023 06:40:41 GMT
expires: Fri, 07 Jun 2024 19:19:00 GMT
x-orig-src: 0_imageresize
vary: Accept
x-ac: 3.arn _dca HIT
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
X-Firefox-Spdy: h2

smallcats.org/wp-content/uploads/2023/03/manul-tambako-the-jaguar.jpg?w=1024

192.0.78.25

200 OK

208 kB

URL GET HTTP/2
smallcats.org/wp-content/uploads/2023/03/manul-tambako-the-jaguar.jpg?w=1024
IP
192.0.78.25:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subjecttls.automattic.com
Fingerprint1C:84:DA:76:FF:BD:2E:E0:D0:53:93:ED:86:7F:28:01:20:23:8B:27
ValidityFri, 15 Mar 2024 19:11:27 GMT - Thu, 13 Jun 2024 19:11:26 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x768, Scaling: [none]x[none], YUV color, decoders should clamp
Size
208 kB (208402 bytes)
Hash
c0ce56d40b9e2a175aa6013ba9713ebc
2269c4f2453ad495f75e5ed367b95d846f52585f
10d17a82444458740935ad0b35281724d1eb7378ece33f1a1f79b88c6f687343

HTTP Headers

GET /wp-content/uploads/2023/03/manul-tambako-the-jaguar.jpg?w=1024 HTTP/1.1
Host: smallcats.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://certified-biz.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: image/webp
content-length: 208402
strict-transport-security: max-age=31536000
last-modified: Sun, 12 Mar 2023 06:38:06 GMT
expires: Wed, 05 Jun 2024 13:15:28 GMT
x-orig-src: 0_imageresize
vary: Accept
x-ac: 3.arn _dca HIT
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
X-Firefox-Spdy: h2

smallcats.org/wp-content/uploads/2023/03/232614106_2954918754826947_7920712400157063320_n.jpg?w=1024

192.0.78.25

200 OK

157 kB

URL GET HTTP/2
smallcats.org/wp-content/uploads/2023/03/232614106_2954918754826947_7920712400157063320_n.jpg?w=1024
IP
192.0.78.25:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subjecttls.automattic.com
Fingerprint1C:84:DA:76:FF:BD:2E:E0:D0:53:93:ED:86:7F:28:01:20:23:8B:27
ValidityFri, 15 Mar 2024 19:11:27 GMT - Thu, 13 Jun 2024 19:11:26 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp
Size
157 kB (157190 bytes)
Hash
f215ce1aa70e3c801bf376e58a25384c
9759fde97edaa77bb00e3d82b7cdc879fc7d20e0
162ecd96fc05bb9a482828f5db6ab74d3e3214f3177bbce77baefb075d1974e2

HTTP Headers

GET /wp-content/uploads/2023/03/232614106_2954918754826947_7920712400157063320_n.jpg?w=1024 HTTP/1.1
Host: smallcats.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://certified-biz.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: image/webp
content-length: 157190
strict-transport-security: max-age=31536000
last-modified: Sun, 12 Mar 2023 07:01:42 GMT
expires: Wed, 12 Jun 2024 16:53:22 GMT
x-orig-src: 0_imageresize
vary: Accept
x-ac: 3.arn _dca HIT
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
X-Firefox-Spdy: h2

certified-biz.com/index2_files/hovercards.min.js.nedladdning

91.215.85.51

200 OK

4.7 kB

URL GET HTTP/1.1
certified-biz.com/index2_files/hovercards.min.js.nedladdning
IP
91.215.85.51:443
ASN
#200593 Prospero Ooo

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subject0atlas.com
FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D
ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT

File type
JavaScript source, ASCII text, with very long lines (13065), with no line terminators
Size
4.7 kB (4674 bytes)
Hash
42e1c5cd9eeafe8d5f7960ebc0b5e009
8ef61d3f16881a010e0f431b63013d0c7dcc954f
4d47d929f88574eb4a47e5b1778b683b87e7f6078bb6a33f34c1178752e83406

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index2_files/hovercards.min.js.nedladdning HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:46 GMT
Content-Type: application/javascript
Content-Length: 4674
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
ETag: "3309-617076043aef6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;

certified-biz.com/index2_files/saved_resource(2)

91.215.85.51

200 OK

66 kB

URL GET HTTP/1.1
certified-biz.com/index2_files/saved_resource(2)
IP
91.215.85.51:443
ASN
#200593 Prospero Ooo

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subject0atlas.com
FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D
ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
66 kB (65589 bytes)
Hash
538977628b3c5529618d9a391f10d45e
02ff24ba2551668022761e3b2b43e4ee5be85f22
5796b7f74eae457395224d4775b948b3d7db2ef0a9edb6c9006223c8e4c8ae12

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index2_files/saved_resource(2) HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:45 GMT
Content-Length: 65589
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
ETag: "10035-617076043be96"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;

certified-biz.com/index2_files/wpgroho.js.nedladdning

91.215.85.51

200 OK

389 B

URL GET HTTP/1.1
certified-biz.com/index2_files/wpgroho.js.nedladdning
IP
91.215.85.51:443
ASN
#200593 Prospero Ooo

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subject0atlas.com
FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D
ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT

File type
JavaScript source, ASCII text, with very long lines (655), with no line terminators
Size
389 B (389 bytes)
Hash
5048b7bf6f335c259cae5d653d50726e
96f45044f726eef7c8e7c7f21f6368bf23a2b3f0
b6e4492d3b8358a81b80908b1f84e6bd2f64a7a46d48793af99d27bf29f4c2e8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index2_files/wpgroho.js.nedladdning HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:46 GMT
Content-Type: application/javascript
Content-Length: 389
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
ETag: "28f-617076043be96-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;

certified-biz.com/index2_files/w.js.nedladdning

91.215.85.51

200 OK

4.9 kB

URL GET HTTP/1.1
certified-biz.com/index2_files/w.js.nedladdning
IP
91.215.85.51:443
ASN
#200593 Prospero Ooo

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subject0atlas.com
FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D
ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT

File type
JavaScript source, ASCII text, with very long lines (12788), with no line terminators
Size
4.9 kB (4855 bytes)
Hash
ef880be61458e4e89c9cb9d99d2d300e
c7740f6524cfab6084682b1ce320b2e5e9c4d4cc
79674b01741c3978417b6b9b4b98d125755e7bb468979d5cd593eac4b94cdb91

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index2_files/w.js.nedladdning HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:46 GMT
Content-Type: application/javascript
Content-Length: 4855
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
ETag: "31f4-617076043be96-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;

certified-biz.com/index2_files/bilmur.min.js.nedladdning

91.215.85.51

200 OK

2.4 kB

URL GET HTTP/1.1
certified-biz.com/index2_files/bilmur.min.js.nedladdning
IP
91.215.85.51:443
ASN
#200593 Prospero Ooo

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subject0atlas.com
FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D
ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT

File type
JavaScript source, ASCII text, with very long lines (5659), with no line terminators
Size
2.4 kB (2350 bytes)
Hash
ef5e963b2137525d2759bc87459d3d23
176d5c1e6325dbb037ddc949d58d0d217b5299c6
216728e33a7de4be9b784eff527c6ccf1658319ea78fe66a7864c0b923200252

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index2_files/bilmur.min.js.nedladdning HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:46 GMT
Content-Type: application/javascript
Content-Length: 2350
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
ETag: "161b-6170760439f56-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;

certified-biz.com/index2_files/actionbar.js.nedladdning

91.215.85.51

200 OK

2.6 kB

URL GET HTTP/1.1
certified-biz.com/index2_files/actionbar.js.nedladdning
IP
91.215.85.51:443
ASN
#200593 Prospero Ooo

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subject0atlas.com
FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D
ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT

File type
JavaScript source, ASCII text, with very long lines (8426), with no line terminators
Size
2.6 kB (2583 bytes)
Hash
f466cb6b256973317c2315741fad9f49
ea2c62047a1697c19b06be23871ca839849cb8a3
a6dc271cbdaa05e97c5144483628df9e30b68326e5b04a5fef3322af1c0f22e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index2_files/actionbar.js.nedladdning HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:46 GMT
Content-Type: application/javascript
Content-Length: 2583
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
ETag: "20ea-6170760439f56-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;

certified-biz.com/index2_files/block-editor.css

91.215.85.51

200 OK

336 kB

URL GET HTTP/1.1
certified-biz.com/index2_files/block-editor.css
IP
91.215.85.51:443
ASN
#200593 Prospero Ooo

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subject0atlas.com
FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D
ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT

File type
Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size
336 kB (335465 bytes)
Hash
1ffd93e4c29d17168edab0317df9e16b
c6c36c0c5df230ec44ce63ae1063f41e2a0ffc80
ef06ea2f8c619ca5e16fb552f0a7beba09b89dfdb671b2c5f16b4347af8a658c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index2_files/block-editor.css HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:45 GMT
Content-Type: text/css
Content-Length: 335465
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
Connection: keep-alive
ETag: "662c29c3-51e69"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

certified-biz.com/index2_files/saved_resource(4)

91.215.85.51

200 OK

49 kB

URL GET HTTP/1.1
certified-biz.com/index2_files/saved_resource(4)
IP
91.215.85.51:443
ASN
#200593 Prospero Ooo

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subject0atlas.com
FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D
ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT

File type
JavaScript source, ASCII text, with very long lines (23946)
Size
49 kB (48860 bytes)
Hash
3a750815a1a36d2fab256975ee20e6d6
a5cce91ca7550e8cb3fe7a73fa1fd18313ecc031
dfc865b1f380dee91d92100160a8d4ad0d9a4e1d1765c434ec6994e3ee5373e9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index2_files/saved_resource(4) HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:46 GMT
Content-Length: 48860
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
ETag: "bedc-617076043be96"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;

certified-biz.com/index2_files/g.gif

91.215.85.51

200 OK

50 B

URL GET HTTP/1.1
certified-biz.com/index2_files/g.gif
IP
91.215.85.51:443
ASN
#200593 Prospero Ooo

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subject0atlas.com
FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D
ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT

File type
GIF image data, version 89a, 6 x 5
Size
50 B (50 bytes)
Hash
e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index2_files/g.gif HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:46 GMT
Content-Type: image/gif
Content-Length: 50
Last-Modified: Fri, 26 Apr 2024 22:25:07 GMT
Connection: keep-alive
ETag: "662c29c3-32"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

s0.wp.com/wp-content/themes/pub/blockbase/assets/fonts/fira-sans/fira-sans-Regular.woff2

192.0.77.32

200 OK

16 kB

URL GET HTTP/2
s0.wp.com/wp-content/themes/pub/blockbase/assets/fonts/fira-sans/fira-sans-Regular.woff2
IP
192.0.77.32:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 16192, version 1.0
Size
16 kB (16192 bytes)
Hash
997908b255110fbe1437979bb79248c3
96a375298ac2c034b86c7b1b7eb5b63ddbebbc26
458fb61ccaee6f92ad6849e8bc61b73fdfc7ff4667c40c62a6bd1620f9d734f4

HTTP Headers

GET /wp-content/themes/pub/blockbase/assets/fonts/fira-sans/fira-sans-Regular.woff2 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://certified-biz.com
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: application/font-woff2
content-length: 16192
last-modified: Fri, 19 May 2023 01:48:52 GMT
etag: "6466d584-3f40"
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
expires: Sat, 20 Jul 2024 06:07:46 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-nc: HIT arn 2
accept-ranges: bytes
X-Firefox-Spdy: h2

s0.wp.com/wp-content/themes/pub/blockbase/assets/fonts/eb-garamond/eb-garamond-400-800.woff2

192.0.77.32

200 OK

40 kB

URL GET HTTP/2
s0.wp.com/wp-content/themes/pub/blockbase/assets/fonts/eb-garamond/eb-garamond-400-800.woff2
IP
192.0.77.32:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40148, version 1.0
Size
40 kB (40148 bytes)
Hash
6684490f59b97a582221fddebaba53bd
d46200da51e6b5093d627ee181936db4c947ffb8
90e4038fbd361af9447b836e25ae3fb0740c575fd847f352711f21459a502fc1

HTTP Headers

GET /wp-content/themes/pub/blockbase/assets/fonts/eb-garamond/eb-garamond-400-800.woff2 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://certified-biz.com
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: application/font-woff2
content-length: 40148
last-modified: Fri, 19 May 2023 02:58:37 GMT
etag: "6466e5dd-9cd4"
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
expires: Sat, 20 Jul 2024 06:07:46 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-nc: HIT arn 2
accept-ranges: bytes
X-Firefox-Spdy: h2

s0.wp.com/wp-content/themes/pub/blockbase/assets/fonts/fira-sans/fira-sans-Bold.woff2

192.0.77.32

200 OK

16 kB

URL GET HTTP/2
s0.wp.com/wp-content/themes/pub/blockbase/assets/fonts/fira-sans/fira-sans-Bold.woff2
IP
192.0.77.32:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 16536, version 1.0
Size
16 kB (16536 bytes)
Hash
a7375a2405fc91919c78f11b9069662f
9753af0913f902e8ae4b5b7b38915043549989e1
3479e7b0413ee94421af73f3541c4652e29a666b8fdfe9f690ece56dfbd80641

HTTP Headers

GET /wp-content/themes/pub/blockbase/assets/fonts/fira-sans/fira-sans-Bold.woff2 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://certified-biz.com
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: application/font-woff2
content-length: 16536
last-modified: Fri, 19 May 2023 01:54:16 GMT
etag: "6466d6c8-4098"
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
expires: Sat, 20 Jul 2024 06:07:46 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-nc: HIT arn 2
accept-ranges: bytes
X-Firefox-Spdy: h2

pixel.wp.com/g.gif?blog=214337663&v=wpcom&tz=-7&user_id=0&post=4&subd=smallcatstest1&host=certified-biz.com&ref=&rand=0.8443181434264886

192.0.76.3

200 OK

50 B

URL GET HTTP/2
pixel.wp.com/g.gif?blog=214337663&v=wpcom&tz=-7&user_id=0&post=4&subd=smallcatstest1&host=certified-biz.com&ref=&rand=0.8443181434264886
IP
192.0.76.3:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
GIF image data, version 89a, 6 x 5
Size
50 B (50 bytes)
Hash
e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

HTTP Headers

GET /g.gif?blog=214337663&v=wpcom&tz=-7&user_id=0&post=4&subd=smallcatstest1&host=certified-biz.com&ref=&rand=0.8443181434264886 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.4588183110491856

192.0.76.3

200 OK

50 B

URL GET HTTP/2
pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.4588183110491856
IP
192.0.76.3:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
GIF image data, version 89a, 6 x 5
Size
50 B (50 bytes)
Hash
e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

HTTP Headers

GET /g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.4588183110491856 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pixel.wp.com/g.gif?crypt=UE40eW5QN0p8M2Y%2FRE1mNzc2NTVTamdsd0xoLz9RQkM2K298TXY9bERQMXc2MjhEaVZfb2wwakRoSj0mUkp1THptM1NdbkV1WjZIcU9mVWQmPUIvMlN6Jk8wW3NYVEJ3dWZOWExuWD83c29WVT0zQUJFTlFOL1FMVmUrN1JaMndtNGw4LUhzSDZkVC8lTUM0eWVddkQ4QkNHWGVGeWwsSC9xeT1uJj02c3YlZ0dQVmFQeVZ0alhaRGNEciZ4bFM2LlI9S1FUPVRoajBFeFpjMjVTLltUYVRwRE13Wmp6MGFUdHZ8X3I%2FYVFTcTF4MkRfb1ZRcUY5aUEmYltUdW5BUHdPYXU%2FPWhtUkpJVjZjLEVn&v=wpcom-no-pv&rand=0.30101056889920685

192.0.76.3

200 OK

50 B

URL GET HTTP/2
pixel.wp.com/g.gif?crypt=UE40eW5QN0p8M2Y%2FRE1mNzc2NTVTamdsd0xoLz9RQkM2K298TXY9bERQMXc2MjhEaVZfb2wwakRoSj0mUkp1THptM1NdbkV1WjZIcU9mVWQmPUIvMlN6Jk8wW3NYVEJ3dWZOWExuWD83c29WVT0zQUJFTlFOL1FMVmUrN1JaMndtNGw4LUhzSDZkVC8lTUM0eWVddkQ4QkNHWGVGeWwsSC9xeT1uJj02c3YlZ0dQVmFQeVZ0alhaRGNEciZ4bFM2LlI9S1FUPVRoajBFeFpjMjVTLltUYVRwRE13Wmp6MGFUdHZ8X3I%2FYVFTcTF4MkRfb1ZRcUY5aUEmYltUdW5BUHdPYXU%2FPWhtUkpJVjZjLEVn&v=wpcom-no-pv&rand=0.30101056889920685
IP
192.0.76.3:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
GIF image data, version 89a, 6 x 5
Size
50 B (50 bytes)
Hash
e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

HTTP Headers

GET /g.gif?crypt=UE40eW5QN0p8M2Y%2FRE1mNzc2NTVTamdsd0xoLz9RQkM2K298TXY9bERQMXc2MjhEaVZfb2wwakRoSj0mUkp1THptM1NdbkV1WjZIcU9mVWQmPUIvMlN6Jk8wW3NYVEJ3dWZOWExuWD83c29WVT0zQUJFTlFOL1FMVmUrN1JaMndtNGw4LUhzSDZkVC8lTUM0eWVddkQ4QkNHWGVGeWwsSC9xeT1uJj02c3YlZ0dQVmFQeVZ0alhaRGNEciZ4bFM2LlI9S1FUPVRoajBFeFpjMjVTLltUYVRwRE13Wmp6MGFUdHZ8X3I%2FYVFTcTF4MkRfb1ZRcUY5aUEmYltUdW5BUHdPYXU%2FPWhtUkpJVjZjLEVn&v=wpcom-no-pv&rand=0.30101056889920685 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

certified-biz.com/index2_files/remote-login.html

91.215.85.51

200 OK

309 B

URL GET HTTP/1.1
certified-biz.com/index2_files/remote-login.html
IP
91.215.85.51:443
ASN
#200593 Prospero Ooo

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subject0atlas.com
FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D
ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT

File type
HTML document, ASCII text
Size
309 B (309 bytes)
Hash
1eff333c5ebf8fa34ebfea98ef2dd25d
a98b05063a55e58898762607675e9c75e018a1bc
8357bbdb07c1e282941cbf9e6633826ab507ed0fffe351f5682bb5687a1b442b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index2_files/remote-login.html HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:55:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;

smallcatstest1.files.wordpress.com/2023/03/swccf_logo-final-low-res.jpg?w=192

192.0.72.18

302 Found

138 B

URL GET HTTP/3
smallcatstest1.files.wordpress.com/2023/03/swccf_logo-final-low-res.jpg?w=192
IP
192.0.72.18:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerSectigo Limited
Subject*.files.wordpress.com
FingerprintC0:8D:DA:1D:78:59:02:AA:18:87:8A:02:6C:67:24:E4:30:8F:C4:97
ValidityTue, 05 Dec 2023 00:00:00 GMT - Sat, 04 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
138 B (138 bytes)
Hash
aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0

HTTP Headers

GET /2023/03/swccf_logo-final-low-res.jpg?w=192 HTTP/1.1
Host: smallcatstest1.files.wordpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: text/html
content-length: 138
location: https://smallcats.org/wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=192
x-nc: arn 18 np
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400

smallcatstest1.files.wordpress.com/2023/03/swccf_logo-final-low-res.jpg?w=32

192.0.72.18

302 Found

138 B

URL GET HTTP/3
smallcatstest1.files.wordpress.com/2023/03/swccf_logo-final-low-res.jpg?w=32
IP
192.0.72.18:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerSectigo Limited
Subject*.files.wordpress.com
FingerprintC0:8D:DA:1D:78:59:02:AA:18:87:8A:02:6C:67:24:E4:30:8F:C4:97
ValidityTue, 05 Dec 2023 00:00:00 GMT - Sat, 04 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
138 B (138 bytes)
Hash
aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0

HTTP Headers

GET /2023/03/swccf_logo-final-low-res.jpg?w=32 HTTP/1.1
Host: smallcatstest1.files.wordpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: text/html
content-length: 138
location: https://smallcats.org/wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=32
x-nc: arn 18 np
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400

smallcats.org/wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=192

192.0.78.25

200 OK

5.8 kB

URL GET HTTP/3
smallcats.org/wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=192
IP
192.0.78.25:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subjecttls.automattic.com
Fingerprint1C:84:DA:76:FF:BD:2E:E0:D0:53:93:ED:86:7F:28:01:20:23:8B:27
ValidityFri, 15 Mar 2024 19:11:27 GMT - Thu, 13 Jun 2024 19:11:26 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 192x97, Scaling: [none]x[none], YUV color, decoders should clamp
Size
5.8 kB (5780 bytes)
Hash
64f5b4bda41e35dfe273ea8270876b05
08302b2a64a802ccd43f2e277716d1e5223075e7
d03fa871e6684139faa533ec79729d04def65aee2c073402792c6f989852dd54

HTTP Headers

GET /wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=192 HTTP/1.1
Host: smallcats.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://certified-biz.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:47 GMT
content-type: image/webp
content-length: 5780
strict-transport-security: max-age=31536000
last-modified: Sun, 12 Mar 2023 06:08:20 GMT
expires: Wed, 05 Jun 2024 06:26:51 GMT
x-orig-src: 0_imageresize
vary: Accept
x-ac: 3.arn _dca MISS
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes

smallcats.org/wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=32

192.0.78.25

200 OK

526 B

URL GET HTTP/3
smallcats.org/wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=32
IP
192.0.78.25:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subjecttls.automattic.com
Fingerprint1C:84:DA:76:FF:BD:2E:E0:D0:53:93:ED:86:7F:28:01:20:23:8B:27
ValidityFri, 15 Mar 2024 19:11:27 GMT - Thu, 13 Jun 2024 19:11:26 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 32x16, Scaling: [none]x[none], YUV color, decoders should clamp
Size
526 B (526 bytes)
Hash
93cd28df94b8ce61412656932a48a6f9
e76dcea0a0f59b7324b66158838abf21e956ce13
b2c97094729147259f4474eea720a94698d30ac674d5b5adafe2e38304b2a31b

HTTP Headers

GET /wp-content/uploads/2023/03/swccf_logo-final-low-res.jpg?w=32 HTTP/1.1
Host: smallcats.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://certified-biz.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:47 GMT
content-type: image/webp
content-length: 526
strict-transport-security: max-age=31536000
last-modified: Sun, 12 Mar 2023 06:08:20 GMT
expires: Sun, 02 Jun 2024 12:16:07 GMT
x-orig-src: 0_imageresize
vary: Accept
x-ac: 3.arn _dca MISS
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes

pixel.wp.com/boom.gif?bilmur=1&batcache_hit=0&provider=wordpress.com&service=simple&custom_properties=%7B%22logged_in%22%3A%220%22%2C%22wptheme%22%3A%22pub%2Fmarl%22%2C%22wptheme_is_block%22%3A%221%22%7D&host_name=certified-biz.com&url_path=%2F&nt_unloadEventStart=1533&nt_unloadEventEnd=1533&nt_fetchStart=1090&nt_domainLookupStart=1100&nt_domainLookupEnd=1101&nt_connectStart=1101&nt_connectEnd=1210&nt_secureConnectionStart=1155&nt_requestStart=1210&nt_responseStart=1260&nt_responseEnd=1448&nt_domLoading=8&nt_domInteractive=87&nt_domContentLoadedEventStart=211&nt_domContentLoadedEventEnd=212&nt_domComplete=2873&nt_loadEventStart=2873&nt_loadEventEnd=2874&nt_redirectCount=0&nt_nextHopProtocol=http%2F1.1&nt_api_level=2&first_contentful_paint=2311&resource_size=0&resource_transferred=0&js_size=0&js_transferred=0&blocking_size=0&blocking_transferred=0&last_resource_end=2909

192.0.76.3

204 No Content

0 B

URL GET HTTP/3
pixel.wp.com/boom.gif?bilmur=1&batcache_hit=0&provider=wordpress.com&service=simple&custom_properties=%7B%22logged_in%22%3A%220%22%2C%22wptheme%22%3A%22pub%2Fmarl%22%2C%22wptheme_is_block%22%3A%221%22%7D&host_name=certified-biz.com&url_path=%2F&nt_unloadEventStart=1533&nt_unloadEventEnd=1533&nt_fetchStart=1090&nt_domainLookupStart=1100&nt_domainLookupEnd=1101&nt_connectStart=1101&nt_connectEnd=1210&nt_secureConnectionStart=1155&nt_requestStart=1210&nt_responseStart=1260&nt_responseEnd=1448&nt_domLoading=8&nt_domInteractive=87&nt_domContentLoadedEventStart=211&nt_domContentLoadedEventEnd=212&nt_domComplete=2873&nt_loadEventStart=2873&nt_loadEventEnd=2874&nt_redirectCount=0&nt_nextHopProtocol=http%2F1.1&nt_api_level=2&first_contentful_paint=2311&resource_size=0&resource_transferred=0&js_size=0&js_transferred=0&blocking_size=0&blocking_transferred=0&last_resource_end=2909
IP
192.0.76.3:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /boom.gif?bilmur=1&batcache_hit=0&provider=wordpress.com&service=simple&custom_properties=%7B%22logged_in%22%3A%220%22%2C%22wptheme%22%3A%22pub%2Fmarl%22%2C%22wptheme_is_block%22%3A%221%22%7D&host_name=certified-biz.com&url_path=%2F&nt_unloadEventStart=1533&nt_unloadEventEnd=1533&nt_fetchStart=1090&nt_domainLookupStart=1100&nt_domainLookupEnd=1101&nt_connectStart=1101&nt_connectEnd=1210&nt_secureConnectionStart=1155&nt_requestStart=1210&nt_responseStart=1260&nt_responseEnd=1448&nt_domLoading=8&nt_domInteractive=87&nt_domContentLoadedEventStart=211&nt_domContentLoadedEventEnd=212&nt_domComplete=2873&nt_loadEventStart=2873&nt_loadEventEnd=2874&nt_redirectCount=0&nt_nextHopProtocol=http%2F1.1&nt_api_level=2&first_contentful_paint=2311&resource_size=0&resource_transferred=0&js_size=0&js_transferred=0&blocking_size=0&blocking_transferred=0&last_resource_end=2909 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
server: nginx
date: Sat, 04 May 2024 18:55:49 GMT
cache-control: no-cache
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400

smallcats.org/wp-admin/admin-ajax.php

192.0.78.25

403 Forbidden

10 kB

URL OPTIONS HTTP/3
smallcats.org/wp-admin/admin-ajax.php
IP
192.0.78.25:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subjecttls.automattic.com
Fingerprint1C:84:DA:76:FF:BD:2E:E0:D0:53:93:ED:86:7F:28:01:20:23:8B:27
ValidityFri, 15 Mar 2024 19:11:27 GMT - Thu, 13 Jun 2024 19:11:26 GMT

File type
data
Size
10 kB (10330 bytes)
Hash
673605c6f081c7036a365d8ff574abed
acea6fb38f86767cf787bcfca8b994273e27e16e
191742d0eb4871aeaa8d09113f163a1474498695abc3ce2fa2de2919509ba1ae

HTTP Headers

OPTIONS /wp-admin/admin-ajax.php HTTP/1.1
Host: smallcats.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Referer: https://certified-biz.com/
Origin: https://certified-biz.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
server: nginx
date: Sat, 04 May 2024 18:55:47 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-hacker: Want root?  Visit join.a8c.com/hacker and mention this header.
host-header: WordPress.com
content-encoding: br
x-ac: 3.arn _dca BYPASS
alt-svc: h3=":443"; ma=86400

certified-biz.com/index2_files/remote-login.html

91.215.85.51

200 OK

309 B

URL GET HTTP/1.1
certified-biz.com/index2_files/remote-login.html
IP
91.215.85.51:443
ASN
#200593 Prospero Ooo

Requested by
https://certified-biz.com/
Certificate
IssuerLet's Encrypt
Subject0atlas.com
FingerprintE9:48:4F:67:AA:A6:DB:2E:79:97:F8:59:24:8A:6D:D0:29:AA:6D:9D
ValidityMon, 22 Apr 2024 21:11:19 GMT - Sun, 21 Jul 2024 21:11:18 GMT

File type
HTML document, ASCII text
Size
309 B (309 bytes)
Hash
1eff333c5ebf8fa34ebfea98ef2dd25d
a98b05063a55e58898762607675e9c75e018a1bc
8357bbdb07c1e282941cbf9e6633826ab507ed0fffe351f5682bb5687a1b442b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index2_files/remote-login.html HTTP/1.1
Host: certified-biz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 04 May 2024 18:56:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;

s0.wp.com/wp-content/mu-plugins/actionbar/actionbar.js?v=20231122

192.0.77.32

200 OK

8.4 kB

URL GET HTTP/3
s0.wp.com/wp-content/mu-plugins/actionbar/actionbar.js?v=20231122
IP
192.0.77.32:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (8768), with no line terminators
Size
8.4 kB (8426 bytes)
Hash
13f5eaad864b86e556aa413bd411de48
e594a37fca4fe42447853b4a384aac2648f57936
f13d3fd96ae3e38a504113d203df8f310f2d527d992774fbca29d1e12d0ab969

HTTP Headers

GET /wp-content/mu-plugins/actionbar/actionbar.js?v=20231122 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:47 GMT
content-type: application/javascript
vary: Accept-Encoding
x-minify: t
x-minify-cache: hit
etag: W/15307-1700657605806.1843
content-encoding: br
expires: Thu, 21 Nov 2024 12:53:34 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca MISS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-nc: HIT arn 2

s0.wp.com/wp-content/mu-plugins/actionbar/actionbar.css?v=20240115

192.0.77.32

200 OK

16 kB

URL GET HTTP/3
s0.wp.com/wp-content/mu-plugins/actionbar/actionbar.css?v=20240115
IP
192.0.77.32:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type

Size
16 kB (15504 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/mu-plugins/actionbar/actionbar.css?v=20240115 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:47 GMT
content-type: text/css
vary: Accept-Encoding
x-minify: t
x-minify-cache: hit
etag: W/18324-1705283922160.1887
content-encoding: br
expires: Tue, 14 Jan 2025 01:58:57 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca MISS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-nc: HIT arn 2

r-login.wordpress.com/remote-login.php?wpcom_remote_login=key&origin=aHR0cHM6Ly9zbWFsbGNhdHMub3Jn&wpcomid=214337663&time=1712573150

192.0.78.18

200 OK

131 B

URL GET HTTP/2
r-login.wordpress.com/remote-login.php?wpcom_remote_login=key&origin=aHR0cHM6Ly9zbWFsbGNhdHMub3Jn&wpcomid=214337663&time=1712573150
IP
192.0.78.18:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerSectigo Limited
Subject*.wordpress.com
FingerprintC1:48:1A:12:55:09:A2:A4:81:3F:8F:A4:23:9C:B3:41:78:C0:B6:52
ValidityTue, 05 Dec 2023 00:00:00 GMT - Sat, 04 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text, with no line terminators
Size
131 B (131 bytes)
Hash
6dfe15ce9571ca218e6cc0b9a67be172
09da3fce6f1b364ba13b10eb4300736a52645f0f
c0503d07007316479c4f2ade0131899b9fd37fae1e327a1560c34bf387ab18dd

HTTP Headers

GET /remote-login.php?wpcom_remote_login=key&origin=aHR0cHM6Ly9zbWFsbGNhdHMub3Jn&wpcomid=214337663&time=1712573150 HTTP/1.1
Host: r-login.wordpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Cookie
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: br
x-ac: 2.arn _dfw MISS
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1710334132i&ver=6.5-RC3-57891

192.0.77.32

200 OK

19 kB

URL GET HTTP/3
s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1710334132i&ver=6.5-RC3-57891
IP
192.0.77.32:443
ASN
#2635 AUTOMATTIC

Requested by
https://certified-biz.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (15752)
Size
19 kB (18726 bytes)
Hash
b976b651932bfd25b9ddb5b7693d88a7
7fcb7cb5c11227f9213b1e08a07d0212209e1432
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?m=1710334132i&ver=6.5-RC3-57891 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certified-biz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
server: nginx
date: Sat, 04 May 2024 18:55:46 GMT
content-type: application/javascript
last-modified: Wed, 13 Mar 2024 12:48:59 GMT
vary: Accept-Encoding
etag: W/"65f1a0bb-4926"
content-encoding: br
expires: Fri, 28 Mar 2025 15:24:12 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca MISS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-nc: HIT arn 2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML