| i0.wp.com/thehoneypop.com/wp-content/uploads/2024/05/Untitled-design-2.png?w=1200&resize=1200,0&ssl=1 |  192.0.77.2 | 200 OK | 32 kB |
URL GET HTTP/2i0.wp.com/thehoneypop.com/wp-content/uploads/2024/05/Untitled-design-2.png?w=1200&resize=1200,0&ssl=1 IP192.0.77.2:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2 ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1200x675, Scaling: [none]x[none], YUV color, decoders should clamp Hashd5352d7673ec51e4468cd363bcaf46bc 4850d01bb1688840cd1142fa9efa400165ca567b 8fc88c7708147fa6deee11299fb4456a31ea0b48cbd06e2c9b25c2bb49a70847
GET /thehoneypop.com/wp-content/uploads/2024/05/Untitled-design-2.png?w=1200&resize=1200,0&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 13:29:46 GMT
content-type: image/webp
content-length: 32046
last-modified: Sat, 04 May 2024 13:29:46 GMT
expires: Tue, 05 May 2026 01:29:46 GMT
cache-control: public, max-age=63115200
link: <https://thehoneypop.com/wp-content/uploads/2024/05/Untitled-design-2.png>; rel="canonical"
x-content-type-options: nosniff
etag: "5e278166cd4265b7"
vary: Accept
x-nc: MISS arn 3
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| i3.wp.com/vancouver.citynews.ca/wp-content/blogs.dir/sites/9/2024/04/17/CityNews-SurreyHostage1.jpg?w=1200&resize=1200,0&ssl=1 | 192.0.77.2 | 200 OK | 63 kB |
URL GET HTTP/2i3.wp.com/vancouver.citynews.ca/wp-content/blogs.dir/sites/9/2024/04/17/CityNews-SurreyHostage1.jpg?w=1200&resize=1200,0&ssl=1 IP192.0.77.2:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2 ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1200x675, Scaling: [none]x[none], YUV color, decoders should clamp Hash2d5963ced66f7fe3a38863a22bf5edc3 7441cd82c5cc47da9465f9bc97bc5b47d1648af9 1b77195d2c961b37b98ec3b06c5330ea814bbcac1c0c7c34c0f0dec6c9ac6b7b
GET /vancouver.citynews.ca/wp-content/blogs.dir/sites/9/2024/04/17/CityNews-SurreyHostage1.jpg?w=1200&resize=1200,0&ssl=1 HTTP/1.1
Host: i3.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 13:29:46 GMT
content-type: image/webp
content-length: 63324
last-modified: Fri, 03 May 2024 15:02:37 GMT
expires: Mon, 04 May 2026 03:02:37 GMT
cache-control: public, max-age=63115200
link: <https://vancouver.citynews.ca/wp-content/blogs.dir/sites/9/2024/04/17/CityNews-SurreyHostage1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "53d07d777c28a2c6"
vary: Accept
x-nc: MISS arn 8
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.ilfresco.ca/wp-content/fonts/62a4f37f15f2d08f7befc6d39fa40a03.css |  188.114.96.1 | 200 OK | 50 kB |
URL GET HTTP/3www.ilfresco.ca/wp-content/fonts/62a4f37f15f2d08f7befc6d39fa40a03.css IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeASCII text, with very long lines (42996), with no line terminators Hash6e469061dcbed4f05c42f7005a91688d 45607f7a70531df43aed2c2770fc869bdbf83a78 4cc119f24d339358801a95b3ceec69f01287ed3722f97397a7616be6e884a903
GET /wp-content/fonts/62a4f37f15f2d08f7befc6d39fa40a03.css HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:46 GMT
content-type: text/css
cache-control: public, max-age=43200
cf-bgj: minify
cf-polished: origSize=49581
alt-svc: h3=":443"; ma=86400
etag: W/"c1ad-662e7f84-6680d15;br"
expires: Wed, 01 May 2024 06:55:37 GMT
last-modified: Sun, 28 Apr 2024 16:55:32 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Am2L2mKOiKdUIbdQ8viwrqGCgCBFNNEVjmorwPUvrJE9GpJZZ9lCL5G%2FlzaoL0Rk%2F6RVDg5FvJF91g2zKgQelwPH3iHhvdk0cmnsY61ZKdjkwS2rtqlBPGrGsfcNv1VrBwQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8d76f7e105696-OSL
content-encoding: br
|
|
| www.ilfresco.ca/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.4.2 | 188.114.96.1 | 200 OK | 718 B |
URL GET HTTP/3www.ilfresco.ca/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.4.2 IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeASCII text, with very long lines (438), with no line terminators Hashae1dce4297fd2531a11f10ad1328fbdb c611ae68cf31076e9286285dfad93c7a864f50db 07a391e09587513aa78421c34ed482a17a5e003c2132edd96227d53831a131b0
GET /wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.4.2 HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:46 GMT
content-type: text/css
cache-control: public, max-age=43200
cf-bgj: minify
cf-polished: origSize=1672
alt-svc: h3=":443"; ma=86400
etag: W/"688-65ef1906-66845fe;br"
expires: Thu, 02 May 2024 13:31:49 GMT
last-modified: Mon, 11 Mar 2024 14:45:26 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CZVlBHangHUPAi18STPzE8sFiAcItpoeiZ0IGsujFV%2FpVahsTDoAgaxj%2FpmhkdQrwsim1jnVK4jJKLGdsJac9W0Kc0iBDpwqaD9ESpghneSbOk%2Fcl%2FWU2APgMg0NMNhOJyc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8d76f7e0c5696-OSL
content-encoding: br
|
|
| i3.wp.com/d.newsweek.com/en/full/2383168/cher-2022-inset-rrhof-building-ohio-2009.png?w=1200&resize=1200,0&ssl=1 | 192.0.77.2 | 200 OK | 522 kB |
URL GET HTTP/2i3.wp.com/d.newsweek.com/en/full/2383168/cher-2022-inset-rrhof-building-ohio-2009.png?w=1200&resize=1200,0&ssl=1 IP192.0.77.2:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2 ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Size522 kB (521768 bytes) Hashe8e43ec742296659638d7a6c6bb44f93 d729b5ae10d76ff5873fc2ee875295d2c9ed77fe 93fb78b067ad449ba8af39ce8419e37a1a521397bd909d968d50a6a1016d3c19
GET /d.newsweek.com/en/full/2383168/cher-2022-inset-rrhof-building-ohio-2009.png?w=1200&resize=1200,0&ssl=1 HTTP/1.1
Host: i3.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 13:29:46 GMT
content-type: image/webp
content-length: 521768
last-modified: Sat, 04 May 2024 13:29:46 GMT
expires: Tue, 05 May 2026 01:29:46 GMT
cache-control: public, max-age=63115200
link: <https://d.newsweek.com/en/full/2383168/cher-2022-inset-rrhof-building-ohio-2009.png>; rel="canonical"
x-content-type-options: nosniff
etag: "655b795b761613ec"
vary: Accept
x-nc: MISS arn 3
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/invoke.js | 192.243.59.12 | 200 OK | 9.8 kB |
URL GET HTTP/1.1noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/invoke.js IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectnoisesperusemotel.com Fingerprint58:2C:9C:55:9F:EC:B2:C1:50:10:0F:28:6D:3C:4A:97:83:75:B6:1B ValidityTue, 19 Mar 2024 07:40:07 GMT - Mon, 17 Jun 2024 07:40:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (26623), with no line terminators Hash5db4422e65c9141f4091fda0a75200c6 5c536c3e5d3d0b59c19f3fb59209e6a2bf2ad646 75b80e42f1d707be729c8698d87cd263f55e9945c543ab9654d73ded5b60aa7f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /0a4243b915b6aef7ce6409f3497d95fb/invoke.js HTTP/1.1
Host: noisesperusemotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 13:29:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5d6d6f24fd1dba299478c5656aeed720
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| www.ilfresco.ca/menu-1/e1cm79405P1d14/ | 188.114.96.1 | 200 OK | 25 kB |
URL User Request GET HTTP/2www.ilfresco.ca/menu-1/e1cm79405P1d14/ IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (9575), with CRLF, LF line terminators Hash60c5fcc8b850ca785c41e166af60e150 fa56a95d366a8abfb2636df409a8fbf363f4b09e 7236c33ae1e1e9e02e5f64a62d8ec0d1c25df614a9ef583d2c70385bc20d1e24
GET /menu-1/e1cm79405P1d14/ HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 13:29:45 GMT
content-type: text/html; charset=UTF-8
link: <https://www.ilfresco.ca/wp-json/>; rel="https://api.w.org/", <https://www.ilfresco.ca/wp-json/wp/v2/posts/79405>; rel="alternate"; type="application/json", <https://www.ilfresco.ca/?p=79405>; rel=shortlink
vary: Accept-Encoding
x-litespeed-cache: hit
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=25nceukHDwxfCXKVWehMOYIQHEZvaHZfAnRhSqlMEA7Tjwivo7D%2F1F2%2Fb98MrdPYT0RwhRVGzXysuilw6ldTh%2FJVk9aWbzsrV2G2XZkXFTWv%2BzKwoAvnN47NHskT8S0QwQI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8d76c1d75712b-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.ilfresco.ca/wp-content/fonts/open-sans/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 188.114.96.1 | 200 OK | 48 kB |
URL GET HTTP/3www.ilfresco.ca/wp-content/fonts/open-sans/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /wp-content/fonts/open-sans/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/wp-content/fonts/62a4f37f15f2d08f7befc6d39fa40a03.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:47 GMT
content-type: font/woff2
content-length: 48236
cache-control: public, max-age=43200
expires: Wed, 01 May 2024 10:31:51 GMT
etag: "bc6c-662e7f84-2a80ffc;;;"
last-modified: Sun, 28 Apr 2024 16:55:32 GMT
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 1
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bJGaKf5GE72Z9yS8qDl1GUzFQI4EORTEoVIPgxRhw6HljeI4QpQcrjdlgl1d0AsS7ANDvZtu7Bcg41jv%2FpQ8WUkrPQcTFvMMO5HknDk6pub54rTMUfsVfQfN2MRLxVf9VJo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e8d774cd4f5696-OSL
|
|
| ocsp.r2m03.amazontrust.com/ | 3.164.222.26 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP3.164.222.26:0
Hash353dbae1e1b45a750770ae51bef13ba7 465917a2a0bbb947e9727e7f08b584a82aa6fb81 9fa5becc3e07f31f2f08bf5f331d6bfda4f6386634ea524bc3a8c56ac1c0bc2b
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 04 May 2024 13:29:47 GMT
Last-Modified: Sat, 04 May 2024 12:22:05 GMT
Server: ECAcc (ska/F756)
X-Cache: Miss from cloudfront
Via: 1.1 410991d185a8360cd416b5fbcf493074.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: 7S7Kj1JE74DzGWkoaI52D1PmIo3cnMUs-sMAyh9UliX4vH2Nl8-JmA==
Age: 4062
|
|
| www.ilfresco.ca/wp-content/fonts/roboto-slab/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 | 188.114.96.1 | 200 OK | 34 kB |
URL GET HTTP/3www.ilfresco.ca/wp-content/fonts/roboto-slab/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 34328, version 1.0 Hash6581ab53c220b5828e37162349375431 1922912ca5ab6eb5a55db138b183b38d066e85c8 a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
GET /wp-content/fonts/roboto-slab/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/wp-content/fonts/62a4f37f15f2d08f7befc6d39fa40a03.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:47 GMT
content-type: font/woff2
content-length: 34328
cache-control: public, max-age=43200
expires: Wed, 01 May 2024 10:31:53 GMT
etag: "8618-662e7f84-2a81030;;;"
last-modified: Sun, 28 Apr 2024 16:55:32 GMT
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ys%2BJ3d%2BBok7EAA29hXBAm%2BApYJvjZRQlL8ZAj9u6lwRRD1091Cx5CLlbUblAe5ut10eMeFY%2BqCgybTPDxUIRfb3Bn%2BOD4Jfa3Wbe3chaH6MJUDp%2BuxBw19JhoAKBPoDdr08%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e8d7752db65696-OSL
|
|
| www.ilfresco.ca/wp-content/fonts/eb-garamond/SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2 | 188.114.96.1 | 200 OK | 41 kB |
URL GET HTTP/3www.ilfresco.ca/wp-content/fonts/eb-garamond/SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2 IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 40776, version 1.0 Hash76345906f0990d5648628728fab62638 3b50f526dd26d94a8119a3d1201aeb12d8d4563f d148d2914fa11fce730f994df8fd85a86144887930a13d43e4ad1be20ba6360f
GET /wp-content/fonts/eb-garamond/SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2 HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/wp-content/fonts/62a4f37f15f2d08f7befc6d39fa40a03.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:47 GMT
content-type: font/woff2
content-length: 40776
cache-control: public, max-age=43200
expires: Wed, 01 May 2024 10:31:53 GMT
etag: "9f48-662e7f83-2a81021;;;"
last-modified: Sun, 28 Apr 2024 16:55:31 GMT
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2BDnqkGQRtLWd%2FuGKFO3bc3WifrdmhNb33U2bO0gk5vSVtqqWXOwJYMxzw%2FwDGFURacpV8QqsNT%2Fmw4XqhaNNPxaibG8h42i0P0we%2FOGYRpRRZhtVNHOwWdqAZ8XYb0%2BRN4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e8d7751db05696-OSL
|
|
| proftrafficcounter.com/stats |  18.185.9.67 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.9.67:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashd4d2e2a9fa02754d99e5b6795f95db0f c624f1eb04f119cd6eb61fa76101b880b6f7e4c2 97248a32a48228cbc34cbea693540636de4298d4c3af955533ab3e726757ae40
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ilfresco.ca
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 13:29:47 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.ilfresco.ca
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=e6d40f5d-5d46-4693-b5eb-acb27ad95643:2:1; expires=Tue, 02 May 2034 13:29:47 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 18.185.9.67 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.9.67:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashb4e026cf21988d71118f801e06f5965a bed9844413ddca5eda321680697ffa674b6ac6f5 8624aacfca2cc8bcab1fe75e4e22410ed129b3d28144ad0dc7b922c28e4c1bc4
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ilfresco.ca
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 13:29:47 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.ilfresco.ca
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=37eb58fe-24d2-42e6-ab2d-ab2f8aa9f1c3:3:1; expires=Tue, 02 May 2034 13:29:47 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| www.ilfresco.ca/wp-content/themes/classy-news/assets/webfonts/fa-solid-900.woff2 | 188.114.96.1 | 200 OK | 78 kB |
URL GET HTTP/3www.ilfresco.ca/wp-content/themes/classy-news/assets/webfonts/fa-solid-900.woff2 IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 78268, version 331.-31196 Hashd824df7eb2e268626a2dd9a6a741ac4e 0ccb2c814a7e4ca12c4778821633809cb0361eaa 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
GET /wp-content/themes/classy-news/assets/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/wp-content/themes/classy-news/assets/css/fontawesome.min.css?ver=1.8.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:47 GMT
content-type: font/woff2
content-length: 78268
cache-control: public, max-age=43200
expires: Wed, 01 May 2024 10:31:53 GMT
etag: "131bc-662e7f55-6768463;;;"
last-modified: Sun, 28 Apr 2024 16:54:45 GMT
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1zs8WqXho9qa79P5ETeHq6D%2FF1Bb%2BW6Ot4fuMg8BmpQbn6dBSkc0wEhjvHn2Qrn1KNzDxBS1UV94ZrUJv7inqoYCjwubvtKhDvFOQcWSE1onnFudsNE%2B%2BgW5eb8SQFFVpN8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e8d7751db15696-OSL
|
|
| www.ilfresco.ca/wp-content/themes/classy-news/assets/webfonts/fa-regular-400.woff2 | 188.114.96.1 | 200 OK | 13 kB |
URL GET HTTP/3www.ilfresco.ca/wp-content/themes/classy-news/assets/webfonts/fa-regular-400.woff2 IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 13224, version 331.-31196 Hashb91d376b8d7646d671cd820950d5f7f1 13517529affa39e2585c591acae6dc336b6aa917 e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
GET /wp-content/themes/classy-news/assets/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/wp-content/themes/classy-news/assets/css/fontawesome.min.css?ver=1.8.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:47 GMT
content-type: font/woff2
content-length: 13224
cache-control: public, max-age=43200
expires: Wed, 01 May 2024 10:31:53 GMT
etag: "33a8-662e7f55-676845e;;;"
last-modified: Sun, 28 Apr 2024 16:54:45 GMT
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2FDOxQuZS1sRiQ7v2aPHYBpPcc7sX84Qrm4Dz4XdpFijaPd4%2BMjwM4rq%2BMtIAkrT8zxxFDX%2FTsLKLjHJcqAV8LXDiGTgF%2ByWeezh95eNar6k27yCL2I58Dyd3tjO2CXINU0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e8d7753dc55696-OSL
|
|
| www.ilfresco.ca/wp-content/uploads/wordpress-popular-posts/55119-featured-300x300.jpeg | 188.114.96.1 | 200 OK | 15 kB |
URL GET HTTP/3www.ilfresco.ca/wp-content/uploads/wordpress-popular-posts/55119-featured-300x300.jpeg IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 300x300, components 3 Hash1eb64274678de0ef2f645c5981b1bc61 b3a55e6f75c102ef1b516cbddfd9029e14bb06c9 92cf6774c0d6d60041df1d5fb6ac60044b8a90b447adbb52a4bc4967afb8a819
GET /wp-content/uploads/wordpress-popular-posts/55119-featured-300x300.jpeg HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=37eb58fe-24d2-42e6-ab2d-ab2f8aa9f1c3%3A3%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:47 GMT
content-type: image/jpeg
content-length: 15182
cache-control: public, max-age=43200
expires: Thu, 02 May 2024 18:26:41 GMT
etag: "3b4e-66310f2b-66964c6;;;"
last-modified: Tue, 30 Apr 2024 15:32:59 GMT
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oaX0TkgQ5cawUoZzoZQXk%2FdrrUcUhazT8RYWLCMMX%2FnCHpQoF8FecO%2F8CVmDZtNLctv9c%2FnkdG5Ah0RgPOtRjPkFd8scAyyB8kTWgH5REXP5iVjAsesf6Srz%2BFwinJjs0sc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e8d776f80e5696-OSL
|
|
| cocoaexpansionshrewd.com/ntv.json?key=0a4243b915b6aef7ce6409f3497d95fb&vstc=1 | 192.243.61.225 | 200 OK | 4.3 kB |
URL GET HTTP/1.1cocoaexpansionshrewd.com/ntv.json?key=0a4243b915b6aef7ce6409f3497d95fb&vstc=1 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectcocoaexpansionshrewd.com Fingerprint0F:BB:34:D8:99:F9:F8:65:4A:BD:32:FD:B3:41:FB:40:7B:00:3C:44 ValidityMon, 29 Apr 2024 08:33:58 GMT - Sun, 28 Jul 2024 08:33:57 GMT
Hash87009567d7ede541de8811aae5eb4b7a dcaa1c5bfc2337ed6fbd6eea73a8038ca78abe3c c9dc3a4043e6ec0063e35435c7f79ea707fd9e4dfff7bedafc6dcdeda491d945
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /ntv.json?key=0a4243b915b6aef7ce6409f3497d95fb&vstc=1 HTTP/1.1
Host: cocoaexpansionshrewd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ilfresco.ca
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 13:29:47 GMT
Content-Type: application/json
Content-Length: 4263
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.ilfresco.ca
Access-Control-Allow-Origin: https://www.ilfresco.ca
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=22784088; expires=Sun, 05 May 2024 13:29:47 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 13:29:47 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 13:29:47 GMT; secure; SameSite=None
pdhtkv49=true; expires=Sun, 05 May 2024 13:29:47 GMT; secure; SameSite=None
uncs49=1; expires=Sun, 05 May 2024 13:29:47 GMT; secure; SameSite=None
nlec0a4243b915b6aef7ce6409f3497d95fb=[2229329]; expires=Sat, 04 May 2024 13:29:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 357d73218850148afce0d86800209d87
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cocoaexpansionshrewd.com/de/40/74/de40747527625eb4f2cfd573cb92ac16.js | 192.243.61.225 | 200 OK | 30 kB |
URL GET HTTP/1.1cocoaexpansionshrewd.com/de/40/74/de40747527625eb4f2cfd573cb92ac16.js IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectcocoaexpansionshrewd.com Fingerprint0F:BB:34:D8:99:F9:F8:65:4A:BD:32:FD:B3:41:FB:40:7B:00:3C:44 ValidityMon, 29 Apr 2024 08:33:58 GMT - Sun, 28 Jul 2024 08:33:57 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash544725b7169763428120f66708837b95 167788e9e2fbfd1e0ec6b9c96db9cc9f593d98de 1656699eab9261c8c367c5ae233ded9f1a07e7d1df04f63717b2ad32caab30c4
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /de/40/74/de40747527625eb4f2cfd573cb92ac16.js HTTP/1.1
Host: cocoaexpansionshrewd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 13:29:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5924c7c38af49922be53f26c1ab5bdea
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| decisivewade.com/watch.1597552874583.js?key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%22riize%22%2C%22is%22%2C%22truly%22%2C%22riizing%22%2C%22and%22%2C%22their%22%2C%22new%22%2C%22songs%22%2C%22prove%22%2C%22it%22%2C%22%E2%80%93%22%2C%22ilfresco%22%5D&refer=https%3A%2F%2Fwww.ilfresco.ca%2Fmenu-1%2Fe1cm79405P1d14%2F&tz=0&dev=e&res=14.2071&uuid=e6d40f5d-5d46-4693-b5eb-acb27ad95643%3A2%3A1 | 192.243.61.225 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1decisivewade.com/watch.1597552874583.js?key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%22riize%22%2C%22is%22%2C%22truly%22%2C%22riizing%22%2C%22and%22%2C%22their%22%2C%22new%22%2C%22songs%22%2C%22prove%22%2C%22it%22%2C%22%E2%80%93%22%2C%22ilfresco%22%5D&refer=https%3A%2F%2Fwww.ilfresco.ca%2Fmenu-1%2Fe1cm79405P1d14%2F&tz=0&dev=e&res=14.2071&uuid=e6d40f5d-5d46-4693-b5eb-acb27ad95643%3A2%3A1 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectdecisivewade.com Fingerprint97:80:1A:96:16:58:D9:94:6D:24:84:45:32:59:8C:44:59:0F:B7:8C ValidityMon, 29 Apr 2024 12:47:45 GMT - Sun, 28 Jul 2024 12:47:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /watch.1597552874583.js?key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%22riize%22%2C%22is%22%2C%22truly%22%2C%22riizing%22%2C%22and%22%2C%22their%22%2C%22new%22%2C%22songs%22%2C%22prove%22%2C%22it%22%2C%22%E2%80%93%22%2C%22ilfresco%22%5D&refer=https%3A%2F%2Fwww.ilfresco.ca%2Fmenu-1%2Fe1cm79405P1d14%2F&tz=0&dev=e&res=14.2071&uuid=e6d40f5d-5d46-4693-b5eb-acb27ad95643%3A2%3A1 HTTP/1.1
Host: decisivewade.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ilfresco.ca
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sat, 04 May 2024 13:29:47 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.ilfresco.ca
Access-Control-Allow-Origin: https://www.ilfresco.ca
Access-Control-Allow-Credentials: true
Location: https://decisivewade.com/watch.1597552874583.js?dev=e&key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%22riize%22%2C%22is%22%2C%22truly%22%2C%22riizing%22%2C%22and%22%2C%22their%22%2C%22new%22%2C%22songs%22%2C%22prove%22%2C%22it%22%2C%22%E2%80%93%22%2C%22ilfresco%22%5D&pst=1714829447&refer=https%3A%2F%2Fwww.ilfresco.ca%2Fmenu-1%2Fe1cm79405P1d14%2F&res=14.2071&rmtc=t&shu=96ba9ba756480a0cf94140de500083ec645be59dab622346f96580bd4c409318d0f95777d43754ffc6d46301b478db3160b41d71a3c1e5e6626f0675cc05055979322b8096924c6b28a8515cfcf52841af83b794710f7c5bbf260e06196529&tz=0&uuid=e6d40f5d-5d46-4693-b5eb-acb27ad95643%3A2%3A1
Set-Cookie: u_pl=22609139; expires=Sun, 05 May 2024 13:29:47 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjYwOTEzOSwiayI6ImQxYTVlNTAwZWQyNTVjYzRlYmY4MjJmZjJhZTQ4MjI5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjM2MDIzLCJwaWQiOjI0Njc3MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6Img1MjBmMWJneXMiLCJjcGtzIjp7IjI4IjoiNjllNzllMjQ4Y2Y2YzY0OTE3YmQwZDE3MDhiNzEzOTIifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LmlsZnJlc2NvLmNhL21lbnUtMS9lMWNtNzk0MDVQMWQxNC8iLCJhciI6W119fQ.lT-Z9fWUAKveL2nwAD1DXIxpbS-C9hG5ti6fVEjsAFI; expires=Sat, 04 May 2024 13:30:47 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: eb2da36bef1712ca9150c6869d653166
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| www.ilfresco.ca/wp-json/wordpress-popular-posts/v2/widget?is_single=79405 | 188.114.96.1 | 200 OK | 1.3 kB |
URL POST HTTP/3www.ilfresco.ca/wp-json/wordpress-popular-posts/v2/widget?is_single=79405 IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
Hash60a7db602c6ee15a20c77738f4cbb76a 66d6bb80c77e7669b05cf56032e8bbaa23aac19f f8033b1f85714e1d2a7b2a0c9f1f190d41ab5389dc241c284edc29370c9b69a9
POST /wp-json/wordpress-popular-posts/v2/widget?is_single=79405 HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-Type: application/json
X-WP-Nonce: 3af595ea43
Content-Length: 851
Origin: https://www.ilfresco.ca
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:47 GMT
content-type: application/json; charset=UTF-8
x-robots-tag: noindex
link: <https://www.ilfresco.ca/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-wp-nonce: 3af595ea43
allow: POST
x-litespeed-tag: 495_HTTP.200
access-control-allow-origin: https://www.ilfresco.ca
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
access-control-allow-credentials: true
vary: Origin,Accept-Encoding
x-litespeed-cache-control: no-cache
cache-control: no-cache, no-store, must-revalidate, max-age=0
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qvQjYH9icGEtcxtW6AUWZlQKFhv3EKDcnvj6Tww70%2BaicCBPvchvAial6EA6imCb9nbuxOZaT8vI3P4tNlZShI63JEMPyoPbmX6kRB2%2Bf3R5KX6yEeiZSRKbt84CoAowF6w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8d775ae615696-OSL
content-encoding: br
|
|
| cocoaexpansionshrewd.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p1Tfpef6968DIKgIJPu%2BejJuMhijJGwcbMfigsepLqrelJOdVVT1TU9iZfgguxx9qinzjPJxo9V9A9wkZmFRYJC5iI5mP%2FA08LiUWY2OPpC8b5PPU%2FB875vfb7vzkgdjp6uvad3hZR0uVXzq6%2FeCYIr1U2h3KA6WAk%2FDptXqqb%2FRies%2Ba9V3%2BVxTy%2FX%2FcD3Az%2BorgvDEz1YnpEQ2cNOUOv4tWa9FrSaGJj%2FYus8WOqB9c%2FIJQg2rTz2LkPEY6j0hzVue7nOXn8ndZLm2qDPjj5QPaULhXRRJsZDoo7O1dD2ZP0RtDqc24Xu%2FyOMxJR4Tx4hUkfnJhH1D%2BY%2BIwmuELH%2FoeiPweUYgo4R67sQ7IQAMcP1Laj0wXVtCrrznKUzdkoqz55CFFNS%2BeMyVPr9qhSD6m0tXS60shgkJcRgDNEdI3MT5LsXIIoJ4vwzCPYbWX62CZUebFmpIVg5712IMUQyhuRDUOvBzY7w4BIPLvOQstNqHARB22cx9Vc6cdxgbR6FzA9oOwlo4IcrcPHM3hB5NkQsh4jNHjKzh564f9K6BON%2Bht0uYZkHm0%2BJd3MPfVai4ASFJSgoQSEIipyg6JeHTNq6LR8waV0UnOf6eW6UI5139%2BmhzrtcEVAzhGHlfnZGXpiNyPvoqzvo8dOqT5v1ZiPqBK0opDxpxzxs%2Bp2k0ey0WaeVRLCihLAX5l3viilpf9pGJqbk4uQpIjqBlRPE4iKoC0CLEnS7xK76jjpDc95TuqZ4DqZLZHkF%2BY63L8%2FIS%2FMtvVy5CR4fX32y9GY2%2Bn0JsSmRmRKfiMcEXXlvdEsX5OCWLiz5cSvLRSp26WyDt3Oa84vfXOM7hTZsY80Ov34rnhGz8uH73OabVDGhupZ8uyoY42Zdm5iTnzbshzy64ez2qjPKZZs33l7fSDPDrRVajUHFydZfiMWUVF55cf41%2F%2F%2FrnxBmDONKpO6YnAeEniDO9mCzhXurCYxcaKLMQ%2BHKkalHi0spCCRfYBqVsP%2FC0aIeGTp7TUW5b%2B%2BhazzQ%2FC5UWqJvSvRlCSqHsG5plGfm%2BOovX8ziS0TSG0XSeAeRNPL%2B8yFbcVptNxo%2BDTutoN2mvB016ytJGDBK682wHoa0gdxOk3Dl2t8AAAD%2F%2FwEAAP%2F%2FekVUxG8EAAA%3D | 192.243.61.225 | 200 OK | 7 B |
URL GET HTTP/1.1cocoaexpansionshrewd.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p1Tfpef6968DIKgIJPu%2BejJuMhijJGwcbMfigsepLqrelJOdVVT1TU9iZfgguxx9qinzjPJxo9V9A9wkZmFRYJC5iI5mP%2FA08LiUWY2OPpC8b5PPU%2FB875vfb7vzkgdjp6uvad3hZR0uVXzq6%2FeCYIr1U2h3KA6WAk%2FDptXqqb%2FRies%2Ba9V3%2BVxTy%2FX%2FcD3Az%2BorgvDEz1YnpEQ2cNOUOv4tWa9FrSaGJj%2FYus8WOqB9c%2FIJQg2rTz2LkPEY6j0hzVue7nOXn8ndZLm2qDPjj5QPaULhXRRJsZDoo7O1dD2ZP0RtDqc24Xu%2FyOMxJR4Tx4hUkfnJhH1D%2BY%2BIwmuELH%2FoeiPweUYgo4R67sQ7IQAMcP1Laj0wXVtCrrznKUzdkoqz55CFFNS%2BeMyVPr9qhSD6m0tXS60shgkJcRgDNEdI3MT5LsXIIoJ4vwzCPYbWX62CZUebFmpIVg5712IMUQyhuRDUOvBzY7w4BIPLvOQstNqHARB22cx9Vc6cdxgbR6FzA9oOwlo4IcrcPHM3hB5NkQsh4jNHjKzh564f9K6BON%2Bht0uYZkHm0%2BJd3MPfVai4ASFJSgoQSEIipyg6JeHTNq6LR8waV0UnOf6eW6UI5139%2BmhzrtcEVAzhGHlfnZGXpiNyPvoqzvo8dOqT5v1ZiPqBK0opDxpxzxs%2Bp2k0ey0WaeVRLCihLAX5l3viilpf9pGJqbk4uQpIjqBlRPE4iKoC0CLEnS7xK76jjpDc95TuqZ4DqZLZHkF%2BY63L8%2FIS%2FMtvVy5CR4fX32y9GY2%2Bn0JsSmRmRKfiMcEXXlvdEsX5OCWLiz5cSvLRSp26WyDt3Oa84vfXOM7hTZsY80Ov34rnhGz8uH73OabVDGhupZ8uyoY42Zdm5iTnzbshzy64ez2qjPKZZs33l7fSDPDrRVajUHFydZfiMWUVF55cf41%2F%2F%2FrnxBmDONKpO6YnAeEniDO9mCzhXurCYxcaKLMQ%2BHKkalHi0spCCRfYBqVsP%2FC0aIeGTp7TUW5b%2B%2BhazzQ%2FC5UWqJvSvRlCSqHsG5plGfm%2BOovX8ziS0TSG0XSeAeRNPL%2B8yFbcVptNxo%2BDTutoN2mvB016ytJGDBK682wHoa0gdxOk3Dl2t8AAAD%2F%2FwEAAP%2F%2FekVUxG8EAAA%3D IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectcocoaexpansionshrewd.com Fingerprint0F:BB:34:D8:99:F9:F8:65:4A:BD:32:FD:B3:41:FB:40:7B:00:3C:44 ValidityMon, 29 Apr 2024 08:33:58 GMT - Sun, 28 Jul 2024 08:33:57 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p1Tfpef6968DIKgIJPu%2BejJuMhijJGwcbMfigsepLqrelJOdVVT1TU9iZfgguxx9qinzjPJxo9V9A9wkZmFRYJC5iI5mP%2FA08LiUWY2OPpC8b5PPU%2FB875vfb7vzkgdjp6uvad3hZR0uVXzq6%2FeCYIr1U2h3KA6WAk%2FDptXqqb%2FRies%2Ba9V3%2BVxTy%2FX%2FcD3Az%2BorgvDEz1YnpEQ2cNOUOv4tWa9FrSaGJj%2FYus8WOqB9c%2FIJQg2rTz2LkPEY6j0hzVue7nOXn8ndZLm2qDPjj5QPaULhXRRJsZDoo7O1dD2ZP0RtDqc24Xu%2FyOMxJR4Tx4hUkfnJhH1D%2BY%2BIwmuELH%2FoeiPweUYgo4R67sQ7IQAMcP1Laj0wXVtCrrznKUzdkoqz55CFFNS%2BeMyVPr9qhSD6m0tXS60shgkJcRgDNEdI3MT5LsXIIoJ4vwzCPYbWX62CZUebFmpIVg5712IMUQyhuRDUOvBzY7w4BIPLvOQstNqHARB22cx9Vc6cdxgbR6FzA9oOwlo4IcrcPHM3hB5NkQsh4jNHjKzh564f9K6BON%2Bht0uYZkHm0%2BJd3MPfVai4ASFJSgoQSEIipyg6JeHTNq6LR8waV0UnOf6eW6UI5139%2BmhzrtcEVAzhGHlfnZGXpiNyPvoqzvo8dOqT5v1ZiPqBK0opDxpxzxs%2Bp2k0ey0WaeVRLCihLAX5l3viilpf9pGJqbk4uQpIjqBlRPE4iKoC0CLEnS7xK76jjpDc95TuqZ4DqZLZHkF%2BY63L8%2FIS%2FMtvVy5CR4fX32y9GY2%2Bn0JsSmRmRKfiMcEXXlvdEsX5OCWLiz5cSvLRSp26WyDt3Oa84vfXOM7hTZsY80Ov34rnhGz8uH73OabVDGhupZ8uyoY42Zdm5iTnzbshzy64ez2qjPKZZs33l7fSDPDrRVajUHFydZfiMWUVF55cf41%2F%2F%2FrnxBmDONKpO6YnAeEniDO9mCzhXurCYxcaKLMQ%2BHKkalHi0spCCRfYBqVsP%2FC0aIeGTp7TUW5b%2B%2BhazzQ%2FC5UWqJvSvRlCSqHsG5plGfm%2BOovX8ziS0TSG0XSeAeRNPL%2B8yFbcVptNxo%2BDTutoN2mvB016ytJGDBK682wHoa0gdxOk3Dl2t8AAAD%2F%2FwEAAP%2F%2FekVUxG8EAAA%3D HTTP/1.1
Host: cocoaexpansionshrewd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/
Cookie: u_pl=22784088; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec0a4243b915b6aef7ce6409f3497d95fb=[2229329]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 13:29:47 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ba701b3cb1e21506293477be41c04d45
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cocoaexpansionshrewd.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3swpXnTdm5dBEBRk0j2%2Fx0UWY4yEjZv9objgQepXT8qp7mqquqcn8RJckD3OHvXU%2BSbZ%2BGMV%2FQNcZGZhkaCQuUgO5j%2FwtLB4lJkNjvugeO%2Br7yv43nv15X52RqrI6OnaB2ZXaU1XGhW%2F%2FPrtILhc3lRxNigP2s1Pm%2FXLZdt%2Fq9Os%2BG%2BU35e8Z1aqfuD7gR%2BU15WVoRmszEio5EEnqHT8Sr1aCRp1DOzz2GUeHPUg%2BmfkIpSYlh55l6D4GHH005p0vdQkb74XZZqmxqIvjj6Ke7HJY0SLMrQewvjoXA3jTtYfwsSHc7sw%2Ff%2BETE2J9%2FghWHx0bhKsfzD3yTRkDCZeQN4fQ%2BoxFB2DmztQ4oQAXODaFuLo%2FjVjc7rzjKUzdkpKT59A5VNS%2BusS4ujHVa0G5VtGZ6kyscMgLKAGY6juGEk2Qbp7ASqfgKdfQIk%2FyMrTTcTRwZbTBkoU896VGkOFY2g5BHUestlRHrLQQ5Z4iMRpmQdB0PIFp367w3lNtCRrCj%2BgrTCggd9sI%2BMze0OkyRBcD8HtHhK7h566d9K4CJv9CrddwAkPLp0S78Ye%2BqJALglyR5BTglwR5ClB3i8OhXZVV9wX2mUsOM%2FV81wrRibt7tNDk3ZlTEDtEFYU%2B8kZeWk2Iu%2BTb26jJ0%2FLPq1X6zXWCRqsSWXY4rJZ9zthrd5piU4jZHCqgHIX5l3vqilpfd5CoqZkafIEjE7g9ARcLYFmAWhegG4X2I1%2FoJmlqezFphLLFMIUSNIS0h1vX5%2BRV%2BZberV0A5IfX3m8%2FHYy%2BnMZ3BZIbIHP1COCrr47umlycnDT5I78vJWkKlK7dLbBWylN5dJ3V%2BVObqzYWHPDb9%2FhM2JWPvhQunSTxkLFXUe%2BX1VCSLtuLJfklw33sWTXM7e9mtk4Szavv7u%2BESVWOqdMPAZVJ1v%2FgKspKb328vxrvvj731B2DJsViLJjch5QZgKe7MElC%2FfOEFi90LDEQ54VI1tli0utCLRcYMoKuP9htqhHls5eU1Xsu7voWg80vYM4KtC3Bfq6ANVDuGx5lCb2%2BMpvX83iazDtjZi23gHTVt97NmSnTss1X7SYDGWLyXqjHkouWKPBfB5yVhPtNkfqpmGzffVfAAAA%2F%2F8BAAD%2F%2F%2FqRgSxvBAAA | 192.243.61.225 | 200 OK | 7 B |
URL GET HTTP/1.1cocoaexpansionshrewd.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3swpXnTdm5dBEBRk0j2%2Fx0UWY4yEjZv9objgQepXT8qp7mqquqcn8RJckD3OHvXU%2BSbZ%2BGMV%2FQNcZGZhkaCQuUgO5j%2FwtLB4lJkNjvugeO%2Br7yv43nv15X52RqrI6OnaB2ZXaU1XGhW%2F%2FPrtILhc3lRxNigP2s1Pm%2FXLZdt%2Fq9Os%2BG%2BU35e8Z1aqfuD7gR%2BU15WVoRmszEio5EEnqHT8Sr1aCRp1DOzz2GUeHPUg%2BmfkIpSYlh55l6D4GHH005p0vdQkb74XZZqmxqIvjj6Ke7HJY0SLMrQewvjoXA3jTtYfwsSHc7sw%2Ff%2BETE2J9%2FghWHx0bhKsfzD3yTRkDCZeQN4fQ%2BoxFB2DmztQ4oQAXODaFuLo%2FjVjc7rzjKUzdkpKT59A5VNS%2BusS4ujHVa0G5VtGZ6kyscMgLKAGY6juGEk2Qbp7ASqfgKdfQIk%2FyMrTTcTRwZbTBkoU896VGkOFY2g5BHUestlRHrLQQ5Z4iMRpmQdB0PIFp367w3lNtCRrCj%2BgrTCggd9sI%2BMze0OkyRBcD8HtHhK7h566d9K4CJv9CrddwAkPLp0S78Ye%2BqJALglyR5BTglwR5ClB3i8OhXZVV9wX2mUsOM%2FV81wrRibt7tNDk3ZlTEDtEFYU%2B8kZeWk2Iu%2BTb26jJ0%2FLPq1X6zXWCRqsSWXY4rJZ9zthrd5piU4jZHCqgHIX5l3vqilpfd5CoqZkafIEjE7g9ARcLYFmAWhegG4X2I1%2FoJmlqezFphLLFMIUSNIS0h1vX5%2BRV%2BZberV0A5IfX3m8%2FHYy%2BnMZ3BZIbIHP1COCrr47umlycnDT5I78vJWkKlK7dLbBWylN5dJ3V%2BVObqzYWHPDb9%2FhM2JWPvhQunSTxkLFXUe%2BX1VCSLtuLJfklw33sWTXM7e9mtk4Szavv7u%2BESVWOqdMPAZVJ1v%2FgKspKb328vxrvvj731B2DJsViLJjch5QZgKe7MElC%2FfOEFi90LDEQ54VI1tli0utCLRcYMoKuP9htqhHls5eU1Xsu7voWg80vYM4KtC3Bfq6ANVDuGx5lCb2%2BMpvX83iazDtjZi23gHTVt97NmSnTss1X7SYDGWLyXqjHkouWKPBfB5yVhPtNkfqpmGzffVfAAAA%2F%2F8BAAD%2F%2F%2FqRgSxvBAAA IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectcocoaexpansionshrewd.com Fingerprint0F:BB:34:D8:99:F9:F8:65:4A:BD:32:FD:B3:41:FB:40:7B:00:3C:44 ValidityMon, 29 Apr 2024 08:33:58 GMT - Sun, 28 Jul 2024 08:33:57 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3swpXnTdm5dBEBRk0j2%2Fx0UWY4yEjZv9objgQepXT8qp7mqquqcn8RJckD3OHvXU%2BSbZ%2BGMV%2FQNcZGZhkaCQuUgO5j%2FwtLB4lJkNjvugeO%2Br7yv43nv15X52RqrI6OnaB2ZXaU1XGhW%2F%2FPrtILhc3lRxNigP2s1Pm%2FXLZdt%2Fq9Os%2BG%2BU35e8Z1aqfuD7gR%2BU15WVoRmszEio5EEnqHT8Sr1aCRp1DOzz2GUeHPUg%2BmfkIpSYlh55l6D4GHH005p0vdQkb74XZZqmxqIvjj6Ke7HJY0SLMrQewvjoXA3jTtYfwsSHc7sw%2Ff%2BETE2J9%2FghWHx0bhKsfzD3yTRkDCZeQN4fQ%2BoxFB2DmztQ4oQAXODaFuLo%2FjVjc7rzjKUzdkpKT59A5VNS%2BusS4ujHVa0G5VtGZ6kyscMgLKAGY6juGEk2Qbp7ASqfgKdfQIk%2FyMrTTcTRwZbTBkoU896VGkOFY2g5BHUestlRHrLQQ5Z4iMRpmQdB0PIFp367w3lNtCRrCj%2BgrTCggd9sI%2BMze0OkyRBcD8HtHhK7h566d9K4CJv9CrddwAkPLp0S78Ye%2BqJALglyR5BTglwR5ClB3i8OhXZVV9wX2mUsOM%2FV81wrRibt7tNDk3ZlTEDtEFYU%2B8kZeWk2Iu%2BTb26jJ0%2FLPq1X6zXWCRqsSWXY4rJZ9zthrd5piU4jZHCqgHIX5l3vqilpfd5CoqZkafIEjE7g9ARcLYFmAWhegG4X2I1%2FoJmlqezFphLLFMIUSNIS0h1vX5%2BRV%2BZberV0A5IfX3m8%2FHYy%2BnMZ3BZIbIHP1COCrr47umlycnDT5I78vJWkKlK7dLbBWylN5dJ3V%2BVObqzYWHPDb9%2FhM2JWPvhQunSTxkLFXUe%2BX1VCSLtuLJfklw33sWTXM7e9mtk4Szavv7u%2BESVWOqdMPAZVJ1v%2FgKspKb328vxrvvj731B2DJsViLJjch5QZgKe7MElC%2FfOEFi90LDEQ54VI1tli0utCLRcYMoKuP9htqhHls5eU1Xsu7voWg80vYM4KtC3Bfq6ANVDuGx5lCb2%2BMpvX83iazDtjZi23gHTVt97NmSnTss1X7SYDGWLyXqjHkouWKPBfB5yVhPtNkfqpmGzffVfAAAA%2F%2F8BAAD%2F%2F%2FqRgSxvBAAA HTTP/1.1
Host: cocoaexpansionshrewd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/
Cookie: u_pl=22784088; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec0a4243b915b6aef7ce6409f3497d95fb=[2229329]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 13:29:47 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: afd66ef68903c0a5a728ff9ad87d5562
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg | 45.133.44.9 | 200 OK | 32 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3 Hash3528385dd0c31dbd2e5bfc4af7a6bec5 832c580ffd7711115d6c036ab4232f5bd88480a4 bfbfeebfcb679ca578055235614cc679b0757bad272996ef89b7fd5615a2db75
GET /cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 13:29:47 GMT
content-type: image/jpeg
content-length: 32471
server: nginx/1.21.6
last-modified: Thu, 30 Apr 2020 07:58:05 GMT
etag: "5eaa850d-7ed7"
expires: Mon, 06 May 2024 13:29:47 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| decisivewade.com/watch.1597552874583.js?dev=e&key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%22riize%22%2C%22is%22%2C%22truly%22%2C%22riizing%22%2C%22and%22%2C%22their%22%2C%22new%22%2C%22songs%22%2C%22prove%22%2C%22it%22%2C%22%E2%80%93%22%2C%22ilfresco%22%5D&pst=1714829447&refer=https%3A%2F%2Fwww.ilfresco.ca%2Fmenu-1%2Fe1cm79405P1d14%2F&res=14.2071&rmtc=t&shu=96ba9ba756480a0cf94140de500083ec645be59dab622346f96580bd4c409318d0f95777d43754ffc6d46301b478db3160b41d71a3c1e5e6626f0675cc05055979322b8096924c6b28a8515cfcf52841af83b794710f7c5bbf260e06196529&tz=0&uuid=e6d40f5d-5d46-4693-b5eb-acb27ad95643%3A2%3A1 | 192.243.61.225 | 200 OK | 2.0 kB |
URL GET HTTP/1.1decisivewade.com/watch.1597552874583.js?dev=e&key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%22riize%22%2C%22is%22%2C%22truly%22%2C%22riizing%22%2C%22and%22%2C%22their%22%2C%22new%22%2C%22songs%22%2C%22prove%22%2C%22it%22%2C%22%E2%80%93%22%2C%22ilfresco%22%5D&pst=1714829447&refer=https%3A%2F%2Fwww.ilfresco.ca%2Fmenu-1%2Fe1cm79405P1d14%2F&res=14.2071&rmtc=t&shu=96ba9ba756480a0cf94140de500083ec645be59dab622346f96580bd4c409318d0f95777d43754ffc6d46301b478db3160b41d71a3c1e5e6626f0675cc05055979322b8096924c6b28a8515cfcf52841af83b794710f7c5bbf260e06196529&tz=0&uuid=e6d40f5d-5d46-4693-b5eb-acb27ad95643%3A2%3A1 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectdecisivewade.com Fingerprint97:80:1A:96:16:58:D9:94:6D:24:84:45:32:59:8C:44:59:0F:B7:8C ValidityMon, 29 Apr 2024 12:47:45 GMT - Sun, 28 Jul 2024 12:47:44 GMT
File typeJavaScript source, ASCII text, with very long lines (2444) Hash594f0cbe5d991e29a3faa56b31306ce2 8b770c41388b3e87b557c7bc5916cb90425369e0 f418dc80dcac7629c0ee088bb1e34b29ae231336df16386757c26dcd8000e983
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /watch.1597552874583.js?dev=e&key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%22riize%22%2C%22is%22%2C%22truly%22%2C%22riizing%22%2C%22and%22%2C%22their%22%2C%22new%22%2C%22songs%22%2C%22prove%22%2C%22it%22%2C%22%E2%80%93%22%2C%22ilfresco%22%5D&pst=1714829447&refer=https%3A%2F%2Fwww.ilfresco.ca%2Fmenu-1%2Fe1cm79405P1d14%2F&res=14.2071&rmtc=t&shu=96ba9ba756480a0cf94140de500083ec645be59dab622346f96580bd4c409318d0f95777d43754ffc6d46301b478db3160b41d71a3c1e5e6626f0675cc05055979322b8096924c6b28a8515cfcf52841af83b794710f7c5bbf260e06196529&tz=0&uuid=e6d40f5d-5d46-4693-b5eb-acb27ad95643%3A2%3A1 HTTP/1.1
Host: decisivewade.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ilfresco.ca
Referer: https://www.ilfresco.ca/
DNT: 1
Connection: keep-alive
Cookie: u_pl=22609139; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjYwOTEzOSwiayI6ImQxYTVlNTAwZWQyNTVjYzRlYmY4MjJmZjJhZTQ4MjI5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjM2MDIzLCJwaWQiOjI0Njc3MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6Img1MjBmMWJneXMiLCJjcGtzIjp7IjI4IjoiNjllNzllMjQ4Y2Y2YzY0OTE3YmQwZDE3MDhiNzEzOTIifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LmlsZnJlc2NvLmNhL21lbnUtMS9lMWNtNzk0MDVQMWQxNC8iLCJhciI6W119fQ.lT-Z9fWUAKveL2nwAD1DXIxpbS-C9hG5ti6fVEjsAFI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 13:29:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.ilfresco.ca
Access-Control-Allow-Origin: https://www.ilfresco.ca
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=e6d40f5d-5d46-4693-b5eb-acb27ad95643:2:1; expires=Sat, 11 May 2024 13:29:47 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 13:29:47 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 13:29:47 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 05 May 2024 13:29:47 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 05 May 2024 13:29:47 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0bd50150339042b86903ed50f8a1b4f6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| cdn.cloudimagesb.com/cti/6e/8c/f5/6e8cf5e6269324a2f8594200a549c673/1707727902.png | 45.133.44.9 | 200 OK | 58 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/6e/8c/f5/6e8cf5e6269324a2f8594200a549c673/1707727902.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced Hashcd767aa7f68fbd096568816e15226a65 e24ab13e2427df52e4d5f1c5a8d472578fb50480 4cbedc8792aa2a900dc7bd36cf347aec3c738b743735c245332343e64ea0f2d0
GET /cti/6e/8c/f5/6e8cf5e6269324a2f8594200a549c673/1707727902.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 13:29:48 GMT
content-type: image/png
content-length: 58545
server: nginx/1.21.6
last-modified: Mon, 12 Feb 2024 08:51:50 GMT
etag: "65c9dc26-e4b1"
expires: Mon, 06 May 2024 13:29:48 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 172.67.180.87 | 200 OK | 40 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP172.67.180.87:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 13:29:47 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 96f6c5234fdf6698cff83dbecdc8b854
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 13:29:47 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zuWyl%2BLusYMuXYNojMZ4DqDv3nDsQNLnjedzDA7EDnk8UzwJQ8tRZM6IP3lGYQo9ITyrGDSLcW7bud7Sqt5mmBgYQPIlExf74%2BOxtsWWRHhoEy0a%2BtNEpWFVDArYrT47FJKRQXKw56BDTF%2Fhyy%2FCdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e8d779bf2056a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.ilfresco.ca/wp-content/uploads/wordpress-popular-posts/69446-featured-300x300.jpg | 188.114.96.1 | 404 Not Found | 7.6 kB |
URL GET HTTP/3www.ilfresco.ca/wp-content/uploads/wordpress-popular-posts/69446-featured-300x300.jpg IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (9575), with CRLF, LF line terminators Hash65b76d5788f0cd6adeff4a4b09e6bd2f 2cc80233d40b780fa74ec9c09fa3de142cd396da 63d380bc669ce424c5b51acff3bf4f3e60efb294830664ec7497a58d650d4424
GET /wp-content/uploads/wordpress-popular-posts/69446-featured-300x300.jpg HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=37eb58fe-24d2-42e6-ab2d-ab2f8aa9f1c3%3A3%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Sat, 04 May 2024 13:29:47 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.ilfresco.ca/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
x-litespeed-cache: hit
alt-svc: h3=":443"; ma=86400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hpx7xL%2B%2FTg33v1HUVSke1QmkiuooD%2BJ3uwAiThuzQaedb1SXPXqyAHPdN9oOr%2BLhPHv6q61SjawQXv%2FpmbCiP6AZOZKbXiZVHZXmLSJWJQU765ZUhp5n7t4reZLajSk36X8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8d776fffe5696-OSL
content-encoding: br
|
|
| www.instagram.com/embed.js |  31.13.72.174 | 200 OK | 22 kB |
URL GET HTTP/2www.instagram.com/embed.js IP31.13.72.174:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerDigiCert Inc Subject*.www.instagram.com FingerprintD2:9A:77:E6:EE:C2:E9:6C:1C:63:38:9F:A6:75:B8:CC:64:05:93:9E ValiditySun, 11 Feb 2024 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (20525) Hash7f6a200b15080af2c5c5968f85c6a0b8 2d0e62ddcbc84a1cfa25397a4e05c8f08c5a926d dfb9d0012f121f5e2957c739b1c6610881d6593fa9432af23390a276d7a9b663
GET /embed.js HTTP/1.1
Host: www.instagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 7f6a200b15080af2c5c5968f85c6a0b8
etag: "f8c66c86a638c782ce7d5a932975b9bc"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
edge-control: cache-maxage=1200s
expires: Sat, 04 May 2024 13:49:48 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
document-policy: force-load-at-top
permissions-policy: accelerometer=(self), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-content-type-options: nosniff
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-stack: www
content-md5: aDR/st91YNYFNTaSOIDQIw==
x-fb-debug: 6RG9MiL7BqmVaFj7M0fvtliO4bDCWsxUa6hecxOyJQxcqgCU42w21td4uRcKlYs+SwjivkxquDOvzAVRnZ92Xw==
content-length: 21616
date: Sat, 04 May 2024 13:29:48 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.ilfresco.ca/favicon.ico | 188.114.96.1 | 302 Found | 4.1 kB |
URL GET HTTP/3www.ilfresco.ca/favicon.ico IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typePNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced Hash000bf649cc8f6bf27cfb04d1bcdcd3c7 d73d2f6d74ec6cdcbae07955592962e77d8ae814 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /favicon.ico HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=37eb58fe-24d2-42e6-ab2d-ab2f8aa9f1c3%3A3%3A1; m5a4xojbcp2nx3gptmm633qal3gzmadn=cocoaexpansionshrewd.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 04 May 2024 13:29:48 GMT
content-type: text/html; charset=UTF-8
location: https://www.ilfresco.ca/wp-includes/images/w-logo-blue-white-bg.png
link: <https://www.ilfresco.ca/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 495_HTTP.200,495_HTTP.302,495_default,495_URL.b54ff2eddcb0060bcd786ce388d8d4d7,495_
x-litespeed-cache: miss
alt-svc: h3=":443"; ma=86400
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DjL9cirpS8gDwQgm7y17wJBc8I5o4r0FYwV%2BUQVpItlK9YZbTcydeHZ%2BvPtKDxo0BHErnSv4aQ1vWaD%2FOaO%2Bp6wyV98AvjjIVzJ%2BgZ0yOvhY%2BeTLfdgkWMQjDk63BK5VNFw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e8d77b9d5f5696-OSL
|
|
| unseenreport.com/pxf.gif?uuid=37eb58fe-24d2-42e6-ab2d-ab2f8aa9f1c3&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=de40747527625eb4f2cfd573cb92ac16&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 | 192.243.61.225 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=37eb58fe-24d2-42e6-ab2d-ab2f8aa9f1c3&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=de40747527625eb4f2cfd573cb92ac16&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=37eb58fe-24d2-42e6-ab2d-ab2f8aa9f1c3&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=de40747527625eb4f2cfd573cb92ac16&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 13:29:49 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 043b34f2d416f1efa7d02384878ebea3
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| www.ilfresco.ca/wp-content/themes/classy-news/assets/js/custom.min.js?ver=1.1.0 | 188.114.96.1 | 200 OK | 11 kB |
URL GET HTTP/3www.ilfresco.ca/wp-content/themes/classy-news/assets/js/custom.min.js?ver=1.1.0 IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeJavaScript source, ASCII text, with very long lines (4128), with no line terminators Hashf9cc3b554cd5262c75ef737aa033e41d 0ecd8869fabe7d7e86bcb048fd3bca6427c5c092 bbdd9e64e99fc546ffa26cdb681daf9d12b8807a968a392a26985669613438f7
GET /wp-content/themes/classy-news/assets/js/custom.min.js?ver=1.1.0 HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:46 GMT
content-type: text/javascript
etag: W/"1020-662e7f55-6768447;br"
last-modified: Sun, 28 Apr 2024 16:54:45 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d%2FlvK0pyx7%2FyoZJ89PZ554z33d7j4g6U9L99zGxGBDjO21nDPjw8Rvpc1sWEcdc7BosZWX2wrtMvl%2BeLIWhuRUJyKRRH5HYMKrNJyH7Lubs5zAVNOpjo9QWYYj3l5DmbnAs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8d76fbe675696-OSL
content-encoding: br
|
|
| www.ilfresco.ca/wp-content/themes/classy-news/style.css?ver=1.1.0 | 188.114.96.1 | 200 OK | 95 kB |
URL GET HTTP/3www.ilfresco.ca/wp-content/themes/classy-news/style.css?ver=1.1.0 IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeASCII text, with very long lines (63329) Hash402375218b7724e536f2e3b824558889 4ab9f525d25e4e109bec646564116b83f186f492 ee4d50ce3b6b89dadb6293c211c8fbc5591612e2e9238c7ce6666d5ba66e54be
GET /wp-content/themes/classy-news/style.css?ver=1.1.0 HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:46 GMT
content-type: text/css
cache-control: public, max-age=43200
cf-bgj: minify
cf-polished: origSize=124567
alt-svc: h3=":443"; ma=86400
etag: W/"1e697-662e7f55-676849f;br"
expires: Wed, 01 May 2024 08:10:28 GMT
last-modified: Sun, 28 Apr 2024 16:54:45 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BPsQobLNqumM1ISqTsTVcqlCF8otewvLA1J8wZUApAnjPFLj0KBV5ojCQedl6VOIYj9fpQGXz3PcBluoaRjTq%2Fv7hRIOJjo8TfMqQ7nG3vSXUhcea3NagR4%2BZOD4hP15NBU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8d76f8e1f5696-OSL
content-encoding: br
|
|
| www.ilfresco.ca/wp-content/plugins/featured-image-from-url/includes/html/js/json-ld.js?ver=4.7.2 | 188.114.96.1 | 200 OK | 507 B |
URL GET HTTP/3www.ilfresco.ca/wp-content/plugins/featured-image-from-url/includes/html/js/json-ld.js?ver=4.7.2 IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeJavaScript source, ASCII text, with very long lines (532), with no line terminators Hashb1e7be7360a73835c0b44b7bf834b4bb 394b871cf36b2f356d12e971c8a8fb6149cfd2a7 1745266d2215ef0c2563fe02c7ae9d23b7f818a9f075970b680d57440edb8f47
GET /wp-content/plugins/featured-image-from-url/includes/html/js/json-ld.js?ver=4.7.2 HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:46 GMT
content-type: text/javascript
etag: W/"1fb-662e7df1-6768200;br"
last-modified: Sun, 28 Apr 2024 16:48:49 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VQqNYxt6FM%2BxjyTlN2HRoMDvOYyzihGyGjsMHdRfPv%2FvnhQtbDDeND7%2BhaulDxD%2BZVJ5y8%2BrecowHfLYf6M5WSNBk2Vy7qed9j7BBMlMMFHM6VJtyPt5Yh9bDA%2F4LuOX%2BiI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8d76fbe695696-OSL
content-encoding: br
|
|
| www.ilfresco.ca/wp-json/wordpress-popular-posts/v2/views/79405 | 188.114.96.1 | 201 Created | 55 B |
URL POST HTTP/3www.ilfresco.ca/wp-json/wordpress-popular-posts/v2/views/79405 IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash71e80c5cf3472ad26c47644681065d32 027c9efba9c8c414301a4e3e702da41ec789c35a 6421dd7ffa35b3324a63f6af804b598f2cee3e0f596d127906e80b102c87a54f
POST /wp-json/wordpress-popular-posts/v2/views/79405 HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-Type: application/x-www-form-urlencoded
Content-Length: 48
Origin: https://www.ilfresco.ca
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 201 Created
date: Sat, 04 May 2024 13:29:46 GMT
content-type: application/json; charset=UTF-8
x-robots-tag: noindex
link: <https://www.ilfresco.ca/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-wp-nonce: 3af595ea43
allow: GET, POST
x-litespeed-tag: 495_HTTP.201
access-control-allow-origin: https://www.ilfresco.ca
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
access-control-allow-credentials: true
vary: Origin,Accept-Encoding
x-litespeed-cache-control: no-cache
cache-control: no-cache, no-store, must-revalidate, max-age=0
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wvd%2BYA5p7kTnuQmA0z2YXYSat7LPWFe0z5tjyQIp0dGErQD4h9n%2BVf9iNP2QwItdweQo7EXpxekbrWlTbTpv5EFwRMNG2U44Hmlh0f8lLNPmRcpZrcwtFzl%2Bzb9Z%2FZJxf2M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8d771b91e5696-OSL
|
|
| noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js | 172.240.108.76 | 200 OK | 31 kB |
URL GET HTTP/1.1noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js IP172.240.108.76:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectnoisesperusemotel.com Fingerprint58:2C:9C:55:9F:EC:B2:C1:50:10:0F:28:6D:3C:4A:97:83:75:B6:1B ValidityTue, 19 Mar 2024 07:40:07 GMT - Mon, 17 Jun 2024 07:40:06 GMT
File typeJavaScript source, ASCII text, with very long lines (31295), with no line terminators Hash79f173526531ca3e6beb654ba0bded50 4ffce94e8e45cf52dad90886df1fc5b750b06c44 ece175d070bd719122e1deb7f37da9b10ec2d0228ebea081f3de9ce766d204d2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /d1a5e500ed255cc4ebf822ff2ae48229/invoke.js HTTP/1.1
Host: noisesperusemotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 13:29:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f4c6f327f1912a6e86f9de74b0690ec7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| www.ilfresco.ca/wp-content/uploads/wordpress-popular-posts/60488-featured-300x300.jpg | 188.114.96.1 | 404 Not Found | 30 kB |
URL GET HTTP/3www.ilfresco.ca/wp-content/uploads/wordpress-popular-posts/60488-featured-300x300.jpg IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/wordpress-popular-posts/60488-featured-300x300.jpg HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=37eb58fe-24d2-42e6-ab2d-ab2f8aa9f1c3%3A3%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 04 May 2024 13:29:47 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.ilfresco.ca/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
x-litespeed-cache: hit
alt-svc: h3=":443"; ma=86400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hMn3MFBibnyLhNYMjlAqD%2B45ysySB1B%2BSNBZCt%2Bi4DU%2BYf5%2BJS11y0RW25YGpdlxeTgJQGbltcfx2LAuCAvR%2BdVqT0oXmgLT8O1bT%2F6tuzqvJAKINaXfrEe8mK26vjru57M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8d776effc5696-OSL
content-encoding: br
|
|
| www.ilfresco.ca/wp-content/uploads/wordpress-popular-posts/69304-featured-300x300.jpg | 188.114.96.1 | 404 Not Found | 30 kB |
URL GET HTTP/3www.ilfresco.ca/wp-content/uploads/wordpress-popular-posts/69304-featured-300x300.jpg IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/wordpress-popular-posts/69304-featured-300x300.jpg HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=37eb58fe-24d2-42e6-ab2d-ab2f8aa9f1c3%3A3%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 04 May 2024 13:29:47 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.ilfresco.ca/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
x-litespeed-cache: hit
alt-svc: h3=":443"; ma=86400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zHUSWh%2F5vY%2B28GFvs%2FZLCb%2F6G13wd%2BOTIYqJmMdb%2BxlgzaSL4KvSPBOQ9HnW5Pul2O0ADm14%2Bh4iWlO8Iw9FG4Ofi570ukQ5DtLKC7gx%2BeLYYn3wAu0fI0idOXBxUbgLZAI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8d776ffff5696-OSL
content-encoding: br
|
|
| www.ilfresco.ca/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.5.2 | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3www.ilfresco.ca/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.5.2 IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeJavaScript source, ASCII text, with very long lines (1092), with no line terminators Hashcb9255d8f9b56663038c8fb95c3ccd21 465ae30e920f88dc421d065a348c5f0d75a0af5f 1e1c484d9c4ccc48ff66e0d2e1504fd9e22cb3efdb567b0dd1deeaac5ee0ff21
GET /wp-content/plugins/wp-automatic/js/main-front.js?ver=6.5.2 HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:46 GMT
content-type: text/javascript
etag: W/"3f9-65e80f31-6684414;br"
last-modified: Wed, 06 Mar 2024 06:37:37 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kIvsZmsaXcfu8fxh2qMUx7rx6MDelMQa0Kci2Xs4mbuy8xfcSXrpG2DgI0OSJxdQGX5BkP5BHoipK1a%2B6gwtiK1YsQgZR28ceG6O8ZOpzs513u6WX0DS0lhc91BrVGWjNuA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8d76f8e2e5696-OSL
content-encoding: br
|
|
| www.ilfresco.ca/wp-content/themes/classy-news/assets/js/slick.min.js?ver=1.8.0 | 188.114.96.1 | 200 OK | 44 kB |
URL GET HTTP/3www.ilfresco.ca/wp-content/themes/classy-news/assets/js/slick.min.js?ver=1.8.0 IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeJavaScript source, ASCII text, with very long lines (43897), with no line terminators Hash66743b6d71a22c592ecd79da70cd26eb 04c6168035124c2421a53c52b789437645bae9db a1a49c85ae2db19ca7ad2bd54a706a632f8c9534c609acee3388f116df3bc53d
GET /wp-content/themes/classy-news/assets/js/slick.min.js?ver=1.8.0 HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:46 GMT
content-type: text/javascript
etag: W/"ab79-662e7f55-6768451;br"
last-modified: Sun, 28 Apr 2024 16:54:45 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MU%2FWelWiDVs65XLYU097bVwWukudGvdhlx0HJy0N4yAwx2cR4m6vaE%2Fjs95HDHqxCMlOtLECSLbz%2Foupn9iIJ1F1xlx70SZVUCHCBYFF4zO3ooYUMFR9tCiyu3EmMQs2MeY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8d76fae5b5696-OSL
content-encoding: br
|
|
| www.ilfresco.ca/wp-content/themes/classy-news/assets/js/navigation.min.js?ver=1.1.0 | 188.114.96.1 | 200 OK | 1.3 kB |
URL GET HTTP/3www.ilfresco.ca/wp-content/themes/classy-news/assets/js/navigation.min.js?ver=1.1.0 IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeASCII text, with very long lines (1388), with no line terminators Hashf20c1c2836db089bf4596b7631f2af3b 01ff5da59f01c9515a382851ab2f68aa296094c2 7272684ec56fb2fe907acd344b6e3e3d71eca718cb379bc3ec43d1691d9492ca
GET /wp-content/themes/classy-news/assets/js/navigation.min.js?ver=1.1.0 HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:46 GMT
content-type: text/javascript
etag: W/"52a-662e7f55-676844f;br"
last-modified: Sun, 28 Apr 2024 16:54:45 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UWq4IcE2vDTmtvY4zyM2TiCyMY%2Bo%2BwvsceKCRhyfFlSJmdW2uifeah5nEWlUufIbggms2vF9cu5wcH1EmpjkRmLwiRd35ZcJ3IyVoxsNqQiy6hwrbJf%2Fin6qA4nmkwTRPZA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8d76fae585696-OSL
content-encoding: br
|
|
| www.ilfresco.ca/wp-content/themes/classy-news/assets/js/endless-river.min.js?ver=1.8.0 | 188.114.96.1 | 200 OK | 2.3 kB |
URL GET HTTP/3www.ilfresco.ca/wp-content/themes/classy-news/assets/js/endless-river.min.js?ver=1.8.0 IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeJavaScript source, ASCII text, with very long lines (2427), with no line terminators Hash6f89696f7371618b3cf3760190a98ead 40e3471469b23a2aaa08bebc72c256ab9a00bed5 59ac702a24258da45040bdea7510fcf4f4d2782202e7c2c9649c3b1d218ea908
GET /wp-content/themes/classy-news/assets/js/endless-river.min.js?ver=1.8.0 HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:46 GMT
content-type: text/javascript
etag: W/"911-662e7f55-676844d;br"
last-modified: Sun, 28 Apr 2024 16:54:45 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WfJqMnwtipcYP8wo8VPahpTKpy21Gv8uDMIb7g6vr44iANS2rOwIyacofi8OHD4Tg6mzwWD%2FCp0zc2UBupZXMwBfU5cA53hZtT4OFQBoLaukQOqmuSv0DMkzwXhWG8J1Wm0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8d76fae5d5696-OSL
content-encoding: br
|
|
| www.ilfresco.ca/wp-content/themes/classy-news/assets/css/endless-river.min.css?ver=1.8.0 | 188.114.96.1 | 200 OK | 538 B |
URL GET HTTP/3www.ilfresco.ca/wp-content/themes/classy-news/assets/css/endless-river.min.css?ver=1.8.0 IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeASCII text, with very long lines (538), with no line terminators Hash4be5ba78eb3548693d01d6f7f689813b 6dabfd94c01afb9620d971e551f4b0e98850285e af8e228d0e1f26bdccc4cc9f575c7c028e752775568623eb3a48c974dcd46a20
GET /wp-content/themes/classy-news/assets/css/endless-river.min.css?ver=1.8.0 HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:46 GMT
content-type: text/css
cache-control: public, max-age=43200
expires: Wed, 01 May 2024 06:55:38 GMT
etag: W/"21a-662e7f55-6768441;br"
last-modified: Sun, 28 Apr 2024 16:54:45 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pvlEclMbWwNsEdvuNoWkjOnJz%2BPCW684vmxT3qdlBqjsvUNkzxOelgVo4MH%2FRegwIP6dewtmSoYALE6ZpALRetcsjYodHCVc3VE4sVLXbQx9G%2Bdqz6eGairs0hKPDwkxeDg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8d76f7e165696-OSL
content-encoding: br
|
|
| www.ilfresco.ca/wp-content/themes/classy-news/assets/css/blocks.min.css?ver=6.5.2 | 188.114.96.1 | 200 OK | 12 kB |
URL GET HTTP/3www.ilfresco.ca/wp-content/themes/classy-news/assets/css/blocks.min.css?ver=6.5.2 IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeASCII text, with very long lines (12036), with no line terminators Hashb8a1d86a5d319d4fba26711c060bb71d ca55c3c9f215a7d50904ce2b92557b0beb7a5037 af06534dd9b9eeba6160a64832f715e823ee946e1f64521761ded0fe59793039
GET /wp-content/themes/classy-news/assets/css/blocks.min.css?ver=6.5.2 HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:46 GMT
content-type: text/css
cache-control: public, max-age=43200
expires: Wed, 01 May 2024 08:10:28 GMT
etag: W/"2f04-662e7f55-676843d;br"
last-modified: Sun, 28 Apr 2024 16:54:45 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jkYma8XC4FP0%2FyB1u74VUomIjTNPpGg08vdP4f0AHtkoH6tvqe4rpzTwHh2hyjLrMkJGCMAa5EfpKDUeM9Qbr3HgvytN7G%2BTnjO8xcb2EtMq7%2B9B8RK7zRdBg5JdKYpQVBU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8d76f7e185696-OSL
content-encoding: br
|
|
| lavendertyre.com/pixel/purst?dl=0&th=0&sc=0&rs=2221&rd=2221&fd=599&bv=24.5.6485&tmpl=136 | 192.243.59.13 | 200 OK | 0 B |
URL GET HTTP/1.1lavendertyre.com/pixel/purst?dl=0&th=0&sc=0&rs=2221&rd=2221&fd=599&bv=24.5.6485&tmpl=136 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectlavendertyre.com FingerprintB4:92:8C:C7:AA:1D:22:5D:74:7B:4B:55:10:CE:60:FF:C4:BD:D6:7F ValidityMon, 29 Apr 2024 12:53:26 GMT - Sun, 28 Jul 2024 12:53:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=2221&rd=2221&fd=599&bv=24.5.6485&tmpl=136 HTTP/1.1
Host: lavendertyre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 13:29:48 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| www.ilfresco.ca/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0 | 188.114.96.1 | 200 OK | 2.4 kB |
URL GET HTTP/3www.ilfresco.ca/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0 IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeASCII text, with very long lines (2367), with no line terminators Hash79dc2fc9e9be25c4e4b65af78a1cf86a 36b819e4e1c0761f95c86743a307cff518e4c7ef da26f75773d686f672adddeabc4378a593a11845f01c01dbd2c941744d2ff96a
GET /wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0 HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:46 GMT
content-type: text/css
cache-control: public, max-age=43200
cf-bgj: minify
cf-polished: origSize=2713
alt-svc: h3=":443"; ma=86400
etag: W/"a99-65e80f31-66844fb;br"
expires: Wed, 01 May 2024 06:55:37 GMT
last-modified: Wed, 06 Mar 2024 06:37:37 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b5gTMAiNJjTJwhANSADV4A06B9CgKnad%2FdT%2FOEubh%2Bv0Qk6ZCL5ZfixoJP5ptoBfqsL567wdTXpON7PrbAzbzlRYrmiYTq018o7f4T0Fm5STM78pu50LcbHbT2G%2BnK8Is8E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8d76f6e075696-OSL
content-encoding: br
|
|
| www.ilfresco.ca/wp-content/themes/classy-news/assets/css/fontawesome.min.css?ver=1.8.0 | 188.114.96.1 | 200 OK | 59 kB |
URL GET HTTP/3www.ilfresco.ca/wp-content/themes/classy-news/assets/css/fontawesome.min.css?ver=1.8.0 IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeASCII text, with very long lines (59119), with CRLF line terminators Hash3720bbee0ca1964cbaed0258264f680c 8bd508bb2f120487671bce49267f7ac8a2eff154 b5e38de32d149f2263d86a25f0db6e63418e296f5c42f004f1ad157b5062db96
GET /wp-content/themes/classy-news/assets/css/fontawesome.min.css?ver=1.8.0 HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:46 GMT
content-type: text/css
cache-control: public, max-age=43200
expires: Wed, 01 May 2024 04:30:12 GMT
etag: W/"e7ad-662e7f55-6768443;br"
last-modified: Sun, 28 Apr 2024 16:54:45 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ctwytd6CHD%2BD1Cm6C30OikWUX30AKJZFtc4NNTv4ioZwy5JoySOe1xWiK4XfFq7%2FxpiicP%2FUr%2BzcLQk%2Bkk1LhD9IIbtigalGpT9DJqZbhu8xFXqukEh27jUoxLt4O%2Boh0cA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8d76f7e135696-OSL
content-encoding: br
|
|
| www.ilfresco.ca/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 | 188.114.96.1 | 200 OK | 19 kB |
URL GET HTTP/3www.ilfresco.ca/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeJavaScript source, ASCII text, with very long lines (15752) Hashb976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:47 GMT
content-type: text/javascript
etag: W/"4926-66116a69-6683422;br"
last-modified: Sat, 06 Apr 2024 15:29:45 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=77bhDuiGrgnCJHjuJLI3IPDyt2UR9x2gVNizIZ5luIhd729DVC5mYUYSqclB2YLtGWFVKTee%2Fknt7qPLroM9yKaC%2B2nImQDpb23X5GE1%2BWM1uliAnnDaW2YxVOL7PC0FrB8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8d7759e4b5696-OSL
content-encoding: br
|
|
| www.ilfresco.ca/wp-includes/images/w-logo-blue-white-bg.png | 188.114.96.1 | 200 OK | 4.1 kB |
URL GET HTTP/3www.ilfresco.ca/wp-includes/images/w-logo-blue-white-bg.png IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typePNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced Hash000bf649cc8f6bf27cfb04d1bcdcd3c7 d73d2f6d74ec6cdcbae07955592962e77d8ae814 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
DNT: 1
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=37eb58fe-24d2-42e6-ab2d-ab2f8aa9f1c3%3A3%3A1; m5a4xojbcp2nx3gptmm633qal3gzmadn=cocoaexpansionshrewd.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:48 GMT
content-type: image/png
content-length: 4119
cache-control: public, max-age=43200
expires: Thu, 02 May 2024 22:27:45 GMT
etag: "1017-66116a69-66833a1;;;"
last-modified: Sat, 06 Apr 2024 15:29:45 GMT
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7G2pePO4omh6pX%2BkUp4hRJ65LjMDZtwP3cCyjLLVrqdeJ5kPcozSXolouxAcfI1M%2FvB1EOQ3B2WiCAmoDdChYM2KbTQUNlLI7iB3crbAV1uHIkiJ8GDSEv2Bsx1iF1uNCuc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e8d77c7e845696-OSL
|
|
| www.ilfresco.ca/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 | 188.114.96.1 | 200 OK | 88 kB |
URL GET HTTP/3www.ilfresco.ca/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:46 GMT
content-type: text/javascript
etag: W/"15601-66116a69-66835b8;br"
last-modified: Sat, 06 Apr 2024 15:29:45 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2xw20mi5tRek90ryreEcj2Ll%2Fp7zBdbWpgkRIoc50owzf3hstHB750iFrPjB0PWXaln8sBI5mM4Tx6%2FXz9DASEvXKHjfRC9GGkYov0JuTGKfzNcancDEi%2BdPIQ8yF0yeeXg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8d76f8e275696-OSL
content-encoding: br
|
|
| www.ilfresco.ca/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.4.2 | 188.114.96.1 | 200 OK | 4.6 kB |
URL GET HTTP/3www.ilfresco.ca/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.4.2 IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeJavaScript source, ASCII text, with very long lines (4711), with no line terminators Hash2f8e62416eb869d494f81486e6f30679 5df1cdce2886759db4d12ac1719ba1dd6ea1abc1 819a41825306336513dd8a8ebbae0a3a5be2e9590f4dadeac948a221b883277f
GET /wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.4.2 HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:46 GMT
content-type: text/javascript
etag: W/"11d3-65ef1906-66845da;br"
last-modified: Mon, 11 Mar 2024 14:45:26 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7uBfaukeh3EGNAV%2FJ2O8RxyJahOee8md0YP5dNQDEZr2kvmJwes7%2BWDH1676wmhbtM0KKa2JQhMxb0qiVYNKAusZqomFlWAb1u6fKa0edjj4hM3RJc%2F6W7eKALtP7nDIK7A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8d76f9e305696-OSL
content-encoding: br
|
|
| www.ilfresco.ca/wp-content/themes/classy-news/assets/css/slick.min.css?ver=1.8.0 | 188.114.96.1 | 200 OK | 1.3 kB |
URL GET HTTP/3www.ilfresco.ca/wp-content/themes/classy-news/assets/css/slick.min.css?ver=1.8.0 IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeASCII text, with very long lines (1257), with no line terminators Hash9f3143fc1a72e4315ce2e5c0c4d13334 21f3e2024bd853deb0100f135ea0d18bb8b68e42 caf46c90f4c85259ea326f121c4ae6d20e113f9efeb9756dabe4f8b374d087d1
GET /wp-content/themes/classy-news/assets/css/slick.min.css?ver=1.8.0 HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:46 GMT
content-type: text/css
cache-control: public, max-age=43200
expires: Wed, 01 May 2024 10:31:51 GMT
etag: W/"4e9-662e7f55-6768445;br"
last-modified: Sun, 28 Apr 2024 16:54:45 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jcW8JbjmJ8m%2FGabEJfxJBQcKAlVLLjVCLiXAyrV6%2Bo7iuzPDbNoBRTqjNqhygtU%2F6Y9D7YGnI7vNdpx6yfIX3Ed6xiLiUy6xMihGo69HYwJ4Ql%2Ff0J8fX2IDgm%2Bmn6elqMg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8d76f7e125696-OSL
content-encoding: br
|
|
| www.ilfresco.ca/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 | 188.114.96.1 | 200 OK | 113 kB |
URL GET HTTP/3www.ilfresco.ca/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
Size113 kB (113381 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:46 GMT
content-type: text/css
cache-control: public, max-age=43200
expires: Wed, 01 May 2024 04:30:12 GMT
etag: W/"1bae5-66116a69-6683bf6;br"
last-modified: Sat, 06 Apr 2024 15:29:45 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FxHxiP%2FeaH0ZNZMrbJjxt7lpN%2FFgOqirgXZZ6uVWg19X9Qzo1udfP4lfIsxvYBytQxGIgNXDCIBNsLz4z7u7HiqYIDA6BP7W2Cmyw7c2OnB19XCCXVB25v2xcIzs9KtK2PQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8d76f6e015696-OSL
content-encoding: br
|
|
| www.ilfresco.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 | 188.114.96.1 | 200 OK | 14 kB |
URL GET HTTP/3www.ilfresco.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP188.114.96.1:443
Requested byhttps://www.ilfresco.ca/menu-1/e1cm79405P1d14/ CertificateIssuerLet's Encrypt Subjectilfresco.ca FingerprintE7:74:B0:92:65:07:61:09:27:B1:06:90:C8:A6:94:DA:B1:2B:C2:76 ValiditySun, 28 Apr 2024 15:46:01 GMT - Sat, 27 Jul 2024 15:46:00 GMT
File typeJavaScript source, ASCII text, with very long lines (13479) Hash9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: www.ilfresco.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ilfresco.ca/menu-1/e1cm79405P1d14/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 13:29:46 GMT
content-type: text/javascript
etag: W/"3509-66116a69-6683609;br"
last-modified: Sat, 06 Apr 2024 15:29:45 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t7vG7teo%2BBkjhgcyIq7%2BBsh3%2Ffjg%2Bp8Poylx00XGKnykSrfkFWJk1ys62XsFrgar9TpN9XqDhHCeEMhSP%2FaRdexouiLOaWKeuaf2TLF7FrbTg02qcsDTWaJmrhtyyfZPGiY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8d76f8e2c5696-OSL
content-encoding: br
|
|