Report - xerocanada.net/

Report Overview

Submitted URL
xerocanada.net/
IP
158.222.4.3
ASN
#63119 Angelnet Limited
Submitted
2024-04-18 06:05:57
Access
public
Website Title
Xero Canada | Xero Running Shoes
Final URL
www.xerocanada.net/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
96

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-18	2.1 kB	35 kB	216.58.207.227
zerossl.ocsp.sectigo.com	4049	2018-08-16	2020-05-09	2024-04-17	672 B	1.6 kB	172.64.149.23
xerocanada.net	unknown	2022-12-28	2023-01-03	2023-10-20	734 B	890 B	158.222.4.3
www.xerocanada.net	unknown	2022-12-28	2023-01-03	2023-10-23	24 kB	2.3 MB	158.222.4.3
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-18	8.6 kB	256 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed
2024-04-18	medium	xerocanada.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	www.xerocanada.net/includes/templates/xerocanada/jscript/jquery.min.js	90 kB	2023-03-07	2024-05-01
Pretty URL www.xerocanada.net/includes/templates/xerocanada/jscript/jquery.min.js IP 158.222.4.3 ASN #63119 Angelnet Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-01 06:58:52 Times Seen264060 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	www.xerocanada.net/	158 B	2023-03-07	2024-04-29
Pretty URL www.xerocanada.net/ IP 158.222.4.3 ASN #63119 Angelnet Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:18:35 Last Seen2024-04-29 10:46:34 Times Seen406 Hash f898517faa32a1d50013fd8b9ab2aaa7 eaeadc084111ee29bc6e1c05e35cfb8a237cbf5f 828a54afa9f3f8d83b680f98ab03887c8fb7999d5eece48e4c7cb3a4842a03d9 Loading...

	www.xerocanada.net/includes/templates/xerocanada/jscript/jscript_cookies.js	745 B	2023-03-07	2024-04-29
Pretty URL www.xerocanada.net/includes/templates/xerocanada/jscript/jscript_cookies.js IP 158.222.4.3 ASN #63119 Angelnet Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:18:35 Last Seen2024-04-29 10:46:35 Times Seen736 Hash 65807f4bee7bcb4f6af769919ee805d3 c75e394f474f9238cb539f8b7ef9708cc083eff2 6979054ef7300efc7abcaefb0168e095f82adc208a00837ae1a95e0f72e2b598 Loading...

	www.xerocanada.net/includes/templates/xerocanada/jscript/jscript_plugins.js	273 kB	2023-03-08	2024-04-29
Pretty URL www.xerocanada.net/includes/templates/xerocanada/jscript/jscript_plugins.js IP 158.222.4.3 ASN #63119 Angelnet Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:00:23 Last Seen2024-04-29 04:28:40 Times Seen381 Hash 61bced23c3ca3a6b3623097507a8e2e4 fa6e156543aee6ad5fd3f14799140842880142aa 1736d465416b468d9836583f60c9a3165138120678649560a81f6365378a2743 Loading...

	www.xerocanada.net/includes/templates/xerocanada/jscript/jscript_zmain.js	54 kB	2023-03-29	2024-04-18
Pretty URL www.xerocanada.net/includes/templates/xerocanada/jscript/jscript_zmain.js IP 158.222.4.3 ASN #63119 Angelnet Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:58:03 Last Seen2024-04-18 08:05:59 Times Seen5 Hash 7817c8de851adc60ebae995d6a50569c 14c1769e995716230c0e522f82a5566c80326782 424445d4dd016ae9d25b39b7b43cba9482db1e81d57d144b0628b1fcb750008c Loading...

HTTP Transactions (72)

URL IP Response Size

zerossl.ocsp.sectigo.com/

172.64.149.23

314 B

URL
zerossl.ocsp.sectigo.com/
IP
172.64.149.23:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
314 B (314 bytes)
Hash
450e141736213f98682abf35ac07365d
d8f5608a46ede6540d031382cbc7134d6b12ef08
38504e771ab93b9ac20b790cb405ef3d5c39b9a2bad48c899cd8a7812220f085

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:05:29 GMT
Content-Type: application/ocsp-response
Content-Length: 314
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 08:12:48 GMT
Expires: Tue, 23 Apr 2024 08:12:47 GMT
Etag: "d8f5608a46ede6540d031382cbc7134d6b12ef08"
Cache-Control: max-age=439037,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 876276a52932712a-OSL

xerocanada.net/

158.222.4.3

301 Moved Permanently

235 B

URL User Request GET HTTP/2
xerocanada.net/
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
235 B (235 bytes)
Hash
eaa0a18f8308974b982a70297b1c57ec
37efc7a86938cacf3de752e69bdb0ab18981b0fd
352f0eb995a99198470ba71e88a4984e02b0bbae6e5cd99d3037e5a7cdc59c64

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 18 Apr 2024 06:05:30 GMT
content-type: text/html; charset=iso-8859-1
content-length: 235
location: https://www.xerocanada.net/
X-Firefox-Spdy: h2

www.xerocanada.net/

158.222.4.3

200 OK

8.4 kB

URL User Request GET HTTP/2
www.xerocanada.net/
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (2180), with CRLF, LF line terminators
Size
8.4 kB (8374 bytes)
Hash
794b490e681da8d8af7a13b83479c1d0
ca82e4ed506b6b308437d29529edeecfb667d6e2
702034e2862bbfd31b2e310579a7adfec5376c0b81c414af5934c1d8a8abcc76

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:32 GMT
content-type: text/html; charset=utf-8
content-length: 8374
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
set-cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo; path=/; domain=.www.xerocanada.net; secure; HttpOnly; SameSite=lax
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2

xerocanada.net/

158.222.4.3

301 Moved Permanently

235 B

URL User Request GET HTTP/2
xerocanada.net/
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
235 B (235 bytes)
Hash
eaa0a18f8308974b982a70297b1c57ec
37efc7a86938cacf3de752e69bdb0ab18981b0fd
352f0eb995a99198470ba71e88a4984e02b0bbae6e5cd99d3037e5a7cdc59c64

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 18 Apr 2024 06:05:32 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 235
Connection: keep-alive
Location: https://www.xerocanada.net/

zerossl.ocsp.sectigo.com/

172.64.149.23

314 B

URL
zerossl.ocsp.sectigo.com/
IP
172.64.149.23:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
314 B (314 bytes)
Hash
450e141736213f98682abf35ac07365d
d8f5608a46ede6540d031382cbc7134d6b12ef08
38504e771ab93b9ac20b790cb405ef3d5c39b9a2bad48c899cd8a7812220f085

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:05:33 GMT
Content-Type: application/ocsp-response
Content-Length: 314
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 08:12:48 GMT
Expires: Tue, 23 Apr 2024 08:12:47 GMT
Etag: "d8f5608a46ede6540d031382cbc7134d6b12ef08"
Cache-Control: max-age=439033,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 876276b96a41712a-OSL

www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/ioc-logo.webp

158.222.4.3

200 OK

3.0 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/ioc-logo.webp
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.0 kB (3000 bytes)
Hash
6a5ab30590f21fa33fc3eaa22324dbef
cb0deab17fc3b39046eea2eb15aa08e96b84129d
85af544acb34fea94f39eec76088eeaa26fd11dd5771d615ebca01e1143b2d7e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/images/xeroshoes/ioc-logo.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:32 GMT
content-type: image/webp
content-length: 3000
last-modified: Sun, 29 Jan 2023 09:35:59 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:32 GMT
etag: "63d63dff-bb8"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/slideshow1.jpg

158.222.4.3

406 Not Acceptable

0 B

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/slideshow1.jpg
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/images/xeroshoes/slideshow1.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 406 Not Acceptable
server: nginx
date: Thu, 18 Apr 2024 06:05:32 GMT
content-type: text/html; charset=UTF-8
content-length: 0
vary: User-Agent
X-Firefox-Spdy: h2

www.xerocanada.net/includes/templates/xerocanada/jscript/jscript_cookies.js

158.222.4.3

200 OK

430 B

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/jscript/jscript_cookies.js
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (745), with no line terminators
Size
430 B (430 bytes)
Hash
65807f4bee7bcb4f6af769919ee805d3
c75e394f474f9238cb539f8b7ef9708cc083eff2
6979054ef7300efc7abcaefb0168e095f82adc208a00837ae1a95e0f72e2b598

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/jscript/jscript_cookies.js HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: application/javascript
content-length: 430
x-accel-version: 0.01
last-modified: Sun, 29 Jan 2023 09:34:34 GMT
accept-ranges: bytes
cache-control: max-age=300
expires: Thu, 18 Apr 2024 06:10:33 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2

www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/arrow-point.webp

158.222.4.3

200 OK

1.7 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/arrow-point.webp
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
1.7 kB (1658 bytes)
Hash
a94980f94c453def19a6e084e14e20aa
36aac6e2da81e0840aa8f4a4b1f33bbdec91bcc0
94c2b35513af0a7ddc3040809d44207e0d4e89bfc3a008f688fc8cb54b12a70d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/images/xeroshoes/arrow-point.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:32 GMT
content-type: image/webp
content-length: 1658
last-modified: Sun, 29 Jan 2023 09:35:58 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:32 GMT
etag: "63d63dfe-67a"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/images/loader.gif

158.222.4.3

200 OK

35 kB

URL GET HTTP/2
www.xerocanada.net/images/loader.gif
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
GIF image data, version 89a, 128 x 38
Size
35 kB (35011 bytes)
Hash
362e988184d842aea3a0b5d09a64d13e
e4ab705fb063ffd2645ce8a25e59e889e98f211c
82656f23517068a7b3d92badc8c29716e53654cd2574d330b08823ca7f7b8fa4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/loader.gif HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:32 GMT
content-type: image/gif
content-length: 35011
last-modified: Thu, 09 Jun 2022 04:23:04 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "62a175a8-88c3"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/natural-fit-DNA.webp

158.222.4.3

200 OK

25 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/natural-fit-DNA.webp
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 520x288, Scaling: [none]x[none], YUV color, decoders should clamp
Size
25 kB (25196 bytes)
Hash
de82fe16060cce9a2830666f8c71f7fd
1c8aef5fc1b7beae2c253638a51fc7d5f1538f60
d1f8275c63ae2e1cbe9580c557138882c1e963342dc3a1611873eba66a54ccec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/images/xeroshoes/natural-fit-DNA.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:32 GMT
content-type: image/webp
content-length: 25196
last-modified: Sun, 29 Jan 2023 09:36:01 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:32 GMT
etag: "63d63e01-626c"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/includes/templates/xerocanada/images/logo.png

158.222.4.3

200 OK

2.7 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/images/logo.png
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.7 kB (2724 bytes)
Hash
f0a5f5d708662b9d8f233ccd4cc358ed
6db7794af06b25d177e7b623bc487d8d06d4e5df
f841120df6a57f6b3c57b57cdbd81f1878248c39bf60e0b03eb5315a67d3a31a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/images/logo.png HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:32 GMT
content-type: image/png
content-length: 2724
last-modified: Sun, 29 Jan 2023 09:34:21 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Sat, 18 May 2024 06:05:32 GMT
etag: "63d63d9d-aa4"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/images/picimages/2022/02/Zelen-Your-Eco-Friendly-Road-Runner-Steel-Gray-Fuchsia-Xero.jpg

158.222.4.3

200 OK

42 kB

URL GET HTTP/2
www.xerocanada.net/images/picimages/2022/02/Zelen-Your-Eco-Friendly-Road-Runner-Steel-Gray-Fuchsia-Xero.jpg
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 900x584, components 3
Size
42 kB (41898 bytes)
Hash
0e3ef88a2140472f7f62552a8a08c8d3
33cadf2dbdcb27e61b42ebd31b5984a039c6f326
a65a34636ed3b841fe346b2ef261e0bfeab46b68678dd5c6af7c20b71a20c1d8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/picimages/2022/02/Zelen-Your-Eco-Friendly-Road-Runner-Steel-Gray-Fuchsia-Xero.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 41898
last-modified: Fri, 13 Jan 2023 09:09:34 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "63c11fce-a3aa"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Playfair+Display:wght@400;500;600;700;800;900&display=swap

142.250.74.106

200 OK

1.1 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Playfair+Display:wght@400;500;600;700;800;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.xerocanada.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
1.1 kB (1072 bytes)
Hash
6c0d9ec00f23674f5f2f7efa17f65f2d
96bafb9b5edec99722329be5e5820eabf8d79491
ceaf731962d5113530a6c367c4f9a2c5e15644337df6cd758a5bce9396f8b912

HTTP Headers

GET /css2?family=Playfair+Display:wght@400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

142.250.74.106

200 OK

1.2 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.xerocanada.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
1.2 kB (1160 bytes)
Hash
e4ec7aaace54aeee7ea9b868147e8231
4227b8eb41ce85887bc41a3af876dfd4ab0ced0c
f41187919d929d4cd2963482bcffbbd6c8ce1791bce7eeb0f4c92d48f46fbc3f

HTTP Headers

GET /css2?family=Roboto+Condensed:wght@300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.227

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.xerocanada.net/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.xerocanada.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 03:21:03 GMT
expires: Wed, 16 Apr 2025 03:21:03 GMT
cache-control: public, max-age=31536000
age: 182670
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Quicksand:wght@400;500;600;700&display=swap

142.250.74.106

200 OK

8.3 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Quicksand:wght@400;500;600;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.xerocanada.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
8.3 kB (8323 bytes)
Hash
79e6126f59b78cd6cf36cca557fbd100
db4627df177cec29020ea95a004b22a56643dd04
9307b383138556c02f609b6e3237a8955b7bbc7745f5847326e38eb04cec25c0

HTTP Headers

GET /css2?family=Quicksand:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.xerocanada.net/includes/templates/xerocanada/css/stylesheet.css

158.222.4.3

200 OK

16 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/css/stylesheet.css
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
16 kB (16098 bytes)
Hash
c38997d3dff8600538cdf720ac9c3b36
70add19e425ad20807f4b8f7d596429b7f7b1c88
5525438124725ee4c01845e95a2f625fa657a2e9e88726b282140c8f07296d8a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/css/stylesheet.css HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:32 GMT
content-type: text/css
last-modified: Sun, 29 Jan 2023 09:33:57 GMT
vary: Accept-Encoding
cache-control: max-age=3600
expires: Thu, 18 Apr 2024 07:05:32 GMT
etag: W/"63d63d85-ece4"
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800&display=swap

142.250.74.106

200 OK

8.7 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.xerocanada.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
8.7 kB (8672 bytes)
Hash
4f28cd19c4080ea2c55d62e821e1b948
539355fdbd555d1967946cec1af0b8950b979230
a3cd86d7f9ed6e782cc84bd8b967dff3cd6f1dbe140318bbc5f3070b99298353

HTTP Headers

GET /css2?family=Montserrat:wght@300;400;500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/ioc-logo-white.webp

158.222.4.3

200 OK

617 B

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/ioc-logo-white.webp
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
617 B (617 bytes)
Hash
42252c74d86688d6e3622222641f8565
b3ae25605620f3ebe1feef5daa4233d771727d88
71144f0f950f82981cc047e835d1c767c3febf1339513690b296850faceb72ee

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/images/xeroshoes/ioc-logo-white.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/webp
content-length: 617
x-accel-version: 0.01
accept-ranges: bytes
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2

www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart5.jpg

158.222.4.3

200 OK

14 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart5.jpg
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 253x253, components 3
Size
14 kB (13773 bytes)
Hash
666e3e242778b8a31d2892ce22f65d3e
f38e5533c33403054e0343b8e23694672cf16cd7
05d0d387de4c8ec2f1f221d53d6e3392a516020847b71351264795055c4d9a32

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/images/xeroshoes/show-chart5.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 13773
last-modified: Sun, 29 Jan 2023 09:36:05 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Sat, 18 May 2024 06:05:33 GMT
etag: "63d63e05-35cd"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart4.jpg

158.222.4.3

200 OK

12 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart4.jpg
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 253x253, components 3
Size
12 kB (11921 bytes)
Hash
a58529a605c2e06fd3a14c575a3fdf2a
69bb45f0e859fff75b9c18a32251c55f009cb769
e4020603e24c328fb545865a505be48a8e570e94da96c954a2e5e8b878f193c9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/images/xeroshoes/show-chart4.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 11921
last-modified: Sun, 29 Jan 2023 09:36:05 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Sat, 18 May 2024 06:05:33 GMT
etag: "63d63e05-2e91"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart10.webp

158.222.4.3

200 OK

8.3 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart10.webp
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 253x253, Scaling: [none]x[none], YUV color, decoders should clamp
Size
8.3 kB (8260 bytes)
Hash
8c71144b8247870661f3df79c4dbdad5
da9404d9489efe5ff95449705977b21d27570b02
0345989bfb95cc9ba88943915eb1ea6d15337d3054d032d2e9f3516fae33b789

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/images/xeroshoes/show-chart10.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/webp
content-length: 8260
last-modified: Sun, 29 Jan 2023 09:36:02 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: "63d63e02-2044"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart11.webp

158.222.4.3

200 OK

13 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart11.webp
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 253x253, Scaling: [none]x[none], YUV color, decoders should clamp
Size
13 kB (12828 bytes)
Hash
ede3dbff5735148c3d01650b50831027
b9b947113bef1b714bde5f8bd35461d8eb642ec6
e71e982e6f21e105dd28816d0a4672474cd8ff033b7ca9620f8a4f0328c3467d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/images/xeroshoes/show-chart11.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/webp
content-length: 12828
last-modified: Sun, 29 Jan 2023 09:36:03 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: "63d63e03-321c"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart12.webp

158.222.4.3

200 OK

24 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart12.webp
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x300, Scaling: [none]x[none], YUV color, decoders should clamp
Size
24 kB (23786 bytes)
Hash
14459b34eddd4cb1cfe7d6c555b5b927
e1a72626b8c52864585cb6ef86d1e4b7a74dcfb1
bfccacd1cbbc4023e95b845cfd07aa0e3837e32645d2e2ae9faa54cc0c3ed5e7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/images/xeroshoes/show-chart12.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/webp
content-length: 23786
last-modified: Sun, 29 Jan 2023 09:36:03 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: "63d63e03-5cea"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/images/payment.png

158.222.4.3

200 OK

6.2 kB

URL GET HTTP/2
www.xerocanada.net/images/payment.png
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
PNG image data, 248 x 26, 8-bit/color RGBA, non-interlaced
Size
6.2 kB (6248 bytes)
Hash
1fb5f66cada185d72ccefaeb9e9a2963
584108601272e3ed07abe10b4c3ca2f6b200d552
ef645db0e0a9a267fda954e584782b888929b2827548ecaef07600656022535b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/payment.png HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/png
content-length: 6248
last-modified: Thu, 09 Jun 2022 04:19:36 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "62a174d8-1868"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/natural-feel-DNA.webp

158.222.4.3

200 OK

16 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/natural-feel-DNA.webp
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 520x288, Scaling: [none]x[none], YUV color, decoders should clamp
Size
16 kB (15994 bytes)
Hash
a77f9585d35cdce0e1324da512fcbdae
4b7d45045e645a688c72a5fac1c6202f64f014db
048f261f128fd5058d26887a4683486ac86ccd99aac4e46903dd531ec44dab21

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/images/xeroshoes/natural-feel-DNA.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/webp
content-length: 15994
last-modified: Sun, 29 Jan 2023 09:36:00 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: "63d63e00-3e7a"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/natural-motion-DNA-trim.webp

158.222.4.3

200 OK

14 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/natural-motion-DNA-trim.webp
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 341x246, Scaling: [none]x[none], YUV color, decoders should clamp
Size
14 kB (13594 bytes)
Hash
f7f0f684b1f32c25e1927cf10a7b59dd
1c68fc3006ef73070f7ab97d36795da261927050
81ad7e28ec2eb0b6b7ff7eec734a21925383083d9d7b49f69f8d13d226a75264

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/images/xeroshoes/natural-motion-DNA-trim.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/webp
content-length: 13594
last-modified: Sun, 29 Jan 2023 09:36:01 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: "63d63e01-351a"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/waist-mtn.webp

158.222.4.3

200 OK

29 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/waist-mtn.webp
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 527x658, Scaling: [none]x[none], YUV color, decoders should clamp
Size
29 kB (29232 bytes)
Hash
9741a2f906eb41488f2117656b518e4c
a8d1bea4ba233731f1c2dcaec1cabcd44018e33f
d30d407d7c1bccebe73b3d0f14589bb4ab221be24830b6789d33dbc94009e581

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/images/xeroshoes/waist-mtn.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/webp
content-length: 29232
last-modified: Sun, 29 Jan 2023 09:36:10 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: "63d63e0a-7230"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/images/picimages/2020/08/Red-Speed-Force-Women-Xero.jpg

158.222.4.3

200 OK

60 kB

URL GET HTTP/2
www.xerocanada.net/images/picimages/2020/08/Red-Speed-Force-Women-Xero.jpg
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 900x584, components 3
Size
60 kB (60500 bytes)
Hash
230792ca9a254e157fe2ad3d0a4dbe18
75153cd075926293e8ae6cc62ef2358d168c0f52
90f6e94345095450b472776e8279451f60fd50ba10ec95b9dafd4a36f0465adc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/picimages/2020/08/Red-Speed-Force-Women-Xero.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 60500
last-modified: Fri, 13 Jan 2023 09:06:46 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "63c11f26-ec54"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/images/picimages/2022/02/Speed-Force-Women-Blue-Glass-Xero.jpg

158.222.4.3

200 OK

40 kB

URL GET HTTP/2
www.xerocanada.net/images/picimages/2022/02/Speed-Force-Women-Blue-Glass-Xero.jpg
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 900x584, components 3
Size
40 kB (39753 bytes)
Hash
2f4f33eeb9b781008728bef2e1010234
c167ef24ee9accf24f62f15df1491a224e585491
574bcb46a2748342ab098d98e4691157e6085cc8ccf7e929809d41f875d9840f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/picimages/2022/02/Speed-Force-Women-Blue-Glass-Xero.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 39753
last-modified: Fri, 13 Jan 2023 09:09:04 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "63c11fb0-9b49"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

216.58.207.227

200 OK

7.7 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.xerocanada.net/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.xerocanada.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 03:25:26 GMT
expires: Wed, 16 Apr 2025 03:25:26 GMT
cache-control: public, max-age=31536000
age: 182407
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart1.jpg

158.222.4.3

200 OK

16 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart1.jpg
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 253x253, components 3
Size
16 kB (15756 bytes)
Hash
19b894cfdb6a5cbc65f8c9db77fcd6e0
f09a42dbd533001dc0b6a53037c332437fab59ba
3163bd853678ed59d68dd3968b93d74f5daf492f17b29581aa53b96e7d25781d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/images/xeroshoes/show-chart1.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 15756
last-modified: Sun, 29 Jan 2023 09:36:02 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Sat, 18 May 2024 06:05:33 GMT
etag: "63d63e02-3d8c"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart2.webp

158.222.4.3

200 OK

9.9 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart2.webp
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 253x253, Scaling: [none]x[none], YUV color, decoders should clamp
Size
9.9 kB (9882 bytes)
Hash
2ad1c8b93f730e40ae2ca70fb78f1c64
9981ee6d5a96d8d426421cb0114742487d2197be
1946ac291f2e9214accb833a1f191670f6d9c5a969e1ff9039733de3cef845a3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/images/xeroshoes/show-chart2.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/webp
content-length: 9882
last-modified: Sun, 29 Jan 2023 09:36:04 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: "63d63e04-269a"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart3.webp

158.222.4.3

200 OK

7.7 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart3.webp
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 253x253, Scaling: [none]x[none], YUV color, decoders should clamp
Size
7.7 kB (7670 bytes)
Hash
28ec888bb6c4b542ba76d2a5804655ed
b4747942c653fe83318c4497ae7ed3fbadedb06b
062e6a3d8af0cfea44acb83fd47f1a7358626eb1c734b3155cdf9288dfb33ab9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/images/xeroshoes/show-chart3.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/webp
content-length: 7670
last-modified: Sun, 29 Jan 2023 09:36:04 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: "63d63e04-1df6"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart6.jpg

158.222.4.3

200 OK

17 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart6.jpg
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 253x253, components 3
Size
17 kB (16940 bytes)
Hash
11f07883109fcdac9b0ac84861b4c679
5107340b553b6bc36d04791278c449a43bbcf6f9
6aa98287daa2136a24d658e46ac419c9dfb4d035e7bd83ef4d5e8ae3cb3ffc03

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/images/xeroshoes/show-chart6.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 16940
last-modified: Sun, 29 Jan 2023 09:36:06 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Sat, 18 May 2024 06:05:33 GMT
etag: "63d63e06-422c"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart7.jpg

158.222.4.3

200 OK

11 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart7.jpg
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 253x253, components 3
Size
11 kB (10718 bytes)
Hash
ad2801c9b30e1fb174eeefa1f3e74214
880668e7d3398d9809f2cbfb877062f22372e801
d4fc81e5efb987c6c5898c6ea5b53ba35ec3bb974aa9dda2ad35e8cc51aff506

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/images/xeroshoes/show-chart7.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 10718
last-modified: Sun, 29 Jan 2023 09:36:06 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Sat, 18 May 2024 06:05:33 GMT
etag: "63d63e06-29de"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart8.jpg

158.222.4.3

200 OK

13 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart8.jpg
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 253x253, components 3
Size
13 kB (12758 bytes)
Hash
cd065f6bcc85abc71eb800a8776a527a
198801a67ee27d72eff8359a6fdaafe563a8adaa
37692e9dde238bcfc6b839bd7cfaec0f391e9c06c14d68ee4f0a8b3b2c3f8848

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/images/xeroshoes/show-chart8.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 12758
last-modified: Sun, 29 Jan 2023 09:36:08 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Sat, 18 May 2024 06:05:33 GMT
etag: "63d63e08-31d6"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart9.webp

158.222.4.3

200 OK

8.5 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart9.webp
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 253x253, Scaling: [none]x[none], YUV color, decoders should clamp
Size
8.5 kB (8520 bytes)
Hash
115af17d2fa33d44cea1ebbf64a0bb73
1578f3fb0ff0189505c71352bc0322c15cbb31dc
69aa24481028bf162654d7b97e7b12fadd4348bd570d18a55d81347be97d1591

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/images/xeroshoes/show-chart9.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/webp
content-length: 8520
last-modified: Sun, 29 Jan 2023 09:36:08 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: "63d63e08-2148"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/images/picimages/2021/07/360-Women-Blue-Yellow-Xero.jpg

158.222.4.3

200 OK

77 kB

URL GET HTTP/2
www.xerocanada.net/images/picimages/2021/07/360-Women-Blue-Yellow-Xero.jpg
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 900x584, components 3
Size
77 kB (77370 bytes)
Hash
e98bcf0182f0a7dcca1fbaa33558b33f
4e84a001b2f65ef66c7a91b49fc0222e6f196ff9
e93704cc1d56783da78c2d6c2c2da0601f8b3b12fa18c74f71c88f958c8232d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/picimages/2021/07/360-Women-Blue-Yellow-Xero.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 77370
last-modified: Fri, 13 Jan 2023 09:07:54 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "63c11f6a-12e3a"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/images/picimages/2021/07/Muddy-Rose-Mesa-Trail-Women-s-Lightweight-Trail-Runner-Xero.jpg

158.222.4.3

200 OK

71 kB

URL GET HTTP/2
www.xerocanada.net/images/picimages/2021/07/Muddy-Rose-Mesa-Trail-Women-s-Lightweight-Trail-Runner-Xero.jpg
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 900x584, components 3
Size
71 kB (71272 bytes)
Hash
dbca269413620a49ce228cc89f1574eb
146bf333426e336591c8ac958fd4b04f0d11150f
3ee5d5f5726cffa95636adf934e3a442aea423202668907d546341efb916fc7a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/picimages/2021/07/Muddy-Rose-Mesa-Trail-Women-s-Lightweight-Trail-Runner-Xero.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 71272
last-modified: Fri, 13 Jan 2023 09:08:06 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "63c11f76-11668"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/images/picimages/2019/09/Speed-Force-Women-Xero-Black.jpg

158.222.4.3

200 OK

70 kB

URL GET HTTP/2
www.xerocanada.net/images/picimages/2019/09/Speed-Force-Women-Xero-Black.jpg
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 900x584, components 3
Size
70 kB (70113 bytes)
Hash
4a7ba96a06341370d8ebd0ed8d228418
38d0ebaaf5e691e6832bd874e871e5f42833a6ce
15888c2f0cfa45d5f8f1210a0414f4e0ae07983835fd60c0015c695d4d920dec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/picimages/2019/09/Speed-Force-Women-Xero-Black.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 70113
last-modified: Fri, 13 Jan 2023 09:05:18 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "63c11ece-111e1"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/images/picimages/2021/07/Xero-360-Women-Asphalt.jpg

158.222.4.3

200 OK

69 kB

URL GET HTTP/2
www.xerocanada.net/images/picimages/2021/07/Xero-360-Women-Asphalt.jpg
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 900x584, components 3
Size
69 kB (69411 bytes)
Hash
6d037fc7ba239f25cb72c9223e2e8d9a
4af09d516c181d520534c1e06f67efc1789a4daf
2052ab4c98f2aea9134209b39a967e648d2711b9e5d45212cdc5f681b4bf7e56

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/picimages/2021/07/Xero-360-Women-Asphalt.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 69411
last-modified: Fri, 13 Jan 2023 09:08:10 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "63c11f7a-10f23"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/images/picimages/2021/07/Mesa-Trail-Women-s-Lightweight-Trail-Runner-Lagoon-Xero.jpg

158.222.4.3

200 OK

78 kB

URL GET HTTP/2
www.xerocanada.net/images/picimages/2021/07/Mesa-Trail-Women-s-Lightweight-Trail-Runner-Lagoon-Xero.jpg
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 900x584, components 3
Size
78 kB (78520 bytes)
Hash
1daf27c701129ce625c4c52b6a2b3fb3
01b66b68d02195ed5d0c08f22f9566648496de76
6c153895daf5f7bf7a06e0ba0cdeeeb5f4cfc2c3267b20d4275130c43e925ca0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/picimages/2021/07/Mesa-Trail-Women-s-Lightweight-Trail-Runner-Lagoon-Xero.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 78520
last-modified: Fri, 13 Jan 2023 09:08:04 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "63c11f74-132b8"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/images/picimages/2020/01/Mesa-Trail-Women-s-Lightweight-Trail-Runner-Xero-Dark-Gray-Sapphire.jpg

158.222.4.3

200 OK

68 kB

URL GET HTTP/2
www.xerocanada.net/images/picimages/2020/01/Mesa-Trail-Women-s-Lightweight-Trail-Runner-Xero-Dark-Gray-Sapphire.jpg
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 900x584, components 3
Size
68 kB (67585 bytes)
Hash
3ee978380f21b0744a814606497ca496
842f8a773c0b0df2b2c6302bf92ed5861630b785
fd2ab7ef604f1f3cc31c5386c86292ea4662826986e6b152f763311873907088

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/picimages/2020/01/Mesa-Trail-Women-s-Lightweight-Trail-Runner-Xero-Dark-Gray-Sapphire.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 67585
last-modified: Fri, 13 Jan 2023 09:05:38 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "63c11ee2-10801"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/includes/templates/xerocanada/css/style_zp.css

158.222.4.3

200 OK

152 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/css/style_zp.css
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
152 kB (151470 bytes)
Hash
5fd27b2289e5d3f45108e7b00d841bc7
7ec95679ffa522b086b3be710c8791e589507077
7bd27629666c9f4dbb86e3edbae2b3ebaf01f9536e64970f98049f41f174d3ad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/css/style_zp.css HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:32 GMT
content-type: text/css
last-modified: Sun, 29 Jan 2023 09:34:00 GMT
vary: Accept-Encoding
cache-control: max-age=3600
expires: Thu, 18 Apr 2024 07:05:32 GMT
etag: W/"63d63d88-4e35"
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Glegoo:wght@400;700&display=swap

142.250.74.106

200 OK

141 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Glegoo:wght@400;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.xerocanada.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
141 kB (141086 bytes)
Hash
9b9ce62fd5375f9d45f4b43893339a36
a38aec13f6e3c5e72c14ea2fba483adca228d219
05620fc4766593fb1a48a1d598f2c9c236210b938e2ed19817b24f2188689731

HTTP Headers

GET /css2?family=Glegoo:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/slideshow1.webp

158.222.4.3

200 OK

136 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/slideshow1.webp
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1550x613, Scaling: [none]x[none], YUV color, decoders should clamp
Size
136 kB (135948 bytes)
Hash
f09aac611d234f682c5952b9fdc939ff
d67f5d95783d139badd7f1eb91e725e0eff0f8e6
7882720058b0700e968cb3ea54cdb35690ad9a4997e54d282dd532d04ce7fb94

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/images/xeroshoes/slideshow1.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/webp
content-length: 135948
last-modified: Sun, 29 Jan 2023 09:36:09 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: "63d63e09-2130c"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/includes/templates/xerocanada/images/favicon.ico

158.222.4.3

200 OK

4.3 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/images/favicon.ico
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Size
4.3 kB (4286 bytes)
Hash
74f5f2a3ef0c81f942a1138a853facd3
57ad59efc77dd97618f66bc9bd361a8b6f80042a
469436b63587a6c755a07f6d015648f493993a6e1892a9be61304bcd7ff1319a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/images/favicon.ico HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/x-icon
content-length: 4286
last-modified: Sun, 29 Jan 2023 09:34:17 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Fri, 19 Apr 2024 06:05:33 GMT
etag: "63d63d99-10be"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/

158.222.4.3

200 OK

8.3 kB

URL User Request GET HTTP/2
www.xerocanada.net/
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (2180), with CRLF, LF line terminators
Size
8.3 kB (8326 bytes)
Hash
ec71a7767da664b6204f4a881a36f823
60545f627701f84f9d5f0006e3ed2cbe1310566a
635b6cf5c0878fb0c05c6d18c1ce2be6f0abf7d9fb9923a44ea77cd2c6dd6f00

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:34 GMT
content-type: text/html; charset=utf-8
content-length: 8326
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
set-cookie: zenid=fuid8odlcsl6hs7s3u5shpu4ch; path=/; domain=.www.xerocanada.net; secure; HttpOnly; SameSite=lax
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Crimson+Pro:wght@200;300;400;500;600;700;800;900&display=swap

142.250.74.106

200 OK

9.7 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Crimson+Pro:wght@200;300;400;500;600;700;800;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.xerocanada.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (9912), with no line terminators
Size
9.7 kB (9696 bytes)
Hash
40698f9f19b1a609d2636f5eef9a3e30
46ff448bbf2fb3b30ecc73402877f8845445f8ba
f3f7baade7af0f0b4587523c53317642d7c18c2501e70aaae37b93e7ee9a6545

HTTP Headers

GET /css2?family=Crimson+Pro:wght@200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css2?family=Merienda:wght@400;700&display=swap

142.250.74.106

200 OK

2.4 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Merienda:wght@400;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.xerocanada.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (2424), with no line terminators
Size
2.4 kB (2370 bytes)
Hash
4c11106146294a0f2e0f9a7cd792e1d2
53f4815a87a769d098f64ad9dfafc157f7d572d1
66f67ff9a9b48f878ba4db2df85dcb68e5640e189ecc19cb7a4a8604b7412e94

HTTP Headers

GET /css2?family=Merienda:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.xerocanada.net/includes/templates/xerocanada/jscript/jquery.min.js

158.222.4.3

200 OK

90 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/jscript/jquery.min.js
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/jscript/jquery.min.js HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: application/javascript
last-modified: Sun, 29 Jan 2023 09:34:33 GMT
vary: Accept-Encoding
cache-control: max-age=300
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: W/"63d63da9-15d9d"
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Libre+Franklin:wght@100;200;300;400;500;600;700;800;900&display=swap

142.250.74.106

200 OK

11 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Libre+Franklin:wght@100;200;300;400;500;600;700;800;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.xerocanada.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text
Size
11 kB (11178 bytes)
Hash
eb9023562ab1966f30dc99199c862e99
c61e56985a7df5262657c080393142f4f3e674b0
23daa07b4cbfa8e9a4a4aa17f77ebab31297e8dcd5f1c082dc21f284ab5dd03a

HTTP Headers

GET /css2?family=Libre+Franklin:wght@100;200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.xerocanada.net/includes/templates/xerocanada/jscript/jscript_plugins.js

158.222.4.3

200 OK

273 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/jscript/jscript_plugins.js
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type

Size
273 kB (273266 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/jscript/jscript_plugins.js HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: application/javascript
last-modified: Sun, 29 Jan 2023 09:34:36 GMT
vary: Accept-Encoding
cache-control: max-age=300
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: W/"63d63dac-42b72"
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

216.58.207.227

200 OK

8.0 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.xerocanada.net/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.xerocanada.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 00:30:18 GMT
expires: Wed, 16 Apr 2025 00:30:18 GMT
cache-control: public, max-age=31536000
age: 192915
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Jost:wght@300;400;500;600;700;800&display=swap

142.250.74.106

200 OK

6.3 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Jost:wght@300;400;500;600;700;800&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.xerocanada.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (6420), with no line terminators
Size
6.3 kB (6258 bytes)
Hash
74a37b69a4c15801b8edcc9cd42c503c
23d843eff81be41b551ff2ab24a550017f77207f
d706baa7aa0457db3dc2bbb3af441adb4dc2cf87f8c3611c85a281ddbe939ec7

HTTP Headers

GET /css2?family=Jost:wght@300;400;500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

216.58.207.227

200 OK

7.8 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.xerocanada.net/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.xerocanada.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 20:25:17 GMT
expires: Tue, 15 Apr 2025 20:25:17 GMT
cache-control: public, max-age=31536000
age: 207616
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Staatliches&display=swap

142.250.74.106

200 OK

808 B

URL GET HTTP/3
fonts.googleapis.com/css2?family=Staatliches&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.xerocanada.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (826), with no line terminators
Size
808 B (808 bytes)
Hash
da420df8479f8779cde5fc034d4cc67b
40e95fcf89bfd02023345af67b83dd45543c29d9
21c8c585a8724114950fa78cb426dd7ff797cab8c34cb44231ea087c6c515d61

HTTP Headers

GET /css2?family=Staatliches&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&display=swap

142.250.74.106

200 OK

2.6 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.xerocanada.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (2605), with no line terminators
Size
2.6 kB (2551 bytes)
Hash
d7e91faccd8b5b75c6794babc60413e9
490a3fe1bc93ea7dd9cff81c80eca5ea6cad68b3
8d4ecadfe561b26cf0addd9f7e39055b19844488449e0091a936a77fdff727d9

HTTP Headers

GET /css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap

142.250.74.106

200 OK

14 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.xerocanada.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text
Size
14 kB (14029 bytes)
Hash
9c12b57a25710853b762d48b28545b5c
57a79d40792f42232b317bd9529c98efa29fc315
35ae53cd6f0cde71e622f6e54dc576bb82ffab56c9e41b1298f932eebf963eb9

HTTP Headers

GET /css2?family=Roboto:wght@100;300;400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css2?family=Alata&display=swap

142.250.74.106

200 OK

1.2 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Alata&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.xerocanada.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (1179), with no line terminators
Size
1.2 kB (1152 bytes)
Hash
1f9ff1758f44a8354f9be6ccf531cb8a
7fd5c0f675262d59736c063d0569dd7fab71256f
37dfb66736045e51980abc5c9c002b3a658a8fadc626f4a0aacf957fe90b6809

HTTP Headers

GET /css2?family=Alata&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.xerocanada.net/includes/templates/xerocanada/fonts/annimex-icons.ttf?teavmy

158.222.4.3

200 OK

141 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/fonts/annimex-icons.ttf?teavmy
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, adorn-icons
Size
141 kB (140608 bytes)
Hash
7d3c0284348a1f07b4cd6ff41354551b
6ff4eb286a7b3c980866382a40dd9279c99cb9cd
924025d175bc0292a137b2b46a4ee48e77c8618c3ea19e44214b6abf30f16005

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/fonts/annimex-icons.ttf?teavmy HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/includes/templates/xerocanada/css/style_plugins.css
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: application/x-font-ttf
content-length: 140608
last-modified: Sun, 29 Jan 2023 09:34:03 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: "63d63d8b-22540"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.xerocanada.net/includes/templates/xerocanada/jscript/jscript_zmain.js

158.222.4.3

200 OK

54 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/jscript/jscript_zmain.js
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (528)
Size
54 kB (53728 bytes)
Hash
7817c8de851adc60ebae995d6a50569c
14c1769e995716230c0e522f82a5566c80326782
424445d4dd016ae9d25b39b7b43cba9482db1e81d57d144b0628b1fcb750008c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/jscript/jscript_zmain.js HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: application/javascript
last-modified: Sun, 29 Jan 2023 09:34:36 GMT
vary: Accept-Encoding
cache-control: max-age=300
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: W/"63d63dac-d1e0"
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,800;0,900;1,700&display=swap

142.250.74.106

200 OK

16 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,800;0,900;1,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.xerocanada.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text
Size
16 kB (15598 bytes)
Hash
56e4df90a29f863f6faa6ccb7567e401
9f3f0306cb0054763e377c6f456890e33f546cd9
165c919c26eb19e053a7cf522566f7cfa686a2782e252b7cd39e15e5d8b4bf15

HTTP Headers

GET /css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,800;0,900;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.xerocanada.net/includes/templates/xerocanada/css/style_plugins.css

158.222.4.3

200 OK

221 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/css/style_plugins.css
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type

Size
221 kB (220793 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/css/style_plugins.css HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:32 GMT
content-type: text/css
last-modified: Sun, 29 Jan 2023 09:33:59 GMT
vary: Accept-Encoding
cache-control: max-age=3600
expires: Thu, 18 Apr 2024 07:05:32 GMT
etag: W/"63d63d87-35e79"
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap

142.250.74.106

200 OK

6.3 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.xerocanada.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (6448), with no line terminators
Size
6.3 kB (6304 bytes)
Hash
5597ed8188a3994391b999f6caf0d0ec
a647507c2dfaa80293672a339035e11335a7509b
40f0d46e2291b1365735633e70f2aac322fb4741fa001a7e8485692d660bb740

HTTP Headers

GET /css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/bottom-modular.webp

158.222.4.3

200 OK

146 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/bottom-modular.webp
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 2560x651, Scaling: [none]x[none], YUV color, decoders should clamp
Size
146 kB (145974 bytes)
Hash
8997a14a1eb267086b49345ebb18d06e
7d2f5fcb329ee4b1702d2ead6f6c5f5341d3fd87
237a8b2899028b534cf639d77ba5335d4badee18f9a500b296455983a87bd946

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/images/xeroshoes/bottom-modular.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/includes/templates/xerocanada/css/style_zp.css
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/webp
content-length: 145974
last-modified: Sun, 29 Jan 2023 09:35:58 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: "63d63dfe-23a36"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap

142.250.74.106

200 OK

5.0 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.xerocanada.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (5076), with no line terminators
Size
5.0 kB (4968 bytes)
Hash
48d4822accd8873d2852967645115cef
1b20048c205fa24b4fff0afa458ee1fa2c45612f
27b1f874ce4c14645ec6df13bdf94d9a3381db78c5e4720903dd20d0e4bbc0b7

HTTP Headers

GET /css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.xerocanada.net/includes/templates/xerocanada/css/style_zo.css

158.222.4.3

200 OK

154 kB

URL GET HTTP/2
www.xerocanada.net/includes/templates/xerocanada/css/style_zo.css
IP
158.222.4.3:443
ASN
#63119 Angelnet Limited

Requested by
https://www.xerocanada.net/
Certificate
IssuerZeroSSL
Subjectxerocanada.net
FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA
ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT

File type
assembler source, ASCII text, with very long lines (534)
Size
154 kB (153578 bytes)
Hash
e2d57f22da2f3c26d5051537ad17c982
0f4a1e8df031441dd02489439407b93de2b1489e
3798aa1b7a8d02045fe666b4edc83fc776838e4496faec1575973c1bb19e9496

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/xerocanada/css/style_zo.css HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:32 GMT
content-type: text/css
last-modified: Sun, 29 Jan 2023 09:33:59 GMT
vary: Accept-Encoding
cache-control: max-age=3600
expires: Thu, 18 Apr 2024 07:05:32 GMT
etag: W/"63d63d87-257ea"
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Arima+Madurai:wght@300;400;500;700;800;900&display=swap

142.250.74.106

200 OK

9.3 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Arima+Madurai:wght@300;400;500;700;800;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.xerocanada.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (9530), with no line terminators
Size
9.3 kB (9314 bytes)
Hash
c5939125786ce6b5ed8c4f0a2bedcf52
528777daa60c7b5d52e78018151ba873c94d640e
819fb2fbdc024c04b03c88da5d5c7e0bdb4616630d72ab65491cbaab120f46ec

HTTP Headers

GET /css2?family=Arima+Madurai:wght@300;400;500;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.106

200 OK

565 B

URL GET HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.xerocanada.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (588), with no line terminators
Size
565 B (565 bytes)
Hash
959a533a3dc02649e0cc3f8f67d942af
34db49ff64aed8b51beaba5b9928ad504a4df335
24864ed3ee6fab66640980d4c24640e579e5583764a8ee8c4f09decf27977247

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (72)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/2

IP