| zerossl.ocsp.sectigo.com/ | 172.64.149.23 | | 314 B |
URL zerossl.ocsp.sectigo.com/ IP172.64.149.23:0
Hash450e141736213f98682abf35ac07365d d8f5608a46ede6540d031382cbc7134d6b12ef08 38504e771ab93b9ac20b790cb405ef3d5c39b9a2bad48c899cd8a7812220f085
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:05:29 GMT
Content-Type: application/ocsp-response
Content-Length: 314
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 08:12:48 GMT
Expires: Tue, 23 Apr 2024 08:12:47 GMT
Etag: "d8f5608a46ede6540d031382cbc7134d6b12ef08"
Cache-Control: max-age=439037,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 876276a52932712a-OSL
|
|
| | 158.222.4.3 | 301 Moved Permanently | 235 B |
URL User Request GET HTTP/2IP158.222.4.3:443 ASN#63119 Angelnet Limited
CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text Hasheaa0a18f8308974b982a70297b1c57ec 37efc7a86938cacf3de752e69bdb0ab18981b0fd 352f0eb995a99198470ba71e88a4984e02b0bbae6e5cd99d3037e5a7cdc59c64
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 18 Apr 2024 06:05:30 GMT
content-type: text/html; charset=iso-8859-1
content-length: 235
location: https://www.xerocanada.net/
X-Firefox-Spdy: h2
|
|
| | 158.222.4.3 | 200 OK | 8.4 kB |
URL User Request GET HTTP/2IP158.222.4.3:443 ASN#63119 Angelnet Limited
CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (2180), with CRLF, LF line terminators Hash794b490e681da8d8af7a13b83479c1d0 ca82e4ed506b6b308437d29529edeecfb667d6e2 702034e2862bbfd31b2e310579a7adfec5376c0b81c414af5934c1d8a8abcc76
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:32 GMT
content-type: text/html; charset=utf-8
content-length: 8374
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
set-cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo; path=/; domain=.www.xerocanada.net; secure; HttpOnly; SameSite=lax
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| | 158.222.4.3 | 301 Moved Permanently | 235 B |
URL User Request GET HTTP/2IP158.222.4.3:443 ASN#63119 Angelnet Limited
CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text Hasheaa0a18f8308974b982a70297b1c57ec 37efc7a86938cacf3de752e69bdb0ab18981b0fd 352f0eb995a99198470ba71e88a4984e02b0bbae6e5cd99d3037e5a7cdc59c64
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 18 Apr 2024 06:05:32 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 235
Connection: keep-alive
Location: https://www.xerocanada.net/
|
|
| zerossl.ocsp.sectigo.com/ | 172.64.149.23 | | 314 B |
URL zerossl.ocsp.sectigo.com/ IP172.64.149.23:0
Hash450e141736213f98682abf35ac07365d d8f5608a46ede6540d031382cbc7134d6b12ef08 38504e771ab93b9ac20b790cb405ef3d5c39b9a2bad48c899cd8a7812220f085
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:05:33 GMT
Content-Type: application/ocsp-response
Content-Length: 314
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 08:12:48 GMT
Expires: Tue, 23 Apr 2024 08:12:47 GMT
Etag: "d8f5608a46ede6540d031382cbc7134d6b12ef08"
Cache-Control: max-age=439033,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 876276b96a41712a-OSL
|
|
| www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/ioc-logo.webp | 158.222.4.3 | 200 OK | 3.0 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/ioc-logo.webp IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash6a5ab30590f21fa33fc3eaa22324dbef cb0deab17fc3b39046eea2eb15aa08e96b84129d 85af544acb34fea94f39eec76088eeaa26fd11dd5771d615ebca01e1143b2d7e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/images/xeroshoes/ioc-logo.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:32 GMT
content-type: image/webp
content-length: 3000
last-modified: Sun, 29 Jan 2023 09:35:59 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:32 GMT
etag: "63d63dff-bb8"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/slideshow1.jpg | 158.222.4.3 | 406 Not Acceptable | 0 B |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/slideshow1.jpg IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/images/xeroshoes/slideshow1.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 406 Not Acceptable
server: nginx
date: Thu, 18 Apr 2024 06:05:32 GMT
content-type: text/html; charset=UTF-8
content-length: 0
vary: User-Agent
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/includes/templates/xerocanada/jscript/jscript_cookies.js | 158.222.4.3 | 200 OK | 430 B |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/jscript/jscript_cookies.js IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (745), with no line terminators Hash65807f4bee7bcb4f6af769919ee805d3 c75e394f474f9238cb539f8b7ef9708cc083eff2 6979054ef7300efc7abcaefb0168e095f82adc208a00837ae1a95e0f72e2b598
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/jscript/jscript_cookies.js HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: application/javascript
content-length: 430
x-accel-version: 0.01
last-modified: Sun, 29 Jan 2023 09:34:34 GMT
accept-ranges: bytes
cache-control: max-age=300
expires: Thu, 18 Apr 2024 06:10:33 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/arrow-point.webp | 158.222.4.3 | 200 OK | 1.7 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/arrow-point.webp IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hasha94980f94c453def19a6e084e14e20aa 36aac6e2da81e0840aa8f4a4b1f33bbdec91bcc0 94c2b35513af0a7ddc3040809d44207e0d4e89bfc3a008f688fc8cb54b12a70d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/images/xeroshoes/arrow-point.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:32 GMT
content-type: image/webp
content-length: 1658
last-modified: Sun, 29 Jan 2023 09:35:58 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:32 GMT
etag: "63d63dfe-67a"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/images/loader.gif | 158.222.4.3 | 200 OK | 35 kB |
URL GET HTTP/2www.xerocanada.net/images/loader.gif IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeGIF image data, version 89a, 128 x 38 Hash362e988184d842aea3a0b5d09a64d13e e4ab705fb063ffd2645ce8a25e59e889e98f211c 82656f23517068a7b3d92badc8c29716e53654cd2574d330b08823ca7f7b8fa4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/loader.gif HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:32 GMT
content-type: image/gif
content-length: 35011
last-modified: Thu, 09 Jun 2022 04:23:04 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "62a175a8-88c3"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/natural-fit-DNA.webp | 158.222.4.3 | 200 OK | 25 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/natural-fit-DNA.webp IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 520x288, Scaling: [none]x[none], YUV color, decoders should clamp Hashde82fe16060cce9a2830666f8c71f7fd 1c8aef5fc1b7beae2c253638a51fc7d5f1538f60 d1f8275c63ae2e1cbe9580c557138882c1e963342dc3a1611873eba66a54ccec
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/images/xeroshoes/natural-fit-DNA.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:32 GMT
content-type: image/webp
content-length: 25196
last-modified: Sun, 29 Jan 2023 09:36:01 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:32 GMT
etag: "63d63e01-626c"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/includes/templates/xerocanada/images/logo.png | 158.222.4.3 | 200 OK | 2.7 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/images/logo.png IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashf0a5f5d708662b9d8f233ccd4cc358ed 6db7794af06b25d177e7b623bc487d8d06d4e5df f841120df6a57f6b3c57b57cdbd81f1878248c39bf60e0b03eb5315a67d3a31a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/images/logo.png HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:32 GMT
content-type: image/png
content-length: 2724
last-modified: Sun, 29 Jan 2023 09:34:21 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Sat, 18 May 2024 06:05:32 GMT
etag: "63d63d9d-aa4"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/images/picimages/2022/02/Zelen-Your-Eco-Friendly-Road-Runner-Steel-Gray-Fuchsia-Xero.jpg | 158.222.4.3 | 200 OK | 42 kB |
URL GET HTTP/2www.xerocanada.net/images/picimages/2022/02/Zelen-Your-Eco-Friendly-Road-Runner-Steel-Gray-Fuchsia-Xero.jpg IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 900x584, components 3 Hash0e3ef88a2140472f7f62552a8a08c8d3 33cadf2dbdcb27e61b42ebd31b5984a039c6f326 a65a34636ed3b841fe346b2ef261e0bfeab46b68678dd5c6af7c20b71a20c1d8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/picimages/2022/02/Zelen-Your-Eco-Friendly-Road-Runner-Steel-Gray-Fuchsia-Xero.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 41898
last-modified: Fri, 13 Jan 2023 09:09:34 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "63c11fce-a3aa"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Playfair+Display:wght@400;500;600;700;800;900&display=swap | 142.250.74.106 | 200 OK | 1.1 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Playfair+Display:wght@400;500;600;700;800;900&display=swap IP142.250.74.106:443
Requested byhttps://www.xerocanada.net/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hash6c0d9ec00f23674f5f2f7efa17f65f2d 96bafb9b5edec99722329be5e5820eabf8d79491 ceaf731962d5113530a6c367c4f9a2c5e15644337df6cd758a5bce9396f8b912
GET /css2?family=Playfair+Display:wght@400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap | 142.250.74.106 | 200 OK | 1.2 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap IP142.250.74.106:443
Requested byhttps://www.xerocanada.net/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hashe4ec7aaace54aeee7ea9b868147e8231 4227b8eb41ce85887bc41a3af876dfd4ab0ced0c f41187919d929d4cd2963482bcffbbd6c8ce1791bce7eeb0f4c92d48f46fbc3f
GET /css2?family=Roboto+Condensed:wght@300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 | 216.58.207.227 | 200 OK | 7.9 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 IP216.58.207.227:443
Requested byhttps://www.xerocanada.net/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7884, version 1.0 Hash9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.xerocanada.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 03:21:03 GMT
expires: Wed, 16 Apr 2025 03:21:03 GMT
cache-control: public, max-age=31536000
age: 182670
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Quicksand:wght@400;500;600;700&display=swap | 142.250.74.106 | 200 OK | 8.3 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Quicksand:wght@400;500;600;700&display=swap IP142.250.74.106:443
Requested byhttps://www.xerocanada.net/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hash79e6126f59b78cd6cf36cca557fbd100 db4627df177cec29020ea95a004b22a56643dd04 9307b383138556c02f609b6e3237a8955b7bbc7745f5847326e38eb04cec25c0
GET /css2?family=Quicksand:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.xerocanada.net/includes/templates/xerocanada/css/stylesheet.css | 158.222.4.3 | 200 OK | 16 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/css/stylesheet.css IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashc38997d3dff8600538cdf720ac9c3b36 70add19e425ad20807f4b8f7d596429b7f7b1c88 5525438124725ee4c01845e95a2f625fa657a2e9e88726b282140c8f07296d8a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/css/stylesheet.css HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:32 GMT
content-type: text/css
last-modified: Sun, 29 Jan 2023 09:33:57 GMT
vary: Accept-Encoding
cache-control: max-age=3600
expires: Thu, 18 Apr 2024 07:05:32 GMT
etag: W/"63d63d85-ece4"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800&display=swap | 142.250.74.106 | 200 OK | 8.7 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800&display=swap IP142.250.74.106:443
Requested byhttps://www.xerocanada.net/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hash4f28cd19c4080ea2c55d62e821e1b948 539355fdbd555d1967946cec1af0b8950b979230 a3cd86d7f9ed6e782cc84bd8b967dff3cd6f1dbe140318bbc5f3070b99298353
GET /css2?family=Montserrat:wght@300;400;500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/ioc-logo-white.webp | 158.222.4.3 | 200 OK | 617 B |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/ioc-logo-white.webp IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash42252c74d86688d6e3622222641f8565 b3ae25605620f3ebe1feef5daa4233d771727d88 71144f0f950f82981cc047e835d1c767c3febf1339513690b296850faceb72ee
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/images/xeroshoes/ioc-logo-white.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/webp
content-length: 617
x-accel-version: 0.01
accept-ranges: bytes
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart5.jpg | 158.222.4.3 | 200 OK | 14 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart5.jpg IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 253x253, components 3 Hash666e3e242778b8a31d2892ce22f65d3e f38e5533c33403054e0343b8e23694672cf16cd7 05d0d387de4c8ec2f1f221d53d6e3392a516020847b71351264795055c4d9a32
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/images/xeroshoes/show-chart5.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 13773
last-modified: Sun, 29 Jan 2023 09:36:05 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Sat, 18 May 2024 06:05:33 GMT
etag: "63d63e05-35cd"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart4.jpg | 158.222.4.3 | 200 OK | 12 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart4.jpg IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 253x253, components 3 Hasha58529a605c2e06fd3a14c575a3fdf2a 69bb45f0e859fff75b9c18a32251c55f009cb769 e4020603e24c328fb545865a505be48a8e570e94da96c954a2e5e8b878f193c9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/images/xeroshoes/show-chart4.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 11921
last-modified: Sun, 29 Jan 2023 09:36:05 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Sat, 18 May 2024 06:05:33 GMT
etag: "63d63e05-2e91"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart10.webp | 158.222.4.3 | 200 OK | 8.3 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart10.webp IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 253x253, Scaling: [none]x[none], YUV color, decoders should clamp Hash8c71144b8247870661f3df79c4dbdad5 da9404d9489efe5ff95449705977b21d27570b02 0345989bfb95cc9ba88943915eb1ea6d15337d3054d032d2e9f3516fae33b789
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/images/xeroshoes/show-chart10.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/webp
content-length: 8260
last-modified: Sun, 29 Jan 2023 09:36:02 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: "63d63e02-2044"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart11.webp | 158.222.4.3 | 200 OK | 13 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart11.webp IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 253x253, Scaling: [none]x[none], YUV color, decoders should clamp Hashede3dbff5735148c3d01650b50831027 b9b947113bef1b714bde5f8bd35461d8eb642ec6 e71e982e6f21e105dd28816d0a4672474cd8ff033b7ca9620f8a4f0328c3467d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/images/xeroshoes/show-chart11.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/webp
content-length: 12828
last-modified: Sun, 29 Jan 2023 09:36:03 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: "63d63e03-321c"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart12.webp | 158.222.4.3 | 200 OK | 24 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart12.webp IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1200x300, Scaling: [none]x[none], YUV color, decoders should clamp Hash14459b34eddd4cb1cfe7d6c555b5b927 e1a72626b8c52864585cb6ef86d1e4b7a74dcfb1 bfccacd1cbbc4023e95b845cfd07aa0e3837e32645d2e2ae9faa54cc0c3ed5e7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/images/xeroshoes/show-chart12.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/webp
content-length: 23786
last-modified: Sun, 29 Jan 2023 09:36:03 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: "63d63e03-5cea"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/images/payment.png | 158.222.4.3 | 200 OK | 6.2 kB |
URL GET HTTP/2www.xerocanada.net/images/payment.png IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typePNG image data, 248 x 26, 8-bit/color RGBA, non-interlaced Hash1fb5f66cada185d72ccefaeb9e9a2963 584108601272e3ed07abe10b4c3ca2f6b200d552 ef645db0e0a9a267fda954e584782b888929b2827548ecaef07600656022535b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/payment.png HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/png
content-length: 6248
last-modified: Thu, 09 Jun 2022 04:19:36 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "62a174d8-1868"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/natural-feel-DNA.webp | 158.222.4.3 | 200 OK | 16 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/natural-feel-DNA.webp IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 520x288, Scaling: [none]x[none], YUV color, decoders should clamp Hasha77f9585d35cdce0e1324da512fcbdae 4b7d45045e645a688c72a5fac1c6202f64f014db 048f261f128fd5058d26887a4683486ac86ccd99aac4e46903dd531ec44dab21
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/images/xeroshoes/natural-feel-DNA.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/webp
content-length: 15994
last-modified: Sun, 29 Jan 2023 09:36:00 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: "63d63e00-3e7a"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/natural-motion-DNA-trim.webp | 158.222.4.3 | 200 OK | 14 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/natural-motion-DNA-trim.webp IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 341x246, Scaling: [none]x[none], YUV color, decoders should clamp Hashf7f0f684b1f32c25e1927cf10a7b59dd 1c68fc3006ef73070f7ab97d36795da261927050 81ad7e28ec2eb0b6b7ff7eec734a21925383083d9d7b49f69f8d13d226a75264
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/images/xeroshoes/natural-motion-DNA-trim.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/webp
content-length: 13594
last-modified: Sun, 29 Jan 2023 09:36:01 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: "63d63e01-351a"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/waist-mtn.webp | 158.222.4.3 | 200 OK | 29 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/waist-mtn.webp IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 527x658, Scaling: [none]x[none], YUV color, decoders should clamp Hash9741a2f906eb41488f2117656b518e4c a8d1bea4ba233731f1c2dcaec1cabcd44018e33f d30d407d7c1bccebe73b3d0f14589bb4ab221be24830b6789d33dbc94009e581
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/images/xeroshoes/waist-mtn.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/webp
content-length: 29232
last-modified: Sun, 29 Jan 2023 09:36:10 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: "63d63e0a-7230"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/images/picimages/2020/08/Red-Speed-Force-Women-Xero.jpg | 158.222.4.3 | 200 OK | 60 kB |
URL GET HTTP/2www.xerocanada.net/images/picimages/2020/08/Red-Speed-Force-Women-Xero.jpg IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 900x584, components 3 Hash230792ca9a254e157fe2ad3d0a4dbe18 75153cd075926293e8ae6cc62ef2358d168c0f52 90f6e94345095450b472776e8279451f60fd50ba10ec95b9dafd4a36f0465adc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/picimages/2020/08/Red-Speed-Force-Women-Xero.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 60500
last-modified: Fri, 13 Jan 2023 09:06:46 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "63c11f26-ec54"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/images/picimages/2022/02/Speed-Force-Women-Blue-Glass-Xero.jpg | 158.222.4.3 | 200 OK | 40 kB |
URL GET HTTP/2www.xerocanada.net/images/picimages/2022/02/Speed-Force-Women-Blue-Glass-Xero.jpg IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 900x584, components 3 Hash2f4f33eeb9b781008728bef2e1010234 c167ef24ee9accf24f62f15df1491a224e585491 574bcb46a2748342ab098d98e4691157e6085cc8ccf7e929809d41f875d9840f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/picimages/2022/02/Speed-Force-Women-Blue-Glass-Xero.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 39753
last-modified: Fri, 13 Jan 2023 09:09:04 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "63c11fb0-9b49"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 7.7 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 IP216.58.207.227:443
Requested byhttps://www.xerocanada.net/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7748, version 1.0 Hasha09f2fccfee35b7247b08a1a266f0328 0da2d17e738f46d2a09e6fb7969da451719a9820 cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.xerocanada.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 03:25:26 GMT
expires: Wed, 16 Apr 2025 03:25:26 GMT
cache-control: public, max-age=31536000
age: 182407
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart1.jpg | 158.222.4.3 | 200 OK | 16 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart1.jpg IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 253x253, components 3 Hash19b894cfdb6a5cbc65f8c9db77fcd6e0 f09a42dbd533001dc0b6a53037c332437fab59ba 3163bd853678ed59d68dd3968b93d74f5daf492f17b29581aa53b96e7d25781d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/images/xeroshoes/show-chart1.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 15756
last-modified: Sun, 29 Jan 2023 09:36:02 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Sat, 18 May 2024 06:05:33 GMT
etag: "63d63e02-3d8c"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart2.webp | 158.222.4.3 | 200 OK | 9.9 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart2.webp IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 253x253, Scaling: [none]x[none], YUV color, decoders should clamp Hash2ad1c8b93f730e40ae2ca70fb78f1c64 9981ee6d5a96d8d426421cb0114742487d2197be 1946ac291f2e9214accb833a1f191670f6d9c5a969e1ff9039733de3cef845a3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/images/xeroshoes/show-chart2.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/webp
content-length: 9882
last-modified: Sun, 29 Jan 2023 09:36:04 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: "63d63e04-269a"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart3.webp | 158.222.4.3 | 200 OK | 7.7 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart3.webp IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 253x253, Scaling: [none]x[none], YUV color, decoders should clamp Hash28ec888bb6c4b542ba76d2a5804655ed b4747942c653fe83318c4497ae7ed3fbadedb06b 062e6a3d8af0cfea44acb83fd47f1a7358626eb1c734b3155cdf9288dfb33ab9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/images/xeroshoes/show-chart3.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/webp
content-length: 7670
last-modified: Sun, 29 Jan 2023 09:36:04 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: "63d63e04-1df6"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart6.jpg | 158.222.4.3 | 200 OK | 17 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart6.jpg IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 253x253, components 3 Hash11f07883109fcdac9b0ac84861b4c679 5107340b553b6bc36d04791278c449a43bbcf6f9 6aa98287daa2136a24d658e46ac419c9dfb4d035e7bd83ef4d5e8ae3cb3ffc03
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/images/xeroshoes/show-chart6.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 16940
last-modified: Sun, 29 Jan 2023 09:36:06 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Sat, 18 May 2024 06:05:33 GMT
etag: "63d63e06-422c"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart7.jpg | 158.222.4.3 | 200 OK | 11 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart7.jpg IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 253x253, components 3 Hashad2801c9b30e1fb174eeefa1f3e74214 880668e7d3398d9809f2cbfb877062f22372e801 d4fc81e5efb987c6c5898c6ea5b53ba35ec3bb974aa9dda2ad35e8cc51aff506
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/images/xeroshoes/show-chart7.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 10718
last-modified: Sun, 29 Jan 2023 09:36:06 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Sat, 18 May 2024 06:05:33 GMT
etag: "63d63e06-29de"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart8.jpg | 158.222.4.3 | 200 OK | 13 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart8.jpg IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 253x253, components 3 Hashcd065f6bcc85abc71eb800a8776a527a 198801a67ee27d72eff8359a6fdaafe563a8adaa 37692e9dde238bcfc6b839bd7cfaec0f391e9c06c14d68ee4f0a8b3b2c3f8848
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/images/xeroshoes/show-chart8.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 12758
last-modified: Sun, 29 Jan 2023 09:36:08 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Sat, 18 May 2024 06:05:33 GMT
etag: "63d63e08-31d6"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart9.webp | 158.222.4.3 | 200 OK | 8.5 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/show-chart9.webp IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 253x253, Scaling: [none]x[none], YUV color, decoders should clamp Hash115af17d2fa33d44cea1ebbf64a0bb73 1578f3fb0ff0189505c71352bc0322c15cbb31dc 69aa24481028bf162654d7b97e7b12fadd4348bd570d18a55d81347be97d1591
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/images/xeroshoes/show-chart9.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/webp
content-length: 8520
last-modified: Sun, 29 Jan 2023 09:36:08 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: "63d63e08-2148"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/images/picimages/2021/07/360-Women-Blue-Yellow-Xero.jpg | 158.222.4.3 | 200 OK | 77 kB |
URL GET HTTP/2www.xerocanada.net/images/picimages/2021/07/360-Women-Blue-Yellow-Xero.jpg IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 900x584, components 3 Hashe98bcf0182f0a7dcca1fbaa33558b33f 4e84a001b2f65ef66c7a91b49fc0222e6f196ff9 e93704cc1d56783da78c2d6c2c2da0601f8b3b12fa18c74f71c88f958c8232d2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/picimages/2021/07/360-Women-Blue-Yellow-Xero.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 77370
last-modified: Fri, 13 Jan 2023 09:07:54 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "63c11f6a-12e3a"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/images/picimages/2021/07/Muddy-Rose-Mesa-Trail-Women-s-Lightweight-Trail-Runner-Xero.jpg | 158.222.4.3 | 200 OK | 71 kB |
URL GET HTTP/2www.xerocanada.net/images/picimages/2021/07/Muddy-Rose-Mesa-Trail-Women-s-Lightweight-Trail-Runner-Xero.jpg IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 900x584, components 3 Hashdbca269413620a49ce228cc89f1574eb 146bf333426e336591c8ac958fd4b04f0d11150f 3ee5d5f5726cffa95636adf934e3a442aea423202668907d546341efb916fc7a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/picimages/2021/07/Muddy-Rose-Mesa-Trail-Women-s-Lightweight-Trail-Runner-Xero.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 71272
last-modified: Fri, 13 Jan 2023 09:08:06 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "63c11f76-11668"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/images/picimages/2019/09/Speed-Force-Women-Xero-Black.jpg | 158.222.4.3 | 200 OK | 70 kB |
URL GET HTTP/2www.xerocanada.net/images/picimages/2019/09/Speed-Force-Women-Xero-Black.jpg IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 900x584, components 3 Hash4a7ba96a06341370d8ebd0ed8d228418 38d0ebaaf5e691e6832bd874e871e5f42833a6ce 15888c2f0cfa45d5f8f1210a0414f4e0ae07983835fd60c0015c695d4d920dec
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/picimages/2019/09/Speed-Force-Women-Xero-Black.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 70113
last-modified: Fri, 13 Jan 2023 09:05:18 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "63c11ece-111e1"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/images/picimages/2021/07/Xero-360-Women-Asphalt.jpg | 158.222.4.3 | 200 OK | 69 kB |
URL GET HTTP/2www.xerocanada.net/images/picimages/2021/07/Xero-360-Women-Asphalt.jpg IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 900x584, components 3 Hash6d037fc7ba239f25cb72c9223e2e8d9a 4af09d516c181d520534c1e06f67efc1789a4daf 2052ab4c98f2aea9134209b39a967e648d2711b9e5d45212cdc5f681b4bf7e56
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/picimages/2021/07/Xero-360-Women-Asphalt.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 69411
last-modified: Fri, 13 Jan 2023 09:08:10 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "63c11f7a-10f23"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/images/picimages/2021/07/Mesa-Trail-Women-s-Lightweight-Trail-Runner-Lagoon-Xero.jpg | 158.222.4.3 | 200 OK | 78 kB |
URL GET HTTP/2www.xerocanada.net/images/picimages/2021/07/Mesa-Trail-Women-s-Lightweight-Trail-Runner-Lagoon-Xero.jpg IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 900x584, components 3 Hash1daf27c701129ce625c4c52b6a2b3fb3 01b66b68d02195ed5d0c08f22f9566648496de76 6c153895daf5f7bf7a06e0ba0cdeeeb5f4cfc2c3267b20d4275130c43e925ca0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/picimages/2021/07/Mesa-Trail-Women-s-Lightweight-Trail-Runner-Lagoon-Xero.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 78520
last-modified: Fri, 13 Jan 2023 09:08:04 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "63c11f74-132b8"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/images/picimages/2020/01/Mesa-Trail-Women-s-Lightweight-Trail-Runner-Xero-Dark-Gray-Sapphire.jpg | 158.222.4.3 | 200 OK | 68 kB |
URL GET HTTP/2www.xerocanada.net/images/picimages/2020/01/Mesa-Trail-Women-s-Lightweight-Trail-Runner-Xero-Dark-Gray-Sapphire.jpg IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 900x584, components 3 Hash3ee978380f21b0744a814606497ca496 842f8a773c0b0df2b2c6302bf92ed5861630b785 fd2ab7ef604f1f3cc31c5386c86292ea4662826986e6b152f763311873907088
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/picimages/2020/01/Mesa-Trail-Women-s-Lightweight-Trail-Runner-Xero-Dark-Gray-Sapphire.jpg HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/jpeg
content-length: 67585
last-modified: Fri, 13 Jan 2023 09:05:38 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "63c11ee2-10801"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/includes/templates/xerocanada/css/style_zp.css | 158.222.4.3 | 200 OK | 152 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/css/style_zp.css IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Size152 kB (151470 bytes) Hash5fd27b2289e5d3f45108e7b00d841bc7 7ec95679ffa522b086b3be710c8791e589507077 7bd27629666c9f4dbb86e3edbae2b3ebaf01f9536e64970f98049f41f174d3ad
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/css/style_zp.css HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:32 GMT
content-type: text/css
last-modified: Sun, 29 Jan 2023 09:34:00 GMT
vary: Accept-Encoding
cache-control: max-age=3600
expires: Thu, 18 Apr 2024 07:05:32 GMT
etag: W/"63d63d88-4e35"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Glegoo:wght@400;700&display=swap | 142.250.74.106 | 200 OK | 141 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Glegoo:wght@400;700&display=swap IP142.250.74.106:443
Requested byhttps://www.xerocanada.net/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Size141 kB (141086 bytes) Hash9b9ce62fd5375f9d45f4b43893339a36 a38aec13f6e3c5e72c14ea2fba483adca228d219 05620fc4766593fb1a48a1d598f2c9c236210b938e2ed19817b24f2188689731
GET /css2?family=Glegoo:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/slideshow1.webp | 158.222.4.3 | 200 OK | 136 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/slideshow1.webp IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1550x613, Scaling: [none]x[none], YUV color, decoders should clamp Size136 kB (135948 bytes) Hashf09aac611d234f682c5952b9fdc939ff d67f5d95783d139badd7f1eb91e725e0eff0f8e6 7882720058b0700e968cb3ea54cdb35690ad9a4997e54d282dd532d04ce7fb94
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/images/xeroshoes/slideshow1.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/webp
content-length: 135948
last-modified: Sun, 29 Jan 2023 09:36:09 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: "63d63e09-2130c"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/includes/templates/xerocanada/images/favicon.ico | 158.222.4.3 | 200 OK | 4.3 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/images/favicon.ico IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeMS Windows icon resource - 1 icon, 32x32, 32 bits/pixel Hash74f5f2a3ef0c81f942a1138a853facd3 57ad59efc77dd97618f66bc9bd361a8b6f80042a 469436b63587a6c755a07f6d015648f493993a6e1892a9be61304bcd7ff1319a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/images/favicon.ico HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/x-icon
content-length: 4286
last-modified: Sun, 29 Jan 2023 09:34:17 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Fri, 19 Apr 2024 06:05:33 GMT
etag: "63d63d99-10be"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| | 158.222.4.3 | 200 OK | 8.3 kB |
URL User Request GET HTTP/2IP158.222.4.3:443 ASN#63119 Angelnet Limited
CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (2180), with CRLF, LF line terminators Hashec71a7767da664b6204f4a881a36f823 60545f627701f84f9d5f0006e3ed2cbe1310566a 635b6cf5c0878fb0c05c6d18c1ce2be6f0abf7d9fb9923a44ea77cd2c6dd6f00
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:34 GMT
content-type: text/html; charset=utf-8
content-length: 8326
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
set-cookie: zenid=fuid8odlcsl6hs7s3u5shpu4ch; path=/; domain=.www.xerocanada.net; secure; HttpOnly; SameSite=lax
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Crimson+Pro:wght@200;300;400;500;600;700;800;900&display=swap | 142.250.74.106 | 200 OK | 9.7 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Crimson+Pro:wght@200;300;400;500;600;700;800;900&display=swap IP142.250.74.106:443
Requested byhttps://www.xerocanada.net/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (9912), with no line terminators Hash40698f9f19b1a609d2636f5eef9a3e30 46ff448bbf2fb3b30ecc73402877f8845445f8ba f3f7baade7af0f0b4587523c53317642d7c18c2501e70aaae37b93e7ee9a6545
GET /css2?family=Crimson+Pro:wght@200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css2?family=Merienda:wght@400;700&display=swap | 142.250.74.106 | 200 OK | 2.4 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Merienda:wght@400;700&display=swap IP142.250.74.106:443
Requested byhttps://www.xerocanada.net/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (2424), with no line terminators Hash4c11106146294a0f2e0f9a7cd792e1d2 53f4815a87a769d098f64ad9dfafc157f7d572d1 66f67ff9a9b48f878ba4db2df85dcb68e5640e189ecc19cb7a4a8604b7412e94
GET /css2?family=Merienda:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.xerocanada.net/includes/templates/xerocanada/jscript/jquery.min.js | 158.222.4.3 | 200 OK | 90 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/jscript/jquery.min.js IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/jscript/jquery.min.js HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: application/javascript
last-modified: Sun, 29 Jan 2023 09:34:33 GMT
vary: Accept-Encoding
cache-control: max-age=300
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: W/"63d63da9-15d9d"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Libre+Franklin:wght@100;200;300;400;500;600;700;800;900&display=swap | 142.250.74.106 | 200 OK | 11 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Libre+Franklin:wght@100;200;300;400;500;600;700;800;900&display=swap IP142.250.74.106:443
Requested byhttps://www.xerocanada.net/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hasheb9023562ab1966f30dc99199c862e99 c61e56985a7df5262657c080393142f4f3e674b0 23daa07b4cbfa8e9a4a4aa17f77ebab31297e8dcd5f1c082dc21f284ab5dd03a
GET /css2?family=Libre+Franklin:wght@100;200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.xerocanada.net/includes/templates/xerocanada/jscript/jscript_plugins.js | 158.222.4.3 | 200 OK | 273 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/jscript/jscript_plugins.js IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
Size273 kB (273266 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/jscript/jscript_plugins.js HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: application/javascript
last-modified: Sun, 29 Jan 2023 09:34:36 GMT
vary: Accept-Encoding
cache-control: max-age=300
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: W/"63d63dac-42b72"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 8.0 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 IP216.58.207.227:443
Requested byhttps://www.xerocanada.net/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 8000, version 1.0 Hash72993dddf88a63e8f226656f7de88e57 179f97ec0275f09603a8db94d4380eb584d81cd5 f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.xerocanada.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 00:30:18 GMT
expires: Wed, 16 Apr 2025 00:30:18 GMT
cache-control: public, max-age=31536000
age: 192915
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Jost:wght@300;400;500;600;700;800&display=swap | 142.250.74.106 | 200 OK | 6.3 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Jost:wght@300;400;500;600;700;800&display=swap IP142.250.74.106:443
Requested byhttps://www.xerocanada.net/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (6420), with no line terminators Hash74a37b69a4c15801b8edcc9cd42c503c 23d843eff81be41b551ff2ab24a550017f77207f d706baa7aa0457db3dc2bbb3af441adb4dc2cf87f8c3611c85a281ddbe939ec7
GET /css2?family=Jost:wght@300;400;500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 7.8 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 IP216.58.207.227:443
Requested byhttps://www.xerocanada.net/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7816, version 1.0 Hash25b0e113ca7cce3770d542736db26368 cb726212d5d525021752a1d8470a0fb593e0c49e 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.xerocanada.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 20:25:17 GMT
expires: Tue, 15 Apr 2025 20:25:17 GMT
cache-control: public, max-age=31536000
age: 207616
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Staatliches&display=swap | 142.250.74.106 | 200 OK | 808 B |
URL GET HTTP/3fonts.googleapis.com/css2?family=Staatliches&display=swap IP142.250.74.106:443
Requested byhttps://www.xerocanada.net/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (826), with no line terminators Hashda420df8479f8779cde5fc034d4cc67b 40e95fcf89bfd02023345af67b83dd45543c29d9 21c8c585a8724114950fa78cb426dd7ff797cab8c34cb44231ea087c6c515d61
GET /css2?family=Staatliches&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&display=swap | 142.250.74.106 | 200 OK | 2.6 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&display=swap IP142.250.74.106:443
Requested byhttps://www.xerocanada.net/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (2605), with no line terminators Hashd7e91faccd8b5b75c6794babc60413e9 490a3fe1bc93ea7dd9cff81c80eca5ea6cad68b3 8d4ecadfe561b26cf0addd9f7e39055b19844488449e0091a936a77fdff727d9
GET /css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap | 142.250.74.106 | 200 OK | 14 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap IP142.250.74.106:443
Requested byhttps://www.xerocanada.net/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hash9c12b57a25710853b762d48b28545b5c 57a79d40792f42232b317bd9529c98efa29fc315 35ae53cd6f0cde71e622f6e54dc576bb82ffab56c9e41b1298f932eebf963eb9
GET /css2?family=Roboto:wght@100;300;400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css2?family=Alata&display=swap | 142.250.74.106 | 200 OK | 1.2 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Alata&display=swap IP142.250.74.106:443
Requested byhttps://www.xerocanada.net/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (1179), with no line terminators Hash1f9ff1758f44a8354f9be6ccf531cb8a 7fd5c0f675262d59736c063d0569dd7fab71256f 37dfb66736045e51980abc5c9c002b3a658a8fadc626f4a0aacf957fe90b6809
GET /css2?family=Alata&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.xerocanada.net/includes/templates/xerocanada/fonts/annimex-icons.ttf?teavmy | 158.222.4.3 | 200 OK | 141 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/fonts/annimex-icons.ttf?teavmy IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeTrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, adorn-icons Size141 kB (140608 bytes) Hash7d3c0284348a1f07b4cd6ff41354551b 6ff4eb286a7b3c980866382a40dd9279c99cb9cd 924025d175bc0292a137b2b46a4ee48e77c8618c3ea19e44214b6abf30f16005
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/fonts/annimex-icons.ttf?teavmy HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/includes/templates/xerocanada/css/style_plugins.css
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: application/x-font-ttf
content-length: 140608
last-modified: Sun, 29 Jan 2023 09:34:03 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: "63d63d8b-22540"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.xerocanada.net/includes/templates/xerocanada/jscript/jscript_zmain.js | 158.222.4.3 | 200 OK | 54 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/jscript/jscript_zmain.js IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (528) Hash7817c8de851adc60ebae995d6a50569c 14c1769e995716230c0e522f82a5566c80326782 424445d4dd016ae9d25b39b7b43cba9482db1e81d57d144b0628b1fcb750008c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/jscript/jscript_zmain.js HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: application/javascript
last-modified: Sun, 29 Jan 2023 09:34:36 GMT
vary: Accept-Encoding
cache-control: max-age=300
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: W/"63d63dac-d1e0"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,800;0,900;1,700&display=swap | 142.250.74.106 | 200 OK | 16 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,800;0,900;1,700&display=swap IP142.250.74.106:443
Requested byhttps://www.xerocanada.net/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hash56e4df90a29f863f6faa6ccb7567e401 9f3f0306cb0054763e377c6f456890e33f546cd9 165c919c26eb19e053a7cf522566f7cfa686a2782e252b7cd39e15e5d8b4bf15
GET /css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,800;0,900;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.xerocanada.net/includes/templates/xerocanada/css/style_plugins.css | 158.222.4.3 | 200 OK | 221 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/css/style_plugins.css IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
Size221 kB (220793 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/css/style_plugins.css HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:32 GMT
content-type: text/css
last-modified: Sun, 29 Jan 2023 09:33:59 GMT
vary: Accept-Encoding
cache-control: max-age=3600
expires: Thu, 18 Apr 2024 07:05:32 GMT
etag: W/"63d63d87-35e79"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap | 142.250.74.106 | 200 OK | 6.3 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap IP142.250.74.106:443
Requested byhttps://www.xerocanada.net/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (6448), with no line terminators Hash5597ed8188a3994391b999f6caf0d0ec a647507c2dfaa80293672a339035e11335a7509b 40f0d46e2291b1365735633e70f2aac322fb4741fa001a7e8485692d660bb740
GET /css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/bottom-modular.webp | 158.222.4.3 | 200 OK | 146 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/images/xeroshoes/bottom-modular.webp IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 2560x651, Scaling: [none]x[none], YUV color, decoders should clamp Size146 kB (145974 bytes) Hash8997a14a1eb267086b49345ebb18d06e 7d2f5fcb329ee4b1702d2ead6f6c5f5341d3fd87 237a8b2899028b534cf639d77ba5335d4badee18f9a500b296455983a87bd946
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/images/xeroshoes/bottom-modular.webp HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/includes/templates/xerocanada/css/style_zp.css
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:33 GMT
content-type: image/webp
content-length: 145974
last-modified: Sun, 29 Jan 2023 09:35:58 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 18 Apr 2024 06:10:33 GMT
etag: "63d63dfe-23a36"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap | 142.250.74.106 | 200 OK | 5.0 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap IP142.250.74.106:443
Requested byhttps://www.xerocanada.net/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (5076), with no line terminators Hash48d4822accd8873d2852967645115cef 1b20048c205fa24b4fff0afa458ee1fa2c45612f 27b1f874ce4c14645ec6df13bdf94d9a3381db78c5e4720903dd20d0e4bbc0b7
GET /css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.xerocanada.net/includes/templates/xerocanada/css/style_zo.css | 158.222.4.3 | 200 OK | 154 kB |
URL GET HTTP/2www.xerocanada.net/includes/templates/xerocanada/css/style_zo.css IP158.222.4.3:443 ASN#63119 Angelnet Limited
Requested byhttps://www.xerocanada.net/ CertificateIssuerZeroSSL Subjectxerocanada.net FingerprintFF:53:33:49:66:D4:38:02:C3:DF:3A:6B:2C:CA:69:40:35:F6:AE:CA ValidityTue, 16 Apr 2024 00:00:00 GMT - Mon, 15 Jul 2024 23:59:59 GMT
File typeassembler source, ASCII text, with very long lines (534) Size154 kB (153578 bytes) Hashe2d57f22da2f3c26d5051537ad17c982 0f4a1e8df031441dd02489439407b93de2b1489e 3798aa1b7a8d02045fe666b4edc83fc776838e4496faec1575973c1bb19e9496
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/xerocanada/css/style_zo.css HTTP/1.1
Host: www.xerocanada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Cookie: zenid=9ma28s7qplo4gt2cfh8ad20djo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:32 GMT
content-type: text/css
last-modified: Sun, 29 Jan 2023 09:33:59 GMT
vary: Accept-Encoding
cache-control: max-age=3600
expires: Thu, 18 Apr 2024 07:05:32 GMT
etag: W/"63d63d87-257ea"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Arima+Madurai:wght@300;400;500;700;800;900&display=swap | 142.250.74.106 | 200 OK | 9.3 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Arima+Madurai:wght@300;400;500;700;800;900&display=swap IP142.250.74.106:443
Requested byhttps://www.xerocanada.net/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (9530), with no line terminators Hashc5939125786ce6b5ed8c4f0a2bedcf52 528777daa60c7b5d52e78018151ba873c94d640e 819fb2fbdc024c04b03c88da5d5c7e0bdb4616630d72ab65491cbaab120f46ec
GET /css2?family=Arima+Madurai:wght@300;400;500;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/icon?family=Material+Icons | 142.250.74.106 | 200 OK | 565 B |
URL GET HTTP/2fonts.googleapis.com/icon?family=Material+Icons IP142.250.74.106:443
Requested byhttps://www.xerocanada.net/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (588), with no line terminators Hash959a533a3dc02649e0cc3f8f67d942af 34db49ff64aed8b51beaba5b9928ad504a4df335 24864ed3ee6fab66640980d4c24640e579e5583764a8ee8c4f09decf27977247
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xerocanada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:33 GMT
date: Thu, 18 Apr 2024 06:05:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|