Report - sadevafric.com/msin/tuda

Report Overview

Submitted URL
sadevafric.com/msin/tuda
IP
66.29.145.237
ASN
#22612 NAMECHEAP-NET
Submitted
2022-12-24 03:06:38
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
40

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	797 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.218.168.248
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	522 B	2.2 kB	142.250.74.106
sadevafric.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	19 kB	2.7 MB	66.29.145.237
aws-wwcloud.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	420 B	1.0 kB	195.123.218.98
www.applitech.ci	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	7.4 kB	66.29.145.237
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	52 kB	34.120.237.76
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	963 B	104.18.32.68
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	216.58.211.3
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	488 B	32 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-24	medium	sadevafric.com/msin/tuda	Malware
2022-12-24	medium	sadevafric.com/msin/tuda	Malware
2022-12-24	medium	sadevafric.com/	Malware
2022-12-24	medium	sadevafric.com/assets/js/plugins/scroll-magic-gsap-plugin.js	Malware
2022-12-24	medium	sadevafric.com/assets/js/plugins/jquery.min.js	Malware
2022-12-24	medium	sadevafric.com/assets/js/plugins/isotope.min.js	Malware
2022-12-24	medium	sadevafric.com/assets/js/plugins/tween-max.min.js	Malware
2022-12-24	medium	sadevafric.com/assets/js/plugins/scroll-magic.js	Malware
2022-12-24	medium	sadevafric.com/assets/js/plugins/swiper.min.js	Malware
2022-12-24	medium	sadevafric.com/assets/js/plugins/smooth-scrollbar.min.js	Malware
2022-12-24	medium	sadevafric.com/assets/js/plugins/overscroll.min.js	Malware
2022-12-24	medium	sadevafric.com/assets/js/plugins/fancybox.min.js	Malware
2022-12-24	medium	sadevafric.com/assets/js/plugins/canvas.js	Malware
2022-12-24	medium	sadevafric.com/assets/js/plugins/parsley.min.js	Malware
2022-12-24	medium	sadevafric.com/assets/js/main.js	Malware
2022-12-24	medium	sadevafric.com/assets/js/plugins/mapbox.min.js	Malware
2022-12-24	medium	sadevafric.com/assets/img/light/logo.svg	Malware
2022-12-24	medium	sadevafric.com/assets/css/webfonts/fa-brands-400.woff2	Malware
2022-12-24	medium	aws-wwcloud.net/async/?id=588e2a123b18kd2s9t1it3yt11z778t3	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-24	medium	aws-wwcloud.net	Sinkholed

JavaScript (15)

	URL	Size	First Seen	Last Seen
	sadevafric.com/assets/js/main.js	17 kB	2023-03-08	2023-03-14
Pretty URL sadevafric.com/assets/js/main.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:12:58 Last Seen2023-03-14 00:03:57 Times Seen1 Hash 7e123e1b87bf10d013756c73ff3973aa a382afe364dee9c2ce6dd381879adee1f819bf64 573c8198e3ef657eaf23b20e1954ba816f2a2189f13ff2f56e9ab69de89acf1b Loading...

	sadevafric.com/assets/js/plugins/canvas.js	3.7 kB	2023-03-08	2023-05-24
Pretty URL sadevafric.com/assets/js/plugins/canvas.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:12:58 Last Seen2023-05-24 09:22:34 Times Seen3 Hash ee883a8ad292d8ba091423ac8861537d 164049563bd1dca5959cc3425f884660e20c9b42 027c5cfae6b6f1b8f56be74f83143f0cbffa65ce2b01d136329350d8693079f6 Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 05:52:31 Times Seen37031866 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	sadevafric.com/assets/js/plugins/isotope.min.js	35 kB	2023-03-07	2024-03-07
Pretty URL sadevafric.com/assets/js/plugins/isotope.min.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:03:09 Last Seen2024-03-07 08:50:39 Times Seen135 Hash 429037b5aee16c10d7b2493b8cb50a4a 45a3c2332637a167d80edc6185c06d7a95e38f75 7d2412504fb72ab7f6c7f96d0afbfd909791c293a9b10e15d629b7b7f6ebc829 Loading...

	sadevafric.com/assets/js/plugins/tween-max.min.js	117 kB	2023-03-08	2023-03-12
Pretty URL sadevafric.com/assets/js/plugins/tween-max.min.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 09:47:51 Last Seen2023-03-12 06:06:29 Times Seen1 Hash 4adadb165b179b0d975b530afccb34f7 adffd08edebd63774591338c854dce561bc4d50f dd680d45d35be124d34a4fbe0798d5cea7d318a3b64f3579684c31c93c1183f0 Loading...

	sadevafric.com/assets/js/plugins/scroll-magic.js	104 kB	2023-03-08	2023-05-24
Pretty URL sadevafric.com/assets/js/plugins/scroll-magic.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:12:58 Last Seen2023-05-24 09:22:34 Times Seen3 Hash 28c87d4b7bdf45d6f9d006aba1f044d5 83c7d34f5bda56c230fc8ccf3be2d21d0c234657 63feea8fa405b51d30c822556b66b1dcdc64f64b97818e6281af05ce28e64aa4 Loading...

	sadevafric.com/assets/js/plugins/swiper.min.js	125 kB	2023-03-08	2024-01-29
Pretty URL sadevafric.com/assets/js/plugins/swiper.min.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:12:58 Last Seen2024-01-29 01:47:31 Times Seen38 Hash 9465f56a021a999a2d639b309b070091 b8dd1ae6654c77e2cc57687913eb372259a9751e 6e41a9c586f5be5572d9799170564f81f39375beb872593f0281adf5910fa58b Loading...

	sadevafric.com/assets/js/plugins/fancybox.min.js	68 kB	2023-03-07	2024-04-12
Pretty URL sadevafric.com/assets/js/plugins/fancybox.min.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:43 Last Seen2024-04-12 19:41:24 Times Seen26 Hash 91fb41047568601ee69cb7cb1fbdef76 ac0fcc6838b5bda8ab83c74761f9e4272c03cfe1 2c554d6e95ad090bd1a03cb4d3ae715de0ba090a2623ca0da8cf0a466efbdcff Loading...

	sadevafric.com/	215 B	2023-03-08	2023-03-14
Pretty URL sadevafric.com/ IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:12:58 Last Seen2023-03-14 00:03:57 Times Seen1 Hash 5b9c7ab1a33b2314822fc0bfc7d2303b 3272465024f2a02f5c5cf8fbce6b2553560b68a8 ef26165c7142a0a86d53bf8309c18b6e0ca84dac0bf90e5014cef833e9016c3c Loading...

	sadevafric.com/assets/js/plugins/overscroll.min.js	12 kB	2023-03-08	2023-05-24
Pretty URL sadevafric.com/assets/js/plugins/overscroll.min.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:12:58 Last Seen2023-05-24 09:22:34 Times Seen3 Hash 19fab2285d528bfb2632b8fec03b20cf c05a9f819bd99db1e8a06b3fa522744df8053d0a 58a7a89e1dc034dbadf9156b9c0af713b84e1c8421f5734ea2a59a3e591c7e0c Loading...

	sadevafric.com/	5.3 kB	2023-03-08	2023-03-14
Pretty URL sadevafric.com/ IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:12:58 Last Seen2023-03-14 00:03:57 Times Seen1 Hash 31efc48a7f2cd2aaf36946b5a9627c8a 147242d7e81f057dcaf4ce9dd8304d20a775bd7b 832faadf287e6a9376f2537d46fd06fd5d792750a0f4929dc9ba65ddfa99bff7 Loading...

	sadevafric.com/assets/js/plugins/smooth-scrollbar.min.js	52 kB	2023-03-12	2023-03-14
Pretty URL sadevafric.com/assets/js/plugins/smooth-scrollbar.min.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:06:29 Last Seen2023-03-14 00:03:57 Times Seen1 Hash b27b92509f72d4e02c1f908bba87ffd0 2b6151730994d0062b6c5a93e3f0dc18326feb60 d93d11ccd97e10878918429603fb14231d01117f61dcd37069caddb6b9ca3bbb Loading...

	sadevafric.com/assets/js/plugins/parsley.min.js	43 kB	2023-03-08	2024-01-27
Pretty URL sadevafric.com/assets/js/plugins/parsley.min.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:12:58 Last Seen2024-01-27 22:50:30 Times Seen3 Hash 24b587b059bd2a5e9d5d2c51f4778809 d82130847b9787961d4545b51384406326688429 e88040fa76877e65b9857806d463c25b8632e9c6f48cda6acce7fe43fcdbe14c Loading...

	sadevafric.com/assets/js/plugins/scroll-magic-gsap-plugin.js	12 kB	2023-03-08	2023-05-24
Pretty URL sadevafric.com/assets/js/plugins/scroll-magic-gsap-plugin.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:12:58 Last Seen2023-05-24 09:22:34 Times Seen3 Hash ecbe014904b8aaa5e4336793980ca9c3 fe34a50baae55c47f84a6ec0625595824193cb46 aa55a5e4cad0d5e30ea188528dd7048e9f9d8330d0afa0388f613ce1f986909a Loading...

	sadevafric.com/assets/js/plugins/mapbox.min.js	764 kB	2023-03-07	2024-02-16
Pretty URL sadevafric.com/assets/js/plugins/mapbox.min.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:13 Last Seen2024-02-16 03:38:26 Times Seen11 Hash cb9a45679f72ac94056cff79895cca8c d40a57e44b32bd2d411caf1a03237648ff21b6c6 cf3bc0e13f563dd7a6cbf03988ec3f551ccf95ffdb4e2b08765a800eba09cdc9 Loading...

HTTP Transactions (68)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ede732d48f2c32ad5e3b899bb4348df9
15fa12733818b3ae39f3022a715ed0f431b28242
446c9bf6bc38a43f5758f6f44f89ad76eff44eb8779cf7e62bbfeb002b298dee

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "446C9BF6BC38A43F5758F6F44F89AD76EFF44EB8779CF7E62BBFEB002B298DEE"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8741
Expires: Sat, 24 Dec 2022 05:32:07 GMT
Date: Sat, 24 Dec 2022 03:06:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d6a971d765338f107fe9d2c67fa4bbdf
a72bdf191446a37fa0420cc9d7c087aaff757cd6
dc5291c136b0b81621a02679a31f6b7c852e2803429d54c2a9afcc8edf031328

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC5291C136B0B81621A02679A31F6B7C852E2803429D54C2A9AFCC8EDF031328"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19924
Expires: Sat, 24 Dec 2022 08:38:30 GMT
Date: Sat, 24 Dec 2022 03:06:26 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 24 Dec 2022 02:46:13 GMT
content-type: application/json
age: 1213
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7f0ad5c2841a345f98197c2f1e86f4d
84cbfd91934a8715baba4a2da46451f35597c99c
be30540f2e06a3565c9b38bdbb9691f707d692b196bdcef5d671708aa9609795

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE30540F2E06A3565C9B38BDBB9691F707D692B196BDCEF5D671708AA9609795"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19451
Expires: Sat, 24 Dec 2022 08:30:37 GMT
Date: Sat, 24 Dec 2022 03:06:26 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: xVzUbOlu8xX5s9DL3XLUQQIRP+NKO2nFBvK3kxswGqDMWUB3GjKLT5GHhh9UHTf9NONIx6rZ4ME=
x-amz-request-id: 4Z52VRSZS0KG3P6A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 24 Dec 2022 02:56:26 GMT
age: 600
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 03:06:26 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

sadevafric.com/msin/tuda

66.29.145.237

301 Moved Permanently

240 B

URL HTTP/1.1
sadevafric.com/msin/tuda
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
240 B (240 bytes)
Hash
435f3b097f9b35ca9dbd919d2ebc488c
3b4404e42a3233db3244be673948c41f61b272d1
cfcd8e276c2f13e105fdb4e4a50ec87e457fc0a08e9e81707b72f10000431f1a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /msin/tuda HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sat, 24 Dec 2022 03:06:27 GMT
Server: Apache
Location: https://sadevafric.com/msin/tuda
Content-Length: 240
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 24 Dec 2022 02:08:03 GMT
age: 3504
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c615c937e6371bda0824b44af0c21c74
b097d69452bcc60085f563d094388185c26f0e7d
9f1194921b5d57dd52a217a47e69ad4cec7c08378c73c8dfccc3817119fcbb41

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3196
Cache-Control: max-age=111216
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 03:06:27 GMT
Etag: "63a56fa7-1d7"
Expires: Sun, 25 Dec 2022 10:00:03 GMT
Last-Modified: Fri, 23 Dec 2022 09:06:47 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.218.168.248

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.218.168.248:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yD/jCri7cHqiEViA6LHR2g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MLkMOs5OgTYO+MxZWjxvJKCJTGM=

sadevafric.com/msin/tuda

66.29.145.237

307 Temporary Redirect

0 B

URL HTTP/1.1
sadevafric.com/msin/tuda
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /msin/tuda HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 307 Temporary Redirect
Date: Sat, 24 Dec 2022 03:06:27 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; expires=Sat, 24-Dec-2022 05:06:27 GMT; Max-Age=7200; path=/
ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3; expires=Mon, 26-Dec-2022 03:06:27 GMT; Max-Age=172800; path=/; HttpOnly
Location: https://sadevafric.com/
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

sadevafric.com/

66.29.145.237

200 OK

6.2 kB

URL HTTP/1.1
sadevafric.com/
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (342), with CRLF, LF line terminators
Size
6.2 kB (6177 bytes)
Hash
cb9db9e2df56ac35f3aa484daebd2ae3
d1c0708912bb7db0bad714c05956f41a1ab0cc39
63aac0b30f85e1a9de749028386aef86ae83378e91e26e041936ade6b800a3c6

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; expires=Sat, 24-Dec-2022 05:06:28 GMT; Max-Age=7200; path=/
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6177
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dc2725df0fb812e32298bb7faaf0c231
4ce4ac649b05b8eedab5bda51f4baf5f98417689
1a60eb1f9b71718c2061dfeb9de8241bef6fecab5d48adbc8ce3a89d1dddb8f5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 03:06:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

142.250.74.106

200 OK

1.5 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.5 kB (1471 bytes)
Hash
7d3e60ae590f81e96b14a072acd90c29
2f028397082dd517eecf96be8bfece455b7721f7
afdf2ed08e0a733486a94d7f8c29e9e7c6655bdc83dd2f2f2d20720b75edc929

HTTP Headers

GET /css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 24 Dec 2022 03:06:28 GMT
date: Sat, 24 Dec 2022 03:06:28 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

sadevafric.com/assets/css/plugins/bootstrap.min.css

66.29.145.237

200 OK

21 kB

URL HTTP/1.1
sadevafric.com/assets/css/plugins/bootstrap.min.css
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65324)
Size
21 kB (21007 bytes)
Hash
733571679e9957e2653ecce1c235ae28
71eff8d605c8346f6e413589a8aa69b217e4d923
cbc30aca6e7eb5990a7282fbd4d1b76ed492b31a4c46bb587f4ebd1b48c2fdd4

HTTP Headers

GET /assets/css/plugins/bootstrap.min.css HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Last-Modified: Thu, 11 Feb 2021 22:56:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 21007
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

sadevafric.com/assets/css/plugins/font-awesome.min.css

66.29.145.237

200 OK

12 kB

URL HTTP/1.1
sadevafric.com/assets/css/plugins/font-awesome.min.css
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (54456)
Size
12 kB (11817 bytes)
Hash
a17b2209512865d8e882880dd8c403e0
35b7d11062831c849a213c6752136e276c56bb56
c29734bf3b21a5ce948cf29d765d596ecf0495c2a61f67d0e3e23a4f815693e2

HTTP Headers

GET /assets/css/plugins/font-awesome.min.css HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 01:49:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 11817
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

sadevafric.com/assets/css/plugins/swiper.min.css

66.29.145.237

200 OK

3.1 kB

URL HTTP/1.1
sadevafric.com/assets/css/plugins/swiper.min.css
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1470)
Size
3.1 kB (3063 bytes)
Hash
5d028d301366f480ddc61b88f7d66dd8
344e33b68472c09ad3c7a38ae11b11e24298a0b3
c29f68dbc0da7d5449d4865a430552efb937b04bd647eabe980332ad75a07e52

HTTP Headers

GET /assets/css/plugins/swiper.min.css HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 01:49:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3063
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

sadevafric.com/assets/css/plugins/fancybox.min.css

66.29.145.237

200 OK

3.3 kB

URL HTTP/1.1
sadevafric.com/assets/css/plugins/fancybox.min.css
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
3.3 kB (3264 bytes)
Hash
48f7cd6ea25e7a870144d0b7999cf3fb
8eecf63f78b0e5679c8f2d5c82a3d2e8d4eccdde
61aa1b688bbd00d28a2b76006c005f2181a8cd00055c74d4a5255dbacab4aeb3

HTTP Headers

GET /assets/css/plugins/fancybox.min.css HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Last-Modified: Mon, 07 Dec 2020 18:22:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3264
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

sadevafric.com/assets/css/plugins/mapbox-style.css

66.29.145.237

200 OK

4.6 kB

URL HTTP/1.1
sadevafric.com/assets/css/plugins/mapbox-style.css
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (34832)
Size
4.6 kB (4579 bytes)
Hash
e92d94d527112eccad9eff37daf5d414
3e9548d816fe420a093320151595601e6865d236
9bb0b50fba17ae136f2124c4d62a64541ea3a1db70126cf28f51d63f5e7bc893

HTTP Headers

GET /assets/css/plugins/mapbox-style.css HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Last-Modified: Thu, 21 Jan 2021 18:11:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4579
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

sadevafric.com/assets/css/style-light.css

66.29.145.237

200 OK

6.8 kB

URL HTTP/1.1
sadevafric.com/assets/css/style-light.css
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
6.8 kB (6750 bytes)
Hash
ce636cfe8004cd4ed470b185643cf79b
0aa633e506e709405f89d64e7d848f7ea00e5338
fc91747aa1140b0b9a3781a9a83077b912957bd13d5b685aa0facc4763d01019

HTTP Headers

GET /assets/css/style-light.css HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Last-Modified: Thu, 09 Sep 2021 19:08:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6750
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b9643a377daeefa9e867de25d84d90a4
7ab8aade6752606edfa9a6e68248fdbdca76dae8
0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 03:06:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b9643a377daeefa9e867de25d84d90a4
7ab8aade6752606edfa9a6e68248fdbdca76dae8
0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 03:06:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b9643a377daeefa9e867de25d84d90a4
7ab8aade6752606edfa9a6e68248fdbdca76dae8
0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 03:06:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b9643a377daeefa9e867de25d84d90a4
7ab8aade6752606edfa9a6e68248fdbdca76dae8
0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 03:06:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sadevafric.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 07:08:09 GMT
expires: Sat, 23 Dec 2023 07:08:09 GMT
cache-control: public, max-age=31536000
age: 71900
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

sadevafric.com/assets/js/plugins/scroll-magic-gsap-plugin.js

66.29.145.237

200 OK

4.3 kB

URL HTTP/1.1
sadevafric.com/assets/js/plugins/scroll-magic-gsap-plugin.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
4.3 kB (4272 bytes)
Hash
daaa793446a620a7c1c001be03f6168c
297c81b4711979a2334f60f246eaf9e9317f40b4
cfe9a96cd8d659a71f887a3291a8b1f94c96d171e5bb152b6e0c0007efee18f7

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /assets/js/plugins/scroll-magic-gsap-plugin.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Last-Modified: Fri, 11 Dec 2020 06:15:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4272
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13984
Expires: Sat, 24 Dec 2022 06:59:33 GMT
Date: Sat, 24 Dec 2022 03:06:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13984
Expires: Sat, 24 Dec 2022 06:59:33 GMT
Date: Sat, 24 Dec 2022 03:06:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13984
Expires: Sat, 24 Dec 2022 06:59:33 GMT
Date: Sat, 24 Dec 2022 03:06:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13984
Expires: Sat, 24 Dec 2022 06:59:33 GMT
Date: Sat, 24 Dec 2022 03:06:29 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b9643a377daeefa9e867de25d84d90a4
7ab8aade6752606edfa9a6e68248fdbdca76dae8
0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 03:06:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sadevafric.com/assets/js/plugins/jquery.min.js

66.29.145.237

200 OK

31 kB

URL HTTP/1.1
sadevafric.com/assets/js/plugins/jquery.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65451)
Size
31 kB (30910 bytes)
Hash
888c5fa4504182a0224b264a1fda0e73
65f058a7dead59a8063362241865526eb0148f16
7d757e510b1f0c4d44fd98cc0121da8ca4f44793f8583debdef300fb1dbd3715

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /assets/js/plugins/jquery.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Last-Modified: Tue, 24 Nov 2020 22:10:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 30910
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

sadevafric.com/assets/js/plugins/isotope.min.js

66.29.145.237

200 OK

9.8 kB

URL HTTP/1.1
sadevafric.com/assets/js/plugins/isotope.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (32019)
Size
9.8 kB (9847 bytes)
Hash
f23be9b893032a9a3beeb61008b659d6
0ae8ca6e11fa6299c409f7155c39a6fbefa3dd0b
c343a4923a7dfc3451f05434f6061f4f46f14774867a9dfbd7d0965ff54236c4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /assets/js/plugins/isotope.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 01:49:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9847
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b796350-ff1b-4da6-91c7-f598bab0dde2.jpeg

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b796350-ff1b-4da6-91c7-f598bab0dde2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9343 bytes)
Hash
42578645a06eaf381fd25ddc41b91820
8656fddf2a13fff129a073fc85c8197c78ffaaed
f1afcf62cbe9ce3a786f2f38a851781450fe52ce8f367d30fc31c31977624379

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b796350-ff1b-4da6-91c7-f598bab0dde2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9343
x-amzn-requestid: 2720f2c1-7d46-4a81-b570-f63490384967
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnqZGyDIAMF4Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61fdb-79c3107c2c0465885bd76558;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EYD2n7YFOmgZ8y-ozxFxAB1hSIfelVWgbs5lV-CzKf6CoLowACVkQQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:49:02 GMT
age: 19047
etag: "8656fddf2a13fff129a073fc85c8197c78ffaaed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98adc653-f9a6-4ecb-ac9e-bc2f050bce18.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8691 bytes)
Hash
f8c72ec1e9749463326e11f003982211
a76cc3e7d6ca04b4e1d1c947c25ad10a11e9750c
afeea88b39c0fa6957e58d13562222415705d408f89583adcf428a02140abbdd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98adc653-f9a6-4ecb-ac9e-bc2f050bce18.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8691
x-amzn-requestid: e8b31f4c-cf9e-4027-ba28-86dcc5ac5190
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnRDHvSIAMF9Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61f39-06c81a124ae007023d03c375;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:35:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K4yo4xbEQJQh6HZOfia0oQeSLF0UCRjP6_2utECzhCITAQIEGvGWjw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:50:48 GMT
age: 18941
etag: "a76cc3e7d6ca04b4e1d1c947c25ad10a11e9750c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4d8b8ab-ff79-4e93-97dc-b4b7d18e0b5b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6645 bytes)
Hash
0c276f786c96caac3f6a2b1cb20e4993
233988de2b66d8d97e0f21cbd1a182a9b4bd162f
bd5418d62aabf5e38f5c06409d0e1144f101d045072513150d5f16ffc2df169c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4d8b8ab-ff79-4e93-97dc-b4b7d18e0b5b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6645
x-amzn-requestid: 0f18f9e7-c8b3-4250-8156-96d3ea8a9749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: diVuQE5fIAMFeXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a40327-520100d2431fabd14317afe3;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 07:11:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UYAT01ECmYKrp25iLBix5K0qdahEvfppThLwVjcQOffxq0UI9PEKsg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 05:05:35 GMT
age: 79254
etag: "233988de2b66d8d97e0f21cbd1a182a9b4bd162f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31f60792-f774-4c4f-b0ee-969c5b98599b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6872 bytes)
Hash
833cb477949b114e983e8ca343d4abe5
80b76a3c3c75b4cd10856a3b7ee33154d73bfb3c
935d8eeb5b3a70b358b6d574260212ace3d16e053dbe3b37e149407c04f86160

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31f60792-f774-4c4f-b0ee-969c5b98599b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6872
x-amzn-requestid: b9c756db-0b48-4b3d-b6cb-9efadae0cc5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnP1HNrIAMFsuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61f31-0cc785ff4410f34e2c68bc6f;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IQaUlBbkGlJoH0ItRI_fN9ARQGGrhU-sH8DgHNYlGGxk_FfxgWVMOQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:42:36 GMT
etag: "80b76a3c3c75b4cd10856a3b7ee33154d73bfb3c"
content-type: image/jpeg
age: 19433
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d8a813d-10ee-4216-bb6b-8bcd1d8141e4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7669 bytes)
Hash
6d90b80ebad103c48c3043c8d5e4c3ca
ab36c9309ce13b2a3d075461c2445f76bfc582aa
2287a6db0a6a58c570930c1f94c3b36d7acf383b26cdfa42261eb254598fa7c2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d8a813d-10ee-4216-bb6b-8bcd1d8141e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7669
x-amzn-requestid: 4b35e79d-21c8-48d7-b11b-44bd820e29d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnROG4UoAMFZdA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61f3a-765739ad7e9063781ccb12b2;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:35:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lhQA2yVBNtJ04goTms0KXhX6Q4v86TEe4EUioQs3eJzzMsCxbVmykw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:39:58 GMT
age: 19591
etag: "ab36c9309ce13b2a3d075461c2445f76bfc582aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

sadevafric.com/assets/js/plugins/tween-max.min.js

66.29.145.237

200 OK

39 kB

URL HTTP/1.1
sadevafric.com/assets/js/plugins/tween-max.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (32028)
Size
39 kB (39300 bytes)
Hash
a6a64f068c32e61e418134cc830d9a7d
e64f360d949f75331a89146c7707ddb4d42fcb0a
f82f0e56bcd25e05c88f43b184d846a166458b4fcf8533a3adc7481a0f410b08

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /assets/js/plugins/tween-max.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Last-Modified: Fri, 11 Dec 2020 06:20:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 39300
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

sadevafric.com/assets/js/plugins/scroll-magic.js

66.29.145.237

200 OK

25 kB

URL HTTP/1.1
sadevafric.com/assets/js/plugins/scroll-magic.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (330)
Size
25 kB (25095 bytes)
Hash
0654c5b5bb66d21e526ca3288043b184
444823af815fe2375a6bfd6a169e5ee3fe41b4b0
b2694723acb5522a0a47644c2dd08333d34a2a177a44ef10f3ceb4424048a4d6

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /assets/js/plugins/scroll-magic.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Last-Modified: Fri, 11 Dec 2020 06:14:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 25095
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

sadevafric.com/assets/js/plugins/swiper.min.js

66.29.145.237

200 OK

33 kB

URL HTTP/1.1
sadevafric.com/assets/js/plugins/swiper.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65271)
Size
33 kB (32552 bytes)
Hash
a9dbdc85dfcc3a7f9e40019b5530ef83
3819e7edd68a2712bed8956d742cafff37c4ed77
8f9ff6eb4d271afd73674c1ba5f1c1ae82e68984098d94bc6fdee31fa5aaed5c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /assets/js/plugins/swiper.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:28 GMT
Server: Apache
Last-Modified: Thu, 11 Feb 2021 22:55:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 32552
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

sadevafric.com/assets/js/plugins/smooth-scrollbar.min.js

66.29.145.237

200 OK

17 kB

URL HTTP/1.1
sadevafric.com/assets/js/plugins/smooth-scrollbar.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (26614)
Size
17 kB (17388 bytes)
Hash
42de1cf61a78c2ea098a1bd4e35a24e4
b11d44873ef13eaa65d2936bdcd6b8b4e2289413
c5d44c5b06ac42d761d44c271d5f2e4db4a4cb13290bfa31d39208ed8c883de4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /assets/js/plugins/smooth-scrollbar.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 01:52:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 17388
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

sadevafric.com/assets/js/plugins/overscroll.min.js

66.29.145.237

200 OK

4.4 kB

URL HTTP/1.1
sadevafric.com/assets/js/plugins/overscroll.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (9511)
Size
4.4 kB (4438 bytes)
Hash
53dbd66e5044c88004c425f2295c4810
149469dc3b55d08aefe2d8a01ae97a27b5d4fa8d
b91283f8d27573de404bf3d8d95e9f1e952be27d89d3d3fbcd8850bded8ae84a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /assets/js/plugins/overscroll.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 01:49:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4438
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

sadevafric.com/assets/js/plugins/fancybox.min.js

66.29.145.237

200 OK

22 kB

URL HTTP/1.1
sadevafric.com/assets/js/plugins/fancybox.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text, with very long lines (31972)
Size
22 kB (22014 bytes)
Hash
f8b62df0805382748074af7be8c55fc3
954cce85dd07378f6161bf292e42c53da428ff62
90d139e51b28f09110a6653ac7ce12f6b603bed42be80bccc9876130e6eaf61a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /assets/js/plugins/fancybox.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 01:49:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 22014
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

sadevafric.com/assets/js/plugins/canvas.js

66.29.145.237

200 OK

1.2 kB

URL HTTP/1.1
sadevafric.com/assets/js/plugins/canvas.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
1.2 kB (1202 bytes)
Hash
2f9f9599c326666430e240bd2040229e
97c3e0885adae1da5658fc57b036ccd1c3bf1fd8
087eaf86761d05a8fc0acf6e754b2d3fbbc3ecc41e8c5795576a8b18638d61ad

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /assets/js/plugins/canvas.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Tue, 06 Apr 2021 17:31:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1202
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

sadevafric.com/assets/js/plugins/parsley.min.js

66.29.145.237

200 OK

12 kB

URL HTTP/1.1
sadevafric.com/assets/js/plugins/parsley.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (32005), with CRLF line terminators
Size
12 kB (12347 bytes)
Hash
d0d7a0f3ca1af46edd464738404d704b
07acb5664b72237d6803d79e04f357bae456b52d
f2e8a1ed3fcb50a9a3412859f34677cada1cc2d8617367edcefb80939f2f7f5d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /assets/js/plugins/parsley.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Wed, 10 Jun 2020 19:30:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 12347
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

sadevafric.com/assets/js/main.js

66.29.145.237

200 OK

3.6 kB

URL HTTP/1.1
sadevafric.com/assets/js/main.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
C++ source, ASCII text
Size
3.6 kB (3626 bytes)
Hash
13dffac744d12e9a004a0fd2af0c3a77
3612a0b04888d05ef4d7f98a57f334cde2fa8437
166c8d0a025d55aa663d8b511e94347e98383501c818824adf44ca662b0cd91f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /assets/js/main.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Fri, 06 Aug 2021 22:03:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3626
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

sadevafric.com/assets/js/plugins/mapbox.min.js

66.29.145.237

200 OK

195 kB

URL HTTP/1.1
sadevafric.com/assets/js/plugins/mapbox.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (64450)
Size
195 kB (195389 bytes)
Hash
01db876058ff9998316589ae375c5eaa
62d02a663b9c62df16d810721d9a921b0c9e39a8
969d77541d90a4bcee5cb7cf16256c3b0479fbfed7fd853cf9a17ef6aa07359b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /assets/js/plugins/mapbox.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Thu, 11 Feb 2021 22:56:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

sadevafric.com/assets/img/light/logo.svg

66.29.145.237

200 OK

5.9 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/logo.svg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (14829), with no line terminators
Size
5.9 kB (5908 bytes)
Hash
5d71acf1ba704203c83505c454c71a7d
5ba3860609d1efd27b5197a01221e6a2d3c275dc
f4953d5cb08b703d9410426321b286a83d15d7877f035e948cd34a3f50375b42

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /assets/img/light/logo.svg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Wed, 04 Aug 2021 21:54:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5908
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/svg+xml

sadevafric.com/assets/css/webfonts/fa-brands-400.woff2

66.29.145.237

200 OK

72 kB

URL HTTP/1.1
sadevafric.com/assets/css/webfonts/fa-brands-400.woff2
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 72112, version 329.31064\012- data
Size
72 kB (72112 bytes)
Hash
4b115e1153a9ea339d6a0bb284cc8ed3
f988b2efe9434b0af28943708d33dd3afad9a5ba
d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /assets/css/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sadevafric.com/assets/css/plugins/font-awesome.min.css
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Fri, 04 Dec 2020 18:24:30 GMT
Accept-Ranges: bytes
Content-Length: 72112
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff2

sadevafric.com/assets/img/light/projects/prjct-3/1.jpg

66.29.145.237

200 OK

56 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-3/1.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x360, components 3\012- data
Size
56 kB (56354 bytes)
Hash
b47b994c0a66534e7d34aeda5ed59bfc
bf22f9c59bfb45cfb25d7ac5942b7ae4e89c418b
6028f0d5e49a93ed75c589ee1f6207305b456ced1a13a8e59e3929346401208b

HTTP Headers

GET /assets/img/light/projects/prjct-3/1.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:35:46 GMT
Accept-Ranges: bytes
Content-Length: 56354
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

sadevafric.com/assets/img/light/projects/prjct-3/3.jpg

66.29.145.237

200 OK

69 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-3/3.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x360, components 3\012- data
Size
69 kB (69435 bytes)
Hash
dfe8e0ee27d28a653a85ff0c4c825d40
f138f2799f9c0acc075d13bf4ec4feb579eab458
c54e96adff4d4f4a7589e9422884cdab0bade020c3237dd6b591d29f29e1c5ae

HTTP Headers

GET /assets/img/light/projects/prjct-3/3.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:37:06 GMT
Accept-Ranges: bytes
Content-Length: 69435
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

sadevafric.com/assets/img/light/projects/prjct-5/1.jpg

66.29.145.237

200 OK

168 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-5/1.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 525x350, components 3\012- data
Size
168 kB (168178 bytes)
Hash
028857dbead357da2bac5b2f6291df9f
4c102a542b0f33188029bd2440079b7608cf915d
9b6c9b8f1c2717a4d4c7ab47ffa5f3367584b0724c8db1e1dd458cfdc595d8d0

HTTP Headers

GET /assets/img/light/projects/prjct-5/1.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Fri, 06 Aug 2021 21:18:00 GMT
Accept-Ranges: bytes
Content-Length: 168178
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

sadevafric.com/assets/img/light/projects/prjct-3/2.jpg

66.29.145.237

200 OK

80 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-3/2.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x360, components 3\012- data
Size
80 kB (79874 bytes)
Hash
3705e146ab0f6bb39a47073594f3af64
2769eb25cc3a4b1ad2683c17be5d1614928d9e33
72df5d2cdd184bf7316b97fc2c946e219a872acd953ef7b0a8cb05a0e9ddd9f8

HTTP Headers

GET /assets/img/light/projects/prjct-3/2.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:36:24 GMT
Accept-Ranges: bytes
Content-Length: 79874
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

sadevafric.com/assets/img/light/projects/prjct-3/4.jpg

66.29.145.237

200 OK

71 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-3/4.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x360, components 3\012- data
Size
71 kB (71233 bytes)
Hash
1293bdd489072870ce5379f12975700b
975f5ccb33687f1b211f44d850238f2731af55a3
f11ff0997fcf8ab152a595ea8077ca73647283c3e37ebc01747d107a360d7183

HTTP Headers

GET /assets/img/light/projects/prjct-3/4.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:37:48 GMT
Accept-Ranges: bytes
Content-Length: 71233
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
0e8935125f24086b1a90db0771267bab
b120ac30a95d9b220355c8b0f16445b93c40b214
c1c06b01e5be9bd45bdcffcce02377556a72229278abe5eadc3c122e9856dc59

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Dec 2022 21:39:34 GMT
Expires: Tue, 27 Dec 2022 21:39:33 GMT
Etag: "b120ac30a95d9b220355c8b0f16445b93c40b214"
Cache-Control: max-age=325382,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77e61f114930b50b-OSL

sadevafric.com/assets/img/light/projects/prjct-1/fs/7.jpg

66.29.145.237

200 OK

266 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-1/fs/7.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1280, components 3\012- data
Size
266 kB (265847 bytes)
Hash
26dc75e955c7ca26a0cd11aa6df6d797
aec1976b12c97b99ae54e893dc348d38fbca7169
624a503da93148052e817c78cbad18aa7de6eca175866a29c6164044b41e6961

HTTP Headers

GET /assets/img/light/projects/prjct-1/fs/7.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 18:00:56 GMT
Accept-Ranges: bytes
Content-Length: 265847
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

sadevafric.com/assets/img/light/projects/prjct-3/5.jpg

66.29.145.237

200 OK

78 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-3/5.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x360, components 3\012- data
Size
78 kB (77738 bytes)
Hash
6b278691e2c4dd737c27276cda08f914
8233d5ddae68550a0455dd87e3e10ef3d6ed8f41
97c83f05952458d6ad49ea9f5436abb5152f3ad17d67d3347c56e339d20f35c9

HTTP Headers

GET /assets/img/light/projects/prjct-3/5.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:38:54 GMT
Accept-Ranges: bytes
Content-Length: 77738
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

sadevafric.com/assets/img/light/projects/prjct-3/6.jpg

66.29.145.237

200 OK

81 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-3/6.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x360, components 3\012- data
Size
81 kB (81339 bytes)
Hash
627098bf83cf944e9e5bfdbd80b18521
56357d4091e550362537589a5c6f0dfe4856269e
f54366ec758c9e2e0799b318ff37bc131021c40c9db773f98577dd7c650ad946

HTTP Headers

GET /assets/img/light/projects/prjct-3/6.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:30 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:39:52 GMT
Accept-Ranges: bytes
Content-Length: 81339
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

aws-wwcloud.net/async/?id=588e2a123b18kd2s9t1it3yt11z778t3

195.123.218.98

200 OK

177 B

URL HTTP/1.1
aws-wwcloud.net/async/?id=588e2a123b18kd2s9t1it3yt11z778t3
IP
195.123.218.98:0
ASN
#21100 ITL LLC

File type
PNG image data, 1 x 1, 4-bit colormap, non-interlaced\012- data
Size
177 B (177 bytes)
Hash
a9428714a3fc96dda46bf3dcb266266a
ccdf71be456f9f753967364b9b0ef38c1159d5ed
4f078541628ddaeeb2c66ef06b22c95df4ff9deb16a68554d4ad2f78380c42c2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /async/?id=588e2a123b18kd2s9t1it3yt11z778t3 HTTP/1.1
Host: aws-wwcloud.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sadevafric.com
Connection: keep-alive
Referer: https://sadevafric.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.1
Date: Sat, 24 Dec 2022 03:06:30 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Access-Control-Allow-Origin: *
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=8iisj9itsntuikbcug7kheteg7; path=/
_subid=3fk8c9q9uq1b6; expires=Sun, 25-Dec-2022 03:06:30 GMT; path=/; domain=.aws-wwcloud.net
fcada=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjM3MVwiOjE2NzE4NTExOTB9LFwiY2FtcGFpZ25zXCI6e1wiMjJcIjoxNjcxODUxMTkwfSxcInRpbWVcIjoxNjcxODUxMTkwfSJ9.5vbe_sRoDmslpd5GaRhyLCkiWoRspO2uxWlyeCFdRdo; expires=Sun, 25-Dec-2022 03:06:30 GMT; path=/; domain=.aws-wwcloud.net
Strict-Transport-Security: max-age=31536000;

sadevafric.com/assets/img/light/projects/prjct-2/1.jpg

66.29.145.237

200 OK

88 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-2/1.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 320x439, components 3\012- data
Size
88 kB (88296 bytes)
Hash
7370c173fea66f848ced70915e1d3320
738039bf40e0bfe13342ed2ce2434eaeb93620d9
246911ef2605d9ed13772a09a524093239de160a91292aec7add41101b01f6a6

HTTP Headers

GET /assets/img/light/projects/prjct-2/1.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:30 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:16:58 GMT
Accept-Ranges: bytes
Content-Length: 88296
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg

sadevafric.com/assets/img/light/projects/prjct-2/2.jpg

66.29.145.237

200 OK

90 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-2/2.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 320x439, components 3\012- data
Size
90 kB (89785 bytes)
Hash
c1f1ea75fc81d18169038aeda9057f74
193cb6f6fd7bd30c4406948a1359f6dd0bd31aca
bda2eb9c12de07dd821e20bec754680c50debb7ec4f4b040826e65aa16cb5370

HTTP Headers

GET /assets/img/light/projects/prjct-2/2.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:30 GMT
Server: Apache
Last-Modified: Fri, 20 Aug 2021 16:34:24 GMT
Accept-Ranges: bytes
Content-Length: 89785
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg

sadevafric.com/assets/img/light/projects/prjct-1/fs/1.jpg

66.29.145.237

200 OK

648 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-1/fs/1.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1440, components 3\012- data
Size
648 kB (647484 bytes)
Hash
0ff0ec8dad290a5118853902b9086311
01a9d94248043f47dceb7f87b01bb73022f281cc
31f49e0601c40942e8fc6f847eaf7da7211e2a9e6048c7ab2e7ca49c2c566de7

HTTP Headers

GET /assets/img/light/projects/prjct-1/fs/1.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:29 GMT
Server: Apache
Last-Modified: Thu, 18 Aug 2022 15:51:34 GMT
Accept-Ranges: bytes
Content-Length: 647484
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

sadevafric.com/assets/img/light/projects/prjct-2/3.jpg

66.29.145.237

200 OK

126 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-2/3.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 320x439, components 3\012- data
Size
126 kB (125788 bytes)
Hash
40be0bb2600417e62fd4c6e585fe0767
a2ed1a0e3ccf4068d509e1b35ad5254283521ef8
15ec434815b7c476b13ca1cd52abbc297f7d5d8c19ce8e63b6f68ce4ad7863d6

HTTP Headers

GET /assets/img/light/projects/prjct-2/3.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:30 GMT
Server: Apache
Last-Modified: Fri, 20 Aug 2021 16:38:30 GMT
Accept-Ranges: bytes
Content-Length: 125788
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

sadevafric.com/assets/img/light/projects/prjct-4/1.jpg

66.29.145.237

200 OK

341 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-4/1.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x731, components 3\012- data
Size
341 kB (340751 bytes)
Hash
b81a273e0fe698c9ff0bb384644e02b7
fc09ddaa570e338d02227d5debbc0c98a0674e30
ec4cc2847ed874cfd2bc56fa186946d0f8b373e62441d07e6393ec0406aa6a37

HTTP Headers

GET /assets/img/light/projects/prjct-4/1.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:30 GMT
Server: Apache
Last-Modified: Fri, 20 Aug 2021 17:15:36 GMT
Accept-Ranges: bytes
Content-Length: 340751
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg

www.applitech.ci/assets/images/logo.png

66.29.145.237

200 OK

7.1 kB

URL HTTP/1.1
www.applitech.ci/assets/images/logo.png
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 350 x 78, 8-bit/color RGBA, non-interlaced\012- data
Size
7.1 kB (7050 bytes)
Hash
b8eb88106d1545ea12a6185215e99a33
d82138cf5c47a60538898d5de1374b92572dd6de
143e08dbbb3247dd1bbaa00e73b9da6b696e25262045796f4b9f197f18f8d316

HTTP Headers

GET /assets/images/logo.png HTTP/1.1
Host: www.applitech.ci
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:30 GMT
Server: Apache
Last-Modified: Fri, 18 Mar 2022 17:26:24 GMT
Accept-Ranges: bytes
Content-Length: 7050
Cache-Control: max-age=2592000
Expires: Mon, 23 Jan 2023 03:06:30 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

sadevafric.com/assets/img/light/favicon.png

66.29.145.237

200 OK

2.0 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/favicon.png
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Size
2.0 kB (1993 bytes)
Hash
511e7d91b99af1430ae66c2190769370
790a4d5a98c90d36ec8e2b1f9782099c77964688
9d6ae67eb2f11755ad511ca5db8f3c5b8041f84ef9901662758900be7662448a

HTTP Headers

GET /assets/img/light/favicon.png HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=dc8643bf3cc796b8402bd76e4275e8fe; ci_session=d7b2baa9e0c84f23463171ab0f9c51a713c373b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 03:06:30 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 19:13:16 GMT
Accept-Ranges: bytes
Content-Length: 1993
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ea23fe-7e38-4bc2-9a3c-0348db307737.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6663 bytes)
Hash
7514aea8a6ecc6d2c4c4362719ec1f71
cb1cbae883c69fba75b584248c2ba79663175e66
0233fca45e85ea0fcd83083ce1c32084411067d01df99eb67ce15d00c361a16e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ea23fe-7e38-4bc2-9a3c-0348db307737.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6663
x-amzn-requestid: 7a457075-fb06-4be7-be96-c9d5e176e39a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnPzGukIAMF1OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61f31-59b7441372a27f0f793c73e7;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 77BRdhrG6j7XXr_v3GUHnpjCn9xtlkKavKu1dpn7NZQe7KU3z370eA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:42:36 GMT
etag: "cb1cbae883c69fba75b584248c2ba79663175e66"
content-type: image/jpeg
age: 19439
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP