Report - acts2001.com/

Report Overview

Submitted URL
acts2001.com/
IP
65.49.39.11
ASN
#6939 HURRICANE
Submitted
2022-10-09 22:46:35
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
156

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.42.148.177
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	993 B	2.1 kB	142.250.74.35
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	460 B	16 kB	216.58.207.195
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	67 kB	34.120.237.76
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	393 B	1.2 kB	142.250.74.164
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	423 B	160 kB	142.250.74.163
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	54.230.111.7
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
acts2001.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	1.4 MB	65.49.39.11

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-09	medium	acts2001.com/	Malware
2022-10-09	medium	acts2001.com/	Malware
2022-10-09	medium	acts2001.com/wp-content/themes/spacious/style.css?ver=6.0.2	Malware
2022-10-09	medium	acts2001.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2	Malware
2022-10-09	medium	acts2001.com/wp-content/plugins/formidable/css/formidableforms.css?ver=929709	Malware
2022-10-09	medium	acts2001.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2	Malware
2022-10-09	medium	acts2001.com/wp-content/themes/spacious/js/jquery.cycle2.swipe.min.js?ver=6.0.2	Malware
2022-10-09	medium	acts2001.com/wp-content/themes/spacious/js/spacious-custom.js?ver=6.0.2	Malware
2022-10-09	medium	acts2001.com/wp-content/themes/spacious/js/jquery.cycle2.min.js?ver=2.1.6	Malware
2022-10-09	medium	acts2001.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	Malware
2022-10-09	medium	acts2001.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664390091	Malware
2022-10-09	medium	acts2001.com/wp-content/themes/spacious/assets/fonts/Lato-Regular.woff	Malware
2022-10-09	medium	acts2001.com/wp-content/themes/spacious/assets/fonts/Lato-Bold.woff	Malware
2022-10-09	medium	acts2001.com/wp-content/themes/spacious/assets/fonts/Lato-Italic.woff	Malware

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed
2022-10-09	medium	acts2001.com	Sinkholed

JavaScript (26)

	URL	Size	First Seen	Last Seen
	www.google.com/recaptcha/api.js?onload=frmRecaptcha&render=explicit&ver=3	907 B	2023-03-08	2023-03-08
Pretty URL www.google.com/recaptcha/api.js?onload=frmRecaptcha&render=explicit&ver=3 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 11:59:34 Last Seen2023-03-08 11:59:34 Times Seen1 Hash 099c581832148e74ab1bf1d3bcb84930 7d28c15191edc9775333d9677243d7b5dc6276a9 55e63c688e342b26e3edfe0009ea0914615974c9aae80f29ba11267aa8c47e2c Loading...

	acts2001.com/	2.2 kB	2023-03-08	2023-03-08
Pretty URL acts2001.com/ IP 65.49.39.11 ASN #6939 HURRICANE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 11:59:34 Last Seen2023-03-08 11:59:34 Times Seen1 Hash 47a7bf46f7e19f7b69f5e72332828d85 9a97238189e9ff700744a7d44bd90237258c884f 2bf60605e8afbd16851a2fd183a62ddffe454e1936947898af1094b43e80e4a2 Loading...

	acts2001.com/wp-content/themes/spacious/js/jquery.cycle2.min.js?ver=2.1.6	23 kB	2023-03-07	2024-05-06
Pretty URL acts2001.com/wp-content/themes/spacious/js/jquery.cycle2.min.js?ver=2.1.6 IP 65.49.39.11 ASN #6939 HURRICANE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:45 Last Seen2024-05-06 23:47:37 Times Seen226 Hash 7c0e82e4ca009baf6ab2f8041bd4174b e88781750019222951d558b97c32c8704cc18bf6 3539a3682883c8d8562cbffdb4fe67d47c14f0b4fe80a2d8a5c2f1ccfd652287 Loading...

	acts2001.com/	6.1 kB	2023-03-08	2023-03-08
Pretty URL acts2001.com/ IP 65.49.39.11 ASN #6939 HURRICANE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 11:59:34 Last Seen2023-03-08 11:59:34 Times Seen1 Hash f9974fc6d8c3494598ac44a45507c609 f7b7a9065093b844c7c652455b3e4a93ec5e916e df6d23c72447c64646937d3c4cc588dfbaf1ad4c523330f17884dd85d5516562 Loading...

	acts2001.com/	87 B	2023-03-07	2024-05-09
Pretty URL acts2001.com/ IP 65.49.39.11 ASN #6939 HURRICANE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:26 Last Seen2024-05-09 03:08:50 Times Seen6150 Hash bd5f648f4fa75f28b17faffe66049687 c9c2791b295684a919a2bfd7b7e2ef5aab3c178a 1a4ba4a340b3f30596d32c1b272ddcfdbf3ccb8e89c2fa917ea60469017aeee4 Loading...

	acts2001.com/wp-content/themes/spacious/js/navigation.js?ver=6.0.2	8.7 kB	2023-03-07	2024-05-06
Pretty URL acts2001.com/wp-content/themes/spacious/js/navigation.js?ver=6.0.2 IP 65.49.39.11 ASN #6939 HURRICANE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:43:03 Last Seen2024-05-06 23:47:36 Times Seen104 Hash d74c1e23fb50090ca4ffc2aac04a8545 2b6efb672a139770ecccc8523e0b8eda555d9971 745d9d5f646a1c0594096f4951ee5b814dee7b76eaf3c3066062c25199f89381 Loading...

	acts2001.com/wp-content/themes/spacious/js/skip-link-focus-fix.js?ver=6.0.2	719 B	2023-03-07	2024-05-06
Pretty URL acts2001.com/wp-content/themes/spacious/js/skip-link-focus-fix.js?ver=6.0.2 IP 65.49.39.11 ASN #6939 HURRICANE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:20 Last Seen2024-05-06 23:47:37 Times Seen265 Hash d40fc8e1e4111778c33910182f0036b4 208cb2f613d588a3e84090585e68559f75637458 c374f5bf94690c32bb2e70d981619d4a34ba460ebc367410ce5b858d25201535 Loading...

	acts2001.com/wp-content/plugins/formidable/js/frm.min.js?ver=5.5.1	35 kB	2023-03-07	2023-11-15
Pretty URL acts2001.com/wp-content/plugins/formidable/js/frm.min.js?ver=5.5.1 IP 65.49.39.11 ASN #6939 HURRICANE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:44:59 Last Seen2023-11-15 21:18:37 Times Seen11 Hash d111252d377174eaaa267460d93e0f0a 877acd7e9ee81b7f7fdf020a2663fb5d6accb1e9 b82d20340f79d1fa2e899444fac807e9ac3a28a6acedae896237a5b569b53545 Loading...

	www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js	399 kB	2023-03-08	2023-03-11
Pretty URL www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:40:09 Last Seen2023-03-11 13:30:42 Times Seen1 Hash f35658481ed15bc5f9e381e5babb040b 6ac7505ec9c522b239aeefed9ff6c1ff4d7c98e5 bec7e5a49219ef10544321dbd44f27849644f20623c16f05baeeeaa73e3b9332 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6Le4h8QeAAAAABoKz3qIrJO1CMQfHmTsNb4qpZUC&co=aHR0cHM6Ly9hY3RzMjAwMS5jb206NDQz&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&theme=light&size=normal&cb=kuvotjocyzcu	36 kB	2023-03-08	2023-03-08
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6Le4h8QeAAAAABoKz3qIrJO1CMQfHmTsNb4qpZUC&co=aHR0cHM6Ly9hY3RzMjAwMS5jb206NDQz&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&theme=light&size=normal&cb=kuvotjocyzcu IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 11:59:34 Last Seen2023-03-08 11:59:34 Times Seen1 Hash ae56c92bfdf6807e63c417a75d901990 b6cabcd452f02f6069ff99b3ff314957ab2b7336 e7b44a6c455572ad5c40a4d7e8b24527853ae559a3f781e741e03cdca913689f Loading...

	www.google.com/recaptcha/api2/bframe?hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6Le4h8QeAAAAABoKz3qIrJO1CMQfHmTsNb4qpZUC	178 B	2023-03-08	2023-03-08
Pretty URL www.google.com/recaptcha/api2/bframe?hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6Le4h8QeAAAAABoKz3qIrJO1CMQfHmTsNb4qpZUC IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 11:59:34 Last Seen2023-03-08 11:59:34 Times Seen1 Hash e5717b819f55834b784e754e00776ddb 68c370154b42cf828398a9162e680749ae2f5e50 a3eb7dc27a886524fce61dbc8e7527233cd885cb9ced933e557cb71a4d173ce4 Loading...

	acts2001.com/wp-content/themes/spacious/js/spacious-custom.js?ver=6.0.2	2.6 kB	2023-03-07	2024-05-06
Pretty URL acts2001.com/wp-content/themes/spacious/js/spacious-custom.js?ver=6.0.2 IP 65.49.39.11 ASN #6939 HURRICANE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:43:03 Last Seen2024-05-06 23:47:37 Times Seen105 Hash 1cd6ef8dee6f97b6ccf535518029f640 8b4f55bcad05f0471fd07c030c938822b7f8af99 8e43ca5f5b5d4dfd0781f359639a75c86dda008d1990d4da1c11e241909b0d63 Loading...

	unknown	0 B	2023-03-07	2024-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-09 04:35:59 Times Seen37457183 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	acts2001.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2	19 kB	2023-03-07	2024-05-09
Pretty URL acts2001.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 IP 65.49.39.11 ASN #6939 HURRICANE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-09 00:34:08 Times Seen38234 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	acts2001.com/	45 B	2023-03-08	2023-09-23
Pretty URL acts2001.com/ IP 65.49.39.11 ASN #6939 HURRICANE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:48:49 Last Seen2023-09-23 03:58:35 Times Seen4 Hash f197c1ab240c694ceb9b6e6ba8d013ab 04967385cb34a8e8675a7b95ea4baf845ed03942 3a9e1bbcd87844498335dd90ef6eaa06047bcc84697e08dd55d6819e6c281fb8 Loading...

	acts2001.com/	556 B	2023-03-08	2023-03-08
Pretty URL acts2001.com/ IP 65.49.39.11 ASN #6939 HURRICANE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 11:59:34 Last Seen2023-03-08 11:59:34 Times Seen1 Hash 6662f72023ce99f466d9f87a2ce56d4a 0d9d033d81cda4ec446c461cbaa2e8d50b12f9a7 505f30e9dd12985de52fb3858b91169629bc0b3ab41c3337ba120bddb9ff75ee Loading...

	acts2001.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-05-09
Pretty URL acts2001.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 65.49.39.11 ASN #6939 HURRICANE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-09 00:34:08 Times Seen69146 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	acts2001.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-05-09
Pretty URL acts2001.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 65.49.39.11 ASN #6939 HURRICANE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-09 00:14:18 Times Seen32081 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	acts2001.com/wp-content/themes/spacious/js/jquery.cycle2.swipe.min.js?ver=6.0.2	1.2 kB	2023-03-07	2024-05-06
Pretty URL acts2001.com/wp-content/themes/spacious/js/jquery.cycle2.swipe.min.js?ver=6.0.2 IP 65.49.39.11 ASN #6939 HURRICANE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:45 Last Seen2024-05-06 23:47:36 Times Seen59 Hash 424e31dd4a250d3aa3c3c62f6e77be55 09e7efb662076212b2fe2af23655858f937669d7 ea90ee4dd7cc55a8c5fc6e91d5fe6b88c1776031ededc8b4ca8c1419238ea680 Loading...

	acts2001.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664390091	11 kB	2023-03-08	2024-04-09
Pretty URL acts2001.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664390091 IP 65.49.39.11 ASN #6939 HURRICANE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:26:33 Last Seen2024-04-09 17:29:02 Times Seen124 Hash 670400ecee852ba2a3ff7fea4845a326 5e26b3646e270d6fdeec8261a8ead2edd0dec398 070b943db88a9b02b0f8aa48f8f650e89fad00c2747367923f939c08436c25f3 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6Le4h8QeAAAAABoKz3qIrJO1CMQfHmTsNb4qpZUC&co=aHR0cHM6Ly9hY3RzMjAwMS5jb206NDQz&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&theme=light&size=normal&cb=kuvotjocyzcu	69 B	2023-03-07	2024-05-09
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6Le4h8QeAAAAABoKz3qIrJO1CMQfHmTsNb4qpZUC&co=aHR0cHM6Ly9hY3RzMjAwMS5jb206NDQz&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&theme=light&size=normal&cb=kuvotjocyzcu IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-05-09 04:03:26 Times Seen101166 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

		Size	First Seen	Last Seen
	#1 Eval - ce2f37889c95c02b5a921a78720467b8	64 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 04:29:18 Last Seen2023-03-08 12:41:28 Times Seen1 Hash ce2f37889c95c02b5a921a78720467b8 749a0a7ceb08f6f75cadc9d2eb27866057f9a939 87c99b9a88a42ee46bbe6ce447b600a1653142b3ebb7b9ed96bc786f7a99d488 Loading...

	#2 Eval - c4d295cfa88a0805c2a3a15e5f191fbc	22 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 04:29:18 Last Seen2023-03-08 12:41:28 Times Seen1 Hash c4d295cfa88a0805c2a3a15e5f191fbc 00b3c5ea6b390072a5207ddc66f0f5bd8d8a35e6 ba41c5348d38a6ebd3399d0378ae76921f287d04f94ff5d93d6709e7f2a962b7 Loading...

	#3 Eval - 5ffa4560339b7efcf29b93d647927d12	16 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 11:59:34 Last Seen2023-03-08 11:59:34 Times Seen1 Hash 5ffa4560339b7efcf29b93d647927d12 649e748ca57a1e474667d535966a48443a047af7 22d35e8a4e406139a3c8d2af2933b9a05af3f69a208482ffc647523ef07486d8 Loading...

	#4 Eval - 4e4735fd2b45e9f85f94ee7a077bdbfd	16 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 04:29:18 Last Seen2023-03-08 12:41:28 Times Seen1 Hash 4e4735fd2b45e9f85f94ee7a077bdbfd 3a98b06d3ac90c1b6a69968c82f112afb345d0cb 1bf232e3afa032afeeb821804dac4bdcfae32c16178d33975a668df67e9d0841 Loading...

	#5 Eval - 22a65f4cef52e208803b7c3bb11ebf4b	22 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 04:29:18 Last Seen2023-03-08 12:41:28 Times Seen1 Hash 22a65f4cef52e208803b7c3bb11ebf4b 9ca60f59d7efeb1b54ad6197611aeabada756f7c eb3a140c9b84b3b5c69ed2966cf442240e63fc12aaf1e79d0c35aec5b237d9d7 Loading...

HTTP Transactions (56)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cf768e41672570b0a4a9fe86045915fc
2249064a86b2ba11e28208b9fba1c9f1db4f3e9e
a049499f78078df12f4d1c5180f1f36715a5c99db4f31c18ee06bcf0b6382b30

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A049499F78078DF12F4D1C5180F1F36715A5C99DB4F31C18EE06BCF0B6382B30"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4095
Expires: Sun, 09 Oct 2022 23:54:38 GMT
Date: Sun, 09 Oct 2022 22:46:23 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

54.230.111.7

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
3f17af4e8a1739eda4a518039f4892f9
c3feba08ae7e8f57e0fe9bcd2ebedea6bda67cbb
c485b09cad08b5233fe8753682faf59219fe0d18fcc34d90dc88fb0971295f5f

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 09 Oct 2022 21:48:07 GMT
Expires: Sun, 09 Oct 2022 22:25:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: L6AP_i0pNYeTwA7maGRvlpvHpojWf_XmkKZsO5IcXimhhqVbOQ5oAA==
Age: 3496

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7cba6aada5c0a04c1c0644769c09f64e
ed02f174a9b718951911343af8ec181c6d205b1d
ba863e734d5d38ed160758ab0b09d1b0f44fc795dcbcee4199329b011fcd1bd1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BA863E734D5D38ED160758AB0B09D1B0F44FC795DCBCEE4199329B011FCD1BD1"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18138
Expires: Mon, 10 Oct 2022 03:48:42 GMT
Date: Sun, 09 Oct 2022 22:46:24 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: bV5vfPy7T9C5VEZfn6OXvto4TOtWmuyJrHf6d4a9cGto9Xk0ouqTRofYh92rD1zlkgBH/kQIMJY=
x-amz-request-id: CGSR0TP8282N7SSN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 09 Oct 2022 22:00:11 GMT
age: 2773
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 09 Oct 2022 22:46:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

54.230.111.7

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 09 Oct 2022 22:29:41 GMT
Expires: Sun, 09 Oct 2022 23:29:35 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZVZG16a2HjQ9Tk8xygRM8Sl96bd6nCjP3_vi0oXeOsVkp_Gr6F4CYA==
Age: 1003

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0e2d9e91637474eeaf391312eed441bd
5d29603c731b75308f7d1f584b3ac4c263c96a9e
7da864345088083e1a6fec2d95e07186ef8dbcef8505570e547844c556dfe3be

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4390
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 22:46:24 GMT
Last-Modified: Sun, 09 Oct 2022 21:33:14 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.42.148.177

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.42.148.177:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KBlO+5fNawNsUXHQ/WxfFg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IjI11x6DrHHK31+GDffMecxO7zY=

acts2001.com/

65.49.39.11

301 Moved Permanently

0 B

URL HTTP/1.1
acts2001.com/
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sun, 09 Oct 2022 22:46:24 GMT
Server: Apache
X-Powered-By: PHP/7.4.32
X-Redirect-By: WordPress
Location: https://acts2001.com/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b5cf0255a785469b033344c2ec0ed394
a4a700c1c250cb10f175e67b4b11f2c94afb2bdb
191e75d8e785c03eb558af6f3efe0d557669b65b94d17b42a1b9b7f623947c6f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191E75D8E785C03EB558AF6F3EFE0D557669B65B94D17B42A1B9B7F623947C6F"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2622
Expires: Sun, 09 Oct 2022 23:30:08 GMT
Date: Sun, 09 Oct 2022 22:46:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b5cf0255a785469b033344c2ec0ed394
a4a700c1c250cb10f175e67b4b11f2c94afb2bdb
191e75d8e785c03eb558af6f3efe0d557669b65b94d17b42a1b9b7f623947c6f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191E75D8E785C03EB558AF6F3EFE0D557669B65B94D17B42A1B9B7F623947C6F"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2622
Expires: Sun, 09 Oct 2022 23:30:08 GMT
Date: Sun, 09 Oct 2022 22:46:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b5cf0255a785469b033344c2ec0ed394
a4a700c1c250cb10f175e67b4b11f2c94afb2bdb
191e75d8e785c03eb558af6f3efe0d557669b65b94d17b42a1b9b7f623947c6f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191E75D8E785C03EB558AF6F3EFE0D557669B65B94D17B42A1B9B7F623947C6F"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2622
Expires: Sun, 09 Oct 2022 23:30:08 GMT
Date: Sun, 09 Oct 2022 22:46:26 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11800 bytes)
Hash
6e9aa9808428e5fd81ac9d61d6f7c708
3a8d76badce50dd98938885082dcb6e30363ae88
d8f7c48a1cbe04af2f7e0455d1ef7af9b63506b9ae343ebf14ece8689bb06bf6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11800
x-amzn-requestid: 5f2ce4dd-0df8-4df7-a12d-e6fffd622752
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZnTQHGADIAMFXfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f98cd-5044665325e5d64975c1ff0c;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 03:11:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: LhwkinWopo6RX-yo5_35HWL9S2dGpdi7rAiwVWLxUicaHfHW3VF7DQ==
via: 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 09 Oct 2022 22:22:12 GMT
age: 1454
etag: "3a8d76badce50dd98938885082dcb6e30363ae88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb08ba1b9-62ad-4e65-96b6-b22981ce3635.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7288 bytes)
Hash
3e748e58f80c6b771f918c1633817aa3
59e4de3cb5a18090fa3fef06f4dabf9f7f9928a9
bd357a97c0ca7f25e8d30250bf07c5497bc54d3b042aa5db79cab0fb5e63a2a1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb08ba1b9-62ad-4e65-96b6-b22981ce3635.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7288
x-amzn-requestid: 38f93e67-dfd2-4324-bc0f-24e36a1c9b7f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZwatLHd3IAMFWdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63433e54-4ac21e2b2f55935d2df721ee;Sampled=0
x-amzn-remapped-date: Sun, 09 Oct 2022 21:34:12 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RUFNhUlBYC05WxBkwLVQt0wpsFAxSrYL95RSJKmidxn3D72DdSGSeA==
via: 1.1 fc9b6e8f934a073c1a1983c7599b93ba.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Sun, 09 Oct 2022 21:50:33 GMT
etag: "59e4de3cb5a18090fa3fef06f4dabf9f7f9928a9"
content-type: image/jpeg
age: 3353
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F059f1333-7652-4d36-91e8-2428e0c6e8c9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9705 bytes)
Hash
26be18960a13f9de290240fd8dd059cb
4f8966b10660d957522dce20e9e1f350d9205e69
5e0769b3269b5db973cb98dd38af22e5cea49ce861470ad25f2e7aa5ab532efc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F059f1333-7652-4d36-91e8-2428e0c6e8c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9705
x-amzn-requestid: dcef898d-7ef2-4a2c-bd33-fbc28cfb49b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zwau5HlcoAMF6pQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63433e5f-6995b8a716fa9d1574dec991;Sampled=0
x-amzn-remapped-date: Sun, 09 Oct 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SdpUKfaiiGk1bLrv5deQQVkD7e1vv27Y94oRVH7R_9a-fK_ePw6sZw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 09 Oct 2022 22:14:29 GMT
age: 1917
etag: "4f8966b10660d957522dce20e9e1f350d9205e69"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F721b1b09-f999-4f6c-bc8f-ed086cb2b05e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6866 bytes)
Hash
b5ab93ef9a810d96c6acdb1bebe36aba
ba8e7e748dec0b706c2aa2d9c093dd9e82d030f3
74d470c634e754c40e953b03103e5c1f377e61227b3299f1c9b586dd4d05dd0c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F721b1b09-f999-4f6c-bc8f-ed086cb2b05e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6866
x-amzn-requestid: f079a8ad-f19e-4790-8f04-377b41463221
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZwatMGfRIAMFmEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63433e54-721714b0228c9d1a65afc8f2;Sampled=0
x-amzn-remapped-date: Sun, 09 Oct 2022 21:34:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qY-Oj0Pq8GoQg-bVqWZauMOCi-XhIf--DSIIOgpiBZDgGEZ5JOOWdg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 09 Oct 2022 22:02:32 GMT
age: 2634
etag: "ba8e7e748dec0b706c2aa2d9c093dd9e82d030f3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d3fa05a-2c1d-4a1d-9d91-bc70cb4e4ee5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6923 bytes)
Hash
a09bd7160451852652bccbcbcdcbd527
f42137372ab3b592977b1b736c1b12fc5ed81bf6
568b1c7cbe260d05919ff7232855441f70bf048c32380d8c0b848aa80a1696c3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d3fa05a-2c1d-4a1d-9d91-bc70cb4e4ee5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6923
x-amzn-requestid: 507e5591-c06e-4ee8-b567-a11b6c95024e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZwalRGFcoAMFslw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63433e21-5e5bf5026b2121931e035270;Sampled=0
x-amzn-remapped-date: Sun, 09 Oct 2022 21:33:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EgQIb89afJS1uPY9ZUyDS_E7C_JQT8Scm3EC3K5OZKB2nE7wMx8PIw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 09 Oct 2022 22:12:34 GMT
age: 2032
etag: "f42137372ab3b592977b1b736c1b12fc5ed81bf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3c21914-dac1-455d-9533-b584e9bd6225.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10113 bytes)
Hash
cefb9479bc2fe5087f9d2b89ef3cec2b
aa219f193812c6a2d0313316ce13fe74f1d468d0
a806ef995ed2285bd9f0d553df49aa28924e640805e1f50284baad1c0aec06bd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3c21914-dac1-455d-9533-b584e9bd6225.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10113
x-amzn-requestid: 7a9800c5-81ed-4a23-bbe0-0041ab682856
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZwalQEPPoAMF3yA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63433e21-5a9bedb10c4f8c2c60ab3769;Sampled=0
x-amzn-remapped-date: Sun, 09 Oct 2022 21:33:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MROeeTPtb6DfMHkig6fHcYuYiv1-udvJVfB1jygcDYLy4LuZmgRE_Q==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 09 Oct 2022 22:24:52 GMT
age: 1294
etag: "aa219f193812c6a2d0313316ce13fe74f1d468d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

acts2001.com/

65.49.39.11

200 OK

65 kB

URL HTTP/1.1
acts2001.com/
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size
65 kB (65406 bytes)
Hash
8396dbb962a758c41b21c913956746f3
7d8a314dcf45b5af6bbff945b38edd1095d08976
ab449b33d6dddb644763aa8fab633f6fe33fad522f59d1b6967baacd2559b439

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:26 GMT
Server: Apache
X-Powered-By: PHP/7.4.32
Link: <https://acts2001.com/index.php/wp-json/>; rel="https://api.w.org/", <https://acts2001.com/index.php/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <https://acts2001.com/>; rel=shortlink
Content-Length: 65406
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
67f3b94a0e4e21dd8b7686af075d0554
a336c7de6fe89885028407be920c5abadb503b1f
0071bc03310db98470d40073c0ba293ed17034cee235e221bdf483c0d8cce424

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 22:46:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?onload=frmRecaptcha&render=explicit&ver=3

142.250.74.164

200 OK

577 B

URL HTTP/2
www.google.com/recaptcha/api.js?onload=frmRecaptcha&render=explicit&ver=3
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (907), with no line terminators
Size
577 B (577 bytes)
Hash
eebf5ab99a83a3b59793a019d34b6eeb
93b535968d0fd7592a7b21389c30cf021fb886c3
16d93a8ab60d5dafdf631b166d3051b9547eb7cfc276e083302616f123f61de6

HTTP Headers

GET /recaptcha/api.js?onload=frmRecaptcha&render=explicit&ver=3 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Sun, 09 Oct 2022 22:46:27 GMT
date: Sun, 09 Oct 2022 22:46:27 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 577
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5855dca2f41651669a3211635c24ce5a
3f17ede289a3ac814e80a0acefbcd97246ab51de
ca400e5e49929039d4382b1ce2defadc76d86b5756fac8dbaa6d237d5ef1699c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 22:46:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

acts2001.com/wp-content/themes/spacious/style.css?ver=6.0.2

65.49.39.11

200 OK

76 kB

URL HTTP/1.1
acts2001.com/wp-content/themes/spacious/style.css?ver=6.0.2
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
Unicode text, UTF-8 text, with very long lines (1188), with CRLF line terminators
Size
76 kB (75676 bytes)
Hash
86086430d2b676eb767cd2cc82e0cb55
defeb51751b8e1fd7a5953685b9d5a9ea719f45d
55fe0cdba9ab46efc3ae3bd80d25fa9a427ca77a17dc008b4ffc5ed5c2acd370

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/spacious/style.css?ver=6.0.2 HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:27 GMT
Server: Apache
Last-Modified: Tue, 09 Aug 2022 18:18:35 GMT
Accept-Ranges: bytes
Content-Length: 75676
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

acts2001.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2

65.49.39.11

200 OK

19 kB

URL HTTP/1.1
acts2001.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
ASCII text, with very long lines (15660)
Size
19 kB (18617 bytes)
Hash
32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:27 GMT
Server: Apache
Last-Modified: Tue, 12 Apr 2022 05:56:23 GMT
Accept-Ranges: bytes
Content-Length: 18617
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

acts2001.com/wp-content/themes/spacious/genericons/genericons.css?ver=3.3.1

65.49.39.11

200 OK

28 kB

URL HTTP/1.1
acts2001.com/wp-content/themes/spacious/genericons/genericons.css?ver=3.3.1
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
ASCII text, with very long lines (18732), with CRLF line terminators
Size
28 kB (28529 bytes)
Hash
ad2744c2cec1da79171b1833333e4b20
01288e267c0eaef36709f45beac0a7249a97f59e
a767d7e7af88326afb37242f2828280a2c930945cb94b636b1f05a0afb634621

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/spacious/genericons/genericons.css?ver=3.3.1 HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:27 GMT
Server: Apache
Last-Modified: Tue, 09 Aug 2022 18:18:35 GMT
Accept-Ranges: bytes
Content-Length: 28529
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

acts2001.com/wp-content/plugins/google-calendar-weekly-timetable/css/gcwt-style.css?ver=6.0.2

65.49.39.11

200 OK

2.7 kB

URL HTTP/1.1
acts2001.com/wp-content/plugins/google-calendar-weekly-timetable/css/gcwt-style.css?ver=6.0.2
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
ASCII text, with CRLF line terminators
Size
2.7 kB (2710 bytes)
Hash
a1129573d041a4ccc6d2926b6dc70ba5
48ef0b9d6ad1136baac44661b924ec4f3451d863
d6dc54609ea70de3e1285b6924a1dd9f3156d565b6b8343bb627955e9d96e927

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/google-calendar-weekly-timetable/css/gcwt-style.css?ver=6.0.2 HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:28 GMT
Server: Apache
Last-Modified: Thu, 28 Jan 2016 02:00:29 GMT
Accept-Ranges: bytes
Content-Length: 2710
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

acts2001.com/wp-content/themes/spacious/font-awesome/css/font-awesome.min.css?ver=4.7.0

65.49.39.11

200 OK

31 kB

URL HTTP/1.1
acts2001.com/wp-content/themes/spacious/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
ASCII text, with very long lines (30837), with CRLF line terminators
Size
31 kB (31004 bytes)
Hash
a0e784c4ca94c271b0338dfb02055be6
88af80502c44cd52ca81ffe7dc7276b7eccb06cf
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/spacious/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:28 GMT
Server: Apache
Last-Modified: Tue, 09 Aug 2022 18:18:36 GMT
Accept-Ranges: bytes
Content-Length: 31004
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

acts2001.com/wp-content/plugins/formidable/css/formidableforms.css?ver=929709

65.49.39.11

200 OK

52 kB

URL HTTP/1.1
acts2001.com/wp-content/plugins/formidable/css/formidableforms.css?ver=929709
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
ASCII text, with very long lines (52269)
Size
52 kB (52369 bytes)
Hash
06ec103981c72ae754f0a4e919cc7789
b84826af5141de6394510aaed6bbb6ce93789e60
c389bb6d5744d8d072e80c264b627b2803a96ecd710f201958c6d55f14252b44

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/formidable/css/formidableforms.css?ver=929709 HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:27 GMT
Server: Apache
Last-Modified: Thu, 29 Sep 2022 07:09:41 GMT
Accept-Ranges: bytes
Content-Length: 52369
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

acts2001.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2

65.49.39.11

200 OK

89 kB

URL HTTP/1.1
acts2001.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
ASCII text, with very long lines (43771)
Size
89 kB (88932 bytes)
Hash
b7915926fe42d76e9c802353ab01dae4
3a8192a4312f25f53de25b100d62829c0f14d67c
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:27 GMT
Server: Apache
Last-Modified: Mon, 04 Jul 2022 12:10:37 GMT
Accept-Ranges: bytes
Content-Length: 88932
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

acts2001.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

65.49.39.11

200 OK

11 kB

URL HTTP/1.1
acts2001.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
ASCII text, with very long lines (11126)
Size
11 kB (11224 bytes)
Hash
79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:28 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 09:06:06 GMT
Accept-Ranges: bytes
Content-Length: 11224
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

acts2001.com/wp-content/themes/spacious/js/jquery.cycle2.swipe.min.js?ver=6.0.2

65.49.39.11

200 OK

1.2 kB

URL HTTP/1.1
acts2001.com/wp-content/themes/spacious/js/jquery.cycle2.swipe.min.js?ver=6.0.2
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
ASCII text, with very long lines (1237), with no line terminators
Size
1.2 kB (1237 bytes)
Hash
424e31dd4a250d3aa3c3c62f6e77be55
09e7efb662076212b2fe2af23655858f937669d7
ea90ee4dd7cc55a8c5fc6e91d5fe6b88c1776031ededc8b4ca8c1419238ea680

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/spacious/js/jquery.cycle2.swipe.min.js?ver=6.0.2 HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:28 GMT
Server: Apache
Last-Modified: Tue, 09 Aug 2022 18:18:35 GMT
Accept-Ranges: bytes
Content-Length: 1237
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

acts2001.com/wp-content/themes/spacious/js/spacious-custom.js?ver=6.0.2

65.49.39.11

200 OK

2.6 kB

URL HTTP/1.1
acts2001.com/wp-content/themes/spacious/js/spacious-custom.js?ver=6.0.2
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
ASCII text, with CRLF line terminators
Size
2.6 kB (2617 bytes)
Hash
1cd6ef8dee6f97b6ccf535518029f640
8b4f55bcad05f0471fd07c030c938822b7f8af99
8e43ca5f5b5d4dfd0781f359639a75c86dda008d1990d4da1c11e241909b0d63

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/spacious/js/spacious-custom.js?ver=6.0.2 HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:28 GMT
Server: Apache
Last-Modified: Tue, 09 Aug 2022 18:18:35 GMT
Accept-Ranges: bytes
Content-Length: 2617
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

acts2001.com/wp-content/themes/spacious/js/jquery.cycle2.min.js?ver=2.1.6

65.49.39.11

200 OK

23 kB

URL HTTP/1.1
acts2001.com/wp-content/themes/spacious/js/jquery.cycle2.min.js?ver=2.1.6
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
ASCII text, with very long lines (10280), with CRLF line terminators
Size
23 kB (22953 bytes)
Hash
7c0e82e4ca009baf6ab2f8041bd4174b
e88781750019222951d558b97c32c8704cc18bf6
3539a3682883c8d8562cbffdb4fe67d47c14f0b4fe80a2d8a5c2f1ccfd652287

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/spacious/js/jquery.cycle2.min.js?ver=2.1.6 HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:28 GMT
Server: Apache
Last-Modified: Tue, 09 Aug 2022 18:18:35 GMT
Accept-Ranges: bytes
Content-Length: 22953
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

acts2001.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

65.49.39.11

200 OK

90 kB

URL HTTP/1.1
acts2001.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
ASCII text, with very long lines (65447)
Size
90 kB (89521 bytes)
Hash
02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:28 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2021 15:07:24 GMT
Accept-Ranges: bytes
Content-Length: 89521
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

acts2001.com/wp-content/themes/spacious/js/navigation.js?ver=6.0.2

65.49.39.11

200 OK

8.7 kB

URL HTTP/1.1
acts2001.com/wp-content/themes/spacious/js/navigation.js?ver=6.0.2
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
ASCII text, with CRLF line terminators
Size
8.7 kB (8748 bytes)
Hash
d74c1e23fb50090ca4ffc2aac04a8545
2b6efb672a139770ecccc8523e0b8eda555d9971
745d9d5f646a1c0594096f4951ee5b814dee7b76eaf3c3066062c25199f89381

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/spacious/js/navigation.js?ver=6.0.2 HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:28 GMT
Server: Apache
Last-Modified: Tue, 09 Aug 2022 18:18:35 GMT
Accept-Ranges: bytes
Content-Length: 8748
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

acts2001.com/wp-content/themes/spacious/js/skip-link-focus-fix.js?ver=6.0.2

65.49.39.11

200 OK

719 B

URL HTTP/1.1
acts2001.com/wp-content/themes/spacious/js/skip-link-focus-fix.js?ver=6.0.2
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
ASCII text, with CRLF line terminators
Size
719 B (719 bytes)
Hash
d40fc8e1e4111778c33910182f0036b4
208cb2f613d588a3e84090585e68559f75637458
c374f5bf94690c32bb2e70d981619d4a34ba460ebc367410ce5b858d25201535

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/spacious/js/skip-link-focus-fix.js?ver=6.0.2 HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:28 GMT
Server: Apache
Last-Modified: Tue, 09 Aug 2022 18:18:35 GMT
Accept-Ranges: bytes
Content-Length: 719
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

acts2001.com/wp-content/plugins/formidable/js/frm.min.js?ver=5.5.1

65.49.39.11

200 OK

35 kB

URL HTTP/1.1
acts2001.com/wp-content/plugins/formidable/js/frm.min.js?ver=5.5.1
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
ASCII text, with very long lines (633)
Size
35 kB (35267 bytes)
Hash
d111252d377174eaaa267460d93e0f0a
877acd7e9ee81b7f7fdf020a2663fb5d6accb1e9
b82d20340f79d1fa2e899444fac807e9ac3a28a6acedae896237a5b569b53545

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/formidable/js/frm.min.js?ver=5.5.1 HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:28 GMT
Server: Apache
Last-Modified: Thu, 29 Sep 2022 07:09:41 GMT
Accept-Ranges: bytes
Content-Length: 35267
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

acts2001.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664390091

65.49.39.11

200 OK

11 kB

URL HTTP/1.1
acts2001.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664390091
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
ASCII text
Size
11 kB (10733 bytes)
Hash
670400ecee852ba2a3ff7fea4845a326
5e26b3646e270d6fdeec8261a8ead2edd0dec398
070b943db88a9b02b0f8aa48f8f650e89fad00c2747367923f939c08436c25f3

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664390091 HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:28 GMT
Server: Apache
Last-Modified: Wed, 28 Sep 2022 18:34:51 GMT
Accept-Ranges: bytes
Content-Length: 10733
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

acts2001.com/wp-content/uploads/2015/08/slide-2.jpg

65.49.39.11

200 OK

66 kB

URL HTTP/1.1
acts2001.com/wp-content/uploads/2015/08/slide-2.jpg
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1270x450, components 3\012- data
Size
66 kB (66249 bytes)
Hash
26f7b9511d3d45f6b79f542aba1e2f19
5c1b1350d4502e17a1e6f0ebd1bf55ba4433668c
9d3b79a1497a6911cc2f36555dffa69c085dbf76df4b37adcd45e0756549c8e5

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2015/08/slide-2.jpg HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:28 GMT
Server: Apache
Last-Modified: Thu, 06 Aug 2015 06:01:08 GMT
Accept-Ranges: bytes
Content-Length: 66249
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

acts2001.com/wp-content/uploads/2015/08/Slide-1.jpg

65.49.39.11

200 OK

75 kB

URL HTTP/1.1
acts2001.com/wp-content/uploads/2015/08/Slide-1.jpg
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1270x450, components 3\012- data
Size
75 kB (74945 bytes)
Hash
aaa6ddc1d2983be61ef429a524c58fee
3c244d26c3d48e08cc61a44e9026d7785f8ea7d7
6c12a2ef08458d39726b60c59aa185382b8de69815a0aee4e7727cbbe7096b24

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2015/08/Slide-1.jpg HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:28 GMT
Server: Apache
Last-Modified: Thu, 06 Aug 2015 06:01:24 GMT
Accept-Ranges: bytes
Content-Length: 74945
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

acts2001.com/wp-content/themes/spacious/assets/fonts/Lato-Regular.woff

65.49.39.11

200 OK

38 kB

URL HTTP/1.1
acts2001.com/wp-content/themes/spacious/assets/fonts/Lato-Regular.woff
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
Web Open Font Format, TrueType, length 37580, version 1.104\012- data
Size
38 kB (37580 bytes)
Hash
8ed525743dbb32ae4bdb7531d637f7fa
c5f13bf20b52ddbe34ccde18c1d92df8bffefdf3
dff99fb17b5e8fa6ea55c50a6200c824ef0ab3e88b4e06b2284c37d19ac4bf9a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/spacious/assets/fonts/Lato-Regular.woff HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acts2001.com/wp-content/themes/spacious/style.css?ver=6.0.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:28 GMT
Server: Apache
Last-Modified: Tue, 09 Aug 2022 18:18:35 GMT
Accept-Ranges: bytes
Content-Length: 37580
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff

acts2001.com/wp-content/themes/spacious/assets/fonts/Lato-Bold.woff

65.49.39.11

200 OK

37 kB

URL HTTP/1.1
acts2001.com/wp-content/themes/spacious/assets/fonts/Lato-Bold.woff
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
Web Open Font Format, TrueType, length 36784, version 1.104\012- data
Size
37 kB (36784 bytes)
Hash
a9d8f02506c0ea8b1b0ea76ccc485651
94372d3d5222e5601b8a801ba81df80e5c66a7fe
9f8224817f8e13b4047734e58a7a3310b35146bd436752546d04389e4a46d766

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/spacious/assets/fonts/Lato-Bold.woff HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acts2001.com/wp-content/themes/spacious/style.css?ver=6.0.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:28 GMT
Server: Apache
Last-Modified: Tue, 09 Aug 2022 18:18:35 GMT
Accept-Ranges: bytes
Content-Length: 36784
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff

acts2001.com/wp-content/themes/spacious/assets/fonts/Lato-Italic.woff

65.49.39.11

200 OK

39 kB

URL HTTP/1.1
acts2001.com/wp-content/themes/spacious/assets/fonts/Lato-Italic.woff
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
Web Open Font Format, TrueType, length 39144, version 1.104\012- data
Size
39 kB (39144 bytes)
Hash
5518023c841f1844a49e352831fe011c
ed4952a517498fa4fe5da6e46ee75c73b376cf3a
7ddc8f319db77a7867a106e97b74bfd0f9c94c9612feac09567fee256164688e

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/spacious/assets/fonts/Lato-Italic.woff HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acts2001.com/wp-content/themes/spacious/style.css?ver=6.0.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:28 GMT
Server: Apache
Last-Modified: Tue, 09 Aug 2022 18:18:35 GMT
Accept-Ranges: bytes
Content-Length: 39144
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/woff

acts2001.com/wp-content/uploads/2015/08/slide-3.jpg

65.49.39.11

200 OK

107 kB

URL HTTP/1.1
acts2001.com/wp-content/uploads/2015/08/slide-3.jpg
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1270x450, components 3\012- data
Size
107 kB (107203 bytes)
Hash
7b3cf5af24ed1a0d7730688f8d6e56bb
242000dc5abec210d531c40faf0b878d587515f0
a4021cb37162efaa7f95043ba129c5a76bc175ea324b370ee795a4f68e3df693

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2015/08/slide-3.jpg HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:28 GMT
Server: Apache
Last-Modified: Thu, 06 Aug 2015 05:52:26 GMT
Accept-Ranges: bytes
Content-Length: 107203
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

acts2001.com/wp-content/uploads/2021/12/Facebook.jpg

65.49.39.11

200 OK

3.8 kB

URL HTTP/1.1
acts2001.com/wp-content/uploads/2021/12/Facebook.jpg
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 299x299, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2019:01:31 16:10:43], baseline, precision 8, 40x40, components 3\012- data
Size
3.8 kB (3832 bytes)
Hash
742d7ca12d843aa627edab3a2407d436
202058c52193f01bf503cb3f6783716ee7996e07
8acae42c9742c8ea0c7828b5c109ed0de5e70915a663f6aec9d88fc52f649194

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/12/Facebook.jpg HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:28 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 22:36:16 GMT
Accept-Ranges: bytes
Content-Length: 3832
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

acts2001.com/wp-content/uploads/2021/12/linkedin40.png

65.49.39.11

200 OK

1.7 kB

URL HTTP/1.1
acts2001.com/wp-content/uploads/2021/12/linkedin40.png
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 kB (1717 bytes)
Hash
c7a5edaadb68a5d4cf357aee115a06e9
32033c73b118385899c33479c1c10e71add59d0f
4676d624fb9c6d8393445f62587604960071150053f167c2da7847b8030380de

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/12/linkedin40.png HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:28 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 22:42:20 GMT
Accept-Ranges: bytes
Content-Length: 1717
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

acts2001.com/wp-content/uploads/2015/10/codependent-pic4-final.png

65.49.39.11

200 OK

39 kB

URL HTTP/1.1
acts2001.com/wp-content/uploads/2015/10/codependent-pic4-final.png
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
PNG image data, 1254 x 444, 8-bit/color RGBA, non-interlaced\012- data
Size
39 kB (39205 bytes)
Hash
1a47d6ece2ff6b67703519c6b315c188
de8e3fdc58552abf02c8cdde6f801a87b066ec19
f75820a506e3da23f375243670e4f3eab372151f9e0837d355fda958a0127d7c

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2015/10/codependent-pic4-final.png HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:28 GMT
Server: Apache
Last-Modified: Tue, 20 Oct 2015 20:47:57 GMT
Accept-Ranges: bytes
Content-Length: 39205
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png

acts2001.com/wp-content/uploads/2015/08/009.jpg

65.49.39.11

200 OK

150 kB

URL HTTP/1.1
acts2001.com/wp-content/uploads/2015/08/009.jpg
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5], baseline, precision 8, 1024x683, components 3\012- data
Size
150 kB (150289 bytes)
Hash
e07d5ad5d2bb54c828cee33a9d6f73aa
034c05d35b7ffda1509d76373bc75e5c6de720db
c5733af907cca55d0e2cc72a9db5f10161d0b796716fad82a3f58cd2422c9176

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2015/08/009.jpg HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:28 GMT
Server: Apache
Last-Modified: Thu, 06 Aug 2015 03:48:53 GMT
Accept-Ranges: bytes
Content-Length: 150289
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

acts2001.com/wp-content/uploads/2015/10/Transition-final-words.jpg

65.49.39.11

200 OK

140 kB

URL HTTP/1.1
acts2001.com/wp-content/uploads/2015/10/Transition-final-words.jpg
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 1270x450, components 3\012- data
Size
140 kB (140371 bytes)
Hash
1b693b3368d7766e80a044dcbad44ca9
7957ab529dd19fb46b2949af72c6aecf8797d674
6945d591aa6a0062c9fe32ef3e9396335fc7026965ff504d2955c90bf5735e11

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2015/10/Transition-final-words.jpg HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:28 GMT
Server: Apache
Last-Modified: Tue, 20 Oct 2015 17:08:51 GMT
Accept-Ranges: bytes
Content-Length: 140371
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
29a32d9388903ec730ac67b6b1f10269
6d54710f2bf0b284533005d8c783f3f15c9920af
cd03b8d5ae307fb1b3d976457c9762a743d5268ddd1f82c1fb5ae2fcd3e3d6d1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 22:46:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js

142.250.74.163

200 OK

159 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (711)
Size
159 kB (158844 bytes)
Hash
b4ed95d4318e3b78b936c9c0f1ffa96e
b53c9376b1459afb07fb4b5c2e8d8dad776d3a02
3c21880cb7be6bec40f9d40c23ad39c9758999cf950cec07b86c83b21fde175f

HTTP Headers

GET /recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acts2001.com
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158844
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 21:02:07 GMT
expires: Thu, 05 Oct 2023 21:02:07 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
content-type: text/javascript
age: 351862
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 08 Oct 2022 12:31:58 GMT
expires: Sun, 08 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 123271
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

acts2001.com/wp-content/uploads/2015/08/20200325_132845-e1586840548325-768x1024.jpg

65.49.39.11

200 OK

108 kB

URL HTTP/1.1
acts2001.com/wp-content/uploads/2015/08/20200325_132845-e1586840548325-768x1024.jpg
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 768x1024, components 3\012- data
Size
108 kB (108362 bytes)
Hash
fb689765f9eb308258f00ce3c290a5ba
732a449d0f393ea808275f6533fb88c102146a81
03ac7d0705e7dba3c3e4dc34df6bcf868bbed9378fc1d69bce836f0cf19a44b5

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2015/08/20200325_132845-e1586840548325-768x1024.jpg HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:29 GMT
Server: Apache
Last-Modified: Tue, 14 Apr 2020 05:02:30 GMT
Accept-Ranges: bytes
Content-Length: 108362
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

acts2001.com/favicon.ico

65.49.39.11

302 Found

0 B

URL HTTP/1.1
acts2001.com/favicon.ico
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acts2001.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Date: Sun, 09 Oct 2022 22:46:29 GMT
Server: Apache
X-Powered-By: PHP/7.4.32
Link: <https://acts2001.com/index.php/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Location: https://acts2001.com/wp-includes/images/w-logo-blue-white-bg.png
Content-Length: 0
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

acts2001.com/wp-includes/images/w-logo-blue-white-bg.png

65.49.39.11

200 OK

4.1 kB

URL HTTP/1.1
acts2001.com/wp-includes/images/w-logo-blue-white-bg.png
IP
65.49.39.11:0
ASN
#6939 HURRICANE

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4119 bytes)
Hash
000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: acts2001.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acts2001.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 22:46:30 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 00:04:01 GMT
Accept-Ranges: bytes
Content-Length: 4119
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44fa9d85-fcdb-45fb-a35a-89c13e4fdb39.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (6973 bytes)
Hash
f75a7a574dc12e892223990f9e4ca03a
c14a1316ca8350a7fa606fb15591510dece77d64
4dac932b2e3aa784101dcc8f06676c44e3c36a298205a28c95b895ee0788ba58

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44fa9d85-fcdb-45fb-a35a-89c13e4fdb39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6973
x-amzn-requestid: 843b354e-e00b-4497-870a-7f4ff7ebbd39
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZwbGWE1TIAMF90w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63433ef5-2e74cf5b0cb790a27b8f2322;Sampled=0
x-amzn-remapped-date: Sun, 09 Oct 2022 21:36:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: IVh3MwU7OHQR_qLTTA4fXRx1Of7uEM-vsjZsKeotcaZv3ECZ_VUYRg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 09 Oct 2022 21:50:33 GMT
etag: "c14a1316ca8350a7fa606fb15591510dece77d64"
content-type: image/jpeg
age: 3359
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations