Report - shopnow.v6.navy/

Report Overview

Submitted URL
shopnow.v6.navy/
IP
193.53.127.17
ASN
#49392 LLC Baxet
Submitted
2022-12-05 04:38:25
Access
Website Title
Final URL
Tags
None
urlquery detections
Suspicious - DynDNS domain

Detections

urlquery
49
Network Intrusion Detection
0
Threat Detection Systems
126

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
shopnow.v6.navy	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	15 kB	2.8 MB	193.53.127.17
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.9 kB	142.250.74.131
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.218.168.248
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	860 B	21 kB	142.250.74.106
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	990 B	78 kB	216.58.207.227
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	51 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-05	medium	shopnow.v6.navy/	Phishing
2022-12-05	medium	shopnow.v6.navy/assets/js/popper.min.js	Phishing
2022-12-05	medium	shopnow.v6.navy/assets/js/jquery.easing.min.js	Phishing
2022-12-05	medium	shopnow.v6.navy/assets/js/jquery.min.js	Phishing
2022-12-05	medium	shopnow.v6.navy/assets/js/jquery.magnific-popup.js	Phishing
2022-12-05	medium	shopnow.v6.navy/assets/js/bootstrap.min.js	Phishing
2022-12-05	medium	shopnow.v6.navy/assets/js/morphext.min.js	Phishing
2022-12-05	medium	shopnow.v6.navy/assets/js/isotope.pkgd.min.js	Phishing
2022-12-05	medium	shopnow.v6.navy/assets/js/validator.min.js	Phishing
2022-12-05	medium	shopnow.v6.navy/assets/js/swiper.min.js	Phishing
2022-12-05	medium	shopnow.v6.navy/assets/js/scripts.js	Phishing
2022-12-05	medium	shopnow.v6.navy/assets/webfonts/fa-solid-900.woff2	Phishing
2022-12-05	medium	shopnow.v6.navy/assets/webfonts/fa-brands-400.woff2	Phishing
2022-12-05	medium	shopnow.v6.navy/assets/images/hexagon-green.svg	Phishing
2022-12-05	medium	shopnow.v6.navy/assets/images/logo.svg	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed
2022-12-05	medium	v6.navy	Sinkholed

JavaScript (10)

	URL	Size	First Seen	Last Seen
	shopnow.v6.navy/assets/js/jquery.min.js	87 kB	2023-03-07	2024-04-25
Pretty URL shopnow.v6.navy/assets/js/jquery.min.js IP 193.53.127.17 ASN #49392 LLC Baxet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 09:44:03 Times Seen106073 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	shopnow.v6.navy/assets/js/jquery.magnific-popup.js	22 kB	2023-03-07	2024-04-06
Pretty URL shopnow.v6.navy/assets/js/jquery.magnific-popup.js IP 193.53.127.17 ASN #49392 LLC Baxet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:22 Last Seen2024-04-06 17:27:26 Times Seen317 Hash 21dfcde552b78840cf0f9960552c06ac 99d1d2aec86270a41802ee3197afe260c4dda7e5 43330aded0f4267f5ee70e20c6374ba6965a6367f8c0b15efcf4b9a4cfac986d Loading...

	shopnow.v6.navy/assets/js/bootstrap.min.js	58 kB	2023-03-07	2024-04-24
Pretty URL shopnow.v6.navy/assets/js/bootstrap.min.js IP 193.53.127.17 ASN #49392 LLC Baxet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-04-24 17:55:26 Times Seen19584 Hash e1d98d47689e00f8ecbc5d9f61bdb42e 6778fed3cf095a318141a31f455c8f4663885bde 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b Loading...

	shopnow.v6.navy/assets/js/swiper.min.js	126 kB	2023-03-07	2024-04-24
Pretty URL shopnow.v6.navy/assets/js/swiper.min.js IP 193.53.127.17 ASN #49392 LLC Baxet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:22 Last Seen2024-04-24 00:55:21 Times Seen1313 Hash 74571ff9ea0f905f582197d9e94ab140 2a902def916331df8a60421561e5ed394f42fad9 765d1654297c8d730165fbe731eca09c1d3e6efaa9e7006aaa567c5a2f7994ba Loading...

	shopnow.v6.navy/assets/js/morphext.min.js	1.0 kB	2023-03-07	2024-04-06
Pretty URL shopnow.v6.navy/assets/js/morphext.min.js IP 193.53.127.17 ASN #49392 LLC Baxet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:22 Last Seen2024-04-06 17:27:26 Times Seen451 Hash 6db5449e756b858fc376ea662aab817a 384a56b05af02a655286bd9f52a25653aed2a7ac a86df3be0eff7f90991f057c21e6907c16391e6f8cd0a4773cc93d9401e9dfdb Loading...

	shopnow.v6.navy/assets/js/popper.min.js	21 kB	2023-03-07	2024-04-21
Pretty URL shopnow.v6.navy/assets/js/popper.min.js IP 193.53.127.17 ASN #49392 LLC Baxet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:22 Last Seen2024-04-21 23:05:36 Times Seen1131 Hash 36affe2ca6cb85233ee7362c5d8b7893 42e3ca1212d825150c0f57f97dea8d9c0b0ce2a1 71ef7c16d75da75a5d417df75ed72144bc5ec65a9c0429b7dee0988adc3e8d29 Loading...

	shopnow.v6.navy/assets/js/jquery.easing.min.js	6.0 kB	2023-03-07	2024-04-06
Pretty URL shopnow.v6.navy/assets/js/jquery.easing.min.js IP 193.53.127.17 ASN #49392 LLC Baxet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:22 Last Seen2024-04-06 17:27:26 Times Seen322 Hash b62c744f5635480a0eabd225a04b7452 e1fd1d78867a8171c0f69148f350c098e4d4c8d0 f9b2277cb79f77cfa984fc713bda988da89f9699509a30eee234404efa79b32e Loading...

	shopnow.v6.navy/assets/js/isotope.pkgd.min.js	35 kB	2023-03-07	2024-04-25
Pretty URL shopnow.v6.navy/assets/js/isotope.pkgd.min.js IP 193.53.127.17 ASN #49392 LLC Baxet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2024-04-25 07:52:27 Times Seen5681 Hash 2afcff647ed260006faa71c8e779e8d4 c4e5994f24ee8c8d2cf2d6602f0b56b9096a2e98 081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22 Loading...

	shopnow.v6.navy/assets/js/validator.min.js	9.0 kB	2023-03-07	2024-04-06
Pretty URL shopnow.v6.navy/assets/js/validator.min.js IP 193.53.127.17 ASN #49392 LLC Baxet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:22 Last Seen2024-04-06 17:27:26 Times Seen304 Hash 6f0c261c06151bb9564dcff79baa1a5a 095b4e20e18cd54d793ae907e020ea6175d31d2e 8f0b7817088a6bdf13a43c49b6970236635411f5568534a8587ee3c188e719f6 Loading...

	shopnow.v6.navy/assets/js/scripts.js	11 kB	2023-03-07	2024-04-06
Pretty URL shopnow.v6.navy/assets/js/scripts.js IP 193.53.127.17 ASN #49392 LLC Baxet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:22 Last Seen2024-04-06 17:27:26 Times Seen292 Hash 5993126f94e52f628f659785b71ea39c 2310e4a99a24e938d189d42168c939543648fe15 33f596d90adab57bfa28cff9fb915f1cf7b71891222750823557002ce1d551d2 Loading...

HTTP Transactions (79)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9022
Expires: Mon, 05 Dec 2022 07:08:35 GMT
Date: Mon, 05 Dec 2022 04:38:13 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3965
Cache-Control: max-age=111549
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:38:13 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:37:22 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2775
Expires: Mon, 05 Dec 2022 05:24:28 GMT
Date: Mon, 05 Dec 2022 04:38:13 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 04:20:12 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1081
alt-svc: clear
X-Firefox-Spdy: h2

shopnow.v6.navy/

193.53.127.17

200 OK

65 kB

URL HTTP/1.1
shopnow.v6.navy/
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
65 kB (65294 bytes)
Hash
7afc35b1893ac078dbcba07b275f4717
a3b5e63c38b9240f1649e89489196293e65b1fec
61c14728c6db24b682b3b2048ed761395783eb0e4d7adf0f6452081dba7506b1

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Date: Mon, 05 Dec 2022 04:38:13 GMT
Transfer-Encoding: chunked

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: hyNp7UXbnxSqnvmZ7gdagg9ceRCfngbu6PWL/1hFrDdjbmagpH2/pPYljYU77x8vKU44+8aZCOA=
x-amz-request-id: ZT90G68CWMKNDH00
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 03:47:49 GMT
age: 3024
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:38:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

shopnow.v6.navy/assets/css/fontawesome-all.css

193.53.127.17

200 OK

52 kB

URL HTTP/1.1
shopnow.v6.navy/assets/css/fontawesome-all.css
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
ASCII text, with very long lines (317)
Size
52 kB (51609 bytes)
Hash
0a2ed388e9c6ab831acb42c006aa91a3
a4c3b243e5c4952207fffbfaec2109646fd0238b
022726742abc2f7fe2465c44525098c41abe3f82b8084140bdc5ad477dcb5af1

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/css/fontawesome-all.css HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 51609
Content-Type: text/css; charset=utf-8
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:13 GMT

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:38:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:38:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

shopnow.v6.navy/assets/css/magnific-popup.css

193.53.127.17

200 OK

7.0 kB

URL HTTP/1.1
shopnow.v6.navy/assets/css/magnific-popup.css
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
ASCII text
Size
7.0 kB (6951 bytes)
Hash
30b593b71d7672658f89bfea0ab360c9
d6963db6faa9294387bb3175813a61bc3f859437
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/css/magnific-popup.css HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 6951
Content-Type: text/css; charset=utf-8
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:13 GMT

shopnow.v6.navy/assets/js/popper.min.js

193.53.127.17

200 OK

21 kB

URL HTTP/1.1
shopnow.v6.navy/assets/js/popper.min.js
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
ASCII text, with very long lines (20831)
Size
21 kB (21003 bytes)
Hash
36affe2ca6cb85233ee7362c5d8b7893
42e3ca1212d825150c0f57f97dea8d9c0b0ce2a1
71ef7c16d75da75a5d417df75ed72144bc5ec65a9c0429b7dee0988adc3e8d29

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /assets/js/popper.min.js HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 21003
Content-Type: application/javascript
Last-Modified: Tue, 29 Nov 2022 21:15:25 GMT
Date: Mon, 05 Dec 2022 04:38:13 GMT

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:38:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

shopnow.v6.navy/assets/css/swiper.css

193.53.127.17

200 OK

22 kB

URL HTTP/1.1
shopnow.v6.navy/assets/css/swiper.css
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
ASCII text, with very long lines (1468)
Size
22 kB (22256 bytes)
Hash
1d814746f69121716ac9fefb559d7026
e3290a4fa0a8c274cbd4bb82e81ae1c4339ecbfa
e4ace9e73742cf9b354dd33704485f759d7a0ce9ba25e20c5401ab9af490d8a8

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/css/swiper.css HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 22256
Content-Type: text/css; charset=utf-8
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:13 GMT

shopnow.v6.navy/assets/js/jquery.easing.min.js

193.53.127.17

200 OK

6.0 kB

URL HTTP/1.1
shopnow.v6.navy/assets/js/jquery.easing.min.js
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
Unicode text, UTF-8 text, with very long lines (4004)
Size
6.0 kB (5958 bytes)
Hash
b62c744f5635480a0eabd225a04b7452
e1fd1d78867a8171c0f69148f350c098e4d4c8d0
f9b2277cb79f77cfa984fc713bda988da89f9699509a30eee234404efa79b32e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /assets/js/jquery.easing.min.js HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 5958
Content-Type: application/javascript
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:13 GMT

shopnow.v6.navy/assets/css/styles.css

193.53.127.17

200 OK

48 kB

URL HTTP/1.1
shopnow.v6.navy/assets/css/styles.css
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
ASCII text, with CRLF line terminators
Size
48 kB (47527 bytes)
Hash
e02d259ab01f2ca4dca14c68d59f4f10
30c422199c583592a11a04dce052db6e6f7197c4
cd6d50893335a2a6d69cb428aed21940c33699cb44bd56e938327603292b104a

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/css/styles.css HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 47527
Content-Type: text/css; charset=utf-8
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:13 GMT

shopnow.v6.navy/assets/js/jquery.min.js

193.53.127.17

200 OK

87 kB

URL HTTP/1.1
shopnow.v6.navy/assets/js/jquery.min.js
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
ASCII text, with very long lines (65451)
Size
87 kB (86927 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /assets/js/jquery.min.js HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 86927
Content-Type: application/javascript
Last-Modified: Tue, 29 Nov 2022 21:15:25 GMT
Date: Mon, 05 Dec 2022 04:38:13 GMT

shopnow.v6.navy/assets/js/jquery.magnific-popup.js

193.53.127.17

200 OK

22 kB

URL HTTP/1.1
shopnow.v6.navy/assets/js/jquery.magnific-popup.js
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
ASCII text, with very long lines (21547), with CRLF line terminators
Size
22 kB (21680 bytes)
Hash
21dfcde552b78840cf0f9960552c06ac
99d1d2aec86270a41802ee3197afe260c4dda7e5
43330aded0f4267f5ee70e20c6374ba6965a6367f8c0b15efcf4b9a4cfac986d

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /assets/js/jquery.magnific-popup.js HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 21680
Content-Type: application/javascript
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:13 GMT

shopnow.v6.navy/assets/js/bootstrap.min.js

193.53.127.17

200 OK

58 kB

URL HTTP/1.1
shopnow.v6.navy/assets/js/bootstrap.min.js
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
ASCII text, with very long lines (57791)
Size
58 kB (58072 bytes)
Hash
e1d98d47689e00f8ecbc5d9f61bdb42e
6778fed3cf095a318141a31f455c8f4663885bde
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /assets/js/bootstrap.min.js HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 58072
Content-Type: application/javascript
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:13 GMT

shopnow.v6.navy/assets/css/bootstrap.css

193.53.127.17

200 OK

192 kB

URL HTTP/1.1
shopnow.v6.navy/assets/css/bootstrap.css
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
ASCII text, with very long lines (570)
Size
192 kB (192348 bytes)
Hash
bd551f56ce2be3eba2812e605ab4f5b2
94d6450720dd8deb413760cc9184204b46802e9c
35fbb6dc3891aacaf1ffa07abec2344fdbc454aab533a2a03bcf93577eb7837b

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/css/bootstrap.css HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 192348
Content-Type: text/css; charset=utf-8
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:13 GMT

shopnow.v6.navy/assets/js/morphext.min.js

193.53.127.17

200 OK

1.0 kB

URL HTTP/1.1
shopnow.v6.navy/assets/js/morphext.min.js
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
ASCII text, with very long lines (1014), with no line terminators
Size
1.0 kB (1014 bytes)
Hash
6db5449e756b858fc376ea662aab817a
384a56b05af02a655286bd9f52a25653aed2a7ac
a86df3be0eff7f90991f057c21e6907c16391e6f8cd0a4773cc93d9401e9dfdb

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /assets/js/morphext.min.js HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 1014
Content-Type: application/javascript
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:13 GMT

shopnow.v6.navy/assets/js/isotope.pkgd.min.js

193.53.127.17

200 OK

35 kB

URL HTTP/1.1
shopnow.v6.navy/assets/js/isotope.pkgd.min.js
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
ASCII text, with very long lines (32019)
Size
35 kB (35445 bytes)
Hash
2afcff647ed260006faa71c8e779e8d4
c4e5994f24ee8c8d2cf2d6602f0b56b9096a2e98
081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /assets/js/isotope.pkgd.min.js HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 35445
Content-Type: application/javascript
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:13 GMT

shopnow.v6.navy/assets/js/validator.min.js

193.53.127.17

200 OK

9.0 kB

URL HTTP/1.1
shopnow.v6.navy/assets/js/validator.min.js
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
ASCII text, with very long lines (7453), with CRLF line terminators
Size
9.0 kB (8953 bytes)
Hash
6f0c261c06151bb9564dcff79baa1a5a
095b4e20e18cd54d793ae907e020ea6175d31d2e
8f0b7817088a6bdf13a43c49b6970236635411f5568534a8587ee3c188e719f6

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /assets/js/validator.min.js HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 8953
Content-Type: application/javascript
Last-Modified: Tue, 29 Nov 2022 21:15:25 GMT
Date: Mon, 05 Dec 2022 04:38:13 GMT

shopnow.v6.navy/assets/js/swiper.min.js

193.53.127.17

200 OK

126 kB

URL HTTP/1.1
shopnow.v6.navy/assets/js/swiper.min.js
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
ASCII text, with very long lines (65270)
Size
126 kB (125617 bytes)
Hash
74571ff9ea0f905f582197d9e94ab140
2a902def916331df8a60421561e5ed394f42fad9
765d1654297c8d730165fbe731eca09c1d3e6efaa9e7006aaa567c5a2f7994ba

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /assets/js/swiper.min.js HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 125617
Content-Type: application/javascript
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:13 GMT

shopnow.v6.navy/assets/js/scripts.js

193.53.127.17

200 OK

11 kB

URL HTTP/1.1
shopnow.v6.navy/assets/js/scripts.js
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
ASCII text, with CRLF line terminators
Size
11 kB (10929 bytes)
Hash
5993126f94e52f628f659785b71ea39c
2310e4a99a24e938d189d42168c939543648fe15
33f596d90adab57bfa28cff9fb915f1cf7b71891222750823557002ce1d551d2

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /assets/js/scripts.js HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 10929
Content-Type: application/javascript
Last-Modified: Tue, 29 Nov 2022 21:15:25 GMT
Date: Mon, 05 Dec 2022 04:38:13 GMT

shopnow.v6.navy/assets/images/testimonial-1.jpg

193.53.127.17

200 OK

17 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/testimonial-1.jpg
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 150x150, components 3\012- data
Size
17 kB (17153 bytes)
Hash
5ece4f460ee903bc72b0363cb13dd1f8
6e8e641ad96fa7fc205f214f22d1f37f7e2188e6
4b20eb66552a80d8fb82f186813407d54b3a8494f028d07980c94709d9c22a0c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/testimonial-1.jpg HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 17153
Content-Type: image/jpeg
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:13 GMT

shopnow.v6.navy/assets/images/services-3.jpg

193.53.127.17

200 OK

57 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/services-3.jpg
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 690x398, components 3\012- data
Size
57 kB (57316 bytes)
Hash
1bd32ec4abdc49741aa10cfeab1a0f08
51904dab31e181fa4251bcad0b174ab46b7bf5f0
f521db39fe23999740a52552dd3e32a1e42cfaef642db84a9b27dcf5823de5a4

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/services-3.jpg HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 57316
Content-Type: image/jpeg
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:13 GMT

shopnow.v6.navy/assets/images/testimonial-3.jpg

193.53.127.17

200 OK

14 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/testimonial-3.jpg
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 150x150, components 3\012- data
Size
14 kB (13659 bytes)
Hash
871ee8f1618ac352b62a9cfa2a5fda0e
64e434579a08884ec14f377af987006e79985e5f
11969e798993d60ffdd246d2c3324ee3dcc66057d64bfcd3e75838c5860edf86

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/testimonial-3.jpg HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 13659
Content-Type: image/jpeg
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:13 GMT

shopnow.v6.navy/assets/images/testimonial-2.jpg

193.53.127.17

200 OK

14 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/testimonial-2.jpg
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 150x150, components 3\012- data
Size
14 kB (14272 bytes)
Hash
3a53745caff42323a74d1c5da07e99b1
cbbda50a9e326934c1b6e5ede6bfb2988fdd1a5e
b9698e57d32c7c39d5194fd48fcecdef8e63192453250a85fefccad7acf8d0d3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/testimonial-2.jpg HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 14272
Content-Type: image/jpeg
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:13 GMT

shopnow.v6.navy/assets/images/testimonial-4.jpg

193.53.127.17

200 OK

12 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/testimonial-4.jpg
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 150x150, components 3\012- data
Size
12 kB (12487 bytes)
Hash
c0f04dba079ee6b0ae25d2f52c48a0ef
813e6daeb0f616ed257f7f866ca149b271a213d1
bad7b03b84053c3be3d85fb317ce99cb079ed75d10bc34b0bc0f69e651160dec

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/testimonial-4.jpg HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 12487
Content-Type: image/jpeg
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:13 GMT

shopnow.v6.navy/assets/images/testimonial-5.jpg

193.53.127.17

200 OK

14 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/testimonial-5.jpg
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 150x150, components 3\012- data
Size
14 kB (14372 bytes)
Hash
6cebd0233f08d00260cf1e24b5475222
630f683871c7d19edf6c5b888f473bc8746afc41
5eb925ae0a6b3b404347298ad85367f6b6ab506a58ba06721fc531f2b34d6b3c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/testimonial-5.jpg HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 14372
Content-Type: image/jpeg
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:13 GMT

shopnow.v6.navy/assets/images/testimonial-6.jpg

193.53.127.17

200 OK

13 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/testimonial-6.jpg
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 150x150, components 3\012- data
Size
13 kB (12698 bytes)
Hash
4a330f5eb9a69543375211bf4b219f63
9762801ee93705a20e68178c44c7d8dba6fcdf1e
aaa9e8124ef1c1a9358e0bb16298880ec7bb2f33cf43605c1c8ed72687bfb13c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/testimonial-6.jpg HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 12698
Content-Type: image/jpeg
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

shopnow.v6.navy/assets/images/project-1.jpg

193.53.127.17

200 OK

87 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/project-1.jpg
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 722x704, components 3\012- data
Size
87 kB (87109 bytes)
Hash
8d83fc8eea997b1fd0920d07fcdf6810
db2b919d36f05f9bf9b0eaa990adf504d7f9278c
c76560a63bd3583a15621130b806b15b55eeb23f5fed48e43f34ae5abf8ae29d

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/project-1.jpg HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 87109
Content-Type: image/jpeg
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

fonts.googleapis.com/css?family=Open+Sans:400,400i,600&display=swap&subset=latin-ext

142.250.74.106

200 OK

1.2 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,400i,600&display=swap&subset=latin-ext
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.2 kB (1247 bytes)
Hash
213f509fa2207f621c596e5519b74e34
3b572bcb10e85a63c319ca7f7ba291516b93a165
23aad420af42f335a576976377e2e0f5128b1403050e6765c4e8ae367360650a

HTTP Headers

GET /css?family=Open+Sans:400,400i,600&display=swap&subset=latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://shopnow.v6.navy/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 04:38:13 GMT
date: Mon, 05 Dec 2022 04:38:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

shopnow.v6.navy/assets/images/intro-office.jpg

193.53.127.17

200 OK

61 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/intro-office.jpg
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 690x446, components 3\012- data
Size
61 kB (60789 bytes)
Hash
5de0bc8c5e753e594f914e19e83da92e
0e2e2af37b9396640d160fd343c5ece976031bc6
c30423525c17a9b2e77636e6717a85e5f5916829e6044cc1876f4e347231bd54

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/intro-office.jpg HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 60789
Content-Type: image/jpeg
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

shopnow.v6.navy/assets/webfonts/fa-solid-900.woff2

193.53.127.17

200 OK

50 kB

URL HTTP/1.1
shopnow.v6.navy/assets/webfonts/fa-solid-900.woff2
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
Web Open Font Format (Version 2), TrueType, length 50372, version 1.0\012- data
Size
50 kB (50372 bytes)
Hash
8a8c0474283e0d9ef41743e5e486bf05
1ba4dd60af529d1a72d0e57467c3bc0bbb728a4d
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /assets/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://shopnow.v6.navy/assets/css/fontawesome-all.css

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 50372
Content-Type: font/woff2
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://shopnow.v6.navy
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 06:30:11 GMT
expires: Sat, 02 Dec 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 252483
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:38:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

shopnow.v6.navy/assets/images/services-1.jpg

193.53.127.17

200 OK

18 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/services-1.jpg
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 690x398, components 3\012- data
Size
18 kB (18345 bytes)
Hash
db7ef22712a4b475a426fab9ef5284d5
8a7a76a1ff31d09141f098737ee42ca13602d1cc
b5c5492eab1bb755646d9932666aaa755225d0b65932ba729bc126311dc12a1a

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/services-1.jpg HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 18345
Content-Type: image/jpeg
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

shopnow.v6.navy/assets/images/project-2.jpg

193.53.127.17

200 OK

129 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/project-2.jpg
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 722x704, components 3\012- data
Size
129 kB (128650 bytes)
Hash
f467bd306a5e04910955f517d1b09b8c
a16db5a00108ee15b40e5e114fb1e25a562a386a
aa1fde15b335ca1f4076025f84a8371806e73a2b57afb24cf79015963264b03e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/project-2.jpg HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 128650
Content-Type: image/jpeg
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

shopnow.v6.navy/assets/images/project-3.jpg

193.53.127.17

200 OK

121 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/project-3.jpg
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 722x704, components 3\012- data
Size
121 kB (121101 bytes)
Hash
e96677e57c134b45f11b94ea53ce4bec
db49c6a79f9afe2e63f9c2193cbf3af639d352f8
3df87d6b42cd5ee8061f7f1157c620de08f497a31bb53e3cf2865295776f99dd

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/project-3.jpg HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 121101
Content-Type: image/jpeg
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:38:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

shopnow.v6.navy/assets/images/services-2.jpg

193.53.127.17

200 OK

45 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/services-2.jpg
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 690x398, components 3\012- data
Size
45 kB (45032 bytes)
Hash
e1449770bba52fee6b302a1c94bcdf3a
be8811435f3ebeb5509963c8b0f2711323069580
a2b8b9cda5cce1a1ca8be715802340efebf0f2d26e8a96e1c42e744b3e61653a

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/services-2.jpg HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 45032
Content-Type: image/jpeg
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:38:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Montserrat:500,700&display=swap&subset=latin-ext

142.250.74.106

200 OK

18 kB

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat:500,700&display=swap&subset=latin-ext
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
18 kB (18354 bytes)
Hash
0add0cf49f65939f201bf88ec7e3a223
73033a12bc0d64beee89c96c7ea191b6ef0166a2
722513073bdef21938c617444182b2e41dfc1117ee7a67c56424975227fa9def

HTTP Headers

GET /css?family=Montserrat:500,700&display=swap&subset=latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://shopnow.v6.navy/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 04:38:13 GMT
date: Mon, 05 Dec 2022 04:38:13 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

shopnow.v6.navy/assets/webfonts/fa-brands-400.woff2

193.53.127.17

200 OK

61 kB

URL HTTP/1.1
shopnow.v6.navy/assets/webfonts/fa-brands-400.woff2
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
Web Open Font Format (Version 2), TrueType, length 61336, version 1.0\012- data
Size
61 kB (61336 bytes)
Hash
3654744dc6d6c37c9b3582b57622df5e
0ec12ea1707f5bc812b627f41cccad2aff01e54b
1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /assets/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://shopnow.v6.navy/assets/css/fontawesome-all.css

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 61336
Content-Type: font/woff2
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://shopnow.v6.navy
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 553533
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

shopnow.v6.navy/assets/images/hexagon-green.svg

193.53.127.17

200 OK

660 B

URL HTTP/1.1
shopnow.v6.navy/assets/images/hexagon-green.svg
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
660 B (660 bytes)
Hash
f27e7b9f0fc0b37cd83161990a59560c
9a80b528822ea1286c34e497dd055af2782b858a
0053a159a618e45e96fb0c24b9efce0d9c29dd4016ad6e0c9ac6f1370c1e7ae4

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /assets/images/hexagon-green.svg HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/assets/css/styles.css

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 660
Content-Type: image/svg+xml
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

shopnow.v6.navy/assets/images/logo.svg

193.53.127.17

200 OK

3.9 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/logo.svg
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
3.9 kB (3858 bytes)
Hash
5d6dafbe74a3300734f40d785f9b8e45
588ccd0b714d30d33b07c2029b74188d36dcd02b
d19d102bf37b08e9fe6f67b43492f7eab072c16e1eb1bff4be06956cab8612a0

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /assets/images/logo.svg HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 3858
Content-Type: image/svg+xml
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

shopnow.v6.navy/assets/images/project-5.jpg

193.53.127.17

200 OK

125 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/project-5.jpg
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 722x704, components 3\012- data
Size
125 kB (124818 bytes)
Hash
b73472bd406efddaf305ccabf9ab5033
286d2bf013b7b873b8aeb5508ad2df12d93927da
47755114a55e973444289872432aca263671bdab8734917cf2a859bce782d8b4

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/project-5.jpg HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 124818
Content-Type: image/jpeg
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

shopnow.v6.navy/assets/images/team-3.png

193.53.127.17

200 OK

20 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/team-3.png
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
PNG image data, 230 x 200, 8-bit colormap, non-interlaced\012- data
Size
20 kB (20346 bytes)
Hash
f206425c2bbb0405083aba59953cf7a3
7eba037a3aab8e46d4b4b83de7e65650a7ba0a1c
dff9970b6cc442a8f9122317dab81495cc757d87e1e4cb683202946caacad22d

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/team-3.png HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 20346
Content-Type: image/png
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:38:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

shopnow.v6.navy/assets/images/project-8.jpg

193.53.127.17

200 OK

63 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/project-8.jpg
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 722x704, components 3\012- data
Size
63 kB (63374 bytes)
Hash
d9e8a6245800b4ff6e6be1ab413be1d6
8b5d5afffe07477cf6d83661341bf9498f7734f6
1fa386b4ec95f717ccb6759e28f62f89a158c3a7a68aa88727c419ccfbfbe002

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/project-8.jpg HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 63374
Content-Type: image/jpeg
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

shopnow.v6.navy/assets/images/project-6.jpg

193.53.127.17

200 OK

91 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/project-6.jpg
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 722x704, components 3\012- data
Size
91 kB (91029 bytes)
Hash
b76e3f7283ad38721d52bb0ad71d9640
5fb23a085252c2e82b43f672150ce75481a045f5
3238abc40cdd63aec6950309115c587ef43add82b45f4786713a8404c3be7454

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/project-6.jpg HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 91029
Content-Type: image/jpeg
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

shopnow.v6.navy/assets/images/project-7.jpg

193.53.127.17

200 OK

88 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/project-7.jpg
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 722x704, components 3\012- data
Size
88 kB (87474 bytes)
Hash
f82f90a4b3d80d07d7fb0cd3294698fd
cb500daa0f90fa078efbedb7afbe558cdce56572
1d06ba5a80e1e1b693ffa33db2881fdff28aab1b18eeef30a4314554e0e31731

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/project-7.jpg HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 87474
Content-Type: image/jpeg
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

shopnow.v6.navy/assets/images/team-1.png

193.53.127.17

200 OK

19 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/team-1.png
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
PNG image data, 230 x 200, 8-bit colormap, non-interlaced\012- data
Size
19 kB (18874 bytes)
Hash
70b05db7e49931d59fc896d03819b389
6396404d552743ce6473f2b0f421571ce84ff771
41768e8052de115958d44c3d2166e81d8977f445a4a11db90e2489ca215be4e4

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/team-1.png HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 18874
Content-Type: image/png
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

shopnow.v6.navy/assets/images/team-2.png

193.53.127.17

200 OK

19 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/team-2.png
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
PNG image data, 230 x 200, 8-bit colormap, non-interlaced\012- data
Size
19 kB (18853 bytes)
Hash
85c9a64b48c5f2f7628cf52d8e1dbd7b
4e80ebbf3fe19035ca0ce12993be801716224a82
e50f1cd75801973a226969e9acb7589f0274b4b3c46b33d8099604e135206a92

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/team-2.png HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 18853
Content-Type: image/png
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

shopnow.v6.navy/assets/images/project-4.jpg

193.53.127.17

200 OK

79 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/project-4.jpg
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 722x704, components 3\012- data
Size
79 kB (79011 bytes)
Hash
ae147dfe4e6b2111a6352befc17bd260
3fe030520cfb57eba8ad7fcdcb575679bbcec363
955269223925b61169807b535cf414f3332684d80faffb9781946624bcf1d5ae

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/project-4.jpg HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 79011
Content-Type: image/jpeg
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 04:08:58 GMT
cache-control: public,max-age=3600
age: 1756
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

shopnow.v6.navy/assets/images/team-4.png

193.53.127.17

200 OK

21 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/team-4.png
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
PNG image data, 230 x 200, 8-bit colormap, non-interlaced\012- data
Size
21 kB (20795 bytes)
Hash
8ce04d0e6177b0f95105b8928cfd7703
76c96b1a00c08e2d0d3c16051da8b0ecbb9f3716
9280453255d890fc4a3f75a3cff60434d7a137bb98fe0638637dce2e7f124594

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/team-4.png HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 20795
Content-Type: image/png
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

shopnow.v6.navy/assets/images/about.jpg

193.53.127.17

200 OK

41 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/about.jpg
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 690x468, components 3\012- data
Size
41 kB (41312 bytes)
Hash
a7d9b9adeeb5ebe86ff84ea51e03fa18
93063c30e071ae7afae5dab38cc9800ecfd7a812
3a05c958e8105479cee704d83104aa74b6ff72b3397119839656cc4111a2fb6e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/about.jpg HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 41312
Content-Type: image/jpeg
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

shopnow.v6.navy/assets/images/details-1-background.jpg

193.53.127.17

200 OK

88 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/details-1-background.jpg
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x800, components 3\012- data
Size
88 kB (87542 bytes)
Hash
fcf75aca7c554a0fe508f3c738d9c361
04eaa4da890a6e4a581ed1249623363c0516ed5f
e478f67a5616b44030a25b06ab8e37dce26dcfbfee6dcb71ad89b0fed951b7fa

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/details-1-background.jpg HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/assets/css/styles.css

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 87542
Content-Type: image/jpeg
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

shopnow.v6.navy/assets/images/down-arrow.png

193.53.127.17

200 OK

1.0 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/down-arrow.png
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
PNG image data, 14 x 9, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1044 bytes)
Hash
ac6d4cdd83c10d04fa6d4d7034874957
4deb5b8010307fb0e0bade1ef1f860361bd05466
83f78eb5a5ef02c50d3d3f41ac156b070868698fd0083cfa7cf777bfaae44318

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/down-arrow.png HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/assets/css/styles.css

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 1044
Content-Type: image/png
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

shopnow.v6.navy/assets/images/header-background.jpg

193.53.127.17

200 OK

466 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/header-background.jpg
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size
466 kB (465922 bytes)
Hash
e5707cb75d2a8df86739498f2f753d30
d5fe92366ca850696d85477f2fedaece50afdada
27104de3677856b3b8791f6635b38acb1b96e6b2e7a6daee1d6cedc833a082c6

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/header-background.jpg HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/assets/css/styles.css

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 465922
Content-Type: image/jpeg
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3956
Cache-Control: max-age=106473
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:38:14 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:12:47 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

shopnow.v6.navy/assets/images/details-2-background.jpg

193.53.127.17

200 OK

192 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/details-2-background.jpg
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x800, components 3\012- data
Size
192 kB (192233 bytes)
Hash
e41d1c0f17be353995a707436a279fa7
e4d7d8771bd6c89d2afed44fc5437fd837b3257e
a4da1c0e83ff93e75b870a001178275b84db4eb1989d64fc7bd1957a2d49c884

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/details-2-background.jpg HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/assets/css/styles.css

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 192233
Content-Type: image/jpeg
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

shopnow.v6.navy/assets/images/favicon.png

193.53.127.17

200 OK

1.4 kB

URL HTTP/1.1
shopnow.v6.navy/assets/images/favicon.png
IP
193.53.127.17:0
ASN
#49392 LLC Baxet

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1355 bytes)
Hash
c2195fb7d311a0c8de10b081d23e6b9a
1e2675f23b1a143d6c2caa8f8879ec98d7a2ba6a
b29b85173752c3c60bd5914e5eb98b1f79f143e3ff59c13c883bf59034697ab3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
quad9	Sinkholed

HTTP Headers

GET /assets/images/favicon.png HTTP/1.1
Host: shopnow.v6.navy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shopnow.v6.navy/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 1355
Content-Type: image/png
Last-Modified: Tue, 29 Nov 2022 21:15:26 GMT
Date: Mon, 05 Dec 2022 04:38:14 GMT

push.services.mozilla.com/

34.218.168.248

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.218.168.248:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xom4jmXuwYOY3xEc+1Xc7w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3kHB5eOqAlx2N6KWJJVV2vcyDVI=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6950
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:38:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6950
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:38:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6950
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:38:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6950
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:38:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6950
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:38:16 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50c0f516-113b-498b-a6f2-9f0a076ff423.jpeg

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50c0f516-113b-498b-a6f2-9f0a076ff423.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7853 bytes)
Hash
dafdb4fe91795a9e16baebb085ccd818
f5ed5d03e6969f81349ad78fde0e71390a4ed391
f535ce45d68317bad15513d3cd3d21d2c0ef12e93d6ac19cc07b704ee1651f51

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50c0f516-113b-498b-a6f2-9f0a076ff423.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7853
x-amzn-requestid: fa079a7e-1e93-41d6-bb16-2703077a0cb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGrKEGFoAMFnBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6388517a-076131847c129c197e84901b;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:02:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Cri6Vf6-INRisbFQ4ITZ7f8RIvomQXQ-TjkjWAOkkUhmI1yhHIbTYA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 08:10:52 GMT
age: 73644
etag: "f5ed5d03e6969f81349ad78fde0e71390a4ed391"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6826 bytes)
Hash
a349d02cce160f72cc93f6fb6e45fa46
a6f82481ea0a820da0f199e8f9051a4aa4013c82
ab320118577a2dcb6ab7ad904d6350e187501a94b39b71fdd70b31cbc8853b24

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6826
x-amzn-requestid: f0abdba6-14c8-4aae-ba3b-37ba0af2ff08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_t2FsLIAMFekA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1325-3452be066acddb554f528cc3;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: d5IKLNblcA9AzCoGMpGmIGwUu-kQlHlouju5mm2NwsSOin4MFT40mg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:56:21 GMT
age: 24115
etag: "a6f82481ea0a820da0f199e8f9051a4aa4013c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10183 bytes)
Hash
99d1ff8fa2e095dcf2bda3d1e1af1221
f914f04a0e1fb45a221d31d2105bfc73015b03e6
90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10183
x-amzn-requestid: 0cdea572-aab4-4d52-948b-976170a787a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uLHQZoAMF4hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1327-7948052f39c4f6071b4a0e0d;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WDqUFMBT59kulx4WLxNh5XTsHzr4_u524juvZJnGMYBH-mUaJclnTg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:03 GMT
age: 24553
etag: "f914f04a0e1fb45a221d31d2105bfc73015b03e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad33fba3-ee62-4ef5-9330-0bd0a142dd92.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6236 bytes)
Hash
c9e228ec099cad3eea0fb1656da3536f
532cf52021a6cdb7b7963e9108b41590f58276fe
8e54f09dd66fdc35e5f54100cf6c56abf88cb7e724b08092e7ce82720d423135

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad33fba3-ee62-4ef5-9330-0bd0a142dd92.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6236
x-amzn-requestid: 0215aac5-7c44-43b0-b2e9-baddeed42fe0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjiXEEXiIAMFqIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ae42d-5961705726e81a4e3b6a91c9;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 05:52:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ToFwGweqIr6TeGKj1mw8gMfun_defm7BE11XM-gKfL5NsEbJKC2iMg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:15:59 GMT
age: 22937
etag: "532cf52021a6cdb7b7963e9108b41590f58276fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6173 bytes)
Hash
3130c86c084c4c925fb9179dfa5c145d
203f27660f3885d5c1bc68a535baef4e48ff6582
faf2c48c2286fe2149908947de9037640007d32e13694c1261f610250caf3f8f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6173
x-amzn-requestid: dc73ee0d-b1ec-407f-8e98-3ba264725ee3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqHqwIAMFwqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-56d74e8d45baa9e87136708f;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Gp9v8CfWmPctcSly9jWOxy0VCbBOE-CZs9z636yfpgpVi8eNt_PVvg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
etag: "203f27660f3885d5c1bc68a535baef4e48ff6582"
content-type: image/jpeg
age: 24587
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d81855b-98f7-4c0c-bfb4-78957d8c433d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7028 bytes)
Hash
9b475d52dd164b9cc0efbecfd58282b6
973e77db7fb34c60e08719dc7196d865e8831cb2
3985e24217a2bd811a0ea9bf0223eb0cda31604986f3467fae028a086a8b827e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d81855b-98f7-4c0c-bfb4-78957d8c433d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7028
x-amzn-requestid: 4d20bc36-d129-468d-b30d-f6b571d528af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKz6G86oAMF9oA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abe7f-5f9353c04487352b64ba3bf8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:11:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GnsrHp9gMnOF7C1LS_suYeIrdrXQyAAvdrROmuVBRoI8xd6Dujlq_A==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 03:26:36 GMT
age: 4300
etag: "973e77db7fb34c60e08719dc7196d865e8831cb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations