Report - zagsnewseason.com/

Report Overview

Submitted URL
zagsnewseason.com/
IP
165.231.2.187
ASN
#57972 Inter Connects Inc
Submitted
2023-01-26 10:58:55
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
zagsnewseason.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	796 B	873 B	165.231.2.187
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	67 kB	34.120.237.76
www.zagsnewseason.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	16 kB	780 kB	165.231.2.187
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.5 kB	142.250.74.106
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	95.101.11.115
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.149.51.98
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	142.250.74.131
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	121 kB	142.250.74.163
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-26 10:58:40	medium	Client IP	192.169.69.26	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-26	medium	zagsnewseason.com/	Phishing
2023-01-26	medium	zagsnewseason.com/	Phishing
2023-01-26	medium	www.zagsnewseason.com/	Phishing
2023-01-26	medium	www.zagsnewseason.com/media/js/ee649594623f92a22ae620dec0569da3.js	Phishing
2023-01-26	medium	www.zagsnewseason.com/skin/frontend/smartwave/porto/images/earn-fancash-logo-v2.svg	Phishing
2023-01-26	medium	www.zagsnewseason.com/skin/frontend/smartwave/porto/images/easy-365-day-logo-v2.svg	Phishing
2023-01-26	medium	www.zagsnewseason.com/skin/frontend/smartwave/porto/images/select-bg.svg	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	www.zagsnewseason.com/	98 B	2023-03-07	2023-05-18
Pretty URL www.zagsnewseason.com/ IP 165.231.2.187 ASN #57972 Inter Connects Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:06 Last Seen2023-05-18 11:57:16 Times Seen3 Hash d4fbbbd8c4d03b91fe0cea9107858ba1 30c376dcc6eae1d376580baae5367321654b4049 a3cd50f6d5a34f4044d646361b06fff3e73e42a08337beaee60406deba927b0a Loading...

	www.zagsnewseason.com/	69 B	2023-03-07	2024-04-24
Pretty URL www.zagsnewseason.com/ IP 165.231.2.187 ASN #57972 Inter Connects Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:33 Last Seen2024-04-24 18:09:57 Times Seen750 Hash f121c53a70ce133d2f2dd96bb5133076 766561af038575eb71bf9bcd1d57a32191fdeba7 75fcda1b8195b87caa4862661c766c9c4bdcfa512d1d8ffdafc121ab448c0ce5 Loading...

	www.zagsnewseason.com/	302 B	2023-03-07	2024-01-31
Pretty URL www.zagsnewseason.com/ IP 165.231.2.187 ASN #57972 Inter Connects Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:40 Last Seen2024-01-31 00:58:11 Times Seen65 Hash 9c771a98e9d4d3e1b5fcb557d5c89356 9610e309d7f45271826d0e748bfa00ae420bcd7d 12d517bfead5f41179100c1c813e3edb40b07f5eec0f7ca64209de7bc41824ca Loading...

	www.zagsnewseason.com/	537 B	2023-03-07	2023-12-29
Pretty URL www.zagsnewseason.com/ IP 165.231.2.187 ASN #57972 Inter Connects Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:06 Last Seen2023-12-29 18:58:21 Times Seen10 Hash b257cc913b38c5579db0650b1a1f0d29 95790a1ce5679ef02cbe98e17bba80cd65cff130 142e7c5773e5bc7cf2c92dd0445ebe4894a5f91e9403cb3bf4c7153b08ae8e17 Loading...

	www.zagsnewseason.com/	65 B	2023-03-07	2024-04-24
Pretty URL www.zagsnewseason.com/ IP 165.231.2.187 ASN #57972 Inter Connects Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:33 Last Seen2024-04-24 18:09:56 Times Seen715 Hash c49791cddd4764fb676ff8c0b8fc500c b471b9590f03ae77cc4b996a3de43cf2f41e13ce 680eaa8d9f99911e2b8e415ca9fae9dc7b1674312fddb106eaa744273f4e7443 Loading...

	www.zagsnewseason.com/	1.8 kB	2023-03-07	2023-12-29
Pretty URL www.zagsnewseason.com/ IP 165.231.2.187 ASN #57972 Inter Connects Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:06 Last Seen2023-12-29 18:58:21 Times Seen11 Hash 79736146ca3950c93f0f6ff04cfb18f4 7a3c03cd7a18a340280ee6b754b216daebd0e340 d74ebf483cc3ed17dfc1a5b47fbc014113f82f6b116fd83c0ce1b9d7bc9de19c Loading...

	www.zagsnewseason.com/	223 B	2023-03-07	2023-05-18
Pretty URL www.zagsnewseason.com/ IP 165.231.2.187 ASN #57972 Inter Connects Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:06 Last Seen2023-05-18 11:57:16 Times Seen3 Hash 0eacc638d2cca5c54e84e571d50155bd 5b907be579527d2fcf06aea3e33c7104c0287624 86cac97f989a711fa905e0c795ca545477d7a0c231ebf1c46344b8565ac14e04 Loading...

	www.zagsnewseason.com/	652 B	2023-03-07	2024-01-31
Pretty URL www.zagsnewseason.com/ IP 165.231.2.187 ASN #57972 Inter Connects Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:06 Last Seen2024-01-31 00:58:12 Times Seen62 Hash 01cadf1733a845e774a01918f5986179 ab4cc4360ec4e83d60e665ce169e36d6aaedc76b 59c04780238e2b0458fea81d15868b871aca9839604e58c2fb664b1ff8dfd737 Loading...

	www.zagsnewseason.com/	6.0 kB	2023-03-07	2023-12-29
Pretty URL www.zagsnewseason.com/ IP 165.231.2.187 ASN #57972 Inter Connects Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:06 Last Seen2023-12-29 18:58:21 Times Seen12 Hash ea422acd563f626158cd2c28bf21f3e8 56144b65fa372e07a0b9e05a5dd532a48c2dde4c f9170796be7715e5b146107ac1d3f3a5b63ac71d5ddbd01778955d3f271ee58f Loading...

	www.zagsnewseason.com/media/js/ee649594623f92a22ae620dec0569da3.js	688 kB	2023-03-07	2023-12-29
Pretty URL www.zagsnewseason.com/media/js/ee649594623f92a22ae620dec0569da3.js IP 165.231.2.187 ASN #57972 Inter Connects Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:06 Last Seen2023-12-29 18:58:21 Times Seen16 Hash 26f36af62dd242c1441a5039caca8f40 51e20991997a2c27915555c35b06a214f962d5e1 b04a265f41573561f04711af6c8acd7b25d4c148299a971055bce7a55577f2c4 Loading...

	www.zagsnewseason.com/	200 B	2023-03-07	2024-01-31
Pretty URL www.zagsnewseason.com/ IP 165.231.2.187 ASN #57972 Inter Connects Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:40 Last Seen2024-01-31 00:58:11 Times Seen47 Hash 6a512f93504ba0aeac52ad457c117003 d2a308a88a78ee3fa87e0aa960ffe965fcbb12d1 ef645c29f24ab71eebdc24329ad9435f23907df92b8f84f07495eb9d14894cdd Loading...

	www.zagsnewseason.com/	543 B	2023-03-07	2023-05-18
Pretty URL www.zagsnewseason.com/ IP 165.231.2.187 ASN #57972 Inter Connects Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:06 Last Seen2023-05-18 11:57:16 Times Seen3 Hash 83c6c7e1a2c4f67edb499c8dd758d592 cf9aca3bca857e6802542579b3a87523ddc12ec4 7cb055d4a170bed102ab2f9aa796be204b0bf5bdb836374d0f9a5f04e91ed370 Loading...

	www.zagsnewseason.com/	138 B	2023-03-07	2023-12-29
Pretty URL www.zagsnewseason.com/ IP 165.231.2.187 ASN #57972 Inter Connects Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:40 Last Seen2023-12-29 18:58:21 Times Seen21 Hash 2416f5da5ad69561627a26a7c76737bd 3d77decfc1589135ecb52834911c8bf3508f0a9f 8cd4c5d5344f592944f0a492c589d028f296ac4016566a684b4e68eb1d6b6381 Loading...

	www.zagsnewseason.com/	142 B	2023-03-07	2024-02-15
Pretty URL www.zagsnewseason.com/ IP 165.231.2.187 ASN #57972 Inter Connects Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:41 Last Seen2024-02-15 02:47:49 Times Seen60 Hash 1730d915e17965c1e829b9092c70f2e5 0d1a8ae0a92ff375c667be8070c6a9e13f18771c 23e08252a748099032f0bd093177958a00092f4776dcc5600dc8efba2b1fecc0 Loading...

	www.zagsnewseason.com/	1 B	2023-03-07	2024-04-26
Pretty URL www.zagsnewseason.com/ IP 165.231.2.187 ASN #57972 Inter Connects Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-26 13:20:35 Times Seen68880 Hash 68b329da9893e34099c7d8ad5cb9c940 adc83b19e793491b1c6ea0fd8b46cd9f32e592fc 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b Loading...

HTTP Transactions (62)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
58ffdcb539c3b250fdf31ed761627fc1
5b55b1522ef84c39b5c42f9bbfbc62b806c1269f
eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2353
Expires: Thu, 26 Jan 2023 11:37:56 GMT
Date: Thu, 26 Jan 2023 10:58:43 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13922
Expires: Thu, 26 Jan 2023 14:50:45 GMT
Date: Thu, 26 Jan 2023 10:58:43 GMT
Connection: keep-alive

zagsnewseason.com/

165.231.2.187

301 Moved Permanently

234 B

URL HTTP/1.1
zagsnewseason.com/
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
234 B (234 bytes)
Hash
3484d9167537af2482b995ecf3daaecd
03cb09c64a42b9a49eded52f3a607c0983de70fc
c2adee993015b4ba8cf75d20252f8a2c76d8d6f87fb6a4d913cdd8539324801d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 26 Jan 2023 10:58:11 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Location: https://zagsnewseason.com/
Content-Length: 234
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 10:35:16 GMT
content-type: application/json
age: 1407
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4331
Expires: Thu, 26 Jan 2023 12:10:54 GMT
Date: Thu, 26 Jan 2023 10:58:43 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: L5MxEh1oqcAwTgZDYFoSxw4NwAvytdvbX+7qpt8yoi9uxYhZpD4hRknao0X+7KDlRc/X1rDjWSOGNCtV7oVVIw==
x-amz-request-id: AYNJT2JZ4S6CHD59
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 10:48:56 GMT
age: 587
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 10:58:43 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 10:49:01 GMT
age: 583
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0269750a1d3e75482513dfbaf571f35d
a663a80405593b31b9fe9ac015aafabab1fae4cd
c8c6c936dfe6e6f03e434962d63ddb86aba509c787da25e7290dcc4968083c13

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8C6C936DFE6E6F03E434962D63DDB86ABA509C787DA25E7290DCC4968083C13"
Last-Modified: Thu, 26 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21582
Expires: Thu, 26 Jan 2023 16:58:26 GMT
Date: Thu, 26 Jan 2023 10:58:44 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19908
Expires: Thu, 26 Jan 2023 16:30:32 GMT
Date: Thu, 26 Jan 2023 10:58:44 GMT
Connection: keep-alive

zagsnewseason.com/

165.231.2.187

302 Moved Temporarily

0 B

URL HTTP/1.1
zagsnewseason.com/
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 302 Moved Temporarily
Date: Thu, 26 Jan 2023 10:58:12 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent
Location: https://www.zagsnewseason.com/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

push.services.mozilla.com/

54.149.51.98

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.51.98:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yHGvgEuor7Nl7RE1uMCCWg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: u7D/pP+qoWmpcgIH59cdF4amPDw=

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9424
Expires: Thu, 26 Jan 2023 13:35:50 GMT
Date: Thu, 26 Jan 2023 10:58:46 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9424
Expires: Thu, 26 Jan 2023 13:35:50 GMT
Date: Thu, 26 Jan 2023 10:58:46 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9424
Expires: Thu, 26 Jan 2023 13:35:50 GMT
Date: Thu, 26 Jan 2023 10:58:46 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ffb1709-216c-4bf0-9b98-e3a355f000bb.jpeg

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ffb1709-216c-4bf0-9b98-e3a355f000bb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8822 bytes)
Hash
13cd008fb3e2739ec7caadadbd427655
c4802b06b87ab97f3ccd80d1c9bbdb4fab9886c1
a300a4fde1863c8b806d0557d9f0adaed19e1c612989d7e3f79a7bb45e6e74dd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ffb1709-216c-4bf0-9b98-e3a355f000bb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8822
x-amzn-requestid: e16ae781-25f3-4b7d-b62b-85b35d6571c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYRwF2KIAMFjDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0d7-377f24bd18dea32564b148bd;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: n2ULSpeRMRZ9CDjmrwd56ti_gPYh9ApC521naXURI2Bh1eiKwjyHZw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:51:26 GMT
age: 47240
etag: "c4802b06b87ab97f3ccd80d1c9bbdb4fab9886c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3177e0c-fa06-470b-bb9e-800d246a5096.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8648 bytes)
Hash
4e013ee2e3a5287de55de4c2437a279d
f2b0a5738ec9e3b178b2bf5513de3e604b86eadf
f174d5678154412cdbf71f93c345d28cfb8bad7c190fa31dd78e9314c510f7ca

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3177e0c-fa06-470b-bb9e-800d246a5096.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8648
x-amzn-requestid: 19beb9c1-4e85-47ba-9275-7fb5d25f055f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYMlENLoAMFhIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0b6-016533de5b42b3a573a66c78;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:35:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jkExt4JNW6KtzDm8mDdb-AvXWXeyZr14XifDN_XVzKiwFAru_1HcSA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:55:21 GMT
age: 47005
etag: "f2b0a5738ec9e3b178b2bf5513de3e604b86eadf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11918 bytes)
Hash
4cb7be12333fa7ea3353901b4b3215af
4b758cc432874384f330568177eef5a328d7e69a
d6f86c0ddbabd5c4fd7cee72ce4da62ccddd9d29139c9ab033bb1ab8425bae22

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11918
x-amzn-requestid: df7df0ae-d70e-4b80-9483-2ecd5c8ee4a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqvPEXMoAMF5Aw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57fa-04193e0514c1c1e85d9d023b;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fznabMNG3n9Uo4L1jrrewtL_hJnQv8oR2qggeZtruvOLVzpUpcs7Tw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 17:10:40 GMT
etag: "4b758cc432874384f330568177eef5a328d7e69a"
content-type: image/jpeg
age: 64086
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c7f25e5-06eb-4d3f-99e2-edacd0739efb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (14856 bytes)
Hash
cfe699b31f96add9f1439af1ff1191eb
f77a833a69b69eef4a39e404c102f624e96b52c0
44312979ac13221e5c3328ad590f0f3dc7da00380c07c433382cd81c47b717f8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c7f25e5-06eb-4d3f-99e2-edacd0739efb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14856
x-amzn-requestid: e7d931f7-d086-42b9-a1f3-c8253b82eba6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSY_OHw7IAMFj6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d52e-4fd95c5f5a64861720a1ee60;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:07:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2yzeIjHl8sUO9s5n2sZfN6DSWOVDVQl-xdSrNmHu-yWXj_7VJJk5qA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:39:30 GMT
age: 11956
etag: "f77a833a69b69eef4a39e404c102f624e96b52c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10379 bytes)
Hash
653bf5a34e9f99c9eef73a21d98d792f
c70d46aa2210c4f7c397fa20e1225b7d0734ac35
9f928ec6f194340e5543a4bf757aac31d545def67a56ae804a2039a3effd3fe0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10379
x-amzn-requestid: 419e5a80-cb6d-4904-9545-a0f815149701
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYMREwmIAMFhQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0b4-64c49f7d49687d9e5324ec64;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:35:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rZHSgPIPZyea2griEvL-3semlrUDichGSL8Rin4YeYKN909f9e0lyQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:41:09 GMT
age: 47857
etag: "c70d46aa2210c4f7c397fa20e1225b7d0734ac35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5943 bytes)
Hash
ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VATQ0SjZfM_btXwR4M5keLmd-EE6717EHEiXrF2zpHNrli93EhN6Rw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:48:42 GMT
age: 47404
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.zagsnewseason.com/

165.231.2.187

200 OK

9.0 kB

URL HTTP/1.1
www.zagsnewseason.com/
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2710), with CRLF, LF line terminators
Size
9.0 kB (9021 bytes)
Hash
c7d5a6a8b81cd5e56dfa6fee985cbdaf
b1ceb4e66d3e982071c40d1732ac11d26fa6700b
86e26f6c624a7ebaf5b8fc1a5f3b0bdc002e48153cd1c58b7bd2eab474428ffe

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:13 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Set-Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; expires=Thu, 26-Jan-2023 11:58:13 GMT; Max-Age=3600; path=/; domain=www.zagsnewseason.com; HttpOnly
frontend_cid=NgVo7L5DGrDFg1GZ; expires=Thu, 26-Jan-2023 11:58:13 GMT; Max-Age=3600; path=/; domain=www.zagsnewseason.com; secure; httponly
Vary: User-Agent,Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 9021
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
715f2a2c57230b2e1aedef83c76e0cbc
df5a219b8564a6c8fbe802e574ba625be7f204ca
ca239808557d30d1df2527ae94987866734b640bfd631282414a39eac87b872c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 10:58:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
715f2a2c57230b2e1aedef83c76e0cbc
df5a219b8564a6c8fbe802e574ba625be7f204ca
ca239808557d30d1df2527ae94987866734b640bfd631282414a39eac87b872c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 10:58:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1005c9e99dc8d4390861d6730c7a403b
0e3858ae26a1c01e0160e3b60e400bea202ebd05
4ff7ceb81a3dad4fefd3a15ece4ce13898624c01bf5a0cb4fdd90958978ed6b9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 10:58:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
715f2a2c57230b2e1aedef83c76e0cbc
df5a219b8564a6c8fbe802e574ba625be7f204ca
ca239808557d30d1df2527ae94987866734b640bfd631282414a39eac87b872c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 10:58:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Open+Sans%3A300%2C300italic%2C400%2C400italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&v1&subset=latin%2Clatin-ext

142.250.74.106

200 OK

1.5 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans%3A300%2C300italic%2C400%2C400italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&v1&subset=latin%2Clatin-ext
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.5 kB (1527 bytes)
Hash
e690e3ebd48b46d752206f678329172b
aab6c8596ff5df088e70e846a837b92a4f668727
ceefbc5307f9d3638815a6ac01143f6b517d21d5f74027bc972d2031e9b4a353

HTTP Headers

GET /css?family=Open+Sans%3A300%2C300italic%2C400%2C400italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&v1&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 10:58:48 GMT
date: Thu, 26 Jan 2023 10:58:48 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.zagsnewseason.com/media/css_secure/79ac3f2976563ae0487d12d5a4dc5a13.css

165.231.2.187

200 OK

16 kB

URL HTTP/1.1
www.zagsnewseason.com/media/css_secure/79ac3f2976563ae0487d12d5a4dc5a13.css
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
ASCII text, with very long lines (29267), with CRLF, LF line terminators
Size
16 kB (16439 bytes)
Hash
3d08f7c93494ff9f5c200e74af19d7ba
541849d7481d33aeab230deee883db59a18f876c
e620029f4ac1ec2e3065db471f2835236b323401f15ceb8f1cbf91448ee44ec5

HTTP Headers

GET /media/css_secure/79ac3f2976563ae0487d12d5a4dc5a13.css HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:16 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent,Accept-Encoding
Last-Modified: Wed, 09 Oct 2019 19:12:10 GMT
ETag: "16588-5947f0fc6d680-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 16439
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.zagsnewseason.com/media/css_secure/37ba0cceaf9b390a91ff2739a29c7f09.css

165.231.2.187

200 OK

82 kB

URL HTTP/1.1
www.zagsnewseason.com/media/css_secure/37ba0cceaf9b390a91ff2739a29c7f09.css
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
ASCII text, with very long lines (17968), with CRLF, LF line terminators
Size
82 kB (82241 bytes)
Hash
4fbeabc7033893ee2c7f6764e3927cb3
013fe948ba490098d9a7f2591cad09893d8c263e
17a80b0aa2816fb9a02e9627afe32a99598f717683e4baa4258ff292d81f1a4f

HTTP Headers

GET /media/css_secure/37ba0cceaf9b390a91ff2739a29c7f09.css HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:16 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent,Accept-Encoding
Last-Modified: Wed, 09 Oct 2019 19:12:10 GMT
ETag: "7beec-5947f0fc6d680-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css

www.zagsnewseason.com/media/js/ee649594623f92a22ae620dec0569da3.js

165.231.2.187

200 OK

176 kB

URL HTTP/1.1
www.zagsnewseason.com/media/js/ee649594623f92a22ae620dec0569da3.js
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
ASCII text
Size
176 kB (176274 bytes)
Hash
480aa7e58ab79dd9ed45fbd48ab18b72
b8afe69e4b93cf3382dca7779a878022f3c91771
10a2bb1cdbde9c39a233295b84b83690075ce621820537d71535616b73929a2c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/js/ee649594623f92a22ae620dec0569da3.js HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:16 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent,Accept-Encoding
Last-Modified: Wed, 09 Oct 2019 19:12:08 GMT
ETag: "a8145-5947f0fa85200-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

www.zagsnewseason.com/skin/frontend/smartwave/porto/images/earn-fancash-logo-v2.svg

165.231.2.187

200 OK

2.8 kB

URL HTTP/1.1
www.zagsnewseason.com/skin/frontend/smartwave/porto/images/earn-fancash-logo-v2.svg
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3598)
Size
2.8 kB (2834 bytes)
Hash
87805c998d5c3561bbd7b330b9866b8a
36863ce7abf4ca5ac6d3703574f14645fbed7aec
d87eb03d3ceed518cbc3330039c52ddb56fee5263f84066044879305dc74de42

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /skin/frontend/smartwave/porto/images/earn-fancash-logo-v2.svg HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:17 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent,Accept-Encoding
Last-Modified: Wed, 09 Oct 2019 18:03:19 GMT
ETag: "1da5-5947e198cc7c0-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 2834
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml

www.zagsnewseason.com/media/css_secure/bfc94ddde0779d91bbfbe804d7bfac52.css

165.231.2.187

200 OK

791 B

URL HTTP/1.1
www.zagsnewseason.com/media/css_secure/bfc94ddde0779d91bbfbe804d7bfac52.css
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
ASCII text
Size
791 B (791 bytes)
Hash
8e0de76c42647787b2529459245b9433
755d51cea879fc42bc44328befe83840d3676010
4f77ca54fd07e3da48acec444757159548d5397fc37982c3794a31d17bbcf07e

HTTP Headers

GET /media/css_secure/bfc94ddde0779d91bbfbe804d7bfac52.css HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:17 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent,Accept-Encoding
Last-Modified: Wed, 09 Oct 2019 19:12:10 GMT
ETag: "696-5947f0fc6d680-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 791
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.zagsnewseason.com/media/wysiwyg/porto/homepage/slider/05/the_run_down.jpg

165.231.2.187

200 OK

4.8 kB

URL HTTP/1.1
www.zagsnewseason.com/media/wysiwyg/porto/homepage/slider/05/the_run_down.jpg
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 213x37, components 3\012- data
Size
4.8 kB (4847 bytes)
Hash
1fa89a68c5b0731d19cfa5a833ccaba1
fe6098809d711dc130c619e6d74add708416c872
74a34b209ba7cea38858d419c473fdd9f47e2ee17a6fb00d39d21cba115dfa63

HTTP Headers

GET /media/wysiwyg/porto/homepage/slider/05/the_run_down.jpg HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:17 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent
Last-Modified: Wed, 09 Oct 2019 18:39:40 GMT
ETag: "12ef-5947e9b8c3300"
Accept-Ranges: bytes
Content-Length: 4847
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

www.zagsnewseason.com/skin/frontend/smartwave/porto/images/easy-365-day-logo-v2.svg

165.231.2.187

200 OK

2.8 kB

URL HTTP/1.1
www.zagsnewseason.com/skin/frontend/smartwave/porto/images/easy-365-day-logo-v2.svg
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5718)
Size
2.8 kB (2782 bytes)
Hash
87a16f41e849d4f2dee036750cd9c890
54a04765f58f04d65e407680234b32e7a05c1b96
c008dcc6ec09de460748492646601cc51184653353a89d5b64c9a3bfe7817ac8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /skin/frontend/smartwave/porto/images/easy-365-day-logo-v2.svg HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:17 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent,Accept-Encoding
Last-Modified: Wed, 09 Oct 2019 18:03:19 GMT
ETag: "214d-5947e198cc7c0-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 2782
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 10:58:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.zagsnewseason.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 10:05:58 GMT
expires: Fri, 26 Jan 2024 10:05:58 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 3172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

142.250.74.163

200 OK

48 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Size
48 kB (47952 bytes)
Hash
17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

HTTP Headers

GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.zagsnewseason.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 09:56:13 GMT
expires: Sat, 20 Jan 2024 09:56:13 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
age: 522157
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
afeb3476c3b5b8e10f11db443b8528af
f419163f1e43fece9e428e088c49c65e145846ed
8f9bbf884ae3cddaf2f3eff5d31abf823004207b33bc925651516c60af1f37a9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 10:58:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.zagsnewseason.com/media/catalog/product/cache/1/thumbnail/300x/17f82f742ffe127f42dca9de82fb58b1/m/e/men-gonzaga-bulldogs-black2017-ncaa-basketball-national-championship-dueling.jpg

165.231.2.187

200 OK

15 kB

URL HTTP/1.1
www.zagsnewseason.com/media/catalog/product/cache/1/thumbnail/300x/17f82f742ffe127f42dca9de82fb58b1/m/e/men-gonzaga-bulldogs-black2017-ncaa-basketball-national-championship-dueling.jpg
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Size
15 kB (14600 bytes)
Hash
b188fed382e66fc82f0351d55022c3fb
e12a1853b7982d2904db13cbdfe9efe7117b5c22
7b16eaad3e173d3e8b45bf80810fcb277a86cc217d8faccc4dd31866c089b6ea

HTTP Headers

GET /media/catalog/product/cache/1/thumbnail/300x/17f82f742ffe127f42dca9de82fb58b1/m/e/men-gonzaga-bulldogs-black2017-ncaa-basketball-national-championship-dueling.jpg HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:17 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent
Last-Modified: Wed, 09 Oct 2019 19:07:06 GMT
ETag: "3908-5947efda82a80"
Accept-Ranges: bytes
Content-Length: 14600
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

www.zagsnewseason.com/media/catalog/product/cache/1/thumbnail/300x/17f82f742ffe127f42dca9de82fb58b1/g/o/gonzaga-bulldogs-13-black-basketball-jersey.jpg

165.231.2.187

200 OK

14 kB

URL HTTP/1.1
www.zagsnewseason.com/media/catalog/product/cache/1/thumbnail/300x/17f82f742ffe127f42dca9de82fb58b1/g/o/gonzaga-bulldogs-13-black-basketball-jersey.jpg
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Size
14 kB (13757 bytes)
Hash
6d92c3d5eff8450bbf205bf3fe2d2413
258160cba08c2c3d18deaa0df3934efc44533d76
badb79ef06ab4a451bcd636399af93f0b82f6a6ed9e4dbc849afef1f8b1e9453

HTTP Headers

GET /media/catalog/product/cache/1/thumbnail/300x/17f82f742ffe127f42dca9de82fb58b1/g/o/gonzaga-bulldogs-13-black-basketball-jersey.jpg HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:17 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent
Last-Modified: Wed, 09 Oct 2019 19:07:06 GMT
ETag: "35bd-5947efda82a80"
Accept-Ranges: bytes
Content-Length: 13757
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

142.250.74.163

200 OK

25 kB

URL HTTP/2
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Size
25 kB (25372 bytes)
Hash
fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

HTTP Headers

GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.zagsnewseason.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 10:05:59 GMT
expires: Fri, 26 Jan 2024 10:05:59 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
content-type: font/woff2
age: 3171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.zagsnewseason.com/media/wysiwyg/porto/homepage/slider/05/Gonzaga%20University%20Jerseys.jpg

165.231.2.187

200 OK

122 kB

URL HTTP/1.1
www.zagsnewseason.com/media/wysiwyg/porto/homepage/slider/05/Gonzaga%20University%20Jerseys.jpg
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1334x400, components 3\012- data
Size
122 kB (121521 bytes)
Hash
70c3a6031fca77686f5e63e1dd3428db
30ec6ed37057c67ce3e4080bb39e329fcf3a6528
4519962516478dcb16daf04db422b3a231ebc345f2e33931fadd02d9486a42b7

HTTP Headers

GET /media/wysiwyg/porto/homepage/slider/05/Gonzaga%20University%20Jerseys.jpg HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:17 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent
Last-Modified: Wed, 09 Oct 2019 18:39:21 GMT
ETag: "1dab1-5947e9a6a4840"
Accept-Ranges: bytes
Content-Length: 121521
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

www.zagsnewseason.com/media/catalog/product/cache/1/thumbnail/300x/17f82f742ffe127f42dca9de82fb58b1/g/o/gonzaga-bulldogs-13-navy-basketball-jersey.jpg

165.231.2.187

200 OK

14 kB

URL HTTP/1.1
www.zagsnewseason.com/media/catalog/product/cache/1/thumbnail/300x/17f82f742ffe127f42dca9de82fb58b1/g/o/gonzaga-bulldogs-13-navy-basketball-jersey.jpg
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Size
14 kB (13749 bytes)
Hash
c567b3e54ea7b8be04aab52a8a1a6980
b47db2bae97a4866042a794aa680fc051c9ae4a4
12cd06394485274ef208dd3ccb5a5ce3446abb07d879f780068851a143fb1dec

HTTP Headers

GET /media/catalog/product/cache/1/thumbnail/300x/17f82f742ffe127f42dca9de82fb58b1/g/o/gonzaga-bulldogs-13-navy-basketball-jersey.jpg HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:17 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent
Last-Modified: Wed, 09 Oct 2019 19:07:06 GMT
ETag: "35b5-5947efda82a80"
Accept-Ranges: bytes
Content-Length: 13749
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

www.zagsnewseason.com/media/catalog/product/cache/1/thumbnail/300x/17f82f742ffe127f42dca9de82fb58b1/m/a/male-gonzaga-bulldogs-black-11-ncaa-basketball-premier-tank-top-jersey.jpg

165.231.2.187

200 OK

19 kB

URL HTTP/1.1
www.zagsnewseason.com/media/catalog/product/cache/1/thumbnail/300x/17f82f742ffe127f42dca9de82fb58b1/m/a/male-gonzaga-bulldogs-black-11-ncaa-basketball-premier-tank-top-jersey.jpg
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Size
19 kB (19046 bytes)
Hash
3d0289fc238766b7f30e31f00304e3fe
d2921f7b08e1bf6f8df46645bb229e3e3566b07f
c1984bf9880d62695ec44dd80a8f6b5aba0dfa8f318cdef4e21723602f3d8e79

HTTP Headers

GET /media/catalog/product/cache/1/thumbnail/300x/17f82f742ffe127f42dca9de82fb58b1/m/a/male-gonzaga-bulldogs-black-11-ncaa-basketball-premier-tank-top-jersey.jpg HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:17 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent
Last-Modified: Wed, 09 Oct 2019 19:07:06 GMT
ETag: "4a66-5947efda82a80"
Accept-Ranges: bytes
Content-Length: 19046
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

www.zagsnewseason.com/media/wysiwyg/porto/homepage/slider/05/brand.png

165.231.2.187

200 OK

48 kB

URL HTTP/1.1
www.zagsnewseason.com/media/wysiwyg/porto/homepage/slider/05/brand.png
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
PNG image data, 1205 x 121, 8-bit/color RGB, non-interlaced\012- data
Size
48 kB (47811 bytes)
Hash
d2e0d8cc10a5d63a19ca56b999604a3e
2f174f7bf5afdb91fc4c28a38e13619be74295f0
a40d33e668d5f8c3e3b1dc6173b0f9f1e6d4c591b1a111f6eb36a7364336546b

HTTP Headers

GET /media/wysiwyg/porto/homepage/slider/05/brand.png HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:17 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent
Last-Modified: Wed, 09 Oct 2019 18:39:38 GMT
ETag: "bac3-5947e9b6dae80"
Accept-Ranges: bytes
Content-Length: 47811
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

www.zagsnewseason.com/skin/frontend/smartwave/porto/images/boxed_bg.png

165.231.2.187

200 OK

14 kB

URL HTTP/1.1
www.zagsnewseason.com/skin/frontend/smartwave/porto/images/boxed_bg.png
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
PNG image data, 150 x 150, 8-bit grayscale, non-interlaced\012- data
Size
14 kB (13475 bytes)
Hash
e3d55104d9a9f186da3df4f730b77f4d
7e5e6e302e5ac36d5d45ed171cda5c3ccb182d13
7037cba1540dc0d8eaec93c3d6f978f6757b72ed63177e6c458f738872fa3224

HTTP Headers

GET /skin/frontend/smartwave/porto/images/boxed_bg.png HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/media/css_secure/37ba0cceaf9b390a91ff2739a29c7f09.css
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:18 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent
Last-Modified: Wed, 09 Oct 2019 18:03:19 GMT
ETag: "34a3-5947e198cc7c0"
Accept-Ranges: bytes
Content-Length: 13475
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

www.zagsnewseason.com/skin/frontend/smartwave/porto/images/select-bg.svg

165.231.2.187

200 OK

268 B

URL HTTP/1.1
www.zagsnewseason.com/skin/frontend/smartwave/porto/images/select-bg.svg
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (405), with no line terminators
Size
268 B (268 bytes)
Hash
88424626d273c6812256cfffa5954ca5
7286de8964ead7eba0fb8352904d185bf8ad6595
a03116f8fddb9d315349916625c2e6a605e0e623f268ca7c17d07c870f6dcd5d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /skin/frontend/smartwave/porto/images/select-bg.svg HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/media/css_secure/37ba0cceaf9b390a91ff2739a29c7f09.css
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:18 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent,Accept-Encoding
Last-Modified: Wed, 09 Oct 2019 18:03:19 GMT
ETag: "195-5947e198cc7c0-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 268
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml

www.zagsnewseason.com/skin/frontend/smartwave/porto/icons/font/porto.woff2?20988115

165.231.2.187

200 OK

30 kB

URL HTTP/1.1
www.zagsnewseason.com/skin/frontend/smartwave/porto/icons/font/porto.woff2?20988115
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
Web Open Font Format (Version 2), TrueType, length 30188, version 1.0\012- data
Size
30 kB (30188 bytes)
Hash
c3b7d6decdf3432a89baf6b92dcc6ef9
e60eafb26026844dcfb20a6dc28743328a1f1c68
7c785aa91349968bb79cd747a6637708ace19e80cd967e150d80ad659cf4c568

HTTP Headers

GET /skin/frontend/smartwave/porto/icons/font/porto.woff2?20988115 HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.zagsnewseason.com/media/css_secure/37ba0cceaf9b390a91ff2739a29c7f09.css
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:18 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent,Accept-Encoding
Last-Modified: Wed, 09 Oct 2019 18:03:19 GMT
ETag: "75ec-5947e198cc7c0"
Accept-Ranges: bytes
Content-Length: 30188
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive

www.zagsnewseason.com/media/wysiwyg/porto/homepage/slider/05/fanatics_fs_desktop_sliver.png

165.231.2.187

200 OK

18 kB

URL HTTP/1.1
www.zagsnewseason.com/media/wysiwyg/porto/homepage/slider/05/fanatics_fs_desktop_sliver.png
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
PNG image data, 1356 x 60, 8-bit/color RGB, non-interlaced\012- data
Size
18 kB (17823 bytes)
Hash
3a746d27a643adaab971f318ddf6d764
d08778011e54ab79ad921f545612960add286953
1562a8c78fee94f0df4650eb16d13af63bc5c6454c3fccc2d5ced64670573084

HTTP Headers

GET /media/wysiwyg/porto/homepage/slider/05/fanatics_fs_desktop_sliver.png HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:18 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent
Last-Modified: Wed, 09 Oct 2019 18:39:40 GMT
ETag: "459f-5947e9b8c3300"
Accept-Ranges: bytes
Content-Length: 17823
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

www.zagsnewseason.com/media/wysiwyg/smartwave/footer/payment-icon.png

165.231.2.187

200 OK

11 kB

URL HTTP/1.1
www.zagsnewseason.com/media/wysiwyg/smartwave/footer/payment-icon.png
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
PNG image data, 267 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (11178 bytes)
Hash
34eafd49ff93b9b2c793d1a6bb62666a
6f95001af2bcfd3aab3459e2b3c0060c8c4cf32d
a25dd977b6bb0f8f2d055f6fe141b1bc1cc6451af0f4f2e1b109071430f7e765

HTTP Headers

GET /media/wysiwyg/smartwave/footer/payment-icon.png HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:18 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent
Last-Modified: Wed, 09 Oct 2019 18:03:18 GMT
ETag: "2baa-5947e197d8580"
Accept-Ranges: bytes
Content-Length: 11178
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

www.zagsnewseason.com/skin/frontend/smartwave/porto/images/logo_new.png

165.231.2.187

200 OK

26 kB

URL HTTP/1.1
www.zagsnewseason.com/skin/frontend/smartwave/porto/images/logo_new.png
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
PNG image data, 400 x 80, 8-bit/color RGB, non-interlaced\012- data
Size
26 kB (26504 bytes)
Hash
f29275b4c5694d4a232f505e1f710236
bb09c50fac79187b57481e2c02cd7a176195e04d
b47b1aae4d47429f126f8075915f9f53f0359ccb18bc360da5251ab8cd749aec

HTTP Headers

GET /skin/frontend/smartwave/porto/images/logo_new.png HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:18 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent
Last-Modified: Sun, 13 Oct 2019 10:10:36 GMT
ETag: "6788-594c7f6593f00"
Accept-Ranges: bytes
Content-Length: 26504
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

www.zagsnewseason.com/skin/frontend/smartwave/porto/megamenu/css/fonts/fontawesome-webfont.woff?v=4.0.3

165.231.2.187

200 OK

44 kB

URL HTTP/1.1
www.zagsnewseason.com/skin/frontend/smartwave/porto/megamenu/css/fonts/fontawesome-webfont.woff?v=4.0.3
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
Web Open Font Format, TrueType, length 44432, version 1.0\012- data
Size
44 kB (44432 bytes)
Hash
3293616ec0c605c7c2db25829a0a509e
04c3bf56d87a0828935bd6b4aee859995f321693
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

HTTP Headers

GET /skin/frontend/smartwave/porto/megamenu/css/fonts/fontawesome-webfont.woff?v=4.0.3 HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.zagsnewseason.com/media/css_secure/37ba0cceaf9b390a91ff2739a29c7f09.css
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:18 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent,Accept-Encoding
Last-Modified: Wed, 09 Oct 2019 18:03:19 GMT
ETag: "ad90-5947e198cc7c0"
Accept-Ranges: bytes
Content-Length: 44432
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/font-woff

www.zagsnewseason.com/media/catalog/product/cache/1/small_image/300x/17f82f742ffe127f42dca9de82fb58b1/g/o/gonzaga-bulldogs-13-black-basketball-jersey.jpg

165.231.2.187

200 OK

14 kB

URL HTTP/1.1
www.zagsnewseason.com/media/catalog/product/cache/1/small_image/300x/17f82f742ffe127f42dca9de82fb58b1/g/o/gonzaga-bulldogs-13-black-basketball-jersey.jpg
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Size
14 kB (13757 bytes)
Hash
6d92c3d5eff8450bbf205bf3fe2d2413
258160cba08c2c3d18deaa0df3934efc44533d76
badb79ef06ab4a451bcd636399af93f0b82f6a6ed9e4dbc849afef1f8b1e9453

HTTP Headers

GET /media/catalog/product/cache/1/small_image/300x/17f82f742ffe127f42dca9de82fb58b1/g/o/gonzaga-bulldogs-13-black-basketball-jersey.jpg HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:18 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent
Last-Modified: Wed, 09 Oct 2019 19:07:06 GMT
ETag: "35bd-5947efda82a80"
Accept-Ranges: bytes
Content-Length: 13757
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

www.zagsnewseason.com/media/catalog/product/cache/1/small_image/300x/17f82f742ffe127f42dca9de82fb58b1/g/o/gonzaga-bulldogs-13-navy-basketball-jersey.jpg

165.231.2.187

200 OK

14 kB

URL HTTP/1.1
www.zagsnewseason.com/media/catalog/product/cache/1/small_image/300x/17f82f742ffe127f42dca9de82fb58b1/g/o/gonzaga-bulldogs-13-navy-basketball-jersey.jpg
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Size
14 kB (13749 bytes)
Hash
c567b3e54ea7b8be04aab52a8a1a6980
b47db2bae97a4866042a794aa680fc051c9ae4a4
12cd06394485274ef208dd3ccb5a5ce3446abb07d879f780068851a143fb1dec

HTTP Headers

GET /media/catalog/product/cache/1/small_image/300x/17f82f742ffe127f42dca9de82fb58b1/g/o/gonzaga-bulldogs-13-navy-basketball-jersey.jpg HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:18 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent
Last-Modified: Wed, 09 Oct 2019 19:07:06 GMT
ETag: "35b5-5947efda82a80"
Accept-Ranges: bytes
Content-Length: 13749
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

www.zagsnewseason.com/media/catalog/product/cache/1/small_image/300x/17f82f742ffe127f42dca9de82fb58b1/m/e/men-gonzaga-bulldogs-black2017-ncaa-basketball-national-championship-dueling.jpg

165.231.2.187

200 OK

15 kB

URL HTTP/1.1
www.zagsnewseason.com/media/catalog/product/cache/1/small_image/300x/17f82f742ffe127f42dca9de82fb58b1/m/e/men-gonzaga-bulldogs-black2017-ncaa-basketball-national-championship-dueling.jpg
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Size
15 kB (14600 bytes)
Hash
b188fed382e66fc82f0351d55022c3fb
e12a1853b7982d2904db13cbdfe9efe7117b5c22
7b16eaad3e173d3e8b45bf80810fcb277a86cc217d8faccc4dd31866c089b6ea

HTTP Headers

GET /media/catalog/product/cache/1/small_image/300x/17f82f742ffe127f42dca9de82fb58b1/m/e/men-gonzaga-bulldogs-black2017-ncaa-basketball-national-championship-dueling.jpg HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:18 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent
Last-Modified: Wed, 09 Oct 2019 19:07:06 GMT
ETag: "3908-5947efda82a80"
Accept-Ranges: bytes
Content-Length: 14600
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

www.zagsnewseason.com/media/catalog/product/cache/1/thumbnail/300x/17f82f742ffe127f42dca9de82fb58b1/m/a/male-gonzaga-bulldogs-navy-11-ncaa-basketball-premier-tank-top-jersey.jpg

165.231.2.187

200 OK

18 kB

URL HTTP/1.1
www.zagsnewseason.com/media/catalog/product/cache/1/thumbnail/300x/17f82f742ffe127f42dca9de82fb58b1/m/a/male-gonzaga-bulldogs-navy-11-ncaa-basketball-premier-tank-top-jersey.jpg
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Size
18 kB (18295 bytes)
Hash
9e2d9df4bce59316e347f9969dc01777
54c24cc0519fb00328758df8d468a512c538b49e
f57f5a49f252f5c6a5f2b5a3c4f55a7f69d2336c5272422f7fdda1d9c4edf5b0

HTTP Headers

GET /media/catalog/product/cache/1/thumbnail/300x/17f82f742ffe127f42dca9de82fb58b1/m/a/male-gonzaga-bulldogs-navy-11-ncaa-basketball-premier-tank-top-jersey.jpg HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:18 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent
Last-Modified: Wed, 09 Oct 2019 19:07:06 GMT
ETag: "4777-5947efda82a80"
Accept-Ranges: bytes
Content-Length: 18295
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

www.zagsnewseason.com/media/catalog/product/cache/1/small_image/300x/17f82f742ffe127f42dca9de82fb58b1/m/a/male-gonzaga-bulldogs-navy-11-ncaa-basketball-premier-tank-top-jersey.jpg

165.231.2.187

200 OK

18 kB

URL HTTP/1.1
www.zagsnewseason.com/media/catalog/product/cache/1/small_image/300x/17f82f742ffe127f42dca9de82fb58b1/m/a/male-gonzaga-bulldogs-navy-11-ncaa-basketball-premier-tank-top-jersey.jpg
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Size
18 kB (18295 bytes)
Hash
9e2d9df4bce59316e347f9969dc01777
54c24cc0519fb00328758df8d468a512c538b49e
f57f5a49f252f5c6a5f2b5a3c4f55a7f69d2336c5272422f7fdda1d9c4edf5b0

HTTP Headers

GET /media/catalog/product/cache/1/small_image/300x/17f82f742ffe127f42dca9de82fb58b1/m/a/male-gonzaga-bulldogs-navy-11-ncaa-basketball-premier-tank-top-jersey.jpg HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:18 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent
Last-Modified: Wed, 09 Oct 2019 19:07:06 GMT
ETag: "4777-5947efda82a80"
Accept-Ranges: bytes
Content-Length: 18295
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

www.zagsnewseason.com/media/catalog/product/cache/1/small_image/300x/17f82f742ffe127f42dca9de82fb58b1/m/a/male-gonzaga-bulldogs-black-11-ncaa-basketball-premier-tank-top-jersey.jpg

165.231.2.187

200 OK

19 kB

URL HTTP/1.1
www.zagsnewseason.com/media/catalog/product/cache/1/small_image/300x/17f82f742ffe127f42dca9de82fb58b1/m/a/male-gonzaga-bulldogs-black-11-ncaa-basketball-premier-tank-top-jersey.jpg
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Size
19 kB (19046 bytes)
Hash
3d0289fc238766b7f30e31f00304e3fe
d2921f7b08e1bf6f8df46645bb229e3e3566b07f
c1984bf9880d62695ec44dd80a8f6b5aba0dfa8f318cdef4e21723602f3d8e79

HTTP Headers

GET /media/catalog/product/cache/1/small_image/300x/17f82f742ffe127f42dca9de82fb58b1/m/a/male-gonzaga-bulldogs-black-11-ncaa-basketball-premier-tank-top-jersey.jpg HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:18 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent
Last-Modified: Wed, 09 Oct 2019 19:07:06 GMT
ETag: "4a66-5947efda82a80"
Accept-Ranges: bytes
Content-Length: 19046
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

www.zagsnewseason.com/skin/frontend/smartwave/porto/favicon.ico

165.231.2.187

200 OK

577 B

URL HTTP/1.1
www.zagsnewseason.com/skin/frontend/smartwave/porto/favicon.ico
IP
165.231.2.187:0
ASN
#57972 Inter Connects Inc

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
577 B (577 bytes)
Hash
dc0861bf42018f66e6f9c8549ae8ed08
e244f5c069721c66c9db58e12189edf369b7c3d6
b4eaa96b60cf5d82deb330874422f2ba121be8af1c04d86580d672cf366c07a3

HTTP Headers

GET /skin/frontend/smartwave/porto/favicon.ico HTTP/1.1
Host: www.zagsnewseason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Cookie: frontend=tdpauvg8qeapr3rtr8iu7r3pu3muh94h; frontend_cid=NgVo7L5DGrDFg1GZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:58:18 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
Vary: User-Agent,Accept-Encoding
Last-Modified: Wed, 09 Oct 2019 18:03:19 GMT
ETag: "47e-5947e198cc7c0-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 577
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/x-icon

fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Poppins:300,400,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 10:58:48 GMT
date: Thu, 26 Jan 2023 10:58:48 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Oswald:300,400,700

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Oswald:300,400,700
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Oswald:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 10:58:48 GMT
date: Thu, 26 Jan 2023 10:58:48 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Shadows+Into+Light

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Shadows+Into+Light
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Shadows+Into+Light HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zagsnewseason.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 10:58:48 GMT
date: Thu, 26 Jan 2023 10:58:48 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML