r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ede732d48f2c32ad5e3b899bb4348df9
15fa12733818b3ae39f3022a715ed0f431b28242
446c9bf6bc38a43f5758f6f44f89ad76eff44eb8779cf7e62bbfeb002b298dee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "446C9BF6BC38A43F5758F6F44F89AD76EFF44EB8779CF7E62BBFEB002B298DEE"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3729
Expires: Sat, 24 Dec 2022 05:32:07 GMT
Date: Sat, 24 Dec 2022 04:29:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d6a971d765338f107fe9d2c67fa4bbdf
a72bdf191446a37fa0420cc9d7c087aaff757cd6
dc5291c136b0b81621a02679a31f6b7c852e2803429d54c2a9afcc8edf031328
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC5291C136B0B81621A02679A31F6B7C852E2803429D54C2A9AFCC8EDF031328"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14912
Expires: Sat, 24 Dec 2022 08:38:30 GMT
Date: Sat, 24 Dec 2022 04:29:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 24 Dec 2022 03:34:49 GMT
content-type: application/json
age: 3309
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7f0ad5c2841a345f98197c2f1e86f4d
84cbfd91934a8715baba4a2da46451f35597c99c
be30540f2e06a3565c9b38bdbb9691f707d692b196bdcef5d671708aa9609795
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE30540F2E06A3565C9B38BDBB9691F707D692B196BDCEF5D671708AA9609795"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14439
Expires: Sat, 24 Dec 2022 08:30:37 GMT
Date: Sat, 24 Dec 2022 04:29:58 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: T+5O9Sh2u4baG2p1SK/ia6Z5WAeRU3CEcLmEkkWXXyD8WRpQejckG3O4bmn+E/28PfSLC8/y8vs=
x-amz-request-id: 93VS2WR45YV7NQK4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 24 Dec 2022 03:56:27 GMT
age: 2011
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 04:29:58 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 24 Dec 2022 03:33:25 GMT
age: 3394
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
baobabsports.com/
192.185.129.121200 OK 35 kB IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (50392), with CRLF, LF line terminators
Hash e23769172efc18cf7a3074d20c8ea221
e87a044ca6ad0750723ab4550b83fca804624cac
6e3cb0bd9711365b358686cbb7a366cddf4cea5c279049e64bbcc97e57d4632f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:29:55 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Link: <https://baobabsports.com/index.php?rest_route=/>; rel="https://api.w.org/", <https://baobabsports.com/index.php?rest_route=/wp/v2/pages/15>; rel="alternate"; type="application/json", <https://baobabsports.com/>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: true
X-Proxy-Cache: EXPIRED
Transfer-Encoding: chunked
baobabsports.com/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.9.4
192.185.129.121200 OK 13 kB URL HTTP/1.1 baobabsports.com/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.9.4
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (44191)
Hash 98435100842b30708842c7f10ee8048c
0b37dfb718e6253b9c67e87a865df4bb09bc1f1a
120a983755e3ad1ffa10f34ee1aeb0d7b4ff2c36fb106f1674a7274cf68d27fa
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.9.4 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:29:59 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Wed, 21 Dec 2022 05:30:41 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12828
Content-Type: text/css
baobabsports.com/wp-content/themes/astra/assets/css/minified/menu-animation.min.css?ver=3.9.4
192.185.129.121200 OK 468 B URL HTTP/1.1 baobabsports.com/wp-content/themes/astra/assets/css/minified/menu-animation.min.css?ver=3.9.4
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3412), with no line terminators
Hash f88a6a529851c8ed1ffe2bd83219e490
597ff167b702900ee4473e31e390808b8de95664
ae20c6ea52a0534fdda58a7ae13839ac66194434406e00a3bb5f4538f9909886
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/css/minified/menu-animation.min.css?ver=3.9.4 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:29:59 GMT
Server: Apache
Last-Modified: Wed, 21 Dec 2022 05:30:41 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 468
Content-Type: text/css
baobabsports.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
192.185.129.121200 OK 5.3 kB URL HTTP/1.1 baobabsports.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:29:59 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 12 Apr 2022 11:26:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5321
Content-Type: application/javascript
baobabsports.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
192.185.129.121200 OK 18 kB URL HTTP/1.1 baobabsports.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (47826)
Hash 9415c9562591af7a582c29139621505f
0b12eecf36a48b871a3198550f4f65bb4a6d9b1b
06c70d3232c2ae3ed2aa259eb7a1beb329b654926813935fffa8902cd5ebaa4a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:29:59 GMT
Server: Apache
Last-Modified: Fri, 11 Nov 2022 20:26:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash dc2725df0fb812e32298bb7faaf0c231
4ce4ac649b05b8eedab5bda51f4baf5f98417689
1a60eb1f9b71718c2061dfeb9de8241bef6fecab5d48adbc8ce3a89d1dddb8f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 04:29:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash dc2725df0fb812e32298bb7faaf0c231
4ce4ac649b05b8eedab5bda51f4baf5f98417689
1a60eb1f9b71718c2061dfeb9de8241bef6fecab5d48adbc8ce3a89d1dddb8f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 04:29:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c615c937e6371bda0824b44af0c21c74
b097d69452bcc60085f563d094388185c26f0e7d
9f1194921b5d57dd52a217a47e69ad4cec7c08378c73c8dfccc3817119fcbb41
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1611
Cache-Control: max-age=104619
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 04:29:59 GMT
Etag: "63a56fa7-1d7"
Expires: Sun, 25 Dec 2022 09:33:38 GMT
Last-Modified: Fri, 23 Dec 2022 09:06:47 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
baobabsports.com/wp-content/plugins/preloader-plus/assets/css/preloader-plus.min.css?ver=2.2.1
192.185.129.121200 OK 573 B URL HTTP/1.1 baobabsports.com/wp-content/plugins/preloader-plus/assets/css/preloader-plus.min.css?ver=2.2.1
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1440), with no line terminators
Hash 445642da9cbbb60a25d385037f6d895c
a03244d52035df95cca85c34d7db5af627a7ed84
f0d4d1c5cb92ecc187e7c9d204a430cdaa3b87cefa75e16899f73ef7b1ca2733
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/preloader-plus/assets/css/preloader-plus.min.css?ver=2.2.1 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:29:59 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Fri, 23 Dec 2022 07:01:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 573
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash dc2725df0fb812e32298bb7faaf0c231
4ce4ac649b05b8eedab5bda51f4baf5f98417689
1a60eb1f9b71718c2061dfeb9de8241bef6fecab5d48adbc8ce3a89d1dddb8f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 04:29:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
baobabsports.com/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13
192.185.129.121200 OK 323 B URL HTTP/1.1 baobabsports.com/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash b24c24b7da3ffeed6ae8ade102a4d317
c4445b3977ce704b927508108e100213eea67a3c
5421ad49b70f379553eaceec744d753e74d4b065966c08aa7c7dd949553ca9a8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:29:59 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Wed, 21 Dec 2022 05:41:41 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 323
Content-Type: text/css
baobabsports.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
192.185.129.121200 OK 4.0 kB URL HTTP/1.1 baobabsports.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19233)
Hash 2701214b028ad24fa347df8335b36d12
156bc8a7ad2657f00881890637f07c6052636499
9a6e62615ceeec7a9763e4f9614e4715d04fd87873b23db2b3ead06c996cad27
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:29:59 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 20 Dec 2022 17:12:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4008
Content-Type: text/css
baobabsports.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.9.1
192.185.129.121200 OK 18 kB URL HTTP/1.1 baobabsports.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.9.1
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65497)
Hash 06c41d8bd3678eac73e153ab0cef9537
899c5a76537d359b981424e0bf11d97f23620638
d425d4c265f00832cb61a38eede46f15ad73c20715051fa169b36c221636fdb7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.9.1 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:29:59 GMT
Server: Apache
Last-Modified: Tue, 20 Dec 2022 17:12:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css
baobabsports.com/wp-content/uploads/elementor/css/post-778.css?ver=1671782170
192.185.129.121200 OK 358 B URL HTTP/1.1 baobabsports.com/wp-content/uploads/elementor/css/post-778.css?ver=1671782170
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1101), with no line terminators
Hash f4d49a0835359d52119124868178d039
9dce15ce565280097f7baf1d0f64877def408100
f8a3816b32cf996eacceee49738dc7dabd7dd79bb658fb06abb7fdf7e5066683
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-778.css?ver=1671782170 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:29:59 GMT
Server: Apache
Last-Modified: Fri, 23 Dec 2022 07:56:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 358
Content-Type: text/css
baobabsports.com/wp-content/uploads/elementor/css/post-15.css?ver=1671784650
192.185.129.121200 OK 3.4 kB URL HTTP/1.1 baobabsports.com/wp-content/uploads/elementor/css/post-15.css?ver=1671784650
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15466), with no line terminators
Hash 9f381bfd5b483fdb1173502b2b41174a
d93b062e58559a8f2d8b3b54231f3c779ba1e2f4
dac80d410f614fcb204b4f44ce53e15e3d8ddf0baac3a6efb8065e871784b6f6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-15.css?ver=1671784650 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:29:59 GMT
Server: Apache
Last-Modified: Fri, 23 Dec 2022 08:37:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3380
Content-Type: text/css
push.services.mozilla.com/
54.149.149.164101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.149.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RH4ZGk+qtvVLBzKOebH+Ew==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OsfVClbLy9kpnhTUqb4ljaTWkMI=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 996d1e75df18f927e75dd110dd97c517
7b8163f828ead7df7fb4e0a41219480652a4bba2
8ae6334248c8cd45b6a556700c89c026bfb4ab40c7cf04a4e4b227347e51a2ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8AE6334248C8CD45B6A556700C89C026BFB4AB40C7CF04A4E4B227347E51A2CA"
Last-Modified: Wed, 21 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12412
Expires: Sat, 24 Dec 2022 07:56:51 GMT
Date: Sat, 24 Dec 2022 04:29:59 GMT
Connection: keep-alive
baobabsports.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.13
192.185.129.121200 OK 12 kB URL HTTP/1.1 baobabsports.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.13
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (1646)
Hash e56098a703c5beb99abc9c3a870be594
76e54634e0628ab91310c760d619360151e26be1
0eb4438e57550f2c2a321d45a5cb1c92fb22d58f6dbcc9c189fc3bd1e4f78b8f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.13 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:29:59 GMT
Server: Apache
Last-Modified: Wed, 21 Dec 2022 05:41:41 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11654
Content-Type: text/css
baobabsports.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
192.185.129.121200 OK 309 B URL HTTP/1.1 baobabsports.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (483)
Hash 0ea43e394ddaae5fdb710dbbc8869e58
3b0c93adc80720236096201db5cc2751e703996d
85225fffa21a94bfd954393d7471069ab227b98fd8b51cb5ab4af5488168a34e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:29:59 GMT
Server: Apache
Last-Modified: Tue, 20 Dec 2022 17:12:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 309
Content-Type: text/css
baobabsports.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
192.185.129.121200 OK 308 B URL HTTP/1.1 baobabsports.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (489)
Hash 0a08469d24387f830bbaaa00b3c228ae
01f5dfeb8f93a32c9a8f66fe5940758109771fcd
3c7c29e5fc1193ff7ce24f72f77b2dc129e1a9434a97ef7b625f6f715531803c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:29:59 GMT
Server: Apache
Last-Modified: Tue, 20 Dec 2022 17:12:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 308
Content-Type: text/css
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 403a3eb06518b6eda121db6f62459440
fd051f2db3dd842e14a7b8e833f046c911472faa
84f3b4a5ec3c4f7e4656a983824cd93af77a9be3efa936fee60f4eb969f92db3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "84F3B4A5EC3C4F7E4656A983824CD93AF77A9BE3EFA936FEE60F4EB969F92DB3"
Last-Modified: Thu, 22 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21593
Expires: Sat, 24 Dec 2022 10:29:52 GMT
Date: Sat, 24 Dec 2022 04:29:59 GMT
Connection: keep-alive
baobabsports.com/wp-content/uploads/elementor/css/post-317.css?ver=1671782170
192.185.129.121200 OK 2.5 kB URL HTTP/1.1 baobabsports.com/wp-content/uploads/elementor/css/post-317.css?ver=1671782170
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (13097), with no line terminators
Hash 5e7e0bf2389ff6c52712e2fda2d50f7f
b0aae7fa2725b9de73a3e336d10ddfc01be32084
42435b6dc51aca97548d0d1850d3effb2074ea8ddea63d2bd309c316ce993578
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-317.css?ver=1671782170 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:29:59 GMT
Server: Apache
Last-Modified: Fri, 23 Dec 2022 07:56:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2535
Content-Type: text/css
baobabsports.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
192.185.129.121200 OK 13 kB URL HTTP/1.1 baobabsports.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (57726)
Hash dc63c0a8e2d5857cc7a00a4b5456dabb
ee29df5eb2a4bf3eb805b160551c1afd84b42599
035ef40b1dd3df1eefb2dd3c8c2096425727fb939b06f3aa0bc6ef91dafd5441
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:29:59 GMT
Server: Apache
Last-Modified: Tue, 20 Dec 2022 17:12:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12577
Content-Type: text/css
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 996d1e75df18f927e75dd110dd97c517
7b8163f828ead7df7fb4e0a41219480652a4bba2
8ae6334248c8cd45b6a556700c89c026bfb4ab40c7cf04a4e4b227347e51a2ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8AE6334248C8CD45B6A556700C89C026BFB4AB40C7CF04A4E4B227347E51A2CA"
Last-Modified: Wed, 21 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21536
Expires: Sat, 24 Dec 2022 10:28:55 GMT
Date: Sat, 24 Dec 2022 04:29:59 GMT
Connection: keep-alive
baobabsports.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
192.185.129.121200 OK 39 kB URL HTTP/1.1 baobabsports.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65447)
Hash 32f58a61f7c5a7e10f8b2dcf8e9a8e34
865c25589283ab1debd45bdfa6c4d8c6ecf15ad3
481cb2216fbdb0797af8c61b69c0bda2c10d025f7b11f2cdfac382d35dc45d63
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:29:59 GMT
Server: Apache
Last-Modified: Mon, 19 Sep 2022 19:46:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript
baobabsports.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
192.185.129.121200 OK 4.6 kB URL HTTP/1.1 baobabsports.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:29:59 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 14:36:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4618
Content-Type: application/javascript
baobabsports.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.9.1
192.185.129.121200 OK 3.0 kB URL HTTP/1.1 baobabsports.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.9.1
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10019)
Hash c2b5af6052f630a96e450e5e2a3cea52
00ca76a8828a1bbec1534eb10786804fd36492f2
58f6cc2d4fa3e528622102975fb62949dc0170bd47b588a67318d18552a57d59
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.9.1 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:29:59 GMT
Server: Apache
Last-Modified: Tue, 20 Dec 2022 17:12:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2997
Content-Type: text/css
baobabsports.com/wp-content/plugins/preloader-plus//assets/js/preloader-plus.min.js?ver=2.2.1
192.185.129.121200 OK 561 B URL HTTP/1.1 baobabsports.com/wp-content/plugins/preloader-plus//assets/js/preloader-plus.min.js?ver=2.2.1
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1130)
Hash 90d6e2311b1d130feb2113378e86600f
b728fa2f02f3bcb4348b1c41074c816911462b8c
ff5f4d7b4b7c6f83ce90e33f4a3cb00733f687bc6f4e1c7b4b5bc66906eddc0a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/preloader-plus//assets/js/preloader-plus.min.js?ver=2.2.1 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:29:59 GMT
Server: Apache
Last-Modified: Fri, 23 Dec 2022 07:01:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 561
Content-Type: application/javascript
baobabsports.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.4
192.185.129.121200 OK 5.6 kB URL HTTP/1.1 baobabsports.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.4
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (16935), with no line terminators
Hash a78183fdd6c2052aae66fdfa441cd9e3
a0f5511451ded6205fad27309cab6813a281ce47
9efd1dd9d939bf979383f67bc0ab30cc64150f1d08050cd240fc1bb8fcc0b9e3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.4 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:29:59 GMT
Server: Apache
Last-Modified: Wed, 21 Dec 2022 05:30:41 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5649
Content-Type: application/javascript
baobabsports.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.9.1
192.185.129.121200 OK 2.3 kB URL HTTP/1.1 baobabsports.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.9.1
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4918)
Hash 0349166bce12c166ba452b877e6293db
78441d9b65a0462a334db97089304fef4cd15034
e6ae763f6276cb345881aca20177c69d4f37147b02ce5f9a89e2c694c5ccc926
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.9.1 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:29:59 GMT
Server: Apache
Last-Modified: Tue, 20 Dec 2022 17:12:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2313
Content-Type: application/javascript
baobabsports.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.9.1
192.185.129.121200 OK 13 kB URL HTTP/1.1 baobabsports.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.9.1
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (31482)
Hash 968f39d977b08b6353c69d8265620bcd
a89930da20bac547f36c35eea7925a3bf988d803
180b9a1c272d7733a6af24a38f1f41755aabcee21d36db18c02145af1bc30804
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.9.1 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:29:59 GMT
Server: Apache
Last-Modified: Tue, 20 Dec 2022 17:12:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12649
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b9643a377daeefa9e867de25d84d90a4
7ab8aade6752606edfa9a6e68248fdbdca76dae8
0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 04:30:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b9643a377daeefa9e867de25d84d90a4
7ab8aade6752606edfa9a6e68248fdbdca76dae8
0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 04:30:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/candal/v15/XoHn2YH6T7-t_8c9BhQI.woff2
216.58.207.227200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/candal/v15/XoHn2YH6T7-t_8c9BhQI.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11796, version 1.0\012- data
Hash 16db5010d54843a8e3a79badbbae3e77
8748c792a157fa467ccdbd8ba56fee1f5c3ff820
b15111cc66f3435add60217e85003e1e15573f03522918e21d1d888fd8b9d83b
GET /s/candal/v15/XoHn2YH6T7-t_8c9BhQI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://baobabsports.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 13:34:32 GMT
expires: Sat, 23 Dec 2023 13:34:32 GMT
cache-control: public, max-age=31536000
age: 53728
last-modified: Thu, 21 Apr 2022 16:57:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b9643a377daeefa9e867de25d84d90a4
7ab8aade6752606edfa9a6e68248fdbdca76dae8
0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 04:30:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b9643a377daeefa9e867de25d84d90a4
7ab8aade6752606edfa9a6e68248fdbdca76dae8
0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 04:30:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.227200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://baobabsports.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 13:33:12 GMT
expires: Sat, 23 Dec 2023 13:33:12 GMT
cache-control: public, max-age=31536000
age: 53808
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
baobabsports.com/wp-content/uploads/2020/12/onlinelogomaker-011820-1403-4295-1-300x138.png
192.185.129.121200 OK 12 kB URL HTTP/2 baobabsports.com/wp-content/uploads/2020/12/onlinelogomaker-011820-1403-4295-1-300x138.png
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 300 x 138, 8-bit/color RGBA, non-interlaced\012- data
Hash 516f308b401a57793317496e325f8519
89797fe9d6c6bdfb5e19150de2c6bb7efa350cec
4c9e84a0cc891bc49e3b50466d9dbe7b3c72e740ec343c5bb83f802dd2528834
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/12/onlinelogomaker-011820-1403-4295-1-300x138.png HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://baobabsports.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Dec 2022 07:13:20 GMT
accept-ranges: bytes
content-length: 12486
content-type: image/png
date: Sat, 24 Dec 2022 04:29:59 GMT
server: Apache
X-Firefox-Spdy: h2
baobabsports.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
192.185.129.121200 OK 3.7 kB URL HTTP/1.1 baobabsports.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12198), with no line terminators
Hash e2a8decccf4d0a6b925af707a36077a9
26a0febc9c3d91e75410f74b9ec62099ba1cbe90
09e0e638a6f53c0fdcfeeb8ae91f3a404bef47b471324e335e29be14a2aa87f7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:30:00 GMT
Server: Apache
Last-Modified: Tue, 20 Dec 2022 17:12:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3747
Content-Type: application/javascript
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://baobabsports.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 13:33:12 GMT
expires: Sat, 23 Dec 2023 13:33:12 GMT
cache-control: public, max-age=31536000
age: 53808
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/heebo/v21/NGSpv5_NC0k9P_v6ZUCbLRAHxK1EuyysdUmm.woff2
216.58.207.227200 OK 10 kB URL HTTP/2 fonts.gstatic.com/s/heebo/v21/NGSpv5_NC0k9P_v6ZUCbLRAHxK1EuyysdUmm.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 10364, version 1.0\012- data
Hash c0ac2d60f54a7cb65d5606bdb7330f6d
97e222d8c78bad7676f075b42a866c067a331e3c
9ffb7d5a1b114ac98ab222d743f0629a17464e74258163fbe074df800c747bc3
GET /s/heebo/v21/NGSpv5_NC0k9P_v6ZUCbLRAHxK1EuyysdUmm.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://baobabsports.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10364
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Dec 2022 03:23:48 GMT
expires: Mon, 18 Dec 2023 03:23:48 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 20:30:30 GMT
content-type: font/woff2
age: 522372
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
baobabsports.com/wp-content/uploads/2022/12/green-nature-illustration-logo-template-social-media-1.png
192.185.129.121200 OK 13 kB URL HTTP/2 baobabsports.com/wp-content/uploads/2022/12/green-nature-illustration-logo-template-social-media-1.png
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Hash 2fe575ceddd36e14457e0bc289c2a7de
801ea07e899e1e938fe4a3f8d5d55c1d5b1a3222
50717aa84c2c888fd213e64347aa04c5aa224dab05e48845c4303053870360a4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/12/green-nature-illustration-logo-template-social-media-1.png HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://baobabsports.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Dec 2022 07:12:23 GMT
accept-ranges: bytes
content-length: 12588
content-type: image/png
date: Sat, 24 Dec 2022 04:29:59 GMT
server: Apache
X-Firefox-Spdy: h2
baobabsports.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
192.185.129.121200 OK 1.4 kB URL HTTP/2 baobabsports.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9804)
Hash f336f99ba218dca7699a645928b5a7e5
66acb696687075a1cdb721a6649274648ae6b31f
b158bc556cfc1b01d5704eab90c0fce441465806df07ec76621a7d32b12fa3d0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://baobabsports.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 20 Dec 2022 17:12:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1441
content-type: text/css
date: Sat, 24 Dec 2022 04:29:59 GMT
server: Apache
X-Firefox-Spdy: h2
baobabsports.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
192.185.129.121200 OK 8.3 kB URL HTTP/1.1 baobabsports.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 838560e989767f2ef5951b9eeee20352
6bf8419cb4d68d9beced9e4b79b22b347ae16a46
72e6d275c5229613a59aef94523fc6a96330553976aee003d8544d5806fa0c3d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:30:00 GMT
Server: Apache
Last-Modified: Sat, 24 Sep 2022 01:25:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8344
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b9643a377daeefa9e867de25d84d90a4
7ab8aade6752606edfa9a6e68248fdbdca76dae8
0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 04:30:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
baobabsports.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.9.1
192.185.129.121200 OK 16 kB URL HTTP/1.1 baobabsports.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.9.1
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (40657)
Hash 6e66ba744c8512cfc7736a05460b01b7
5ce8e02e7bff6abd9b94d9d2a803b264f2a1958b
e8bf5a61dfaf2d7e0430c887849a7641cc8d1e4d98629e606e37ad3aff7ffbba
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.9.1 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:30:00 GMT
Server: Apache
Last-Modified: Tue, 20 Dec 2022 17:12:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16214
Content-Type: application/javascript
baobabsports.com/wp-includes/js/underscore.min.js?ver=1.13.4
192.185.129.121200 OK 8.3 kB URL HTTP/1.1 baobabsports.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18798)
Hash ac9c7baaab74ef2576932d5798161987
fa202113e12b09696788a7024984879bddd29143
c03d52f8f157e9209646e3e696e9845d7d2b3cf3e73c8204f371b7393e738026
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:30:00 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 20:48:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8305
Content-Type: application/javascript
baobabsports.com/wp-includes/js/wp-util.min.js?ver=6.1.1
192.185.129.121200 OK 758 B URL HTTP/1.1 baobabsports.com/wp-includes/js/wp-util.min.js?ver=6.1.1
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1391)
Hash 60bc75e3b14030c62d9fd3a3d317d8a8
6d919bbd05a3984a8e5e67b693e6d5d41cc885f9
e22df84be1a3ffe3b54352a4a39e14adb3fac69f2ce755e4c7babbc243c5bb4b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-util.min.js?ver=6.1.1 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:30:00 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 09:22:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 758
Content-Type: application/javascript
baobabsports.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8
192.185.129.121200 OK 374 B URL HTTP/1.1 baobabsports.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (754), with no line terminators
Hash ef785f463505633971eae5c08ad626d4
624e22257f386801822229db3a4bbd2e24b25e2f
b2a0dc77f0f79d81698a7e3893e16ecba7b0d980b80a5233656d9b11f1d8160d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:30:00 GMT
Server: Apache
Last-Modified: Sun, 11 Dec 2022 09:51:31 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 374
Content-Type: application/javascript
baobabsports.com/wp-content/uploads/2020/12/covid19-blue-circle-bg.svg
192.185.129.121200 OK 401 B URL HTTP/2 baobabsports.com/wp-content/uploads/2020/12/covid19-blue-circle-bg.svg
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (401), with no line terminators
Hash f7e4dc991b2d76a77a92d327f44dd7c1
2a6dbb3c47d80371f1f6a84a536150b032ad63a2
43db6a9e0cc1cf91f559957bc9d5c240580c50feca9f78ad2c981040e3df1d95
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/12/covid19-blue-circle-bg.svg HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://baobabsports.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 06:06:32 GMT
accept-ranges: bytes
content-length: 401
content-type: image/svg+xml
date: Sat, 24 Dec 2022 04:30:00 GMT
server: Apache
X-Firefox-Spdy: h2
baobabsports.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
192.185.129.121200 OK 78 kB URL HTTP/1.1 baobabsports.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://baobabsports.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:30:00 GMT
Server: Apache
Last-Modified: Tue, 20 Dec 2022 17:12:56 GMT
Accept-Ranges: bytes
Content-Length: 78196
Content-Type: font/woff2
baobabsports.com/wp-content/uploads/2020/12/covid19-cta-green-circle-bg.svg
192.185.129.121200 OK 346 B URL HTTP/2 baobabsports.com/wp-content/uploads/2020/12/covid19-cta-green-circle-bg.svg
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (346), with no line terminators
Hash f2a6c544dec771808237aa30f551dd9a
5a5adccf1c8281347a7d38152fa0946a04da08ad
6ae7aae6a500313b8818f714d4923f103814d78e8dd2907ba22a16ece6ba2e21
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/12/covid19-cta-green-circle-bg.svg HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://baobabsports.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 06:06:32 GMT
accept-ranges: bytes
content-length: 346
content-type: image/svg+xml
date: Sat, 24 Dec 2022 04:30:00 GMT
server: Apache
X-Firefox-Spdy: h2
baobabsports.com/wp-content/uploads/2020/12/onlinelogomaker-011820-1403-4295-1-120x55.png
192.185.129.121200 OK 3.9 kB URL HTTP/2 baobabsports.com/wp-content/uploads/2020/12/onlinelogomaker-011820-1403-4295-1-120x55.png
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 120 x 55, 8-bit/color RGBA, non-interlaced\012- data
Hash 87012b357c548f8106d4aca7f2f1c93b
e69ba319e9d919c01019c4167e36680b07621979
8ed687429a6b31ecd0b63922a3ea3e71a53be8d31a8625fd2f7e37354f5b93d3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/12/onlinelogomaker-011820-1403-4295-1-120x55.png HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://baobabsports.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Dec 2022 07:13:20 GMT
accept-ranges: bytes
content-length: 3946
content-type: image/png
date: Sat, 24 Dec 2022 04:30:00 GMT
server: Apache
X-Firefox-Spdy: h2
baobabsports.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
192.185.129.121200 OK 77 kB URL HTTP/1.1 baobabsports.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://baobabsports.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:30:00 GMT
Server: Apache
Last-Modified: Tue, 20 Dec 2022 17:12:56 GMT
Accept-Ranges: bytes
Content-Length: 76764
Content-Type: font/woff2
baobabsports.com/wp-content/uploads/2022/12/kid_football_330.webp
192.185.129.121200 OK 23 kB URL HTTP/2 baobabsports.com/wp-content/uploads/2022/12/kid_football_330.webp
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 456x684, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6197ed9ac4acc176246d71811c14ae2f
1e9f2d0cb98b437d1a8bf39e8b66ed3fa8ed5186
34753e8e0134eae65a5306f117e0074f55a21daaafcbce258cc77f1d7b232f86
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/12/kid_football_330.webp HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://baobabsports.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 04:30:00 GMT
server: Apache
content-type: image/webp
content-length: 23406
last-modified: Thu, 22 Dec 2022 07:49:27 GMT
x-server-cache: true
x-proxy-cache: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
baobabsports.com/wp-content/plugins/elementor/assets/js/video.d86bfd0676264945e968.bundle.min.js
192.185.129.121200 OK 1.5 kB URL HTTP/1.1 baobabsports.com/wp-content/plugins/elementor/assets/js/video.d86bfd0676264945e968.bundle.min.js
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3459)
Hash a774a97fb55ce0e366883d6320dda09b
5ce90ed1674099761c157fa033820ddeeb426a43
fd9d249ccc059fa08009e05cb8db51b9f1bc621545c9fcb30b6b6f6cfe21b2b0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/video.d86bfd0676264945e968.bundle.min.js HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:30:00 GMT
Server: Apache
Last-Modified: Tue, 20 Dec 2022 17:12:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1506
Content-Type: application/javascript
baobabsports.com/wp-content/uploads/2020/12/kids-png-8.png
192.185.129.121200 OK 84 kB URL HTTP/2 baobabsports.com/wp-content/uploads/2020/12/kids-png-8.png
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 320 x 320, 8-bit/color RGBA, non-interlaced\012- data
Hash c2c7e623d55aee7d2c0137c62af3dd1d
1891c2e61e56c10351881fa3101f8352781a6238
4d212573fbf924ba3eca18c1fb00b6521795044e86ac568c92529e187e9578fc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/12/kids-png-8.png HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://baobabsports.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 06:17:42 GMT
accept-ranges: bytes
content-length: 84228
content-type: image/png
date: Sat, 24 Dec 2022 04:30:00 GMT
server: Apache
X-Firefox-Spdy: h2
baobabsports.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
192.185.129.121200 OK 671 B URL HTTP/1.1 baobabsports.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1320)
Hash 1df6dd14f4b536b105d44b4695df8f27
9aba700c7f16aa91b1e230801af4d880f465d716
32600e03ec238dc3067e1df57a900b378b6db21e0b5ff0728669e909f7f605cb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 04:30:00 GMT
Server: Apache
Last-Modified: Tue, 20 Dec 2022 17:12:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 671
Content-Type: application/javascript
baobabsports.com/wp-content/uploads/2020/12/light-up-jump-rope-b98f0d90-6f8d-4211-85c4-21d1b8f9de21.webp
192.185.129.121200 OK 57 kB URL HTTP/2 baobabsports.com/wp-content/uploads/2020/12/light-up-jump-rope-b98f0d90-6f8d-4211-85c4-21d1b8f9de21.webp
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type RIFF (little-endian) data, Web/P image\012- data
Hash a3043184e26beee3d7d60e4a3fd38e61
dc6ddd7f3c0df354b516e85f93d42740e27ff154
7bd1d7cbcf79eb849e8fe8bd1c4ae01c8207d466988a929fb2f2bc2c8adec1c6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/12/light-up-jump-rope-b98f0d90-6f8d-4211-85c4-21d1b8f9de21.webp HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://baobabsports.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 04:30:00 GMT
server: Apache
content-type: image/webp
content-length: 57190
last-modified: Thu, 22 Dec 2022 06:17:45 GMT
x-server-cache: true
x-proxy-cache: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
baobabsports.com/wp-content/uploads/2022/12/2-8.png
192.185.129.121200 OK 235 kB URL HTTP/2 baobabsports.com/wp-content/uploads/2022/12/2-8.png
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1366 x 768, 8-bit/color RGBA, non-interlaced\012- data
Size 235 kB (235273 bytes)
Hash a59bda18efc0720b43e01f79495518af
00114d4ec4eea441609269d19484b747c11e24fc
c81223518f25f961c5323af5c84d5ceb252e2ba343b9e166039bc6b4eb282b0c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/12/2-8.png HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://baobabsports.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 08:44:00 GMT
accept-ranges: bytes
content-length: 235273
content-type: image/png
date: Sat, 24 Dec 2022 04:30:00 GMT
server: Apache
X-Firefox-Spdy: h2
baobabsports.com/wp-content/uploads/2020/12/ConnectedAthlete.png
192.185.129.121200 OK 266 kB URL HTTP/2 baobabsports.com/wp-content/uploads/2020/12/ConnectedAthlete.png
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 668 x 865, 8-bit/color RGBA, non-interlaced\012- data
Size 266 kB (265837 bytes)
Hash b52b98b18ddb0e2dc1199f23c048d9ff
bde66094c250030b353c81ad95f33dce2da8e398
53d173b9f8863e36a9c80cb7508b94fb59bd1db7e9f7d1f31ccf27c60388d020
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/12/ConnectedAthlete.png HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://baobabsports.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 06:17:41 GMT
accept-ranges: bytes
content-length: 265837
content-type: image/png
date: Sat, 24 Dec 2022 04:30:00 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8973
Expires: Sat, 24 Dec 2022 06:59:33 GMT
Date: Sat, 24 Dec 2022 04:30:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8973
Expires: Sat, 24 Dec 2022 06:59:33 GMT
Date: Sat, 24 Dec 2022 04:30:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8973
Expires: Sat, 24 Dec 2022 06:59:33 GMT
Date: Sat, 24 Dec 2022 04:30:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b796350-ff1b-4da6-91c7-f598bab0dde2.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b796350-ff1b-4da6-91c7-f598bab0dde2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 42578645a06eaf381fd25ddc41b91820
8656fddf2a13fff129a073fc85c8197c78ffaaed
f1afcf62cbe9ce3a786f2f38a851781450fe52ce8f367d30fc31c31977624379
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b796350-ff1b-4da6-91c7-f598bab0dde2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9343
x-amzn-requestid: 2720f2c1-7d46-4a81-b570-f63490384967
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnqZGyDIAMF4Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61fdb-79c3107c2c0465885bd76558;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EYD2n7YFOmgZ8y-ozxFxAB1hSIfelVWgbs5lV-CzKf6CoLowACVkQQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:49:02 GMT
age: 24059
etag: "8656fddf2a13fff129a073fc85c8197c78ffaaed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b1b8038-223d-41a9-93ec-79f253678af2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b1b8038-223d-41a9-93ec-79f253678af2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3fe7fe9b99c0613c472f943ad435064a
6694802c6a1cb2da2ea89270067f84d35823c858
e40ceb2dcc7c78455f72c609ef8a640866bcca4d876b4dedd33bde7cf7e475b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b1b8038-223d-41a9-93ec-79f253678af2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10817
x-amzn-requestid: 2050494f-8272-4123-bfe8-a0aff3160322
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnPzHLBIAMFfbQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61f31-0471013f4dd5f4690a1499e2;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZdGsSiirj7XXsrHwaIYf-gs1QpRODhNtn6Q-TiZJiMpWUJxks0lPGA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:42:36 GMT
etag: "6694802c6a1cb2da2ea89270067f84d35823c858"
content-type: image/jpeg
age: 24445
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafc522eb-7237-4387-a813-3d8a7c2ad6cc.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafc522eb-7237-4387-a813-3d8a7c2ad6cc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c5b0f55bf63a36fce0a246df2039a407
2970cf26ace931d06195838af978ae13b8ccd843
cf84f2b532bc16c028fc93c3d910e2431f989a3d8fe1ffcbc3c08122ec18fe65
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafc522eb-7237-4387-a813-3d8a7c2ad6cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6157
x-amzn-requestid: 10e24df4-2ac1-46cc-86ac-6fbbb25a2ece
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnbBHexIAMFX4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61f79-13279779115da25e040775f7;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:36:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EjWEfDcW1Yz5KuQ973XtJgNDMG6V7PkIiyfHeJ_JKuThH4HXgvg9Zg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:53:13 GMT
age: 23808
etag: "2970cf26ace931d06195838af978ae13b8ccd843"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ebee3d-1399-4100-87ce-23d8990b97d2.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ebee3d-1399-4100-87ce-23d8990b97d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 33d7fa2f0af62e65eb23c36297749038
d28362f2babfde4ca02f309b80be75bfc520de9a
070da72e06d4492a954b130ff6bef5ca5fd625f0fcfee81e801ef26a03d07e2f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ebee3d-1399-4100-87ce-23d8990b97d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7478
x-amzn-requestid: b9f7f6d8-fada-45fd-80a7-3ac122dae6fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnoYlEbVIAMF_lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a62103-15601045320b166c295d24d2;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:43:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1lxJbDYXaWwexDy9roJuh8FUu85Vi7qHtkZYBze8SbE2dWCCxH7duw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:49:01 GMT
age: 24060
etag: "d28362f2babfde4ca02f309b80be75bfc520de9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbf0437-e3f8-4c0c-ac43-11a9d84659cb.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbf0437-e3f8-4c0c-ac43-11a9d84659cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b92387330acabeb3e5475a52f789314e
c27aa6c638e130063905e556d5d2213dcadb690f
b67e7688d3ed7d4a7aaa9bae8c083f296ed9f52986e8bddbcc93ac13ae02a6af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbf0437-e3f8-4c0c-ac43-11a9d84659cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4576
x-amzn-requestid: 81468234-ef31-40ad-b003-2d22e8fd2ef8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnpAGi8oAMFXBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61fd3-0ddf619f2677a5a134334202;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:38:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IxJvwJFHYzKzXY7mfM3nIRaRoDVu3auCR-dYq-zI_v77uau1cRT1LA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:49:04 GMT
age: 24057
etag: "c27aa6c638e130063905e556d5d2213dcadb690f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ef950d0-91b0-49dc-861b-561575fba09f.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ef950d0-91b0-49dc-861b-561575fba09f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f041b688028eb1c8dcbee925ec0255fd
f60c30fd1ea1105f9a6fb23d6fd00f30f6deb757
724e5404f4b8ba9abf581972c1474fd1d497e9b16c3e5b42336a7ad48863fae6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ef950d0-91b0-49dc-861b-561575fba09f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5505
x-amzn-requestid: 971471d1-6863-4f42-ad7f-6afa0cc651e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dkUqqFrRIAMFiPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4ce44-664cbcc82f3949a821ddde85;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 21:38:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3vjU-CX4xa8UNlVS4gjm9tgl5G6q8GCrqyxF0Hsk2E0ys6RyTaDkwA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Dec 2022 03:39:49 GMT
age: 3012
etag: "f60c30fd1ea1105f9a6fb23d6fd00f30f6deb757"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
baobabsports.com/wp-content/uploads/2022/12/1-9.png
192.185.129.121200 OK 361 kB URL HTTP/2 baobabsports.com/wp-content/uploads/2022/12/1-9.png
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1366 x 768, 8-bit/color RGBA, non-interlaced\012- data
Size 361 kB (360586 bytes)
Hash d1c3a3f4438d9c50948f93efae68398b
5af331849e80ed782a8c7d19e15c15fa8ef60178
aad5dc99afd9953df7a0d19b25c87450831c9e8b67491ac190c2cd3614440cc7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/12/1-9.png HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://baobabsports.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 08:43:56 GMT
accept-ranges: bytes
content-length: 360586
content-type: image/png
date: Sat, 24 Dec 2022 04:30:00 GMT
server: Apache
X-Firefox-Spdy: h2
baobabsports.com/wp-content/uploads/2022/12/screencapture-mobak-info-en-mobak-3-4-self-movement-rolling-2022-04-03-14_26_42.png
192.185.129.121200 OK 1.4 MB URL HTTP/2 baobabsports.com/wp-content/uploads/2022/12/screencapture-mobak-info-en-mobak-3-4-self-movement-rolling-2022-04-03-14_26_42.png
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1400 x 1094, 8-bit/color RGBA, non-interlaced\012- data
Size 1.4 MB (1408273 bytes)
Hash 0eeb1c5283a84ff923b28314edcf534d
bda0d3c01cee1adcfb1cd07691e62b72b420c0fd
0c20ad6ed06f1894f360af4c6f96f5f515596ec1c427c7f062b51644bbdb5879
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/12/screencapture-mobak-info-en-mobak-3-4-self-movement-rolling-2022-04-03-14_26_42.png HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://baobabsports.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 07:29:29 GMT
accept-ranges: bytes
content-length: 1408273
content-type: image/png
date: Sat, 24 Dec 2022 04:30:00 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f37c9faffd8b6d93a4994c02ff1d3d21
b41b823e9b33d7fff8c1670cf510edda28f7082b
7494a95cab50f2a0409796d95e999fc5add96030fba70be912c1c80124169bc6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 04:30:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/21149d65/www-widgetapi.vflset/www-widgetapi.js
216.58.207.238200 OK 63 kB URL HTTP/2 www.youtube.com/s/player/21149d65/www-widgetapi.vflset/www-widgetapi.js
IP 216.58.207.238:0
File type ASCII text, with very long lines (817)
Hash c3c766aa8634999320dc4688a2e84808
5095291ebac2179419034c1362829f660dd49beb
d25784f8ff176076d8aeee95551e42c115275f24fb625ee28d810bcbbbd33254
GET /s/player/21149d65/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://baobabsports.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 63032
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 14:47:52 GMT
expires: Sat, 23 Dec 2023 14:47:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Dec 2022 01:17:46 GMT
content-type: text/javascript
age: 49329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f37c9faffd8b6d93a4994c02ff1d3d21
b41b823e9b33d7fff8c1670cf510edda28f7082b
7494a95cab50f2a0409796d95e999fc5add96030fba70be912c1c80124169bc6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 04:30:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
baobabsports.com/favicon.ico
192.185.129.121500 Internal Server Error 685 B URL HTTP/1.1 baobabsports.com/favicon.ico
IP 192.185.129.121:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e4d04ec906e32dda63bcf9cffbe355b8
e28660427bb6de97f0cf6b844c8a9de8f52f3454
29c9f1f3daff1d06fde37da39e5b749ac29cb5d1f2c14e7f96ac5eae4912e85e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: baobabsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baobabsports.com/
HTTP/1.1 500 Internal Server Error
Date: Sat, 24 Dec 2022 04:29:57 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=iso-8859-1
Content-Length: 685
Connection: close
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Dec 2022 21:48:03 GMT
expires: Fri, 22 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 110518
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Dec 2022 16:40:43 GMT
expires: Fri, 22 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 128958
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e2b94572412cbd6dec9120f26fbd8edd
4ded5a76d85e2c35e8d3b1c5c196fa58159ba2a5
1371df100af0981a2cc1a7d9796c06dd16b71bd3e94f3439d7f789281853bb82
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 04:30:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
142.250.74.66302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sat, 24 Dec 2022 04:30:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.202200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 24 Dec 2022 04:30:02 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.202200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.202:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash b1fa5fc6069943d8bc5ae30ac7cff2b5
68cca75d0d86f26ac9940b323137b9bbb2b02360
b6bf751eca4dd3188ecabcfcb12bd068ebdb1910e2055889496c0839ca0a5505
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 24 Dec 2022 04:30:02 GMT
server: ESF
cache-control: private
content-length: 31142
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e3f349d1d8399a24315e98fc54179857
cdab7a12ec47358b257ba217173e088323aadc1f
f6262476101b554129fcbf637f6ae7658311cf11e63dc942639ea04fc86b8ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 04:30:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ca9512237f87f9b258f470a0569c483e
81d7f7b1e8ab5657d33944a55a07ac22af57f473
faf3fce2abb109bb79e5e808a7de6ae04ba070a115b6ac6c8dbb393d3bd0069b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 04:30:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e2b94572412cbd6dec9120f26fbd8edd
4ded5a76d85e2c35e8d3b1c5c196fa58159ba2a5
1371df100af0981a2cc1a7d9796c06dd16b71bd3e94f3439d7f789281853bb82
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 04:30:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/iframe_api
216.58.207.238200 OK 517 B URL HTTP/2 www.youtube.com/iframe_api
IP 216.58.207.238:0
File type ASCII text, with very long lines (509)
Hash eb710cfe56b9a82dfc3ffd91b1810e02
e08a06481103597af3529d2c51e84821d0a03173
b7f45ed2769d075de5e32a23ddb9d47e87f01b55199b247e2d236be00dba1433
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://baobabsports.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Sat, 24 Dec 2022 04:30:01 GMT
date: Sat, 24 Dec 2022 04:30:01 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=It6gbIR0u1w; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=MWRV1GjCLbQ; Domain=.youtube.com; Expires=Thu, 22-Jun-2023 04:30:01 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+911; expires=Mon, 23-Dec-2024 04:30:01 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/_mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/_mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36106)
Hash 7fc7e22ecccb0cfd0ae897bb40a58efe
5d46470a711120793c362235105836fe49e699a4
1907005cab41fbd6d1d67df3b25586f3232e053a261c9e2b2503459f4980b1c5
GET /js/th/_mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14302
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Dec 2022 14:32:25 GMT
expires: Mon, 18 Dec 2023 14:32:25 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
age: 482257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 78e82a9675e463307ad999770860908f
313547cb4eb5db1baed433622f85755e55288c6d
58d6bbee65101684a680936123138ae99add1597f794967454ba691acedcb03d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 04:30:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e3f349d1d8399a24315e98fc54179857
cdab7a12ec47358b257ba217173e088323aadc1f
f6262476101b554129fcbf637f6ae7658311cf11e63dc942639ea04fc86b8ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 04:30:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d7dc6f29af0912baf33dc26771c4bda2
032fcf4f0dff6644aceadade92866c74937e6540
6dfcbb4b2403b85a352f8602c24e0555c4e66d77638e9f77d57c041651f6834e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 04:30:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.202200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 24 Dec 2022 04:30:02 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/kYmZNwt7QXs/hqdefault.jpg?sqp=-oaymwEmCOADEOgC8quKqQMa8AEB-AH-BIAC4AKKAgwIABABGHIgYigrMA8=&rs=AOn4CLDcZjB6b5DLytUg9bb8qXvkPq_ImA
216.58.211.22200 OK 12 kB URL HTTP/2 i.ytimg.com/vi/kYmZNwt7QXs/hqdefault.jpg?sqp=-oaymwEmCOADEOgC8quKqQMa8AEB-AH-BIAC4AKKAgwIABABGHIgYigrMA8=&rs=AOn4CLDcZjB6b5DLytUg9bb8qXvkPq_ImA
IP 216.58.211.22:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 6f0e06ebce0b4e434f3329cae7ca3292
c365330ccfa1785a47ab365481d044cd607ee2e1
f3950679fc8df56ae0334c4ec81cb742f20cd39859b3994e3a94442bd9ce1a03
GET /vi/kYmZNwt7QXs/hqdefault.jpg?sqp=-oaymwEmCOADEOgC8quKqQMa8AEB-AH-BIAC4AKKAgwIABABGHIgYigrMA8=&rs=AOn4CLDcZjB6b5DLytUg9bb8qXvkPq_ImA HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 12317
date: Sat, 24 Dec 2022 04:30:02 GMT
expires: Sat, 24 Dec 2022 06:30:02 GMT
cache-control: public, max-age=7200
etag: "1653109300"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.202200 OK 112 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.202:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d94a6c2f81cc9cb18745ace43e129d58
dcde1919dbf016715032e0a82233d8eac47e6f1e
e274f8b7aecf1bd702976a5d6a4ae13fc795e07d5f031f79d5852f4af4cc4037
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 868
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 24 Dec 2022 04:30:02 GMT
server: ESF
cache-control: private
content-length: 112
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 78e82a9675e463307ad999770860908f
313547cb4eb5db1baed433622f85755e55288c6d
58d6bbee65101684a680936123138ae99add1597f794967454ba691acedcb03d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 04:30:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/B-Gcy6wI62ZT1Jw0cVaMxGIoh22REMwr7DiujIYPdIaPxV-4zdcjCdgLfhcRg00yPRPgF206oQ=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.6 kB URL HTTP/2 yt3.ggpht.com/B-Gcy6wI62ZT1Jw0cVaMxGIoh22REMwr7DiujIYPdIaPxV-4zdcjCdgLfhcRg00yPRPgF206oQ=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash dd0394feb757e3f13453926506be86e7
50000217bf066bca6ad4a9fa658cddde7c8f69c3
8c8b7b5ab4d00bce9102fcfb59204ca8a9a394a8c4793d32c17f02c90bf329e2
GET /B-Gcy6wI62ZT1Jw0cVaMxGIoh22REMwr7DiujIYPdIaPxV-4zdcjCdgLfhcRg00yPRPgF206oQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 25 Dec 2022 04:30:02 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 24 Dec 2022 04:30:02 GMT
server: fife
content-length: 1609
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d7dc6f29af0912baf33dc26771c4bda2
032fcf4f0dff6644aceadade92866c74937e6540
6dfcbb4b2403b85a352f8602c24e0555c4e66d77638e9f77d57c041651f6834e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 04:30:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Lato%3A400%2C700%7CHeebo%3A500&display=fallback&ver=3.9.4
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato%3A400%2C700%7CHeebo%3A500&display=fallback&ver=3.9.4
IP 142.250.74.106:0
GET /css?family=Lato%3A400%2C700%7CHeebo%3A500&display=fallback&ver=3.9.4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://baobabsports.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 24 Dec 2022 04:29:59 GMT
date: Sat, 24 Dec 2022 04:29:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CCandal%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CCandal%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1
IP 142.250.74.106:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CCandal%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://baobabsports.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 24 Dec 2022 04:29:59 GMT
date: Sat, 24 Dec 2022 04:29:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2