Report - dedicationsports.com/

Report Overview

Submitted URL
dedicationsports.com/
IP
208.109.25.132
ASN
#398101 GO-DADDY-COM-LLC
Submitted
2022-12-09 22:04:19
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
38

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
0.greenskymotions.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	978 B	185.177.94.152
di4.biz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	559 B	214 B	185.177.92.179
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	746 B	142.250.74.74
new.weatherplllatform.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	331 B	91.211.91.114
broworker4s.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	407 B	364 B	51.15.18.159
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.0 kB	93.184.220.29
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	9.8 kB	95.101.11.115
away.cdnbestplatform.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	508 B	650 B	91.211.91.104
cdn2.woxo.tech	369517	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	359 B	1.0 kB	104.26.7.21
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
dedicationsports.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	104 kB	208.109.25.132
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.4 kB	216.58.211.3
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.38.146.2
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	51 kB	34.120.237.76
greenskymotions.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	976 B	185.177.94.152

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-09	medium	dedicationsports.com/	Malware
2022-12-09	medium	dedicationsports.com/	Malware
2022-12-09	medium	dedicationsports.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.4.2	Malware
2022-12-09	medium	dedicationsports.com/wp-content/plugins/search-filter-pro/public/assets/css/search-filter.min.css?ver=2.5.6	Malware
2022-12-09	medium	dedicationsports.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3	Malware
2022-12-09	medium	dedicationsports.com/wp-content/plugins/jet-appointments-booking/assets/css/public/jet-appointments-booking.css?ver=1.5.71670623449	Malware
2022-12-09	medium	away.cdnbestplatform.com/go.php?id=9677-22-5680954-11	Malware
2022-12-09	medium	greenskymotions.net/b91698fd2.js	Phishing
2022-12-09	medium	0.greenskymotions.net/b91698fd2.js	Phishing
2022-12-09	medium	dedicationsports.com/wp-content/uploads/elementor/css/post-2531.css?ver=1656277648	Malware
2022-12-09	medium	dedicationsports.com/wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=2.6.1	Malware
2022-12-09	medium	dedicationsports.com/wp-content/plugins/jet-search/assets/css/jet-search.css?ver=2.1.14	Malware
2022-12-09	medium	dedicationsports.com/wp-content/uploads/elementor/css/post-2515.css?ver=1656277648	Malware
2022-12-09	medium	dedicationsports.com/wp-content/themes/oceanwp/inc/customizer/assets/css/fontawesome-all.min.css?ver=5.8.2	Malware
2022-12-09	medium	new.weatherplllatform.com/stick.js?v=7.77.7	Malware
2022-12-09	medium	dedicationsports.com/wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=5.15.1	Malware
2022-12-09	medium	dedicationsports.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.6.2	Malware
2022-12-09	medium	greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed18	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-09	medium	di4.biz	Sinkholed

JavaScript (8)

	URL	Size	First Seen	Last Seen
	new.weatherplllatform.com/stick.js?v=7.77.7	2.6 kB	2023-03-08	2023-03-11
Pretty URL new.weatherplllatform.com/stick.js?v=7.77.7 IP 91.211.91.114 ASN #206638 PE Brezhnev Daniil Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:28:35 Last Seen2023-03-11 23:44:37 Times Seen1 Hash 7d3709651db65783b33ed0db14ec696a 19190a35d532278be756c1c259e61ec503479122 a0dbf66726231a4873a37f8313f30322ad6ad612061830afece504cf52789e6f Loading...

	away.cdnbestplatform.com/go.php?id=9677-22-5680954-11	216 B	2023-03-08	2023-03-11
Pretty URL away.cdnbestplatform.com/go.php?id=9677-22-5680954-11 IP 91.211.91.104 ASN #206638 PE Brezhnev Daniil Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:15:09 Last Seen2023-03-11 23:34:29 Times Seen1 Hash a89dcc3acfcde395d237fc0be94fc5e0 9ace2b92a2ad3eb7c24f7082f8097d8e73994881 7e08cedf0cb250ea632f78ae8a5948755682d28cdda6a42b38347cfc03803238 Loading...

	greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed18	8.2 kB	2023-03-09	2023-03-09
Pretty URL greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed18 IP 185.177.94.152 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:31:15 Last Seen2023-03-09 00:31:15 Times Seen1 Hash 37fcd999ff099d558757be1cc534b896 df19746718922997b2931d66bb003f3c53839d09 6c15ee60eb34445e23605de1844c541a392a5267093b16af68e7c38e761dddec Loading...

	0.greenskymotions.net/index.php?p=mu4genjugq5dcmjrhe3a&sub2=dfastspeed18	8.2 kB	2023-03-09	2023-03-09
Pretty URL 0.greenskymotions.net/index.php?p=mu4genjugq5dcmjrhe3a&sub2=dfastspeed18 IP 185.177.94.152 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:31:15 Last Seen2023-03-09 00:31:15 Times Seen1 Hash 820b2a4d89428c2079ddab6c1d5d37a6 7f60398f97462759c4abbaa093eadf6370ae5c2b 410d627aaa234af3a4adab72396272016073a5697614cc688074cc5d9628bf96 Loading...

	dedicationsports.com/	4.7 kB	2023-03-09	2023-03-09
Pretty URL dedicationsports.com/ IP 208.109.25.132 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:31:15 Last Seen2023-03-09 00:31:15 Times Seen1 Hash f514ef06b89896efb8e1d12eae0a8e98 3f49f9bb91950710863fc6c87a8290e2141b4083 8bd268704973c3679b4ac7073d5e76f86086f3328a090abc7ba5ac3e444cba90 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 7268ede57858a2c14b25218c4cbf7d06	663 B	2023-03-08	2023-12-13
Pretty Observations First Seen2023-03-08 14:35:26 Last Seen2023-12-13 00:16:43 Times Seen44 Hash 7268ede57858a2c14b25218c4cbf7d06 c9dc28a1f6ab8bd7ff450be8796ef469be99ac91 dc6acc70fa6a127bcde95478f41fc3ec8b472cc6327b69d1fd5c5e3633a96540 Loading...

	#2 Eval - a7cca6e8f326504124986f7a6a369dde	8.0 kB	2023-03-09	2023-03-09
Pretty Observations First Seen2023-03-09 00:31:15 Last Seen2023-03-09 00:31:15 Times Seen1 Hash a7cca6e8f326504124986f7a6a369dde e3d77c7c8595f2f6e95e6e4e22becdc55b803946 22860ea69d8e83b96c9161ae84634709ac0c648a07ab8825b91d7feacfc8bcaf Loading...

	#3 Eval - c71028fe3b795b1164018dd771fe4e2a	8.1 kB	2023-03-09	2023-03-09
Pretty Observations First Seen2023-03-09 00:31:15 Last Seen2023-03-09 00:31:15 Times Seen1 Hash c71028fe3b795b1164018dd771fe4e2a 8aa6671bdf111cc12fee215256a846e58ead043f cb30a0169b94f4528c6790a6942fe37f7ab8d016f8f16b3fcab3d21c0e328628 Loading...

HTTP Transactions (62)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20540
Expires: Sat, 10 Dec 2022 03:46:28 GMT
Date: Fri, 09 Dec 2022 22:04:08 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10374
Expires: Sat, 10 Dec 2022 00:57:02 GMT
Date: Fri, 09 Dec 2022 22:04:08 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 21:08:21 GMT
content-type: application/json
age: 3347
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17203
Expires: Sat, 10 Dec 2022 02:50:51 GMT
Date: Fri, 09 Dec 2022 22:04:08 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: iK6LjfH0SNTkEMXwFMSp/X1OIb5F5t1Y/F10DVPzSTIXqiiZrjjEzTKgzi7XC5KM/2FlP4qawPw=
x-amz-request-id: V90PYEZRVKA09J25
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 21:48:32 GMT
age: 936
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 22:04:08 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

dedicationsports.com/

208.109.25.132

301 Moved Permanently

0 B

URL HTTP/1.1
dedicationsports.com/
IP
208.109.25.132:0
ASN
#398101 GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 22:04:08 GMT
Server: Apache
X-Powered-By: PHP/7.3.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-UA-Compatible: IE=edge
X-Redirect-By: WordPress
Set-Cookie: PHPSESSID=511f2ac9d15af203c1776c20a8287b1b; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://dedicationsports.com/
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 21:33:13 GMT
age: 1856
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3107
Cache-Control: max-age=129273
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:04:09 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 09:58:42 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.38.146.2

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.38.146.2:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: A6pUubJVyNm03r7jN0IYvg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9O4qeUM0jnEOXBiiB36YxJkp0mU=

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9955
Expires: Sat, 10 Dec 2022 00:50:06 GMT
Date: Fri, 09 Dec 2022 22:04:11 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9955
Expires: Sat, 10 Dec 2022 00:50:06 GMT
Date: Fri, 09 Dec 2022 22:04:11 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9955
Expires: Sat, 10 Dec 2022 00:50:06 GMT
Date: Fri, 09 Dec 2022 22:04:11 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9955
Expires: Sat, 10 Dec 2022 00:50:06 GMT
Date: Fri, 09 Dec 2022 22:04:11 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6578 bytes)
Hash
8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nXaZ1pazAGWMI9GFYZjGlvVVIb8wX6feD0O8VpzjsL8F8l3mFmydAw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:59 GMT
age: 53412
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5188 bytes)
Hash
fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7Dp35PIr_WYUI1bBa21AvmCMEPi0d3jnhuS8eEk3Q3CXRcGWAnkD8g==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:51:26 GMT
age: 765
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7557 bytes)
Hash
5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:15 GMT
age: 53456
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:04:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18fc6c7c-4552-4358-9e4d-cdf93bc52b43.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4914 bytes)
Hash
06799a30d9977b0845f525ae82355d23
6ae9a3c17dcbac5912a46ca0c99977ca3adad4ea
d7a7eeb42d36167243b3dea7147a61119cbb5d1dcc2e2304c6ddd4a62e41efd3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18fc6c7c-4552-4358-9e4d-cdf93bc52b43.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4914
x-amzn-requestid: b709d5ff-617b-480b-8fc3-b1408ee358b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQsoEkSIAMF0ZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7ea-4150ac397b97d1217cece045;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:03:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vU8PVYI3RMCLSJ_lK5NDOv5wBeEXeqngYURGrYkY-jZ9rvOw_MrBIw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 13:53:41 GMT
age: 29430
etag: "6ae9a3c17dcbac5912a46ca0c99977ca3adad4ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7897 bytes)
Hash
8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oV7bB5Tek01MFi9x2tr_Wix13-UGlQPIt042XM0ALNUvVFYnu5DRcg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:38:26 GMT
age: 66345
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12748 bytes)
Hash
730ba1a8edb79ba6f83b46d1ba5aed7b
55a236fedf6f5f7ca2bb88ae13e20846a50fd36d
f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12748
x-amzn-requestid: edd028e3-c23e-4985-b12d-d3ebe760df47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjuciEptIAMFj9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af783-1c151eb66f590c9c0e0c4c82;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:15:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -y4-_OwHl5_OFykJYYZSqwIopjKoYy1MhaGTpVXd4Grq2EsUP2c3IA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 12:33:36 GMT
age: 34235
etag: "55a236fedf6f5f7ca2bb88ae13e20846a50fd36d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:04:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dedicationsports.com/

208.109.25.132

200 OK

60 kB

URL HTTP/2
dedicationsports.com/
IP
208.109.25.132:0
ASN
#398101 GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10570)
Size
60 kB (59898 bytes)
Hash
58d0b0bca2e88d816d2707c35f2c16a7
141c1888ab1c7ef7bca126d6fb5e23568ec8defc
25175fda37642a629a0b7f943d5d340682ef234badc029cd83c9127bec8db9ae

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
x-powered-by: PHP/7.3.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-ua-compatible: IE=edge
link: <https://dedicationsports.com/wp-json/>; rel="https://api.w.org/", <https://dedicationsports.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json", <https://dedicationsports.com/>; rel=shortlink
set-cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148; path=/
vary: Accept-Encoding
content-encoding: br
content-length: 59898
content-type: text/html; charset=UTF-8
date: Fri, 09 Dec 2022 22:04:09 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
3845a092bd4aeaba141c23e8d51356e7
738c6e23f240394aa0d93257bf603fdfcb46b53c
11a302fbcbb670bf1599a804a6c5aa3d0e288984a9555917ead81b52b8525178

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6471
Cache-Control: max-age=99192
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:04:11 GMT
Etag: "6392780c-117"
Expires: Sun, 11 Dec 2022 01:37:23 GMT
Last-Modified: Thu, 08 Dec 2022 23:49:32 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279

dedicationsports.com/wp-content/themes/oceanwp/assets/css/woo/woo-mini-cart.min.css?ver=6.0.3

208.109.25.132

200 OK

1.2 kB

URL HTTP/2
dedicationsports.com/wp-content/themes/oceanwp/assets/css/woo/woo-mini-cart.min.css?ver=6.0.3
IP
208.109.25.132:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (5867)
Size
1.2 kB (1160 bytes)
Hash
790eaca171d1753ba8e59abee68f57e0
0a0a36abc911b317ff5a11d36a9579d7af8eccd6
43fd1c3bb98ff00e1f1ea4c5318726457536d3deac5a2e68fa4a055010ba2dfc

HTTP Headers

GET /wp-content/themes/oceanwp/assets/css/woo/woo-mini-cart.min.css?ver=6.0.3 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:42:33 GMT
etag: "43c1601-16ec-5d2dfd9970138-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1160
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2

dedicationsports.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.6.2

208.109.25.132

200 OK

1.1 kB

URL HTTP/2
dedicationsports.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.6.2
IP
208.109.25.132:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (4933), with no line terminators
Size
1.1 kB (1111 bytes)
Hash
3029e2a6d3b1a6a511dbde8b5a0d85fc
1d1269cf17ca8cbbef9a7e13a877529a82099689
747fbbc0f2cff079a6fe042d2562b9961464422e037f1d8ba3d1f67da6aa9c05

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.6.2 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 26 Jun 2022 20:30:35 GMT
etag: "4503b0d-1345-5e25facfb626f-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1111
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2

dedicationsports.com/wp-content/plugins/jet-smart-filters/assets/vendors/air-datepicker/air-datepicker.min.css?ver=2.2.3

208.109.25.132

200 OK

2.0 kB

URL HTTP/2
dedicationsports.com/wp-content/plugins/jet-smart-filters/assets/vendors/air-datepicker/air-datepicker.min.css?ver=2.2.3
IP
208.109.25.132:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (14933), with no line terminators
Size
2.0 kB (1968 bytes)
Hash
5eb6642760d16754c304124159cb5134
ea25b4c4aa5b2741cf32a3ae9e263e28f215ab68
ee1b2dc0db87fcd759ac743e61b83c36447177e69ebea645ad294a50501ce961

HTTP Headers

GET /wp-content/plugins/jet-smart-filters/assets/vendors/air-datepicker/air-datepicker.min.css?ver=2.2.3 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:40:56 GMT
etag: "47e0564-3a55-5d2dfd3cc3fa9-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1968
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2

dedicationsports.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.4.2

208.109.25.132

200 OK

5.1 kB

URL HTTP/2
dedicationsports.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.4.2
IP
208.109.25.132:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (39912)
Size
5.1 kB (5130 bytes)
Hash
dfc52a0ee694ab37bbe6a3307852399f
b718cb904cf81c100344428aa2a2cb1920f9b1e0
5afba4852a8162e33be0a464b8f9c728f01a6e17e2729805adcd5ba1d33f842c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.4.2 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 26 Jun 2022 20:31:01 GMT
etag: "4b40f55-9be9-5e25fae8c0ede-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 5130
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2

dedicationsports.com/wp-content/plugins/jet-engine/assets/css/frontend.css?ver=2.10.2

208.109.25.132

200 OK

5.9 kB

URL HTTP/2
dedicationsports.com/wp-content/plugins/jet-engine/assets/css/frontend.css?ver=2.10.2
IP
208.109.25.132:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (45679)
Size
5.9 kB (5939 bytes)
Hash
c9db6d7f0b85285ca9f03591a21f4857
125a32473225df27acc7851a1eb78a08a8059830
f4fa9b33cbda263efcada0918bd25a05897dbd7af6220fae55b4cd13c7ba7a0d

HTTP Headers

GET /wp-content/plugins/jet-engine/assets/css/frontend.css?ver=2.10.2 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:40:31 GMT
etag: "46e17b6-b270-5d2dfd255ed91-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 5939
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2

dedicationsports.com/wp-content/plugins/search-filter-pro/public/assets/css/search-filter.min.css?ver=2.5.6

208.109.25.132

200 OK

6.0 kB

URL HTTP/2
dedicationsports.com/wp-content/plugins/search-filter-pro/public/assets/css/search-filter.min.css?ver=2.5.6
IP
208.109.25.132:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (36993)
Size
6.0 kB (6048 bytes)
Hash
dd1ef5356d60194a8555dbe7c2fc74ea
458cc385feb7510aaa6f7ef52400b287fdef71b5
db09f3c179221fec1780a07bac542815c8fc30291d61dcaed9d3b6346c7d327f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/search-filter-pro/public/assets/css/search-filter.min.css?ver=2.5.6 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 13 Mar 2021 07:43:32 GMT
etag: "5f80674-91f3-5bd662c5a9100-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 6048
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2

dedicationsports.com/wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0

208.109.25.132

200 OK

2.3 kB

URL HTTP/2
dedicationsports.com/wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0
IP
208.109.25.132:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (10927), with no line terminators
Size
2.3 kB (2313 bytes)
Hash
8663d41883c8ddef23ad4c7ecc0437be
10555e4b8e6fd651bd41fe2682ffb41d0df026e8
b459354aa1d8cee83c320d612c0932f063ec1a15f390ce9d2a4a56ede734790a

HTTP Headers

GET /wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:42:33 GMT
etag: "43c1609-2aaf-5d2dfd9970138-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2313
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
3845a092bd4aeaba141c23e8d51356e7
738c6e23f240394aa0d93257bf603fdfcb46b53c
11a302fbcbb670bf1599a804a6c5aa3d0e288984a9555917ead81b52b8525178

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6471
Cache-Control: max-age=99192
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:04:11 GMT
Etag: "6392780c-117"
Expires: Sun, 11 Dec 2022 01:37:23 GMT
Last-Modified: Thu, 08 Dec 2022 23:49:32 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279

dedicationsports.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3

208.109.25.132

200 OK

11 kB

URL HTTP/2
dedicationsports.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP
208.109.25.132:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (43771)
Size
11 kB (10912 bytes)
Hash
069a79d16ded6a02071f286cd2025c44
dd5970e01b8a10dadcf074f72a1c8095f25e947a
78261bccee805c6913bf7e23e2e25314f05f690300a77a40ca36e1e516b20203

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
etag: "416172d-15b64-5e2f99fa9e940-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 10912
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2

dedicationsports.com/wp-content/plugins/jet-appointments-booking/assets/css/public/jet-appointments-booking.css?ver=1.5.71670623449

208.109.25.132

200 OK

198 B

URL HTTP/2
dedicationsports.com/wp-content/plugins/jet-appointments-booking/assets/css/public/jet-appointments-booking.css?ver=1.5.71670623449
IP
208.109.25.132:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (884)
Size
198 B (198 bytes)
Hash
2251ff24ba71cb5654402b8d96d74a15
4c375c8081c2ea2afd4b0047ba98e8d0c472ba2b
efad541cb2ca17d045dfb7edcb39d1ac3f784d2a138dcedb9c5c4767d7af04c2

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/jet-appointments-booking/assets/css/public/jet-appointments-booking.css?ver=1.5.71670623449 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:40:16 GMT
etag: "46a03d8-375-5d2dfd1675e0f-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 198
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2

dedicationsports.com/wp-content/plugins/jet-woo-builder/assets/css/lib/jetwoobuilder-frontend-font/css/jetwoobuilder-frontend-font.css?ver=1.11.3

208.109.25.132

200 OK

687 B

URL HTTP/2
dedicationsports.com/wp-content/plugins/jet-woo-builder/assets/css/lib/jetwoobuilder-frontend-font/css/jetwoobuilder-frontend-font.css?ver=1.11.3
IP
208.109.25.132:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text
Size
687 B (687 bytes)
Hash
b7ca578e744f6d0c406b366a0e34fa65
f10bd080ca8255a7f0f1023a217e66be1e9e8974
fa4879fe3a49b9069dbe06e373cdc712e943d13e949cf1d914547756ebfba118

HTTP Headers

GET /wp-content/plugins/jet-woo-builder/assets/css/lib/jetwoobuilder-frontend-font/css/jetwoobuilder-frontend-font.css?ver=1.11.3 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:41:03 GMT
etag: "47e286d-1496-5d2dfd434d1b7-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 687
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2

dedicationsports.com/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=6.6.1

208.109.25.132

200 OK

857 B

URL HTTP/2
dedicationsports.com/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=6.6.1
IP
208.109.25.132:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (3287), with no line terminators
Size
857 B (857 bytes)
Hash
d6a4316e744c0b03c6ec44269663a659
2c18f3fc99feae35cb69d24e5975c0ef60b00ec4
e93bfe64092b8e13771b16a20f977bcb50900c90944365344251f346443b51ec

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=6.6.1 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 26 Jun 2022 20:30:41 GMT
etag: "4782963-cd7-5e25fad564872-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 857
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2

dedicationsports.com/wp-content/plugins/jet-woo-builder/includes/integrations/themes/oceanwp/assets/css/style.css?ver=1.11.3

208.109.25.132

200 OK

406 B

URL HTTP/2
dedicationsports.com/wp-content/plugins/jet-woo-builder/includes/integrations/themes/oceanwp/assets/css/style.css?ver=1.11.3
IP
208.109.25.132:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (1300)
Size
406 B (406 bytes)
Hash
de3c742c40b672f98efc86086986e5e7
019043df0571b5b22f4cbc98e0ca0247217afea4
da6f0bf9d730c659af6c8a20e5907e578011467e17ca987cb73eaaed8a6a50e4

HTTP Headers

GET /wp-content/plugins/jet-woo-builder/includes/integrations/themes/oceanwp/assets/css/style.css?ver=1.11.3 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:41:03 GMT
etag: "4822078-515-5d2dfd43a7af7-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 406
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff37fa68b7e1bceb9067c2caf5f84572
76b4e8918bf0eaae71e1f345aa4eac59ad14d218
72d23a9cec377f46768b2e47a6ade90e161c72b701dc64b1780543b41ebdeb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72D23A9CEC377F46768B2E47A6ADE90E161C72B701DC64B1780543B41EBDEB63"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14623
Expires: Sat, 10 Dec 2022 02:07:54 GMT
Date: Fri, 09 Dec 2022 22:04:11 GMT
Connection: keep-alive

away.cdnbestplatform.com/go.php?id=9677-22-5680954-11

91.211.91.104

200 OK

409 B

URL HTTP/2
away.cdnbestplatform.com/go.php?id=9677-22-5680954-11
IP
91.211.91.104:0
ASN
#206638 PE Brezhnev Daniil

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
409 B (409 bytes)
Hash
f591e7a788a1f2fa6aca1a107f8bb1e6
c4ad5f0920bc7ece459111d23ec526f34059fbf7
221da6c1fef45e7ac1a9acbe463d02f3a759b203a10c67b46b40ca285bf496fa

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /go.php?id=9677-22-5680954-11 HTTP/1.1
Host: away.cdnbestplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 22:04:12 GMT
content-type: text/html; charset=UTF-8
content-length: 409
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d3a948269c118bcb3cb74401b1fc8be4
b3c52dc624e9505885fa4a8da4bbf160578afb09
fc153d502ffc59ec41d8e301f2dbc46536dc0fd6b7f52107db3da055423d22b7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC153D502FFC59EC41D8E301F2DBC46536DC0FD6B7F52107DB3DA055423D22B7"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21596
Expires: Sat, 10 Dec 2022 04:04:09 GMT
Date: Fri, 09 Dec 2022 22:04:13 GMT
Connection: keep-alive

greenskymotions.net/b91698fd2.js

185.177.94.152

200 OK

56 B

URL HTTP/2
greenskymotions.net/b91698fd2.js
IP
185.177.94.152:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
56 B (56 bytes)
Hash
01fedb484c76c86eb5bafcc15b97bddc
aa3d7fba2de0e16f69798d6dc6e77d2765a90455
93f23f64c6e14a7778241254ad90d49a38dfe406afdd5e0e223064613572d40f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /b91698fd2.js HTTP/1.1
Host: greenskymotions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=11e90ae0-3fb9-4009-b23a-60f3741ff931
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 22:04:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 56
last-modified: Thu, 13 Oct 2022 01:01:02 GMT
etag: "6347634e-38"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

greenskymotions.net/favicon.ico

185.177.94.152

204 No Content

0 B

URL HTTP/2
greenskymotions.net/favicon.ico
IP
185.177.94.152:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: greenskymotions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed18
Cookie: uuid=11e90ae0-3fb9-4009-b23a-60f3741ff931
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Fri, 09 Dec 2022 22:04:13 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
72c3810a1ce03d597690880f6bf593de
53032c35c692f6bebb44ae5961042256f8fc7e63
b4f1278af2f92819ba3bf38a92ef7511e4ba6b3930e9bff5019019ddb57a40ef

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B4F1278AF2F92819BA3BF38A92EF7511E4BA6B3930E9BFF5019019DDB57A40EF"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2013
Expires: Fri, 09 Dec 2022 22:37:46 GMT
Date: Fri, 09 Dec 2022 22:04:13 GMT
Connection: keep-alive

0.greenskymotions.net/b91698fd2.js

185.177.94.152

200 OK

56 B

URL HTTP/2
0.greenskymotions.net/b91698fd2.js
IP
185.177.94.152:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
56 B (56 bytes)
Hash
01fedb484c76c86eb5bafcc15b97bddc
aa3d7fba2de0e16f69798d6dc6e77d2765a90455
93f23f64c6e14a7778241254ad90d49a38dfe406afdd5e0e223064613572d40f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /b91698fd2.js HTTP/1.1
Host: 0.greenskymotions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=11e90ae0-3fb9-4009-b23a-60f3741ff931; uuid=11e90ae0-3fb9-4009-b23a-60f3741ff931
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 22:04:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 56
last-modified: Thu, 13 Oct 2022 01:01:02 GMT
etag: "6347634e-38"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

0.greenskymotions.net/favicon.ico

185.177.94.152

204 No Content

0 B

URL HTTP/2
0.greenskymotions.net/favicon.ico
IP
185.177.94.152:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 0.greenskymotions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.greenskymotions.net/index.php?p=mu4genjugq5dcmjrhe3a&sub2=dfastspeed18
Cookie: uuid=11e90ae0-3fb9-4009-b23a-60f3741ff931; uuid=11e90ae0-3fb9-4009-b23a-60f3741ff931
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Fri, 09 Dec 2022 22:04:14 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a054078462d9cde20fed941efeb88b4c
28bc71f8504be2bdaba06f5aa8b50b8a9a11187d
a82e460d28450e9cf893b137cb93340dc0c0adfc573af8a717c27a202d9af912

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A82E460D28450E9CF893B137CB93340DC0C0ADFC573AF8A717C27A202D9AF912"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13580
Expires: Sat, 10 Dec 2022 01:50:34 GMT
Date: Fri, 09 Dec 2022 22:04:14 GMT
Connection: keep-alive

di4.biz/favicon.ico

185.177.92.179

204 No Content

0 B

URL HTTP/2
di4.biz/favicon.ico
IP
185.177.92.179:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: di4.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://di4.biz/?auf=hbsgkn3gha5dcnrqgixtcmjrhe3c6mrqf5tdkmtfmrrdinjpgezc6mjwg4ydmmrtgq2ti&p=b&sub1=&sub2=dfastspeed18&sub3=&sub4=&cpc=0&cpm=0
Cookie: uuid=ca2112ac-21ce-45d2-9d68-9376d9dfea11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Fri, 09 Dec 2022 22:04:15 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

cdn2.woxo.tech/a.js

104.26.7.21

200 OK

0 B

URL HTTP/2
cdn2.woxo.tech/a.js
IP
104.26.7.21:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /a.js HTTP/1.1
Host: cdn2.woxo.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:04:11 GMT
content-type: application/javascript
last-modified: Wed, 20 Jul 2022 20:12:27 GMT
etag: W/"22cebdfbf6b3baf9117daf2596559257"
x-amz-version-id: Egm1OPnCI5h2oewDNOz.YHYm7ukPgIoO
x-cache: Miss from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oScuRRFz-EQqbtXo_SofIh9fNybdaAJsfEdv4CgoY4ht8mCstYAr6Q==
cf-cache-status: HIT
age: 2157515
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCIzWVBAlK4ZXPZr0j%2Bz2267nO5uZxxrHP%2F%2BhjOn9K2DcJihKoFsxGoi%2BMuCEK0DsytY81hrQUF7X1QNvxsg2zJFmYZxERompNTqWjBaa6q5PGzuPMklggRR4NGizuIS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=120, stale-while-revalidate=31535880
server: cloudflare
cf-ray: 777108fae8abb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dedicationsports.com/wp-content/plugins/jet-popup/assets/css/jet-popup-frontend.css?ver=1.5.5

208.109.25.132

200 OK

0 B

URL HTTP/2
dedicationsports.com/wp-content/plugins/jet-popup/assets/css/jet-popup-frontend.css?ver=1.5.5
IP
208.109.25.132:0
ASN
#398101 GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/jet-popup/assets/css/jet-popup-frontend.css?ver=1.5.5 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:40:41 GMT
etag: "4780262-3e35-5d2dfd2ee714d-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2051
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2

dedicationsports.com/wp-content/uploads/elementor/css/post-2531.css?ver=1656277648

208.109.25.132

200 OK

0 B

URL HTTP/2
dedicationsports.com/wp-content/uploads/elementor/css/post-2531.css?ver=1656277648
IP
208.109.25.132:0
ASN
#398101 GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/elementor/css/post-2531.css?ver=1656277648 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 26 Jun 2022 21:07:28 GMT
etag: "4c2004a-1c0d-5e26030e66f0f-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 750
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2

dedicationsports.com/wp-content/plugins/jet-woo-builder/assets/css/jet-woo-builder.css?ver=1.11.3

208.109.25.132

200 OK

0 B

URL HTTP/2
dedicationsports.com/wp-content/plugins/jet-woo-builder/assets/css/jet-woo-builder.css?ver=1.11.3
IP
208.109.25.132:0
ASN
#398101 GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/jet-woo-builder/assets/css/jet-woo-builder.css?ver=1.11.3 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:41:03 GMT
etag: "47e287a-12524-5d2dfd439bb8e-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 6854
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2

dedicationsports.com/wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=2.6.1

208.109.25.132

200 OK

0 B

URL HTTP/2
dedicationsports.com/wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=2.6.1
IP
208.109.25.132:0
ASN
#398101 GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=2.6.1 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:40:24 GMT
etag: "46a179c-450f-5d2dfd1e099d2-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2681
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2

dedicationsports.com/wp-content/plugins/jet-search/assets/css/jet-search.css?ver=2.1.14

208.109.25.132

200 OK

0 B

URL HTTP/2
dedicationsports.com/wp-content/plugins/jet-search/assets/css/jet-search.css?ver=2.1.14
IP
208.109.25.132:0
ASN
#398101 GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/jet-search/assets/css/jet-search.css?ver=2.1.14 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:40:47 GMT
etag: "47e0214-4a4e-5d2dfd349bcda-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3208
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAnton%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAbel%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAnton%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAbel%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAnton%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAbel%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 22:04:11 GMT
date: Fri, 09 Dec 2022 22:04:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

dedicationsports.com/wp-content/uploads/elementor/css/post-2515.css?ver=1656277648

208.109.25.132

200 OK

0 B

URL HTTP/2
dedicationsports.com/wp-content/uploads/elementor/css/post-2515.css?ver=1656277648
IP
208.109.25.132:0
ASN
#398101 GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/elementor/css/post-2515.css?ver=1656277648 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 26 Jun 2022 21:07:28 GMT
etag: "4c2001f-1563-5e26030e50f7d-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 619
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2

dedicationsports.com/wp-content/themes/oceanwp/inc/customizer/assets/css/fontawesome-all.min.css?ver=5.8.2

208.109.25.132

200 OK

0 B

URL HTTP/2
dedicationsports.com/wp-content/themes/oceanwp/inc/customizer/assets/css/fontawesome-all.min.css?ver=5.8.2
IP
208.109.25.132:0
ASN
#398101 GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/oceanwp/inc/customizer/assets/css/fontawesome-all.min.css?ver=5.8.2 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:42:34 GMT
etag: "44202c8-d759-5d2dfd9a253b6-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 11616
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2

new.weatherplllatform.com/stick.js?v=7.77.7

91.211.91.114

200 OK

0 B

URL HTTP/2
new.weatherplllatform.com/stick.js?v=7.77.7
IP
91.211.91.114:0
ASN
#206638 PE Brezhnev Daniil

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /stick.js?v=7.77.7 HTTP/1.1
Host: new.weatherplllatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 22:04:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 06 Nov 2022 00:27:12 GMT
vary: Accept-Encoding
etag: W/"6366ff60-a40"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

0.greenskymotions.net/index.php?p=mu4genjugq5dcmjrhe3a&sub2=dfastspeed18

185.177.94.152

200 OK

0 B

URL HTTP/2
0.greenskymotions.net/index.php?p=mu4genjugq5dcmjrhe3a&sub2=dfastspeed18
IP
185.177.94.152:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /index.php?p=mu4genjugq5dcmjrhe3a&sub2=dfastspeed18 HTTP/1.1
Host: 0.greenskymotions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenskymotions.net/
Cookie: uuid=11e90ae0-3fb9-4009-b23a-60f3741ff931
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 22:04:14 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=11e90ae0-3fb9-4009-b23a-60f3741ff931; expires=Sun, 08-Jan-2023 22:04:14 GMT; Max-Age=2592000; path=/; domain=0.greenskymotions.net
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

dedicationsports.com/wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=5.15.1

208.109.25.132

200 OK

0 B

URL HTTP/2
dedicationsports.com/wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=5.15.1
IP
208.109.25.132:0
ASN
#398101 GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=5.15.1 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:42:33 GMT
etag: "44003cb-e7d0-5d2dfd9972c30-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 12402
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2

dedicationsports.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.6.2

208.109.25.132

200 OK

0 B

URL HTTP/2
dedicationsports.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.6.2
IP
208.109.25.132:0
ASN
#398101 GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.6.2 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 26 Jun 2022 20:30:35 GMT
etag: "4503ad9-33aa6-5e25facf839d3-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 20339
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2

broworker4s.com/sw/bro.js

51.15.18.159

200 OK

0 B

URL HTTP/2
broworker4s.com/sw/bro.js
IP
51.15.18.159:0
ASN
#12876 Online S.a.s.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sw/bro.js HTTP/1.1
Host: broworker4s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenskymotions.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 22:04:13 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Sat, 09 Dec 2023 22:04:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed18

185.177.94.152

200 OK

0 B

URL HTTP/2
greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed18
IP
185.177.94.152:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed18 HTTP/1.1
Host: greenskymotions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://away.cdnbestplatform.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 22:04:13 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=11e90ae0-3fb9-4009-b23a-60f3741ff931; expires=Sun, 08-Jan-2023 22:04:13 GMT; Max-Age=2592000; path=/; domain=greenskymotions.net
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (62)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash