r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20540
Expires: Sat, 10 Dec 2022 03:46:28 GMT
Date: Fri, 09 Dec 2022 22:04:08 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10374
Expires: Sat, 10 Dec 2022 00:57:02 GMT
Date: Fri, 09 Dec 2022 22:04:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 21:08:21 GMT
content-type: application/json
age: 3347
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17203
Expires: Sat, 10 Dec 2022 02:50:51 GMT
Date: Fri, 09 Dec 2022 22:04:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: iK6LjfH0SNTkEMXwFMSp/X1OIb5F5t1Y/F10DVPzSTIXqiiZrjjEzTKgzi7XC5KM/2FlP4qawPw=
x-amz-request-id: V90PYEZRVKA09J25
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 21:48:32 GMT
age: 936
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 22:04:08 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
dedicationsports.com/
208.109.25.132301 Moved Permanently 0 B IP 208.109.25.132:0
ASN #398101 GO-DADDY-COM-LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 22:04:08 GMT
Server: Apache
X-Powered-By: PHP/7.3.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-UA-Compatible: IE=edge
X-Redirect-By: WordPress
Set-Cookie: PHPSESSID=511f2ac9d15af203c1776c20a8287b1b; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://dedicationsports.com/
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 21:33:13 GMT
age: 1856
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3107
Cache-Control: max-age=129273
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:04:09 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 09:58:42 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.38.146.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.146.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: A6pUubJVyNm03r7jN0IYvg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9O4qeUM0jnEOXBiiB36YxJkp0mU=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9955
Expires: Sat, 10 Dec 2022 00:50:06 GMT
Date: Fri, 09 Dec 2022 22:04:11 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9955
Expires: Sat, 10 Dec 2022 00:50:06 GMT
Date: Fri, 09 Dec 2022 22:04:11 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9955
Expires: Sat, 10 Dec 2022 00:50:06 GMT
Date: Fri, 09 Dec 2022 22:04:11 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9955
Expires: Sat, 10 Dec 2022 00:50:06 GMT
Date: Fri, 09 Dec 2022 22:04:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nXaZ1pazAGWMI9GFYZjGlvVVIb8wX6feD0O8VpzjsL8F8l3mFmydAw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:59 GMT
age: 53412
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7Dp35PIr_WYUI1bBa21AvmCMEPi0d3jnhuS8eEk3Q3CXRcGWAnkD8g==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:51:26 GMT
age: 765
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:15 GMT
age: 53456
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:04:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18fc6c7c-4552-4358-9e4d-cdf93bc52b43.webp
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18fc6c7c-4552-4358-9e4d-cdf93bc52b43.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06799a30d9977b0845f525ae82355d23
6ae9a3c17dcbac5912a46ca0c99977ca3adad4ea
d7a7eeb42d36167243b3dea7147a61119cbb5d1dcc2e2304c6ddd4a62e41efd3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18fc6c7c-4552-4358-9e4d-cdf93bc52b43.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4914
x-amzn-requestid: b709d5ff-617b-480b-8fc3-b1408ee358b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQsoEkSIAMF0ZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7ea-4150ac397b97d1217cece045;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:03:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vU8PVYI3RMCLSJ_lK5NDOv5wBeEXeqngYURGrYkY-jZ9rvOw_MrBIw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 13:53:41 GMT
age: 29430
etag: "6ae9a3c17dcbac5912a46ca0c99977ca3adad4ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oV7bB5Tek01MFi9x2tr_Wix13-UGlQPIt042XM0ALNUvVFYnu5DRcg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:38:26 GMT
age: 66345
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 730ba1a8edb79ba6f83b46d1ba5aed7b
55a236fedf6f5f7ca2bb88ae13e20846a50fd36d
f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12748
x-amzn-requestid: edd028e3-c23e-4985-b12d-d3ebe760df47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjuciEptIAMFj9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af783-1c151eb66f590c9c0e0c4c82;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:15:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -y4-_OwHl5_OFykJYYZSqwIopjKoYy1MhaGTpVXd4Grq2EsUP2c3IA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 12:33:36 GMT
age: 34235
etag: "55a236fedf6f5f7ca2bb88ae13e20846a50fd36d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:04:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dedicationsports.com/
208.109.25.132200 OK 60 kB IP 208.109.25.132:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10570)
Hash 58d0b0bca2e88d816d2707c35f2c16a7
141c1888ab1c7ef7bca126d6fb5e23568ec8defc
25175fda37642a629a0b7f943d5d340682ef234badc029cd83c9127bec8db9ae
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.3.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-ua-compatible: IE=edge
link: <https://dedicationsports.com/wp-json/>; rel="https://api.w.org/", <https://dedicationsports.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json", <https://dedicationsports.com/>; rel=shortlink
set-cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148; path=/
vary: Accept-Encoding
content-encoding: br
content-length: 59898
content-type: text/html; charset=UTF-8
date: Fri, 09 Dec 2022 22:04:09 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3845a092bd4aeaba141c23e8d51356e7
738c6e23f240394aa0d93257bf603fdfcb46b53c
11a302fbcbb670bf1599a804a6c5aa3d0e288984a9555917ead81b52b8525178
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6471
Cache-Control: max-age=99192
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:04:11 GMT
Etag: "6392780c-117"
Expires: Sun, 11 Dec 2022 01:37:23 GMT
Last-Modified: Thu, 08 Dec 2022 23:49:32 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
dedicationsports.com/wp-content/themes/oceanwp/assets/css/woo/woo-mini-cart.min.css?ver=6.0.3
208.109.25.132200 OK 1.2 kB URL HTTP/2 dedicationsports.com/wp-content/themes/oceanwp/assets/css/woo/woo-mini-cart.min.css?ver=6.0.3
IP 208.109.25.132:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (5867)
Hash 790eaca171d1753ba8e59abee68f57e0
0a0a36abc911b317ff5a11d36a9579d7af8eccd6
43fd1c3bb98ff00e1f1ea4c5318726457536d3deac5a2e68fa4a055010ba2dfc
GET /wp-content/themes/oceanwp/assets/css/woo/woo-mini-cart.min.css?ver=6.0.3 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:42:33 GMT
etag: "43c1601-16ec-5d2dfd9970138-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1160
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
dedicationsports.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.6.2
208.109.25.132200 OK 1.1 kB URL HTTP/2 dedicationsports.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.6.2
IP 208.109.25.132:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (4933), with no line terminators
Hash 3029e2a6d3b1a6a511dbde8b5a0d85fc
1d1269cf17ca8cbbef9a7e13a877529a82099689
747fbbc0f2cff079a6fe042d2562b9961464422e037f1d8ba3d1f67da6aa9c05
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.6.2 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 26 Jun 2022 20:30:35 GMT
etag: "4503b0d-1345-5e25facfb626f-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1111
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
dedicationsports.com/wp-content/plugins/jet-smart-filters/assets/vendors/air-datepicker/air-datepicker.min.css?ver=2.2.3
208.109.25.132200 OK 2.0 kB URL HTTP/2 dedicationsports.com/wp-content/plugins/jet-smart-filters/assets/vendors/air-datepicker/air-datepicker.min.css?ver=2.2.3
IP 208.109.25.132:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (14933), with no line terminators
Hash 5eb6642760d16754c304124159cb5134
ea25b4c4aa5b2741cf32a3ae9e263e28f215ab68
ee1b2dc0db87fcd759ac743e61b83c36447177e69ebea645ad294a50501ce961
GET /wp-content/plugins/jet-smart-filters/assets/vendors/air-datepicker/air-datepicker.min.css?ver=2.2.3 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:40:56 GMT
etag: "47e0564-3a55-5d2dfd3cc3fa9-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1968
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
dedicationsports.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.4.2
208.109.25.132200 OK 5.1 kB URL HTTP/2 dedicationsports.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.4.2
IP 208.109.25.132:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (39912)
Hash dfc52a0ee694ab37bbe6a3307852399f
b718cb904cf81c100344428aa2a2cb1920f9b1e0
5afba4852a8162e33be0a464b8f9c728f01a6e17e2729805adcd5ba1d33f842c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.4.2 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 26 Jun 2022 20:31:01 GMT
etag: "4b40f55-9be9-5e25fae8c0ede-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 5130
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
dedicationsports.com/wp-content/plugins/jet-engine/assets/css/frontend.css?ver=2.10.2
208.109.25.132200 OK 5.9 kB URL HTTP/2 dedicationsports.com/wp-content/plugins/jet-engine/assets/css/frontend.css?ver=2.10.2
IP 208.109.25.132:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (45679)
Hash c9db6d7f0b85285ca9f03591a21f4857
125a32473225df27acc7851a1eb78a08a8059830
f4fa9b33cbda263efcada0918bd25a05897dbd7af6220fae55b4cd13c7ba7a0d
GET /wp-content/plugins/jet-engine/assets/css/frontend.css?ver=2.10.2 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:40:31 GMT
etag: "46e17b6-b270-5d2dfd255ed91-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 5939
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
dedicationsports.com/wp-content/plugins/search-filter-pro/public/assets/css/search-filter.min.css?ver=2.5.6
208.109.25.132200 OK 6.0 kB URL HTTP/2 dedicationsports.com/wp-content/plugins/search-filter-pro/public/assets/css/search-filter.min.css?ver=2.5.6
IP 208.109.25.132:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (36993)
Hash dd1ef5356d60194a8555dbe7c2fc74ea
458cc385feb7510aaa6f7ef52400b287fdef71b5
db09f3c179221fec1780a07bac542815c8fc30291d61dcaed9d3b6346c7d327f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/search-filter-pro/public/assets/css/search-filter.min.css?ver=2.5.6 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 13 Mar 2021 07:43:32 GMT
etag: "5f80674-91f3-5bd662c5a9100-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 6048
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
dedicationsports.com/wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0
208.109.25.132200 OK 2.3 kB URL HTTP/2 dedicationsports.com/wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0
IP 208.109.25.132:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (10927), with no line terminators
Hash 8663d41883c8ddef23ad4c7ecc0437be
10555e4b8e6fd651bd41fe2682ffb41d0df026e8
b459354aa1d8cee83c320d612c0932f063ec1a15f390ce9d2a4a56ede734790a
GET /wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:42:33 GMT
etag: "43c1609-2aaf-5d2dfd9970138-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2313
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3845a092bd4aeaba141c23e8d51356e7
738c6e23f240394aa0d93257bf603fdfcb46b53c
11a302fbcbb670bf1599a804a6c5aa3d0e288984a9555917ead81b52b8525178
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6471
Cache-Control: max-age=99192
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:04:11 GMT
Etag: "6392780c-117"
Expires: Sun, 11 Dec 2022 01:37:23 GMT
Last-Modified: Thu, 08 Dec 2022 23:49:32 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
dedicationsports.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
208.109.25.132200 OK 11 kB URL HTTP/2 dedicationsports.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 208.109.25.132:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (43771)
Hash 069a79d16ded6a02071f286cd2025c44
dd5970e01b8a10dadcf074f72a1c8095f25e947a
78261bccee805c6913bf7e23e2e25314f05f690300a77a40ca36e1e516b20203
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
etag: "416172d-15b64-5e2f99fa9e940-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 10912
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
dedicationsports.com/wp-content/plugins/jet-appointments-booking/assets/css/public/jet-appointments-booking.css?ver=1.5.71670623449
208.109.25.132200 OK 198 B URL HTTP/2 dedicationsports.com/wp-content/plugins/jet-appointments-booking/assets/css/public/jet-appointments-booking.css?ver=1.5.71670623449
IP 208.109.25.132:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (884)
Hash 2251ff24ba71cb5654402b8d96d74a15
4c375c8081c2ea2afd4b0047ba98e8d0c472ba2b
efad541cb2ca17d045dfb7edcb39d1ac3f784d2a138dcedb9c5c4767d7af04c2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/jet-appointments-booking/assets/css/public/jet-appointments-booking.css?ver=1.5.71670623449 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:40:16 GMT
etag: "46a03d8-375-5d2dfd1675e0f-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 198
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
dedicationsports.com/wp-content/plugins/jet-woo-builder/assets/css/lib/jetwoobuilder-frontend-font/css/jetwoobuilder-frontend-font.css?ver=1.11.3
208.109.25.132200 OK 687 B URL HTTP/2 dedicationsports.com/wp-content/plugins/jet-woo-builder/assets/css/lib/jetwoobuilder-frontend-font/css/jetwoobuilder-frontend-font.css?ver=1.11.3
IP 208.109.25.132:0
ASN #398101 GO-DADDY-COM-LLC
Hash b7ca578e744f6d0c406b366a0e34fa65
f10bd080ca8255a7f0f1023a217e66be1e9e8974
fa4879fe3a49b9069dbe06e373cdc712e943d13e949cf1d914547756ebfba118
GET /wp-content/plugins/jet-woo-builder/assets/css/lib/jetwoobuilder-frontend-font/css/jetwoobuilder-frontend-font.css?ver=1.11.3 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:41:03 GMT
etag: "47e286d-1496-5d2dfd434d1b7-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 687
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
dedicationsports.com/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=6.6.1
208.109.25.132200 OK 857 B URL HTTP/2 dedicationsports.com/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=6.6.1
IP 208.109.25.132:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (3287), with no line terminators
Hash d6a4316e744c0b03c6ec44269663a659
2c18f3fc99feae35cb69d24e5975c0ef60b00ec4
e93bfe64092b8e13771b16a20f977bcb50900c90944365344251f346443b51ec
GET /wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=6.6.1 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 26 Jun 2022 20:30:41 GMT
etag: "4782963-cd7-5e25fad564872-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 857
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
dedicationsports.com/wp-content/plugins/jet-woo-builder/includes/integrations/themes/oceanwp/assets/css/style.css?ver=1.11.3
208.109.25.132200 OK 406 B URL HTTP/2 dedicationsports.com/wp-content/plugins/jet-woo-builder/includes/integrations/themes/oceanwp/assets/css/style.css?ver=1.11.3
IP 208.109.25.132:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1300)
Hash de3c742c40b672f98efc86086986e5e7
019043df0571b5b22f4cbc98e0ca0247217afea4
da6f0bf9d730c659af6c8a20e5907e578011467e17ca987cb73eaaed8a6a50e4
GET /wp-content/plugins/jet-woo-builder/includes/integrations/themes/oceanwp/assets/css/style.css?ver=1.11.3 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:41:03 GMT
etag: "4822078-515-5d2dfd43a7af7-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 406
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ff37fa68b7e1bceb9067c2caf5f84572
76b4e8918bf0eaae71e1f345aa4eac59ad14d218
72d23a9cec377f46768b2e47a6ade90e161c72b701dc64b1780543b41ebdeb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72D23A9CEC377F46768B2E47A6ADE90E161C72B701DC64B1780543B41EBDEB63"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14623
Expires: Sat, 10 Dec 2022 02:07:54 GMT
Date: Fri, 09 Dec 2022 22:04:11 GMT
Connection: keep-alive
away.cdnbestplatform.com/go.php?id=9677-22-5680954-11
91.211.91.104200 OK 409 B URL HTTP/2 away.cdnbestplatform.com/go.php?id=9677-22-5680954-11
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash f591e7a788a1f2fa6aca1a107f8bb1e6
c4ad5f0920bc7ece459111d23ec526f34059fbf7
221da6c1fef45e7ac1a9acbe463d02f3a759b203a10c67b46b40ca285bf496fa
Analyzer Verdict Alert fortinet Malware
GET /go.php?id=9677-22-5680954-11 HTTP/1.1
Host: away.cdnbestplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 22:04:12 GMT
content-type: text/html; charset=UTF-8
content-length: 409
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d3a948269c118bcb3cb74401b1fc8be4
b3c52dc624e9505885fa4a8da4bbf160578afb09
fc153d502ffc59ec41d8e301f2dbc46536dc0fd6b7f52107db3da055423d22b7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC153D502FFC59EC41D8E301F2DBC46536DC0FD6B7F52107DB3DA055423D22B7"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21596
Expires: Sat, 10 Dec 2022 04:04:09 GMT
Date: Fri, 09 Dec 2022 22:04:13 GMT
Connection: keep-alive
greenskymotions.net/b91698fd2.js
185.177.94.152200 OK 56 B URL HTTP/2 greenskymotions.net/b91698fd2.js
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 01fedb484c76c86eb5bafcc15b97bddc
aa3d7fba2de0e16f69798d6dc6e77d2765a90455
93f23f64c6e14a7778241254ad90d49a38dfe406afdd5e0e223064613572d40f
Analyzer Verdict Alert fortinet Phishing
GET /b91698fd2.js HTTP/1.1
Host: greenskymotions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=11e90ae0-3fb9-4009-b23a-60f3741ff931
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 22:04:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 56
last-modified: Thu, 13 Oct 2022 01:01:02 GMT
etag: "6347634e-38"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
greenskymotions.net/favicon.ico
185.177.94.152204 No Content 0 B URL HTTP/2 greenskymotions.net/favicon.ico
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: greenskymotions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed18
Cookie: uuid=11e90ae0-3fb9-4009-b23a-60f3741ff931
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 09 Dec 2022 22:04:13 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 72c3810a1ce03d597690880f6bf593de
53032c35c692f6bebb44ae5961042256f8fc7e63
b4f1278af2f92819ba3bf38a92ef7511e4ba6b3930e9bff5019019ddb57a40ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B4F1278AF2F92819BA3BF38A92EF7511E4BA6B3930E9BFF5019019DDB57A40EF"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2013
Expires: Fri, 09 Dec 2022 22:37:46 GMT
Date: Fri, 09 Dec 2022 22:04:13 GMT
Connection: keep-alive
0.greenskymotions.net/b91698fd2.js
185.177.94.152200 OK 56 B URL HTTP/2 0.greenskymotions.net/b91698fd2.js
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 01fedb484c76c86eb5bafcc15b97bddc
aa3d7fba2de0e16f69798d6dc6e77d2765a90455
93f23f64c6e14a7778241254ad90d49a38dfe406afdd5e0e223064613572d40f
Analyzer Verdict Alert fortinet Phishing
GET /b91698fd2.js HTTP/1.1
Host: 0.greenskymotions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=11e90ae0-3fb9-4009-b23a-60f3741ff931; uuid=11e90ae0-3fb9-4009-b23a-60f3741ff931
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 22:04:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 56
last-modified: Thu, 13 Oct 2022 01:01:02 GMT
etag: "6347634e-38"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
0.greenskymotions.net/favicon.ico
185.177.94.152204 No Content 0 B URL HTTP/2 0.greenskymotions.net/favicon.ico
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 0.greenskymotions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.greenskymotions.net/index.php?p=mu4genjugq5dcmjrhe3a&sub2=dfastspeed18
Cookie: uuid=11e90ae0-3fb9-4009-b23a-60f3741ff931; uuid=11e90ae0-3fb9-4009-b23a-60f3741ff931
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 09 Dec 2022 22:04:14 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a054078462d9cde20fed941efeb88b4c
28bc71f8504be2bdaba06f5aa8b50b8a9a11187d
a82e460d28450e9cf893b137cb93340dc0c0adfc573af8a717c27a202d9af912
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A82E460D28450E9CF893B137CB93340DC0C0ADFC573AF8A717C27A202D9AF912"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13580
Expires: Sat, 10 Dec 2022 01:50:34 GMT
Date: Fri, 09 Dec 2022 22:04:14 GMT
Connection: keep-alive
di4.biz/favicon.ico
185.177.92.179204 No Content 0 B IP 185.177.92.179:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: di4.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://di4.biz/?auf=hbsgkn3gha5dcnrqgixtcmjrhe3c6mrqf5tdkmtfmrrdinjpgezc6mjwg4ydmmrtgq2ti&p=b&sub1=&sub2=dfastspeed18&sub3=&sub4=&cpc=0&cpm=0
Cookie: uuid=ca2112ac-21ce-45d2-9d68-9376d9dfea11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 09 Dec 2022 22:04:15 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
cdn2.woxo.tech/a.js
104.26.7.21200 OK 0 B IP 104.26.7.21:0
GET /a.js HTTP/1.1
Host: cdn2.woxo.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:04:11 GMT
content-type: application/javascript
last-modified: Wed, 20 Jul 2022 20:12:27 GMT
etag: W/"22cebdfbf6b3baf9117daf2596559257"
x-amz-version-id: Egm1OPnCI5h2oewDNOz.YHYm7ukPgIoO
x-cache: Miss from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oScuRRFz-EQqbtXo_SofIh9fNybdaAJsfEdv4CgoY4ht8mCstYAr6Q==
cf-cache-status: HIT
age: 2157515
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCIzWVBAlK4ZXPZr0j%2Bz2267nO5uZxxrHP%2F%2BhjOn9K2DcJihKoFsxGoi%2BMuCEK0DsytY81hrQUF7X1QNvxsg2zJFmYZxERompNTqWjBaa6q5PGzuPMklggRR4NGizuIS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=120, stale-while-revalidate=31535880
server: cloudflare
cf-ray: 777108fae8abb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dedicationsports.com/wp-content/plugins/jet-popup/assets/css/jet-popup-frontend.css?ver=1.5.5
208.109.25.132200 OK 0 B URL HTTP/2 dedicationsports.com/wp-content/plugins/jet-popup/assets/css/jet-popup-frontend.css?ver=1.5.5
IP 208.109.25.132:0
ASN #398101 GO-DADDY-COM-LLC
GET /wp-content/plugins/jet-popup/assets/css/jet-popup-frontend.css?ver=1.5.5 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:40:41 GMT
etag: "4780262-3e35-5d2dfd2ee714d-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2051
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
dedicationsports.com/wp-content/uploads/elementor/css/post-2531.css?ver=1656277648
208.109.25.132200 OK 0 B URL HTTP/2 dedicationsports.com/wp-content/uploads/elementor/css/post-2531.css?ver=1656277648
IP 208.109.25.132:0
ASN #398101 GO-DADDY-COM-LLC
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-2531.css?ver=1656277648 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 26 Jun 2022 21:07:28 GMT
etag: "4c2004a-1c0d-5e26030e66f0f-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 750
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
dedicationsports.com/wp-content/plugins/jet-woo-builder/assets/css/jet-woo-builder.css?ver=1.11.3
208.109.25.132200 OK 0 B URL HTTP/2 dedicationsports.com/wp-content/plugins/jet-woo-builder/assets/css/jet-woo-builder.css?ver=1.11.3
IP 208.109.25.132:0
ASN #398101 GO-DADDY-COM-LLC
GET /wp-content/plugins/jet-woo-builder/assets/css/jet-woo-builder.css?ver=1.11.3 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:41:03 GMT
etag: "47e287a-12524-5d2dfd439bb8e-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 6854
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
dedicationsports.com/wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=2.6.1
208.109.25.132200 OK 0 B URL HTTP/2 dedicationsports.com/wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=2.6.1
IP 208.109.25.132:0
ASN #398101 GO-DADDY-COM-LLC
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=2.6.1 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:40:24 GMT
etag: "46a179c-450f-5d2dfd1e099d2-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2681
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
dedicationsports.com/wp-content/plugins/jet-search/assets/css/jet-search.css?ver=2.1.14
208.109.25.132200 OK 0 B URL HTTP/2 dedicationsports.com/wp-content/plugins/jet-search/assets/css/jet-search.css?ver=2.1.14
IP 208.109.25.132:0
ASN #398101 GO-DADDY-COM-LLC
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/jet-search/assets/css/jet-search.css?ver=2.1.14 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:40:47 GMT
etag: "47e0214-4a4e-5d2dfd349bcda-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3208
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAnton%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAbel%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAnton%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAbel%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3
IP 142.250.74.74:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAnton%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAbel%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 22:04:11 GMT
date: Fri, 09 Dec 2022 22:04:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dedicationsports.com/wp-content/uploads/elementor/css/post-2515.css?ver=1656277648
208.109.25.132200 OK 0 B URL HTTP/2 dedicationsports.com/wp-content/uploads/elementor/css/post-2515.css?ver=1656277648
IP 208.109.25.132:0
ASN #398101 GO-DADDY-COM-LLC
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-2515.css?ver=1656277648 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 26 Jun 2022 21:07:28 GMT
etag: "4c2001f-1563-5e26030e50f7d-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 619
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
dedicationsports.com/wp-content/themes/oceanwp/inc/customizer/assets/css/fontawesome-all.min.css?ver=5.8.2
208.109.25.132200 OK 0 B URL HTTP/2 dedicationsports.com/wp-content/themes/oceanwp/inc/customizer/assets/css/fontawesome-all.min.css?ver=5.8.2
IP 208.109.25.132:0
ASN #398101 GO-DADDY-COM-LLC
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/oceanwp/inc/customizer/assets/css/fontawesome-all.min.css?ver=5.8.2 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:42:34 GMT
etag: "44202c8-d759-5d2dfd9a253b6-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 11616
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
new.weatherplllatform.com/stick.js?v=7.77.7
91.211.91.114200 OK 0 B URL HTTP/2 new.weatherplllatform.com/stick.js?v=7.77.7
IP 91.211.91.114:0
ASN #206638 PE Brezhnev Daniil
Analyzer Verdict Alert fortinet Malware
GET /stick.js?v=7.77.7 HTTP/1.1
Host: new.weatherplllatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 22:04:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 06 Nov 2022 00:27:12 GMT
vary: Accept-Encoding
etag: W/"6366ff60-a40"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
0.greenskymotions.net/index.php?p=mu4genjugq5dcmjrhe3a&sub2=dfastspeed18
185.177.94.152200 OK 0 B URL HTTP/2 0.greenskymotions.net/index.php?p=mu4genjugq5dcmjrhe3a&sub2=dfastspeed18
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
GET /index.php?p=mu4genjugq5dcmjrhe3a&sub2=dfastspeed18 HTTP/1.1
Host: 0.greenskymotions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenskymotions.net/
Cookie: uuid=11e90ae0-3fb9-4009-b23a-60f3741ff931
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 22:04:14 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=11e90ae0-3fb9-4009-b23a-60f3741ff931; expires=Sun, 08-Jan-2023 22:04:14 GMT; Max-Age=2592000; path=/; domain=0.greenskymotions.net
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
dedicationsports.com/wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=5.15.1
208.109.25.132200 OK 0 B URL HTTP/2 dedicationsports.com/wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=5.15.1
IP 208.109.25.132:0
ASN #398101 GO-DADDY-COM-LLC
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=5.15.1 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 11 Dec 2021 14:42:33 GMT
etag: "44003cb-e7d0-5d2dfd9972c30-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 12402
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
dedicationsports.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.6.2
208.109.25.132200 OK 0 B URL HTTP/2 dedicationsports.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.6.2
IP 208.109.25.132:0
ASN #398101 GO-DADDY-COM-LLC
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.6.2 HTTP/1.1
Host: dedicationsports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dedicationsports.com/
Cookie: PHPSESSID=c638ee4e0d347aee3a281a69b7792148
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 26 Jun 2022 20:30:35 GMT
etag: "4503ad9-33aa6-5e25facf839d3-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 20339
content-type: text/css
date: Fri, 09 Dec 2022 22:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
broworker4s.com/sw/bro.js
51.15.18.159200 OK 0 B URL HTTP/2 broworker4s.com/sw/bro.js
IP 51.15.18.159:0
GET /sw/bro.js HTTP/1.1
Host: broworker4s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenskymotions.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 22:04:13 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Sat, 09 Dec 2023 22:04:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed18
185.177.94.152200 OK 0 B URL HTTP/2 greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed18
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed18 HTTP/1.1
Host: greenskymotions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://away.cdnbestplatform.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 22:04:13 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=11e90ae0-3fb9-4009-b23a-60f3741ff931; expires=Sun, 08-Jan-2023 22:04:13 GMT; Max-Age=2592000; path=/; domain=greenskymotions.net
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2