Report - adventure-workscycles.com/

Report Overview

Submitted URL
adventure-workscycles.com/
IP
20.118.138.130
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2022-09-22 20:02:08
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
42

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	48 kB	142.250.74.163
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	67 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	3.5 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.216.192.228
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	4.9 kB	142.250.74.3
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	829 B	143 kB	142.250.74.10
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
adventure-workscycles.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	29 kB	3.0 MB	20.118.138.130
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-22	medium	adventure-workscycles.com/	Phishing
2022-09-22	medium	adventure-workscycles.com/	Phishing
2022-09-22	medium	adventure-workscycles.com/AdventureWorkscycles.com.styles.css?v=y_MWWWLKmdLXHffO7sPqTYqnx-rRKbpJdbaI4bYF250	Phishing
2022-09-22	medium	adventure-workscycles.com/js/jquery.nice-select.js	Phishing
2022-09-22	medium	adventure-workscycles.com/js/slick.min.js	Phishing
2022-09-22	medium	adventure-workscycles.com/js/wow.js	Phishing
2022-09-22	medium	adventure-workscycles.com/js/jquery-2.2.4.min.js	Phishing
2022-09-22	medium	adventure-workscycles.com/js/lazyload.min.js	Phishing
2022-09-22	medium	adventure-workscycles.com/js/scripts.js	Phishing
2022-09-22	medium	adventure-workscycles.com/js/jquery.fancybox.js	Phishing
2022-09-22	medium	adventure-workscycles.com/js/jquery-ui.js	Phishing
2022-09-22	medium	adventure-workscycles.com/fonts/fontawesome-webfont.woff2?v=4.7.0	Phishing
2022-09-22	medium	adventure-workscycles.com/img/client-1.svg	Phishing
2022-09-22	medium	adventure-workscycles.com/img/client-4.svg	Phishing
2022-09-22	medium	adventure-workscycles.com/img/client-5.svg	Phishing
2022-09-22	medium	adventure-workscycles.com/img/client-2.svg	Phishing
2022-09-22	medium	adventure-workscycles.com/img/client-6.svg	Phishing
2022-09-22	medium	adventure-workscycles.com/img/bg-slider-3.svg	Phishing
2022-09-22	medium	adventure-workscycles.com/img/effect-bg-feedback.svg	Phishing
2022-09-22	medium	adventure-workscycles.com/img/effect-section-banner.svg	Phishing
2022-09-22	medium	adventure-workscycles.com/img/subscribe-effect.svg	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	adventure-workscycles.com/js/jquery.fancybox.js	161 kB	2023-03-07	2024-04-15
Pretty URL adventure-workscycles.com/js/jquery.fancybox.js IP 20.118.138.130 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:26 Last Seen2024-04-15 07:08:20 Times Seen351 Hash b63c7cca1b5e4bd57bd854c444b895c9 27f034e5db8c32e268e2959b9a7c1258d36e4510 c836ab144528f3b6748bb49a0ba6fbd3118028282185660067fde9fbcf68e251 Loading...

	adventure-workscycles.com/js/jquery-ui.js	452 kB	2023-03-07	2023-03-07
Pretty URL adventure-workscycles.com/js/jquery-ui.js IP 20.118.138.130 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:23:33 Last Seen2023-03-07 23:23:33 Times Seen1 Hash 856fa9f752094fa15e9eace5335524e0 570bc9be285a4c911c1fa652520b39d8afbf1d23 a5dfcf1d9b1ee82ed3446f6ed6e20cb412bbd7d426a59f3a8e32f6071e75b9ec Loading...

	adventure-workscycles.com/js/jquery.nice-select.js	6.0 kB	2023-03-07	2024-04-18
Pretty URL adventure-workscycles.com/js/jquery.nice-select.js IP 20.118.138.130 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:53 Last Seen2024-04-18 01:59:50 Times Seen79 Hash 723e741faba72abfb0e56b6e0f8a73d8 ba71788614e8e11dbeeebdcac9037b57e7a69ce4 39f6514264e1603542b6aa38ba44c3be0aa7bbdef56ed139d74fe75e24e642fa Loading...

	adventure-workscycles.com/js/slick.min.js	42 kB	2023-03-07	2024-04-08
Pretty URL adventure-workscycles.com/js/slick.min.js IP 20.118.138.130 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:23:33 Last Seen2024-04-08 17:15:21 Times Seen13 Hash f1ab376cccea58e40efcd3cf4f34fcae b8ae0bf731f65f861d9e7810d6fee08eeba7ba84 6b4d526ecc6337d49678ca2f8e149d9c67902f7cc30a33f36a6cec1b2fbb0894 Loading...

	adventure-workscycles.com/js/wow.js	16 kB	2023-03-07	2024-03-30
Pretty URL adventure-workscycles.com/js/wow.js IP 20.118.138.130 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:24 Last Seen2024-03-30 18:17:57 Times Seen162 Hash 1fe330f76077eace63b73ff43e2a3696 c636c74c42c0d8104ea66d1687f4e287afac3f5f 6be7c8eb016d4564431a764b673536472756559248bbb6dbbfbaa1be4d1fe219 Loading...

	adventure-workscycles.com/js/jquery-2.2.4.min.js	86 kB	2023-03-07	2024-02-18
Pretty URL adventure-workscycles.com/js/jquery-2.2.4.min.js IP 20.118.138.130 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:23:33 Last Seen2024-02-18 15:42:33 Times Seen9 Hash b1e02c856cd3b05af0e645cbd725da3c ee7c212209bea1c6ffc31190d8fe06ead515001f 41b7cded4348e34d9d8b7156a7c27ae39ba8bf995c706cde377963907f728f75 Loading...

	adventure-workscycles.com/js/lazyload.min.js	5.0 kB	2023-03-07	2024-04-18
Pretty URL adventure-workscycles.com/js/lazyload.min.js IP 20.118.138.130 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-04-18 12:47:13 Times Seen969 Hash 2a58139bca6dd26694155d0a01c47438 3323fe0cd5de0ce631c9ddfd7caab32578c6ba01 ecf4a6176a23634e19ed80b01b9c30bc7f9b754c55d4f3c220e46fbd3607a3b3 Loading...

	adventure-workscycles.com/js/scripts.js	18 kB	2023-03-07	2023-03-07
Pretty URL adventure-workscycles.com/js/scripts.js IP 20.118.138.130 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:23:33 Last Seen2023-03-07 23:23:33 Times Seen1 Hash 28e94d6756c49ee1b5adb62775059365 917efae5ad486358340db7e22b17e92fd8fbb14a 5d010be59652b53eba1fb2516eed3f529ecc0acff6cdb72d834b37300831e07f Loading...

HTTP Transactions (79)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 19:04:06 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TEIDgLjhcMIvxaC2IH_d0DDMY_gm1vg87oeJr16I8eSqM5shCfdBnA==
Age: 3471

adventure-workscycles.com/

20.118.138.130

301 Moved Permanently

0 B

URL HTTP/1.1
adventure-workscycles.com/
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Date: Thu, 22 Sep 2022 20:01:56 GMT
Location: https://adventure-workscycles.com/

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5178
Expires: Thu, 22 Sep 2022 21:28:15 GMT
Date: Thu, 22 Sep 2022 20:01:57 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: f9C0vxeP8MdJ2XyPwu2110V6BQZvhjrFYaDzEl1hJ9VI-CDSgQvPkQ==
age: 55603
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 20:01:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 22 Sep 2022 19:03:22 GMT
Expires: Thu, 22 Sep 2022 19:15:49 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uwBQFc5eq30mfDXHhYa_5QVSVDrXF6JhKrVXAmJ0NQPAtxtYkvufXg==
Age: 3516

adventure-workscycles.com/

20.118.138.130

200 OK

8.9 kB

URL HTTP/1.1
adventure-workscycles.com/
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, CR line terminators
Size
8.9 kB (8852 bytes)
Hash
044bc96e144ab74fb275f252795fe7ac
ac4fe0ce8010ea1600f1d01708a9841aca7db287
3ba95f49478da542055e0742514a83bfdd6809d017e46469a2cb2b5f9129695d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Date: Thu, 22 Sep 2022 20:01:57 GMT
Server: Microsoft-IIS/10.0
Content-Encoding: gzip
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Transfer-Encoding: chunked
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5054
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:01:58 GMT
Last-Modified: Thu, 22 Sep 2022 18:37:44 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.216.192.228

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.216.192.228:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: q8WtvQ6/s9c/O0HKMa+YHg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dmRTi0e5U7IebOksAHpdRJTHNDU=

adventure-workscycles.com/lib/bootstrap/dist/css/bootstrap.min.css

20.118.138.130

200 OK

36 kB

URL HTTP/1.1
adventure-workscycles.com/lib/bootstrap/dist/css/bootstrap.min.css
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (65306)
Size
36 kB (35826 bytes)
Hash
d224b70fce5ec8faf14edad22faa50a3
256ea3e3341aba66ac95eb7cd4a87388e64d6c8f
920da0c37f263fa49f8241e8feb4ba9e931bdfff7d3a53862032dbcac1c88b97

HTTP Headers

GET /lib/bootstrap/dist/css/bootstrap.min.css HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: text/css
Date: Thu, 22 Sep 2022 20:01:57 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d8cd36917b44a0"
Last-Modified: Tue, 20 Sep 2022 21:18:46 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Transfer-Encoding: chunked
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/css/nice-select.css

20.118.138.130

200 OK

1.2 kB

URL HTTP/1.1
adventure-workscycles.com/css/nice-select.css
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with CRLF line terminators
Size
1.2 kB (1188 bytes)
Hash
51150262e20840f8e03f4f36e6cdbde2
76d15e2c89eef205629d1d6abe8b74213d220ebd
1f4d4076900cb7c16f76079c12e8fb3c2d9c199866fb46454539a61eedf33d2d

HTTP Headers

GET /css/nice-select.css HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: text/css
Date: Thu, 22 Sep 2022 20:01:57 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d8cd3639dadfd5"
Last-Modified: Tue, 20 Sep 2022 21:16:19 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Transfer-Encoding: chunked
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/css/animate.css

20.118.138.130

200 OK

8.8 kB

URL HTTP/1.1
adventure-workscycles.com/css/animate.css
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text
Size
8.8 kB (8820 bytes)
Hash
17d82ac0c3d200e0ea413cfa0acc9c4a
7e65687ffe59bb5b556d26329f23246387eca64f
27c0871b6e94d2085b00dd954dbeb48a588fc5a010dd0f3e5b9d490e52f72a07

HTTP Headers

GET /css/animate.css HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: text/css
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d8cd36394308f0"
Last-Modified: Tue, 20 Sep 2022 21:16:18 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Transfer-Encoding: chunked
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/css/slick.min.css

20.118.138.130

200 OK

648 B

URL HTTP/1.1
adventure-workscycles.com/css/slick.min.css
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (1249), with no line terminators
Size
648 B (648 bytes)
Hash
2418f962cd0e8c319f943d5c74ca7b50
3c2736275ed8e43f6c2d08a3592b1411da5428c4
e4eb82cea4bdd121c7e3d564437d12b6a62464d6bc1ae5c52814fc3162da9959

HTTP Headers

GET /css/slick.min.css HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: text/css
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d8cd3639dad761"
Last-Modified: Tue, 20 Sep 2022 21:16:19 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Transfer-Encoding: chunked
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/AdventureWorkscycles.com.styles.css?v=y_MWWWLKmdLXHffO7sPqTYqnx-rRKbpJdbaI4bYF250

20.118.138.130

200 OK

710 B

URL HTTP/1.1
adventure-workscycles.com/AdventureWorkscycles.com.styles.css?v=y_MWWWLKmdLXHffO7sPqTYqnx-rRKbpJdbaI4bYF250
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with CRLF line terminators
Size
710 B (710 bytes)
Hash
ecc26f7102d119669f31c2fc25c0d0c4
a9952e966d6bf442b8e4153932c5b64d284a3ce2
849b73eba24afc88f2220f34b086d44f8cc7c982c9984212ef71d6d2f4c341bf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /AdventureWorkscycles.com.styles.css?v=y_MWWWLKmdLXHffO7sPqTYqnx-rRKbpJdbaI4bYF250 HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: text/css
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d8ce16d83e6275"
Last-Modified: Thu, 22 Sep 2022 00:04:12 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Transfer-Encoding: chunked
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/css/font-awesome.min.css

20.118.138.130

200 OK

8.3 kB

URL HTTP/1.1
adventure-workscycles.com/css/font-awesome.min.css
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (30837)
Size
8.3 kB (8325 bytes)
Hash
122408ebb5ce04f025c6eb03746809e4
f1be50449509d130f816096fa89f4ae6acf5bf3a
71419fbd8caa026b000ad2efd64f2e2038263d93e8cf1f038ad5cfb1ee9400d3

HTTP Headers

GET /css/font-awesome.min.css HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: text/css
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d8cd3639daaa98"
Last-Modified: Tue, 20 Sep 2022 21:16:19 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Transfer-Encoding: chunked
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/css/site.css?v=AKvNjO3dCPPS0eSU1Ez8T2wI280i08yGycV9ndytL-c

20.118.138.130

200 OK

248 B

URL HTTP/1.1
adventure-workscycles.com/css/site.css?v=AKvNjO3dCPPS0eSU1Ez8T2wI280i08yGycV9ndytL-c
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with CRLF line terminators
Size
248 B (248 bytes)
Hash
620455826e6abd440add40d1f9c0a330
9cf142ea690659504ccf25c70cc966163fdba626
2dbe2333582bca1502909c199d8e77a2c0e29544af70d4c40cec36f418508189

HTTP Headers

GET /css/site.css?v=AKvNjO3dCPPS0eSU1Ez8T2wI280i08yGycV9ndytL-c HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: text/css
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d8cd3691793fc2"
Last-Modified: Tue, 20 Sep 2022 21:18:46 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Transfer-Encoding: chunked
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/css/bootstrap-grid.css

20.118.138.130

200 OK

12 kB

URL HTTP/1.1
adventure-workscycles.com/css/bootstrap-grid.css
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text
Size
12 kB (11829 bytes)
Hash
a925ca62101261686e09923d0a24ed70
3547ba0ba56dab9680ebe85a88941050fae6be54
b2efc3c55c6c01ea2d33516a39567fa64e6cc8d21230bedc208d1fe80503f2c5

HTTP Headers

GET /css/bootstrap-grid.css HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: text/css
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d8cd3639da2fef"
Last-Modified: Tue, 20 Sep 2022 21:16:19 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Transfer-Encoding: chunked
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/css/style.css

20.118.138.130

200 OK

34 kB

URL HTTP/1.1
adventure-workscycles.com/css/style.css
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
34 kB (33846 bytes)
Hash
f8cec64c074fafbbe40fefb33ce5d020
3ed939b8f6a2d8b9422768ba74e79d0b4da5d56b
4239adf8bfa8d4a84e018984c7ae1c9700df2990814e5dc60144d2e130df7364

HTTP Headers

GET /css/style.css HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: text/css
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d8cd3639d8cbf0"
Last-Modified: Tue, 20 Sep 2022 21:16:19 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Transfer-Encoding: chunked
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/js/jquery.nice-select.js

20.118.138.130

200 OK

1.9 kB

URL HTTP/1.1
adventure-workscycles.com/js/jquery.nice-select.js
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
1.9 kB (1932 bytes)
Hash
97cadd9c6071952fc077b031e53efb5d
58324f7d93b4cb3d6b45163fbcd1663dec54badc
9ab16c67a2aab15937833acdd416a0a22de8707cf03fcb043f911dc8a290bb43

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery.nice-select.js HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d8cd363e06e67e"
Last-Modified: Tue, 20 Sep 2022 21:16:26 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Transfer-Encoding: chunked
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/js/slick.min.js

20.118.138.130

200 OK

14 kB

URL HTTP/1.1
adventure-workscycles.com/js/slick.min.js
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (32076), with CRLF line terminators
Size
14 kB (13813 bytes)
Hash
329bb37111c5fac3564f5ad90b91790f
bde2497f12f3ddda06d3db5abf2115ab7f1d9e47
4b8523238b98f099626d0623b635d49d6f88ad5d9fe329ad51d9075225913265

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/slick.min.js HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d8cd363e9f25dd"
Last-Modified: Tue, 20 Sep 2022 21:16:27 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Transfer-Encoding: chunked
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/js/wow.js

20.118.138.130

200 OK

5.2 kB

URL HTTP/1.1
adventure-workscycles.com/js/wow.js
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text
Size
5.2 kB (5154 bytes)
Hash
e77cfb11c69948b11fc074eebe865177
2ef99f13a5f71b9bd42b3e6722f4c4687e1c8b29
b3f9142dcf290f9351ddbee5290d4bcac2c0bf9c22931775b7a79ce249d1c2a6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/wow.js HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d8cd363e9fc795"
Last-Modified: Tue, 20 Sep 2022 21:16:27 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Transfer-Encoding: chunked
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:01:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:01:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adventure-workscycles.com/js/jquery-2.2.4.min.js

20.118.138.130

200 OK

38 kB

URL HTTP/1.1
adventure-workscycles.com/js/jquery-2.2.4.min.js
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (32065), with CRLF line terminators
Size
38 kB (38282 bytes)
Hash
d9368cc38036825624cf83892884ed51
491ea852a749bfc9d6efd4e295251a265d7e9991
1a4ef5741435711d0d0eed75e302fae16593f427fcd5a4157000812adae0ca5d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery-2.2.4.min.js HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d8cd363e07bf09"
Last-Modified: Tue, 20 Sep 2022 21:16:26 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Transfer-Encoding: chunked
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/js/lazyload.min.js

20.118.138.130

200 OK

2.8 kB

URL HTTP/1.1
adventure-workscycles.com/js/lazyload.min.js
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (4890)
Size
2.8 kB (2833 bytes)
Hash
c13aff6743fd48554f51d3b29cb06bdb
34042584d8d2814dee81ea2b907d8c44a14f5ba9
d225ab94d84ab25858ee7d7737225dfe60f47fb8f5d5b202c4e2882d77406f40

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/lazyload.min.js HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d8cd363e06e29e"
Last-Modified: Tue, 20 Sep 2022 21:16:26 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Transfer-Encoding: chunked
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:01:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adventure-workscycles.com/js/scripts.js

20.118.138.130

200 OK

5.6 kB

URL HTTP/1.1
adventure-workscycles.com/js/scripts.js
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (1427), with CRLF line terminators
Size
5.6 kB (5558 bytes)
Hash
0d312cc839bc6b200b2b125e20a115bc
cb8da121ae40c4d1d8f1186683f92c65cddfeee1
1f6998d20e4da2554771c7d2d953b5027edf2e010fb9c346e331724b035b87b4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/scripts.js HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d8cd3be8350088"
Last-Modified: Tue, 20 Sep 2022 21:56:59 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Transfer-Encoding: chunked
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/img/logo.png

20.118.138.130

200 OK

6.2 kB

URL HTTP/1.1
adventure-workscycles.com/img/logo.png
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 500 x 52, 8-bit/color RGBA, non-interlaced\012- data
Size
6.2 kB (6243 bytes)
Hash
c5d58da1e30b79c95bc9ea74ce3e55a5
fd84e6a5d6a7a17849dc5149a07fa70677f381f6
a16e517c4cc974446b61c46c89f97253bee7d3a5d23ed5f5f482d3c4764d80ba

HTTP Headers

GET /img/logo.png HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 6243
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd54087118e3"
Last-Modified: Wed, 21 Sep 2022 00:49:41 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:01:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adventure-workscycles.com/img/bike-info-slide.jpg

20.118.138.130

200 OK

5.3 kB

URL HTTP/1.1
adventure-workscycles.com/img/bike-info-slide.jpg
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 89x89, components 3\012- data
Size
5.3 kB (5295 bytes)
Hash
228ddb6a62cac84e6088d6ecccd8c70b
5e6735c749e77053cdddfd57676cc3f89c12fb22
e1ac6d29addbc3257911d3e689a72ac18551a432e34f2b6cdb2030701d08693b

HTTP Headers

GET /img/bike-info-slide.jpg HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 5295
Content-Type: image/jpeg
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd3ea9ed432f"
Last-Modified: Tue, 20 Sep 2022 22:16:43 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdXxZsCRgqA.woff2

142.250.74.163

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdXxZsCRgqA.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 13432, version 1.0\012- data
Size
13 kB (13432 bytes)
Hash
c4aefb21b70da4663e45a84381b29eef
10a6a8bceff6e4be74fbb6cc55124c90601724a0
47d687c94921ed1291e73ae7554abfc412c13c46a417395a95a2957202e2b04f

HTTP Headers

GET /s/teko/v15/LYjCdG7kmE0gdXxZsCRgqA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://adventure-workscycles.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 23:52:54 GMT
expires: Thu, 21 Sep 2023 23:52:54 GMT
cache-control: public, max-age=31536000
age: 72545
last-modified: Wed, 27 Apr 2022 16:18:17 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4797d6fd00b4884a9a2bd74ed01e2d1d
8d5e48550c7eb8c2f81ab8c126d452257e4d98ed
4c6fb508b26b7fc8be67672a70d2d0b73ae0cee68c0969350751823c49bf4a9e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:01:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Size
16 kB (15700 bytes)
Hash
3d7f7413fca69bff4d231ebdc50aaab0
cb18e7943b6a8a0e3672d7242197c19a226b92e8
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

HTTP Headers

GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://adventure-workscycles.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 16:04:44 GMT
expires: Sat, 16 Sep 2023 16:04:44 GMT
cache-control: public, max-age=31536000
age: 532635
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Size
16 kB (15660 bytes)
Hash
d7b0b953a50fddaa88089b5b787cf719
2f85bc568b27659a3d6452f58f9fd7678450326d
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

HTTP Headers

GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://adventure-workscycles.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 22:17:40 GMT
expires: Wed, 20 Sep 2023 22:17:40 GMT
cache-control: public, max-age=31536000
age: 164659
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4797d6fd00b4884a9a2bd74ed01e2d1d
8d5e48550c7eb8c2f81ab8c126d452257e4d98ed
4c6fb508b26b7fc8be67672a70d2d0b73ae0cee68c0969350751823c49bf4a9e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:01:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adventure-workscycles.com/js/jquery.fancybox.js

20.118.138.130

200 OK

53 kB

URL HTTP/1.1
adventure-workscycles.com/js/jquery.fancybox.js
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document, Unicode text, UTF-8 text
Size
53 kB (52693 bytes)
Hash
10318c8fbd2a80d060fa0cf76aa333b5
660b83b33f1eeb4fa5afbd78eba25264a244cb5a
6bca5cebed115b4df5074ffd31a3d22ccaa469ea1c7bfcfa01876eaa6c5d1ef9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery.fancybox.js HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d8cd363e04829b"
Last-Modified: Tue, 20 Sep 2022 21:16:26 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Transfer-Encoding: chunked
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:01:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adventure-workscycles.com/js/jquery-ui.js

20.118.138.130

200 OK

153 kB

URL HTTP/1.1
adventure-workscycles.com/js/jquery-ui.js
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (921)
Size
153 kB (152768 bytes)
Hash
785598cfb21ed9b6b2e4b9ea0755f42f
6cb4c84464256a793fda7debb11e907345242d55
cadd9fc6ebae5638ec0e2cb5bbebc399fc7c4d1e99e446a91c38d84819be5dba

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery-ui.js HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d8cd363e001779"
Last-Modified: Tue, 20 Sep 2022 21:16:26 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Transfer-Encoding: chunked
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/img/img-slider.png

20.118.138.130

200 OK

112 kB

URL HTTP/1.1
adventure-workscycles.com/img/img-slider.png
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 1078 x 478, 8-bit colormap, non-interlaced\012- data
Size
112 kB (111652 bytes)
Hash
1033f485086e903b0d23c374a376355e
1b1c90caaeb1a8ea20151a845c29773191446555
39bba2199425022fbd965542b8dc343ab55cf5c63becf850aeb898145fc41674

HTTP Headers

GET /img/img-slider.png HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 111652
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd39339b92a4"
Last-Modified: Tue, 20 Sep 2022 21:37:37 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,700&display=swap

142.250.74.10

200 OK

71 kB

URL HTTP/2
fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
71 kB (70668 bytes)
Hash
71c7654d1666beeb6aee41b1c41a0a4a
4ad6c1fd304c3027a6db633137ff89db27050608
e0280445c47b3a443b4ea80c4051c75019e3067f70e53783330002e5414ff2e6

HTTP Headers

GET /css?family=Roboto+Condensed:400,400i,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Sep 2022 20:01:59 GMT
date: Thu, 22 Sep 2022 20:01:59 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adventure-workscycles.com/img/img-slider-3.png

20.118.138.130

200 OK

105 kB

URL HTTP/1.1
adventure-workscycles.com/img/img-slider-3.png
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 1078 x 420, 8-bit colormap, non-interlaced\012- data
Size
105 kB (105420 bytes)
Hash
821ced9640462eae1f8bf2762a0ed4f6
ac3188df0c892170a692624c44a933f8d75a1da5
76e251b9f2c41a1b8af3990dbee1cba9cc9ed580b90b0845eff05e9c93b00a8e

HTTP Headers

GET /img/img-slider-3.png HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 105420
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd3947dfb84c"
Last-Modified: Tue, 20 Sep 2022 21:38:11 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/fonts/fontawesome-webfont.woff2?v=4.7.0

20.118.138.130

200 OK

77 kB

URL HTTP/1.1
adventure-workscycles.com/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://adventure-workscycles.com/css/font-awesome.min.css
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 77160
Content-Type: font/woff2
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd3639dbfee8"
Last-Modified: Tue, 20 Sep 2022 21:16:19 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

fonts.googleapis.com/css?family=Teko:400,600,700&display=swap

142.250.74.10

200 OK

70 kB

URL HTTP/2
fonts.googleapis.com/css?family=Teko:400,600,700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
70 kB (70432 bytes)
Hash
db45ee057494a6e51469923b0e33bab9
453e1783152b5f8033303cd96885eba0bba8b463
397ba2a629f99084ca2db4b90cab819d4452a09ddc82243addc95c3ef7d20718

HTTP Headers

GET /css?family=Teko:400,600,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Sep 2022 20:01:59 GMT
date: Thu, 22 Sep 2022 20:01:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adventure-workscycles.com/img/img-slider-2.png

20.118.138.130

200 OK

95 kB

URL HTTP/1.1
adventure-workscycles.com/img/img-slider-2.png
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 1078 x 446, 8-bit colormap, non-interlaced\012- data
Size
95 kB (94825 bytes)
Hash
3c96e4f154899c12b52c09dc38504c51
c8806182d49ffc10ba5f98edb60abb92366d2327
bcdd0180b5c6171c9cf8b3eae790314db1d3ce4f28fa6a6baf4aef7bb9cf212b

HTTP Headers

GET /img/img-slider-2.png HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 94825
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd393e55c9e9"
Last-Modified: Tue, 20 Sep 2022 21:37:55 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7903
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 20:01:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7903
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 20:01:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7903
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 20:01:59 GMT
Connection: keep-alive

adventure-workscycles.com/img/placeholder-all.png

20.118.138.130

200 OK

1.7 kB

URL HTTP/1.1
adventure-workscycles.com/img/placeholder-all.png
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 kB (1696 bytes)
Hash
44ba43278677db7b124c43d2098fcb05
43eb0934cb955671c6c6dd1a9d97e4fdbeac5168
ae9d4a88c749e1c8f2809a66648dfddde9b679c3eb73c9845b7b0381f8578f06

HTTP Headers

GET /img/placeholder-all.png HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 1696
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd363d6e5c20"
Last-Modified: Tue, 20 Sep 2022 21:16:25 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9901 bytes)
Hash
da8b8819fc21dcfb224ce0e7ecdc6772
e460ad4376cd118a6fe8b6b050af9398117d9531
9d0cf5fe17040e6c494d1596c24f01501babff37c95caa47d048b5e1aefa7697

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9901
x-amzn-requestid: bfdfb11f-7ec5-460b-8759-41033451e2a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1ueDEUOIAMFq5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bc459-6f8ebea8143c58f652dc61e8;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 02:11:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ln0EYmIyTWExYNLVEv-ZYhdCAYVju_Wu2S-_p5GfD_Kev99yrKwRcg==
via: 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 05:53:43 GMT
age: 50896
etag: "e460ad4376cd118a6fe8b6b050af9398117d9531"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

adventure-workscycles.com/img/client-1.svg

20.118.138.130

200 OK

42 kB

URL HTTP/1.1
adventure-workscycles.com/img/client-1.svg
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (21950)
Size
42 kB (42538 bytes)
Hash
609a62ba052196f5ccaec5fb1bc9549f
52dcbab7d4701b7280238b8526444d9c3114e870
23fb0e85c19678f311d00eaabec07769d917a6ae5d78bfa25bbb576390e0e3a2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/client-1.svg HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 42538
Content-Type: image/svg+xml
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd363b0ca6aa"
Last-Modified: Tue, 20 Sep 2022 21:16:21 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5650 bytes)
Hash
a5edcd9aee78a6cacc9241b47cbce598
f95b843029e84dbb188427a8c2ff8c9f32740465
6a56c3d0eb1d641e565d3d7d31b42be03bdad30beb20b994ffc9a6f2aaceee1e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5650
x-amzn-requestid: 6badb939-afe6-4432-a0ad-3a2b7f85a7e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1G-rFbuIAMFTeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b852a-3e9ac3331503b41d5e734a01;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:42:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: PeFdtN-ow0NE39XAV9pCHX9VSno5L9z56rg-T6Bd1fks7f1ESDDzWA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:27 GMT
etag: "f95b843029e84dbb188427a8c2ff8c9f32740465"
content-type: image/jpeg
age: 80012
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8678 bytes)
Hash
91c56f0b9810bfdd84e10a626b89e389
15d83e44d568938b6c9c87201e898cedb3edec0a
942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Oem-Kw-aCUa2rA9B9-7CDYcZ-G968tFPnsrL5wJ9Dia43T5u6RDtg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
content-type: image/jpeg
age: 80870
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10754 bytes)
Hash
af5773255351157d72c28a670a355c60
c803e5866edbe6c9baec14e93677f610bdf09bff
3229b4aa1c698647ad96d114174782549ad240f1b2c4ba8c268165a16afc84f0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10754
x-amzn-requestid: 2d03531d-6055-477f-9cb6-9ea9fa27eeb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vHJ4IAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-692620e80d5b2efe1d0e3a82;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eYUP9NfAkmU4A-mZvysejq1228Qfb8vbfdXOaHQvr6mjXhnVoWdqJw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "c803e5866edbe6c9baec14e93677f610bdf09bff"
content-type: image/jpeg
age: 80870
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11286 bytes)
Hash
9becda6e892a190dbbc63216ae697506
ba3369e1827d8f01ca10acb8648195847dd02ffd
d71dd28e0ff260326ba0c30748fa11160f4544c2a264d3a3dc361af0de9fd283

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11286
x-amzn-requestid: 7263b60d-fffe-4c0b-8de5-59dc9ac92a47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwZHOaIAMFSQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84cf-62e160b156b587cc21c7fda5;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QxgrVMX7xwI6qE3T3-LRS3JWoJauPyvCSb9TacW9-ktw-BIq5PSF-g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:26 GMT
etag: "ba3369e1827d8f01ca10acb8648195847dd02ffd"
content-type: image/jpeg
age: 80013
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14397 bytes)
Hash
c0201d377c57a684452c0d26372e674d
3829f81048cc63b5f0d1e82dfbe3b8e31646e733
efa055dc93267be2dddd94b334c0655c2e1f1682467fd738e013a778aea175b9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14397
x-amzn-requestid: c5a03ce8-f695-4ad3-8c42-c3bfd47d6279
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1wLGqKIAMF-Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6329699a-2b130d8b1a4b1b9131db8984;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:19:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: u2ObvTaTM2JREJRnWVxEdqPXYFWTdrtlqLLbHugcsNbENjZq63rKVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 15:24:06 GMT
age: 16673
etag: "3829f81048cc63b5f0d1e82dfbe3b8e31646e733"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

adventure-workscycles.com/img/client-4.svg

20.118.138.130

200 OK

79 kB

URL HTTP/1.1
adventure-workscycles.com/img/client-4.svg
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (41228)
Size
79 kB (78991 bytes)
Hash
3501008d4a3c5065f047fa38e2bf7d73
ff8e293298c96e97fbcd86f432b15a0fbb7b5225
f2b57fcc7d882d3698899825ac7cb20d3ebe44b920fa170890c8eaee3ff34ecd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/client-4.svg HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 78991
Content-Type: image/svg+xml
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd363b0d340f"
Last-Modified: Tue, 20 Sep 2022 21:16:21 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/img/client-5.svg

20.118.138.130

200 OK

18 kB

URL HTTP/1.1
adventure-workscycles.com/img/client-5.svg
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4802)
Size
18 kB (18184 bytes)
Hash
2fbc246c3edb7767760f24b71ae1644d
32201bd99a14574e6bbd0ea9f5e5de486d341706
a860df4e811634de94651d6b1047a15524f15fae3cd6e4ddfc570852015ada60

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/client-5.svg HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 18184
Content-Type: image/svg+xml
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd363b0c4788"
Last-Modified: Tue, 20 Sep 2022 21:16:21 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/img/footer-pay-1.png

20.118.138.130

200 OK

2.0 kB

URL HTTP/1.1
adventure-workscycles.com/img/footer-pay-1.png
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 51 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (2022 bytes)
Hash
431b59d4a3ce5b73a6651b6146aa0d24
03c0f5b2597c12a84fdc5f4055e2b232cce44ea3
2924faa31820807c08abad86649c2de876430e02634e4759058398be987d3a44

HTTP Headers

GET /img/footer-pay-1.png HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 2022
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd363cd5c3e6"
Last-Modified: Tue, 20 Sep 2022 21:16:24 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/img/client-2.svg

20.118.138.130

200 OK

89 kB

URL HTTP/1.1
adventure-workscycles.com/img/client-2.svg
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (36375)
Size
89 kB (89034 bytes)
Hash
52198ce1d84b22f4fa814c302882bf65
202284c67058997aa7a996c3139c645bfd2895db
f0123273ca1ab2dca5af09d77f297044257c0e7cb82d3a417801f8fc9ee1a353

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/client-2.svg HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 89034
Content-Type: image/svg+xml
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd363b0d5b4a"
Last-Modified: Tue, 20 Sep 2022 21:16:21 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/img/footer-pay-2.png

20.118.138.130

200 OK

1.4 kB

URL HTTP/1.1
adventure-workscycles.com/img/footer-pay-2.png
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 51 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1381 bytes)
Hash
833ddb299e3e7f030b1b94d8d541f82b
22bc330da9bb98f13cc5bdf5945a5f687dd163be
8967675adec8ef1407992b8a7ddce81ae888bd6615f696308454a5e9f750b597

HTTP Headers

GET /img/footer-pay-2.png HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 1381
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd363cd5c165"
Last-Modified: Tue, 20 Sep 2022 21:16:24 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/img/footer-pay-3.png

20.118.138.130

200 OK

1.7 kB

URL HTTP/1.1
adventure-workscycles.com/img/footer-pay-3.png
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 51 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 kB (1712 bytes)
Hash
817e32d2202a4820e7de4c674f44f5d6
a93cff12a6de33a02e10f4e2eb60a724822c38ae
9706d5e113b96e288bc30ed3d2d84899365fe0ba03734bba39b95b771eaa1785

HTTP Headers

GET /img/footer-pay-3.png HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 1712
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:01:59 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd363cd5c2b0"
Last-Modified: Tue, 20 Sep 2022 21:16:24 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/img/footer-pay-4.png

20.118.138.130

200 OK

1.3 kB

URL HTTP/1.1
adventure-workscycles.com/img/footer-pay-4.png
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 51 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1288 bytes)
Hash
68c59ec565d5280edffa59467dbb11b0
4cde085e3e3f2638a79fe85933817ba83d5da111
dd6acec80fd144e45d13f1e3b971722cbcb3f9d599c69e4babe6b0074f28fc6e

HTTP Headers

GET /img/footer-pay-4.png HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 1288
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:01:59 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd363cd5c108"
Last-Modified: Tue, 20 Sep 2022 21:16:24 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/img/client-6.svg

20.118.138.130

200 OK

184 kB

URL HTTP/1.1
adventure-workscycles.com/img/client-6.svg
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (36043)
Size
184 kB (184197 bytes)
Hash
9f821f6c1c58607bd57f4e7003bd2bf6
d443f0ae5a1e98a3e643cacaa128ff5f925bc738
837be2c5bf504b9b38c454ac03f4e91b5c594d46c8af47c9b985fd1c9b4f2549

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/client-6.svg HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 184197
Content-Type: image/svg+xml
Date: Thu, 22 Sep 2022 20:01:58 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd363b0ecf05"
Last-Modified: Tue, 20 Sep 2022 21:16:21 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/img/bg-slider-3.svg

20.118.138.130

200 OK

70 kB

URL HTTP/1.1
adventure-workscycles.com/img/bg-slider-3.svg
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (65457)
Size
70 kB (69956 bytes)
Hash
d9be0f642edb18987487e1ae95642de7
0b3a11545195fbaa42bc8d074f88c7cb077a09b3
219c9ce4be1593f4e1adb528ff89fd5035b0fbc79ce485a338fdcd428d3ccd1d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/bg-slider-3.svg HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 69956
Content-Type: image/svg+xml
Date: Thu, 22 Sep 2022 20:01:59 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd363b0d11c4"
Last-Modified: Tue, 20 Sep 2022 21:16:21 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/img/categ-2.png

20.118.138.130

200 OK

29 kB

URL HTTP/1.1
adventure-workscycles.com/img/categ-2.png
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 422 x 300, 8-bit colormap, non-interlaced\012- data
Size
29 kB (28744 bytes)
Hash
b2caeb2d743453135ce38806b7724cba
4e882e15b7e7278a480b9ffdbdb10b5618159891
8aa4a3cede58e90912c36d462648ef44d8ac41136f3305ebaeb5b4a199dbbc07

HTTP Headers

GET /img/categ-2.png HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 28744
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:01:59 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd3ec689ffc8"
Last-Modified: Tue, 20 Sep 2022 22:17:31 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/img/categ-3.png

20.118.138.130

200 OK

18 kB

URL HTTP/1.1
adventure-workscycles.com/img/categ-3.png
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 422 x 300, 8-bit colormap, non-interlaced\012- data
Size
18 kB (18384 bytes)
Hash
d1848e345a1e0c4e6a89fedda2e900fb
d791822feb6c0260441c6110f958a4ef14a699bf
b052a587509291d6d95297f79c993dd282c823a2d6d5c5a7d03fad619856d6ef

HTTP Headers

GET /img/categ-3.png HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 18384
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:01:59 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd3ecdb0da50"
Last-Modified: Tue, 20 Sep 2022 22:17:43 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/img/hover.png

20.118.138.130

200 OK

4.8 kB

URL HTTP/1.1
adventure-workscycles.com/img/hover.png
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 232 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
4.8 kB (4824 bytes)
Hash
64147bf92b678c291f886378d54d1264
dc30ae410eaed29ae02916edfb844de3b28cd1ef
8b9484b5eaa41fe90010eb652cc4f547765a2a8b444cf43f4d630227ac1ca95c

HTTP Headers

GET /img/hover.png HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/css/style.css
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 4824
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:01:59 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd363cd5d6d8"
Last-Modified: Tue, 20 Sep 2022 21:16:24 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/img/categ-1.png

20.118.138.130

200 OK

24 kB

URL HTTP/1.1
adventure-workscycles.com/img/categ-1.png
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 422 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
24 kB (24454 bytes)
Hash
fe73b16e78d0b0c1b0ef63ba0ebec665
ac15c2fd3b6a31e003dfaf96495f59139def8726
d795f81ff94fe1403cd1a98ef254245c6a4b26f7da89ce805e9a60e68b8f72c2

HTTP Headers

GET /img/categ-1.png HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 24454
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:01:59 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd363b0c5f06"
Last-Modified: Tue, 20 Sep 2022 21:16:21 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/img/bg-advantages.jpg

20.118.138.130

200 OK

177 kB

URL HTTP/1.1
adventure-workscycles.com/img/bg-advantages.jpg
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x544, components 3\012- data
Size
177 kB (176782 bytes)
Hash
6c31902a50400d89fe7aa5619c17a224
b40f26b67406eaaf9b06cbbbf97c2e1e4969928e
23a399037de184f73d9fe75c012b974e1cc0d03461999efb0954d23d6d85ee86

HTTP Headers

GET /img/bg-advantages.jpg HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 176782
Content-Type: image/jpeg
Date: Thu, 22 Sep 2022 20:01:59 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd397f4e628e"
Last-Modified: Tue, 20 Sep 2022 21:39:44 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/img/bg-subscribe.jpg

20.118.138.130

200 OK

230 kB

URL HTTP/1.1
adventure-workscycles.com/img/bg-subscribe.jpg
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x526, components 3\012- data
Size
230 kB (229882 bytes)
Hash
c5038ffa7c979e102ee6d0659b15df2d
9d30f66a4a143e95ffde103b962b7c8093fab39e
3bd0cbe77306a4d3b7dae427608567eaa46e72c360e7e14a7ef8ccfcaab3f2f2

HTTP Headers

GET /img/bg-subscribe.jpg HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 229882
Content-Type: image/jpeg
Date: Thu, 22 Sep 2022 20:01:59 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd3e9cd3e97a"
Last-Modified: Tue, 20 Sep 2022 22:16:21 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/img/feedback-photo-1.png

20.118.138.130

200 OK

18 kB

URL HTTP/1.1
adventure-workscycles.com/img/feedback-photo-1.png
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (17898 bytes)
Hash
41851e260a291ba9ca2b3635f27dc0e4
f7a6aa8f400ac934870bb3cf6996bc356a77f5d4
060509268549be388a46de0ca8db21f50cf3b9e3fbf301a0db3a4d411cec0679

HTTP Headers

GET /img/feedback-photo-1.png HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 17898
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:01:59 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd3a0b5eb26a"
Last-Modified: Tue, 20 Sep 2022 21:43:39 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/img/feedback-photo-2.png

20.118.138.130

200 OK

20 kB

URL HTTP/1.1
adventure-workscycles.com/img/feedback-photo-2.png
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (20231 bytes)
Hash
5b5e410874010478fed607839fc8d0b2
7dd180cdeeb0290b7de9a73ec2463dbafe0ddcf6
66b70de01e99a87cfe66d8b199b103d1cf7f48e7c7cf1409fb93a098a767981e

HTTP Headers

GET /img/feedback-photo-2.png HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 20231
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:01:59 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd3a0ef23187"
Last-Modified: Tue, 20 Sep 2022 21:43:45 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/img/feedback-photo-3.png

20.118.138.130

200 OK

20 kB

URL HTTP/1.1
adventure-workscycles.com/img/feedback-photo-3.png
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (20061 bytes)
Hash
6dc53d423165513c5eb7ea2f30c44809
851df11994af7901f91c29230fcbe731b3d694b5
b3acd6f815bc01743e7b6513c7e94c5da60d0e50b2d2b764095ca8af4e6566fa

HTTP Headers

GET /img/feedback-photo-3.png HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 20061
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:01:59 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd3a131ed25d"
Last-Modified: Tue, 20 Sep 2022 21:43:52 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/img/bg-feedback.jpg

20.118.138.130

200 OK

269 kB

URL HTTP/1.1
adventure-workscycles.com/img/bg-feedback.jpg
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x711, components 3\012- data
Size
269 kB (269404 bytes)
Hash
9cd4e7766803156ea366907a4e1a704d
41c877443a87229d542051a7cd45501b29e4939c
60484acabd7370f07594903cfc555abaff439abb56934edd17f68d051d2185dd

HTTP Headers

GET /img/bg-feedback.jpg HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 269404
Content-Type: image/jpeg
Date: Thu, 22 Sep 2022 20:01:59 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd3e84fcf8dc"
Last-Modified: Tue, 20 Sep 2022 22:15:41 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/img/effect-bg-feedback.svg

20.118.138.130

200 OK

3.7 kB

URL HTTP/1.1
adventure-workscycles.com/img/effect-bg-feedback.svg
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
3.7 kB (3747 bytes)
Hash
46a8560eb20e61cf5dd70d5770de5f16
23bd3bd5fbb07cc0bb0c53d58e1f789b73c64804
e83157433c947eb6191d2e83d630ece718e774a50325d976731f6065ee2bcdc2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/effect-bg-feedback.svg HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 3747
Content-Type: image/svg+xml
Date: Thu, 22 Sep 2022 20:01:59 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd363cd5caa3"
Last-Modified: Tue, 20 Sep 2022 21:16:24 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/img/effect-section-banner.svg

20.118.138.130

200 OK

1.2 kB

URL HTTP/1.1
adventure-workscycles.com/img/effect-section-banner.svg
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
1.2 kB (1204 bytes)
Hash
904abacd92374526c163c33ad78367a2
cb66b19dd235794b7ec564dc4450c630557fcd64
9000ee5d7896bafe1947f86ac980c7cd797481109825bbae3d8315834cedd320

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/effect-section-banner.svg HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 1204
Content-Type: image/svg+xml
Date: Thu, 22 Sep 2022 20:01:59 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd363cd5c0b4"
Last-Modified: Tue, 20 Sep 2022 21:16:24 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/img/subscribe-effect.svg

20.118.138.130

200 OK

635 kB

URL HTTP/1.1
adventure-workscycles.com/img/subscribe-effect.svg
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (61271)
Size
635 kB (635123 bytes)
Hash
a195052a308470d05e1f6d66d04eeaa4
4b76b7221a94c7ced14d2b66d5bd8ce974097527
68e328ba2ff8dd8cab3fdaf2984af878c80cfaff64bc75c270a4320f14a68ecb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/subscribe-effect.svg HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 635123
Content-Type: image/svg+xml
Date: Thu, 22 Sep 2022 20:01:59 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd363e0f41f3"
Last-Modified: Tue, 20 Sep 2022 21:16:26 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/img/bg-section-banner.jpg

20.118.138.130

200 OK

208 kB

URL HTTP/1.1
adventure-workscycles.com/img/bg-section-banner.jpg
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x670, components 3\012- data
Size
208 kB (207926 bytes)
Hash
449079cc602f33a354d28b5a46e21e6c
b276a8ce953b753897092ebc31cc4dafd64c54d8
5a7c03668cdd55ac53de47063cc4fda2aa73868f3489af0e7c748a63bbc273d7

HTTP Headers

GET /img/bg-section-banner.jpg HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 207926
Content-Type: image/jpeg
Date: Thu, 22 Sep 2022 20:01:59 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd3e904f3c36"
Last-Modified: Tue, 20 Sep 2022 22:16:00 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

adventure-workscycles.com/img/favicon.png

20.118.138.130

200 OK

2.6 kB

URL HTTP/1.1
adventure-workscycles.com/img/favicon.png
IP
20.118.138.130:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced\012- data
Size
2.6 kB (2631 bytes)
Hash
35761d20ce441825821f70c64ffe4f0e
eb21db88cb9837c2e5dd92e2b2c6a6907b7c2840
4ae51ec90dbe64b8e1166da3865c1661a9c71c2072123969bdaf5f0a10bf0da7

HTTP Headers

GET /img/favicon.png HTTP/1.1
Host: adventure-workscycles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adventure-workscycles.com/
Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6; ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 2631
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:01:59 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8cd363cd5ce47"
Last-Modified: Tue, 20 Sep 2022 21:16:24 GMT
Set-Cookie: ARRAffinity=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;Secure;Domain=adventure-workscycles.com
ARRAffinitySameSite=9d30df2fbf71581518e4fa05f8fe45d6c3728ecdc547fe6556a27e5bba42cfe6;Path=/;HttpOnly;SameSite=None;Secure;Domain=adventure-workscycles.com
Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations