Report - broadbikkers.nl/

Report Overview

Submitted URL
broadbikkers.nl/
IP
80.65.96.115
ASN
#20847 Previder B.V.
Submitted
2022-11-28 10:35:24
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
broworker4s.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	830 B	2.6 kB	51.15.18.159
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	428 B	7.2 kB	104.17.24.14
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	59 kB	34.120.237.76
greenskymotions.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	976 B	185.177.94.152
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.6 kB	93.184.220.29
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	351 B	1.2 kB	142.250.74.10
broadbikkers.nl	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.6 kB	484 kB	80.65.96.115
di4.biz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	611 B	185.177.92.179
new.weatherplllatform.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	331 B	91.211.91.114
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	860 B	82 kB	104.18.11.207
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.202.70.174
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	24 kB	69.16.175.42
away.cdnbestplatform.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	503 B	650 B	91.211.91.104
0.greenskymotions.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	978 B	185.177.94.152

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-28	medium	broadbikkers.nl/wp-includes/css/dist/block-library/style.min.css?ver=5.0.18	Phishing
2022-11-28	medium	broadbikkers.nl/	Phishing
2022-11-28	medium	broadbikkers.nl/wp-includes/css/dist/block-library/theme.min.css?ver=5.0.18	Phishing
2022-11-28	medium	broadbikkers.nl/wp-includes/js/wp-embed.min.js?ver=5.0.18	Phishing
2022-11-28	medium	broadbikkers.nl/wp-includes/js/wp-emoji-release.min.js?ver=5.0.18	Phishing
2022-11-28	medium	away.cdnbestplatform.com/go.php?id=3245467-34-56736-11	Malware
2022-11-28	medium	greenskymotions.net/b91698fd2.js	Phishing
2022-11-28	medium	0.greenskymotions.net/b91698fd2.js	Phishing
2022-11-28	medium	new.weatherplllatform.com/pick.js?v=2.11.2	Malware
2022-11-28	medium	greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed16	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-28	medium	di4.biz	Sinkholed
2022-11-28	medium	di4.biz	Sinkholed

JavaScript (24)

	URL	Size	First Seen	Last Seen
	greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed16	8.1 kB	2023-03-11	2023-03-11
Pretty URL greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed16 IP 185.177.94.152 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:51:50 Last Seen2023-03-11 21:51:50 Times Seen1 Hash ba8845b703ef11f9d3224749d56c0809 63cd201953c1e351bc6c406798bca68f56f5f7e5 1851b787636af06a2de1c49c3d2ad790aa8287bb28645587aefb76747de8c05e Loading...

	greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed16	3.1 kB	2023-03-07	2024-01-03
Pretty URL greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed16 IP 185.177.94.152 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:57 Last Seen2024-01-03 10:59:23 Times Seen191 Hash 68e280edf3cadafe4af8ccdc8782024d 7467ad11f5f3a21a3a4e0ab8556912db67311d90 3d8d725c431734a47f6dbbce8a3546d9490407d342cfbb48eba2eeddede260aa Loading...

	code.jquery.com/jquery-3.2.1.slim.min.js	70 kB	2023-03-07	2024-04-25
Pretty URL code.jquery.com/jquery-3.2.1.slim.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:43 Last Seen2024-04-25 11:00:59 Times Seen106181 Hash 5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Loading...

	broadbikkers.nl/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1	13 kB	2023-03-08	2023-03-12
Pretty URL broadbikkers.nl/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 IP 80.65.96.115 ASN #20847 Previder B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:38:11 Last Seen2023-03-12 22:36:12 Times Seen1 Hash c48f0d9aed7a50731e634a2a36b2d0c6 7be9efa9af38819c298c20c078dec09cae445dda ff0112d460acd0976c215170a0523b619c4f6876579c707918af084a6e68b4b5 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	49 kB	2023-03-07	2024-04-25
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-25 11:00:59 Times Seen136810 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed16	705 B	2023-03-07	2023-04-05
Pretty URL greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed16 IP 185.177.94.152 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:57 Last Seen2023-04-05 02:03:39 Times Seen49 Hash dd81871bef578a008b6d389ca0d1a234 31f4851126c5708430334e0b3b5674d7b22f1c2d f4805b1fa2c14f4bfb52cbfcdbd03a7ff3ace4aac7dc2466f0501d5cdfd19954 Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	19 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-25 11:00:58 Times Seen111502 Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Loading...

	broadbikkers.nl/wp-content/themes/primer/assets/js/navigation.min.js?ver=1.8.6	1.5 kB	2023-03-07	2024-01-14
Pretty URL broadbikkers.nl/wp-content/themes/primer/assets/js/navigation.min.js?ver=1.8.6 IP 80.65.96.115 ASN #20847 Previder B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:21 Last Seen2024-01-14 23:25:40 Times Seen38 Hash 67d1a7ec5a0823a995f597e2a4c1bf37 cf75a2c21655374ee2269500ba672d9d7470f3d2 5de3747c9ec88d9dff01c22bc41a063e6e3e0ef1ceb5936ddee654ceb2788bfb Loading...

	new.weatherplllatform.com/pick.js?v=2.11.2	2.3 kB	2023-03-08	2023-03-11
Pretty URL new.weatherplllatform.com/pick.js?v=2.11.2 IP 91.211.91.114 ASN #206638 PE Brezhnev Daniil Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:46 Last Seen2023-03-11 23:34:29 Times Seen1 Hash b44eea14204182e61452dea83f5896b8 0142488636ef1fe4ada476225e58147babd9fa63 af8b20e40e19ff4a8c23e6d714c04934c802e83dd397f79795aa5a3b684f8b7f Loading...

	greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed16	203 B	2023-03-07	2024-01-03
Pretty URL greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed16 IP 185.177.94.152 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:57 Last Seen2024-01-03 10:59:23 Times Seen188 Hash c4824c2a16d2c8bb70469ed7b8508f34 783dcaa37fcdd311197de60f0c55ab5367be4fe2 f97308b8745f77dc6b279dafa3f98d4e64de2f494681e452a477afaa13b4d1fb Loading...

	broadbikkers.nl/	576 B	2023-03-11	2023-03-11
Pretty URL broadbikkers.nl/ IP 80.65.96.115 ASN #20847 Previder B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:51:50 Last Seen2023-03-11 21:51:50 Times Seen1 Hash 503fc08b872473cd7b52fbde75b371f8 0ab3415fe2a06a3bcaafbc2cd2ebfd376b588155 439498a797574196a8649c4e8996cf7c76e55f134ac0d34568a5bf3771aa3a7d Loading...

	broadbikkers.nl/	2.0 kB	2023-03-11	2023-03-11
Pretty URL broadbikkers.nl/ IP 80.65.96.115 ASN #20847 Previder B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:51:50 Last Seen2023-03-11 21:51:50 Times Seen1 Hash 49acf3f28078dd52992ab7064451ba45 4a62e4544803ebb5a4f932cd50ef5dd979fdd6ee f431f6a6cd3385622418fa1a54d32f69095009e9f20e5d66f7908b1c9818332b Loading...

	broadbikkers.nl/wp-content/themes/primer/assets/js/skip-link-focus-fix.min.js?ver=1.8.6	460 B	2023-03-07	2024-01-14
Pretty URL broadbikkers.nl/wp-content/themes/primer/assets/js/skip-link-focus-fix.min.js?ver=1.8.6 IP 80.65.96.115 ASN #20847 Previder B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:21 Last Seen2024-01-14 23:25:40 Times Seen45 Hash 406bd7f8f42b74f6e9e080abb61541b9 eb4fe1f0318ad6fd058e5c027b537c75ce823af2 41f70a84dabbb5f17899e0760b57a8b84060fb8ea33e93b76cf1b37ceb6dab97 Loading...

	away.cdnbestplatform.com/go.php?id=3245467-34-56736-11	216 B	2023-03-08	2023-03-11
Pretty URL away.cdnbestplatform.com/go.php?id=3245467-34-56736-11 IP 91.211.91.104 ASN #206638 PE Brezhnev Daniil Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:13:24 Last Seen2023-03-11 23:01:10 Times Seen1 Hash e01b9f1f4f318da33db0a806df25d1a4 98997657600ececec2510f8ba446ac0553a69350 17bd9bfe21bad99361bdb82b58741bc65e9ed31e146376492fe2348fe20befda Loading...

	greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed16	29 kB	2023-03-07	2024-01-03
Pretty URL greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed16 IP 185.177.94.152 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:57 Last Seen2024-01-03 10:59:23 Times Seen188 Hash ae7f0f1874bd3e9a6a0e9736f3307398 f9ea5e0bc3f3f8039b7d2835e9d8aa775621b9d3 cf8229ead2362ab9f5b9f608b9eb668414a21aca7c9bcc0c90b138415abf72cf Loading...

	0.greenskymotions.net/index.php?p=mu4genjugq5dcmjrhe3a&sub2=dfastspeed16	8.2 kB	2023-03-11	2023-03-11
Pretty URL 0.greenskymotions.net/index.php?p=mu4genjugq5dcmjrhe3a&sub2=dfastspeed16 IP 185.177.94.152 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:51:50 Last Seen2023-03-11 21:51:50 Times Seen1 Hash f3c4d8802984b6115abd45c16dea2150 0b187e368685f8aadf8192d7d6bd38105686a933 af2b594eb7cfc964d5f12b92d808d84f0bd4db050cba9102e29cf6fdb2cac9ab Loading...

	broadbikkers.nl/wp-includes/js/jquery/jquery.js?ver=1.12.4	99 kB	2023-03-11	2023-03-11
Pretty URL broadbikkers.nl/wp-includes/js/jquery/jquery.js?ver=1.12.4 IP 80.65.96.115 ASN #20847 Previder B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:18:18 Last Seen2023-03-11 21:51:50 Times Seen1 Hash 1d4dfcc16b8ab9d489fd6e8d85ceef8d 33fc0fe5d38fe51783f8721ef6caa7025840a3df 6252f20e756d6b946af6c77467f2d4c217e0303755002f3810c33933d6782064 Loading...

	broadbikkers.nl/	51 B	2023-03-11	2023-05-15
Pretty URL broadbikkers.nl/ IP 80.65.96.115 ASN #20847 Previder B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:51:51 Last Seen2023-05-15 00:38:37 Times Seen7 Hash 0dd39b0fee59ce05f304d578627e4c3b 3057531d1dfae9e309726bfc4e33287ce5f2fa65 f5a80f1abde20e7f5aefeb456f82a5c3bddafe9daa1e888293d8f18a362bbc5f Loading...

	broadbikkers.nl/wp-includes/js/wp-embed.min.js?ver=5.0.18	1.4 kB	2023-03-07	2024-04-24
Pretty URL broadbikkers.nl/wp-includes/js/wp-embed.min.js?ver=5.0.18 IP 80.65.96.115 ASN #20847 Previder B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-24 21:41:00 Times Seen2990 Hash 570ae0f3c201604926ea599d3d1f6c04 2c29243a73660964d4712b969d2a15e27777bc14 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b Loading...

	broadbikkers.nl/wp-includes/js/wp-emoji-release.min.js?ver=5.0.18	14 kB	2023-03-11	2023-03-11
Pretty URL broadbikkers.nl/wp-includes/js/wp-emoji-release.min.js?ver=5.0.18 IP 80.65.96.115 ASN #20847 Previder B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:51:51 Last Seen2023-03-11 21:51:51 Times Seen1 Hash 432d6c66fe9b000090c9915fedfe721d 80639029bd1db521c067000593ee56a739a7f499 aa2075436d5a3c4e4545aa5e5677121434a0a0afb96abdef26289a2c81e4656c Loading...

		Size	First Seen	Last Seen
	#1 Eval - ea1fb3fd4eec192e2be1d770d5e5060b	659 B	2023-03-08	2023-11-23
Pretty Observations First Seen2023-03-08 14:46:04 Last Seen2023-11-23 06:38:27 Times Seen12 Hash ea1fb3fd4eec192e2be1d770d5e5060b a3cec8c0f3893338c9d3d7a76729298326a53f97 b1eae98e01697b0c0e7642f840e514de361f43f7f74ec06a47470da1ee76c7b7 Loading...

	#2 Eval - 7268ede57858a2c14b25218c4cbf7d06	663 B	2023-03-08	2023-12-13
Pretty Observations First Seen2023-03-08 14:35:26 Last Seen2023-12-13 00:16:43 Times Seen44 Hash 7268ede57858a2c14b25218c4cbf7d06 c9dc28a1f6ab8bd7ff450be8796ef469be99ac91 dc6acc70fa6a127bcde95478f41fc3ec8b472cc6327b69d1fd5c5e3633a96540 Loading...

	#3 Eval - 68e9977d5552e41a9a199079a06af8b5	8.0 kB	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:51:51 Last Seen2023-03-11 21:51:51 Times Seen1 Hash 68e9977d5552e41a9a199079a06af8b5 5aad66fd1b0afd23a390a3c3a55e0e9035a5a0fd 7bd6aa3a751b10fce48b982ee810205acc985cea8790a18f246b8a3768f9b892 Loading...

	#4 Eval - f7e6333d2e60474e77df08ca3d5a02aa	8.1 kB	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:51:51 Last Seen2023-03-11 21:51:51 Times Seen1 Hash f7e6333d2e60474e77df08ca3d5a02aa 347c7491eb18c6c700bb7413b1504b598b71adfc b5d266f1b8955e25e1bd057386188291735fac36c44170546ec707889b3eb276 Loading...

HTTP Transactions (53)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6447
Expires: Mon, 28 Nov 2022 12:22:40 GMT
Date: Mon, 28 Nov 2022 10:35:13 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5159
Cache-Control: max-age=91319
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:35:13 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 11:57:12 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 10:19:32 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 941
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5151
Expires: Mon, 28 Nov 2022 12:01:04 GMT
Date: Mon, 28 Nov 2022 10:35:13 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 10:35:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: eMM4MegFox72mVKiDOs2vgTGxsm/7Gi2QlchMQdZYQY06/i2oEM3mkibkEn7hxXXdN12mbDn2c4=
x-amz-request-id: WTWSCXZMWC80D23T
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 09:42:00 GMT
age: 3193
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 10:08:55 GMT
cache-control: public,max-age=3600
age: 1578
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
6b4620c230107c4a41a550936ae73d30
41c55d76d7fec5f9e9b6b41c63be76039ab51d7b
84323dcb2bf41d37624d351e7102832e267b2af6772e06575f52012d510ebacb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1171
Cache-Control: max-age=161134
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:35:14 GMT
Etag: "63845cbd-116"
Expires: Wed, 30 Nov 2022 07:20:48 GMT
Last-Modified: Mon, 28 Nov 2022 07:01:17 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
c621d4c62f1b73d7db42f083617dc8db
1a78ba537afba7aea6308288c5c41c90de74b3ba
d7b3c5b2e9ea4ad8e5c33649a912d471545651f643b62238beb7d33188146322

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5125
Cache-Control: max-age=126916
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:35:14 GMT
Etag: "6383c7a1-118"
Expires: Tue, 29 Nov 2022 21:50:30 GMT
Last-Modified: Sun, 27 Nov 2022 20:25:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280

fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700&subset=latin&ver=5.0.18

142.250.74.10

200 OK

683 B

URL HTTP/1.1
fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700&subset=latin&ver=5.0.18
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
683 B (683 bytes)
Hash
811aba771f53232088791a691dc2e85a
b4b83e106290e8a51b537f2ed50d10e99f184b9a
1f11e7aa985aa9d4a8ccfe4afda98e022b600a53592955344e23f8a9109ad3ec

HTTP Headers

GET /css?family=Open+Sans%3A300%2C400%2C700&subset=latin&ver=5.0.18 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://broadbikkers.nl/

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 28 Nov 2022 10:35:14 GMT
Date: Mon, 28 Nov 2022 10:35:14 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
6b4620c230107c4a41a550936ae73d30
41c55d76d7fec5f9e9b6b41c63be76039ab51d7b
84323dcb2bf41d37624d351e7102832e267b2af6772e06575f52012d510ebacb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2558
Cache-Control: max-age=162521
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:35:14 GMT
Etag: "63845cbd-116"
Expires: Wed, 30 Nov 2022 07:43:55 GMT
Last-Modified: Mon, 28 Nov 2022 07:01:17 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278

code.jquery.com/jquery-3.2.1.slim.min.js

69.16.175.42

200 OK

24 kB

URL HTTP/2
code.jquery.com/jquery-3.2.1.slim.min.js
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (32012)
Size
24 kB (23856 bytes)
Hash
30f5157a965bc792a83e9bacfe265f03
8330886371fe27f3cbac509e0ac9712207574c66
4d12cab1f84ec2ac780bc8e0d865d9c61025be579c78d6532d76f0574d17fca0

HTTP Headers

GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://broadbikkers.nl
Connection: keep-alive
Referer: http://broadbikkers.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:35:14 GMT
content-encoding: gzip
content-length: 23856
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669631714.dop014.sk1.t,1669631714.cds066.sk1.hn,1669631714.cds235.sk1.c
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

104.17.24.14

200 OK

6.2 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (19015)
Size
6.2 kB (6157 bytes)
Hash
7b4114faa411d059a9a5ac4b5b4d9dee
277da4486916fa3a4ab3375f47bc98f58dbf90f6
60b3528de2f7d48cbb335d19dddef756aaacc70f73d4254a2ef17978a14ca0d9

HTTP Headers

GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://broadbikkers.nl
Connection: keep-alive
Referer: http://broadbikkers.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:35:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1444257
expires: Sat, 18 Nov 2023 10:35:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMGn48CP3ld7UHpjEbFtN3E1Tti4xYItX01yNt0yGUnjD6bDNtUkmRBoHDsBM5Mtnq0KkhB7HwbRjC4jB4vn5n13on3yOd1I485iHOLqEQdIAssExZ9ZKmpYhcx0jbH9IahAQkIr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 771274a52c461c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

broadbikkers.nl/wp-includes/css/dist/block-library/style.min.css?ver=5.0.18

80.65.96.115

200 OK

26 kB

URL HTTP/1.1
broadbikkers.nl/wp-includes/css/dist/block-library/style.min.css?ver=5.0.18
IP
80.65.96.115:0
ASN
#20847 Previder B.V.

File type
ASCII text, with very long lines (25658), with no line terminators
Size
26 kB (25658 bytes)
Hash
eb1a96949e0ea0d08033d3f941bf1f3e
8e8e16cd9105066fe8dc4f80ace8010d060f08f4
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=5.0.18 HTTP/1.1
Host: broadbikkers.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://broadbikkers.nl/
Cookie: 14990e308e03c7c31c4e0cd6941cb226xxx=broadbikkers.nl

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 10:35:14 GMT
Content-Type: text/css
Content-Length: 25658
Last-Modified: Fri, 04 Jan 2019 20:19:52 GMT
Connection: keep-alive
ETag: "5c2fbfe8-643a"
X-Powered-By: PleskLin
Accept-Ranges: bytes

broadbikkers.nl/

80.65.96.115

200 OK

24 kB

URL HTTP/1.1
broadbikkers.nl/
IP
80.65.96.115:0
ASN
#20847 Previder B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1746)
Size
24 kB (24355 bytes)
Hash
06763231b5eedc99b8875ac1c8486086
41e599598cbeec1f4ca974cc5e356101b98f1da1
718b12d358db60c684250164d87c851d3d2ea457daedf4ff3a0dd5fe3a0f33c9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: broadbikkers.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 10:35:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Link: <https://broadbikkers.nl/index.php/wp-json/>; rel="https://api.w.org/"
Set-Cookie: 14990e308e03c7c31c4e0cd6941cb226xxx=broadbikkers.nl
X-Powered-By: PHP/7.2.34, PleskLin

broadbikkers.nl/wp-includes/css/dist/block-library/theme.min.css?ver=5.0.18

80.65.96.115

200 OK

1.1 kB

URL HTTP/1.1
broadbikkers.nl/wp-includes/css/dist/block-library/theme.min.css?ver=5.0.18
IP
80.65.96.115:0
ASN
#20847 Previder B.V.

File type
ASCII text, with very long lines (1102), with no line terminators
Size
1.1 kB (1102 bytes)
Hash
bfa7dc8c1c5e86d37ba25252afe3602e
b76377faff1a73e6d7a23883380a1a2d4991026f
faea334f7f5d87581fa041a3a6e424bb656ddf021f189ac97200af99d382662e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/theme.min.css?ver=5.0.18 HTTP/1.1
Host: broadbikkers.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://broadbikkers.nl/
Cookie: 14990e308e03c7c31c4e0cd6941cb226xxx=broadbikkers.nl

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 10:35:14 GMT
Content-Type: text/css
Content-Length: 1102
Last-Modified: Thu, 22 Nov 2018 03:21:46 GMT
Connection: keep-alive
ETag: "5bf620ca-44e"
X-Powered-By: PleskLin
Accept-Ranges: bytes

broadbikkers.nl/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

80.65.96.115

200 OK

13 kB

URL HTTP/1.1
broadbikkers.nl/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP
80.65.96.115:0
ASN
#20847 Previder B.V.

File type
ASCII text, with very long lines (9959)
Size
13 kB (12596 bytes)
Hash
c48f0d9aed7a50731e634a2a36b2d0c6
7be9efa9af38819c298c20c078dec09cae445dda
ff0112d460acd0976c215170a0523b619c4f6876579c707918af084a6e68b4b5

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: broadbikkers.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://broadbikkers.nl/
Cookie: 14990e308e03c7c31c4e0cd6941cb226xxx=broadbikkers.nl

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 10:35:14 GMT
Content-Type: application/javascript
Content-Length: 12596
Last-Modified: Wed, 26 Oct 2022 10:32:26 GMT
Connection: keep-alive
ETag: "63590cba-3134"
X-Powered-By: PleskLin
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5972
Cache-Control: max-age=87070
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:35:14 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:46:24 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
c621d4c62f1b73d7db42f083617dc8db
1a78ba537afba7aea6308288c5c41c90de74b3ba
d7b3c5b2e9ea4ad8e5c33649a912d471545651f643b62238beb7d33188146322

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5125
Cache-Control: max-age=126916
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:35:14 GMT
Etag: "6383c7a1-118"
Expires: Tue, 29 Nov 2022 21:50:30 GMT
Last-Modified: Sun, 27 Nov 2022 20:25:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280

broadbikkers.nl/wp-content/themes/primer/style.css?ver=5.0.18

80.65.96.115

200 OK

87 kB

URL HTTP/1.1
broadbikkers.nl/wp-content/themes/primer/style.css?ver=5.0.18
IP
80.65.96.115:0
ASN
#20847 Previder B.V.

File type
Unicode text, UTF-8 text, with very long lines (23179)
Size
87 kB (87188 bytes)
Hash
08399664c8ddefd7914d936387271c7c
31e43a6740f3a23997f20b36e5113127d4d005ae
7ff539c5fcf02ea5be126bf1888ed90f6970d29a1bfbc94ba0c662a0cdfd1cf7

HTTP Headers

GET /wp-content/themes/primer/style.css?ver=5.0.18 HTTP/1.1
Host: broadbikkers.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://broadbikkers.nl/
Cookie: 14990e308e03c7c31c4e0cd6941cb226xxx=broadbikkers.nl

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 10:35:14 GMT
Content-Type: text/css
Content-Length: 87188
Last-Modified: Tue, 29 Jan 2019 19:35:23 GMT
Connection: keep-alive
ETag: "5c50aafb-15494"
X-Powered-By: PleskLin
Accept-Ranges: bytes

broadbikkers.nl/wp-includes/js/jquery/jquery.js?ver=1.12.4

80.65.96.115

200 OK

99 kB

URL HTTP/1.1
broadbikkers.nl/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP
80.65.96.115:0
ASN
#20847 Previder B.V.

File type
ASCII text, with very long lines (31932)
Size
99 kB (99414 bytes)
Hash
1d4dfcc16b8ab9d489fd6e8d85ceef8d
33fc0fe5d38fe51783f8721ef6caa7025840a3df
6252f20e756d6b946af6c77467f2d4c217e0303755002f3810c33933d6782064

HTTP Headers

GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: broadbikkers.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://broadbikkers.nl/
Cookie: 14990e308e03c7c31c4e0cd6941cb226xxx=broadbikkers.nl

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 10:35:14 GMT
Content-Type: application/javascript
Content-Length: 99414
Last-Modified: Wed, 26 Oct 2022 10:32:40 GMT
Connection: keep-alive
ETag: "63590cc8-18456"
X-Powered-By: PleskLin
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
6b4620c230107c4a41a550936ae73d30
41c55d76d7fec5f9e9b6b41c63be76039ab51d7b
84323dcb2bf41d37624d351e7102832e267b2af6772e06575f52012d510ebacb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1171
Cache-Control: max-age=161134
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:35:14 GMT
Etag: "63845cbd-116"
Expires: Wed, 30 Nov 2022 07:20:48 GMT
Last-Modified: Mon, 28 Nov 2022 07:01:17 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278

broadbikkers.nl/wp-content/themes/primer/assets/js/navigation.min.js?ver=1.8.6

80.65.96.115

200 OK

1.5 kB

URL HTTP/1.1
broadbikkers.nl/wp-content/themes/primer/assets/js/navigation.min.js?ver=1.8.6
IP
80.65.96.115:0
ASN
#20847 Previder B.V.

File type
ASCII text, with very long lines (1473), with no line terminators
Size
1.5 kB (1473 bytes)
Hash
67d1a7ec5a0823a995f597e2a4c1bf37
cf75a2c21655374ee2269500ba672d9d7470f3d2
5de3747c9ec88d9dff01c22bc41a063e6e3e0ef1ceb5936ddee654ceb2788bfb

HTTP Headers

GET /wp-content/themes/primer/assets/js/navigation.min.js?ver=1.8.6 HTTP/1.1
Host: broadbikkers.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://broadbikkers.nl/
Cookie: 14990e308e03c7c31c4e0cd6941cb226xxx=broadbikkers.nl

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 10:35:14 GMT
Content-Type: application/javascript
Content-Length: 1473
Last-Modified: Tue, 29 Jan 2019 19:35:23 GMT
Connection: keep-alive
ETag: "5c50aafb-5c1"
X-Powered-By: PleskLin
Accept-Ranges: bytes

broadbikkers.nl/wp-content/themes/primer/assets/js/skip-link-focus-fix.min.js?ver=1.8.6

80.65.96.115

200 OK

460 B

URL HTTP/1.1
broadbikkers.nl/wp-content/themes/primer/assets/js/skip-link-focus-fix.min.js?ver=1.8.6
IP
80.65.96.115:0
ASN
#20847 Previder B.V.

File type
ASCII text, with very long lines (460), with no line terminators
Size
460 B (460 bytes)
Hash
406bd7f8f42b74f6e9e080abb61541b9
eb4fe1f0318ad6fd058e5c027b537c75ce823af2
41f70a84dabbb5f17899e0760b57a8b84060fb8ea33e93b76cf1b37ceb6dab97

HTTP Headers

GET /wp-content/themes/primer/assets/js/skip-link-focus-fix.min.js?ver=1.8.6 HTTP/1.1
Host: broadbikkers.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://broadbikkers.nl/
Cookie: 14990e308e03c7c31c4e0cd6941cb226xxx=broadbikkers.nl

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 10:35:14 GMT
Content-Type: application/javascript
Content-Length: 460
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Tue, 29 Jan 2019 19:35:23 GMT
ETag: "1cc-5809de4fd47d3"
Accept-Ranges: bytes
X-Powered-By: PleskLin

broadbikkers.nl/wp-includes/js/wp-embed.min.js?ver=5.0.18

80.65.96.115

200 OK

1.4 kB

URL HTTP/1.1
broadbikkers.nl/wp-includes/js/wp-embed.min.js?ver=5.0.18
IP
80.65.96.115:0
ASN
#20847 Previder B.V.

File type
ASCII text, with very long lines (1391), with no line terminators
Size
1.4 kB (1391 bytes)
Hash
570ae0f3c201604926ea599d3d1f6c04
2c29243a73660964d4712b969d2a15e27777bc14
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-embed.min.js?ver=5.0.18 HTTP/1.1
Host: broadbikkers.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://broadbikkers.nl/
Cookie: 14990e308e03c7c31c4e0cd6941cb226xxx=broadbikkers.nl

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 10:35:14 GMT
Content-Type: application/javascript
Content-Length: 1391
Last-Modified: Fri, 16 Apr 2021 02:18:09 GMT
Connection: keep-alive
ETag: "6078f3e1-56f"
X-Powered-By: PleskLin
Accept-Ranges: bytes

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

104.18.11.207

200 OK

22 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65325)
Size
22 kB (21826 bytes)
Hash
544470d0e92780fe109cd669f33721f4
133485cd7bfa06d3b9df070ed2a6d840d7ed2c97
f5746c3e52da5541f1280a440b3dfac33415e449893f513f1ac699a299bf7d45

HTTP Headers

GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://broadbikkers.nl
Connection: keep-alive
Referer: http://broadbikkers.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:35:14 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/18/2022 06:18:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: b284ccf66b7731e92b6304eb27e10980
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 771274a558cfb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

broadbikkers.nl/wp-includes/js/wp-emoji-release.min.js?ver=5.0.18

80.65.96.115

200 OK

14 kB

URL HTTP/1.1
broadbikkers.nl/wp-includes/js/wp-emoji-release.min.js?ver=5.0.18
IP
80.65.96.115:0
ASN
#20847 Previder B.V.

File type
ASCII text, with very long lines (9063)
Size
14 kB (14495 bytes)
Hash
432d6c66fe9b000090c9915fedfe721d
80639029bd1db521c067000593ee56a739a7f499
aa2075436d5a3c4e4545aa5e5677121434a0a0afb96abdef26289a2c81e4656c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=5.0.18 HTTP/1.1
Host: broadbikkers.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://broadbikkers.nl/
Cookie: 14990e308e03c7c31c4e0cd6941cb226xxx=broadbikkers.nl

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 10:35:14 GMT
Content-Type: application/javascript
Content-Length: 14495
Last-Modified: Fri, 04 Nov 2022 18:49:37 GMT
Connection: keep-alive
ETag: "63655ec1-389f"
X-Powered-By: PleskLin
Accept-Ranges: bytes

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

104.18.11.207

200 OK

58 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (48664)
Size
58 kB (58385 bytes)
Hash
ea19f1908d96c26a5d73f550b5d62747
76e3aea20030fa1819cc5400202a8e5e45130a1b
dbe51fa60a913b381d65e716925145503a88e8902cdb23235e54eb659e34f9f9

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://broadbikkers.nl
Connection: keep-alive
Referer: http://broadbikkers.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:35:14 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/25/2022 23:23:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 38adffbdc40202a5e3c9be9014e044f2
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 771274a50875b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.202.70.174

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.202.70.174:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pdj16cLsY3lYIrxGox4IYw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /Es/+aIV8d44RVggq36X2mcYY4M=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
79ce502d2032ad2aa343ae61da8c9f72
1c2bc4e466e079a778fd330197c85d7442d8d6d2
46144a2d4145a77618afc4628e632b35e5974289f9edf0e64c0d789cce649ccc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46144A2D4145A77618AFC4628E632B35E5974289F9EDF0E64C0D789CCE649CCC"
Last-Modified: Sun, 27 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 28 Nov 2022 16:35:14 GMT
Date: Mon, 28 Nov 2022 10:35:14 GMT
Connection: keep-alive

broadbikkers.nl/wp-content/uploads/2019/01/cropped-bar4-2-2400x712.jpg

80.65.96.115

200 OK

99 kB

URL HTTP/2
broadbikkers.nl/wp-content/uploads/2019/01/cropped-bar4-2-2400x712.jpg
IP
80.65.96.115:0
ASN
#20847 Previder B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 2400x712, components 3\012- data
Size
99 kB (99316 bytes)
Hash
b5c19556a89c3c4e994fb6d21fe41ac0
4b2fe616e7323ee31be7aed98778e7201a9382c0
2247d3149d669403e0fc06924fdcd5f29d91651e746156db422bc8979af651ac

HTTP Headers

GET /wp-content/uploads/2019/01/cropped-bar4-2-2400x712.jpg HTTP/1.1
Host: broadbikkers.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://broadbikkers.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 10:35:14 GMT
content-type: image/jpeg
content-length: 99316
last-modified: Tue, 29 Jan 2019 19:49:11 GMT
etag: "5c50ae37-183f4"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

broadbikkers.nl/favicon.ico

80.65.96.115

200 OK

114 kB

URL HTTP/1.1
broadbikkers.nl/favicon.ico
IP
80.65.96.115:0
ASN
#20847 Previder B.V.

File type
MS Windows icon resource - 7 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel\012- data
Size
114 kB (113459 bytes)
Hash
1db747255c64a30f9236e9d929e986ca
384023452346aa087d40c93c23ca2f5e32ff1b1f
88baf40feb43463a8f6aa6543e88bdbe33f0db9a317486e786eee1e5c76a9544

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: broadbikkers.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://broadbikkers.nl/
Cookie: 14990e308e03c7c31c4e0cd6941cb226xxx=broadbikkers.nl

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 10:35:14 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 113459
Last-Modified: Tue, 29 Jan 2019 11:35:44 GMT
Connection: keep-alive
ETag: "5c503a90-1bb33"
X-Powered-By: PleskLin
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2922
Expires: Mon, 28 Nov 2022 11:23:57 GMT
Date: Mon, 28 Nov 2022 10:35:15 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56dccc9-321b-431e-8a92-49471e788b4b.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56dccc9-321b-431e-8a92-49471e788b4b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11165 bytes)
Hash
a8935783026c10470f60033d3a860f7b
65941dd34eb1063a3f7fe2b6790a11a484a06b9a
e88c706458faf5b5512212692392c7c1a0d8e60af62962267166f5cb60ee9c89

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56dccc9-321b-431e-8a92-49471e788b4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 11165
x-amzn-requestid: 9e35d865-adea-4d2a-b20f-beb014cdd42f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_JE2VIAMFYgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-7cf4db38152cdfa1448cba3d;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: SFO5-C3, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lu-Pi2xJUPfkpTK0vCDauedxSM1ZrNzEKka2-4m6l7pDkt04gUgpnA==
via: 1.1 dec8fa38a453902521b941c7cd70d33c.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:56:40 GMT
etag: "65941dd34eb1063a3f7fe2b6790a11a484a06b9a"
content-type: image/jpeg
age: 45515
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74165307-11fe-455f-9c90-106d24a6495f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6498 bytes)
Hash
1bb306213437ea24ab879adc9e3b6da4
771d38e18cdfa54052f7cb150b73c03154eb4368
d4cce7533fd59ef11fb8fec4bc114d5be0bacaa9134e3f1536e0d6bac1f58ffb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74165307-11fe-455f-9c90-106d24a6495f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6498
x-amzn-requestid: 2499eb0e-74c9-4c04-ba58-3e65fc452c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR8IwHU4oAMFaAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383da37-12f14e7a30bc1a75499cb272;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: m5GSRli35fewn4l-k0jyFEcru1VKJlDYddCrLEpp5YiQwaLXsXsQDw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:02:23 GMT
age: 45172
etag: "771d38e18cdfa54052f7cb150b73c03154eb4368"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10119 bytes)
Hash
15bd53848c7082464273007e010c54e0
9a3ca698ca1aeae695923277ed2244465e01a1ea
36cfa29965173ea683992d4b436f393e92c978350347f869355d933613e2c005

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 10119
x-amzn-requestid: 20bfd6a6-2981-42ca-8997-9363676773c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR782HEZIAMFTKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9eb-552581a92a69d6cd322bf334;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U_gitOWWMPO7M5Dd0WktaigfRERa93d86MhziLjZ2qnuON_K5NauyQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:54:37 GMT
age: 45638
etag: "9a3ca698ca1aeae695923277ed2244465e01a1ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8885 bytes)
Hash
3a1a4e00f1f15827cf651f373863c379
70c2a238f06ca7e56ef80c83738e081bf0de3330
3d936e1f0c96297f121faece12d6f8173e12eed5087165cd4eefc0fab368419f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 71b8367f-f79f-42a7-bcb8-c441a154babf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEFSeIAMF3rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-631b775d3430a8c30c3b4420;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jsmd6yxjJxLMEgv1jDa87iEoZXL2OuALsmUZ9Nxx1rUN-xOTdtN1-A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 08:11:39 GMT
age: 8616
etag: "70c2a238f06ca7e56ef80c83738e081bf0de3330"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9430 bytes)
Hash
1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:16 GMT
age: 45239
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6376 bytes)
Hash
78b1389f425425d0450c94d900404dc4
53b12a8702f7c5b7cc697e2a24da824d9434be65
0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:26 GMT
age: 45229
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

away.cdnbestplatform.com/go.php?id=3245467-34-56736-11

91.211.91.104

200 OK

409 B

URL HTTP/2
away.cdnbestplatform.com/go.php?id=3245467-34-56736-11
IP
91.211.91.104:0
ASN
#206638 PE Brezhnev Daniil

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
409 B (409 bytes)
Hash
7e1bfbcd82af887ad22f2df06f75f1c9
fa5d953856e0c0b5df1ffdcf0bb6fb2e0fa47c7a
942cad9169b27a742b80b08f91a72e4ed9ef4461b849cd9ef06c2c3ece633174

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /go.php?id=3245467-34-56736-11 HTTP/1.1
Host: away.cdnbestplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://broadbikkers.nl/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 10:35:16 GMT
content-type: text/html; charset=UTF-8
content-length: 409
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d11326ae2c03ff3cb6a353914ac572f5
72f47efd40182e0d938c8509096b6c0d9661f009
ff4c2730f2a5c6180452e3b8aa1a101a0bf8f98417580a6a931791d7bc4801f0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF4C2730F2A5C6180452E3B8AA1A101A0BF8F98417580A6A931791D7BC4801F0"
Last-Modified: Fri, 25 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17720
Expires: Mon, 28 Nov 2022 15:30:38 GMT
Date: Mon, 28 Nov 2022 10:35:18 GMT
Connection: keep-alive

greenskymotions.net/b91698fd2.js

185.177.94.152

200 OK

56 B

URL HTTP/2
greenskymotions.net/b91698fd2.js
IP
185.177.94.152:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
56 B (56 bytes)
Hash
01fedb484c76c86eb5bafcc15b97bddc
aa3d7fba2de0e16f69798d6dc6e77d2765a90455
93f23f64c6e14a7778241254ad90d49a38dfe406afdd5e0e223064613572d40f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /b91698fd2.js HTTP/1.1
Host: greenskymotions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=28c5c41f-6b0c-4eed-aaaf-1e71ee966670
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 10:35:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 56
last-modified: Thu, 13 Oct 2022 01:01:02 GMT
etag: "6347634e-38"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

greenskymotions.net/favicon.ico

185.177.94.152

204 No Content

0 B

URL HTTP/2
greenskymotions.net/favicon.ico
IP
185.177.94.152:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: greenskymotions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed16
Cookie: uuid=28c5c41f-6b0c-4eed-aaaf-1e71ee966670
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Mon, 28 Nov 2022 10:35:18 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
73b28c33107131dd72d9b9bac43f7d69
4d0787661584797b5c0d3d9835b3754d4096809a
041a1b4d47bd32e84b83c91194824a45b01ddc008378e111b99cde7440dba961

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "041A1B4D47BD32E84B83C91194824A45B01DDC008378E111B99CDE7440DBA961"
Last-Modified: Sat, 26 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16146
Expires: Mon, 28 Nov 2022 15:04:24 GMT
Date: Mon, 28 Nov 2022 10:35:18 GMT
Connection: keep-alive

0.greenskymotions.net/b91698fd2.js

185.177.94.152

200 OK

56 B

URL HTTP/2
0.greenskymotions.net/b91698fd2.js
IP
185.177.94.152:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
56 B (56 bytes)
Hash
01fedb484c76c86eb5bafcc15b97bddc
aa3d7fba2de0e16f69798d6dc6e77d2765a90455
93f23f64c6e14a7778241254ad90d49a38dfe406afdd5e0e223064613572d40f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /b91698fd2.js HTTP/1.1
Host: 0.greenskymotions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=28c5c41f-6b0c-4eed-aaaf-1e71ee966670; uuid=28c5c41f-6b0c-4eed-aaaf-1e71ee966670
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 10:35:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 56
last-modified: Thu, 13 Oct 2022 01:01:02 GMT
etag: "6347634e-38"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

0.greenskymotions.net/favicon.ico

185.177.94.152

204 No Content

0 B

URL HTTP/2
0.greenskymotions.net/favicon.ico
IP
185.177.94.152:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 0.greenskymotions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.greenskymotions.net/index.php?p=mu4genjugq5dcmjrhe3a&sub2=dfastspeed16
Cookie: uuid=28c5c41f-6b0c-4eed-aaaf-1e71ee966670; uuid=28c5c41f-6b0c-4eed-aaaf-1e71ee966670
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Mon, 28 Nov 2022 10:35:19 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

broworker4s.com/sw/bro.js

51.15.18.159

200 OK

1.9 kB

URL HTTP/2
broworker4s.com/sw/bro.js
IP
51.15.18.159:0
ASN
#12876 Online S.a.s.

File type
data
Size
1.9 kB (1885 bytes)
Hash
a7b75fc62bb2697e0b69678aa18fdb30
0470679f316dd027d5c09bbdf93f11071549d877
871af6561522fdfbd5ef0f62e118539cbd351ee5160fc4ab5889187822611334

HTTP Headers

GET /sw/bro.js HTTP/1.1
Host: broworker4s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.greenskymotions.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 10:35:20 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Tue, 28 Nov 2023 10:35:20 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

di4.biz/favicon.ico

185.177.92.179

204 No Content

0 B

URL HTTP/2
di4.biz/favicon.ico
IP
185.177.92.179:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: di4.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://di4.biz/?auf=mmytmmzwgi5dcnrqgixtcmjrhe3c6mrqf5tdkmtfmrrdinjpgezc6mjwgy4tmmzrg4yts&p=b&sub1=&sub2=dfastspeed16&sub3=&sub4=&cpc=0&cpm=0
Cookie: uuid=54f4c524-8885-4363-8c0c-b9531652b863
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Mon, 28 Nov 2022 10:35:20 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

0.greenskymotions.net/index.php?p=mu4genjugq5dcmjrhe3a&sub2=dfastspeed16

185.177.94.152

200 OK

0 B

URL HTTP/2
0.greenskymotions.net/index.php?p=mu4genjugq5dcmjrhe3a&sub2=dfastspeed16
IP
185.177.94.152:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /index.php?p=mu4genjugq5dcmjrhe3a&sub2=dfastspeed16 HTTP/1.1
Host: 0.greenskymotions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenskymotions.net/
Cookie: uuid=28c5c41f-6b0c-4eed-aaaf-1e71ee966670
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 10:35:19 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=28c5c41f-6b0c-4eed-aaaf-1e71ee966670; expires=Wed, 28-Dec-2022 10:35:19 GMT; Max-Age=2592000; path=/; domain=0.greenskymotions.net
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

di4.biz/?auf=mmytmmzwgi5dcnrqgixtcmjrhe3c6mrqf5tdkmtfmrrdinjpgezc6mjwgy4tmmzrg4yts&p=b&sub1=&sub2=dfastspeed16&sub3=&sub4=&cpc=0&cpm=0

185.177.92.179

200 OK

0 B

URL HTTP/2
di4.biz/?auf=mmytmmzwgi5dcnrqgixtcmjrhe3c6mrqf5tdkmtfmrrdinjpgezc6mjwgy4tmmzrg4yts&p=b&sub1=&sub2=dfastspeed16&sub3=&sub4=&cpc=0&cpm=0
IP
185.177.92.179:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /?auf=mmytmmzwgi5dcnrqgixtcmjrhe3c6mrqf5tdkmtfmrrdinjpgezc6mjwgy4tmmzrg4yts&p=b&sub1=&sub2=dfastspeed16&sub3=&sub4=&cpc=0&cpm=0 HTTP/1.1
Host: di4.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.greenskymotions.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 10:35:20 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=54f4c524-8885-4363-8c0c-b9531652b863; expires=Wed, 28-Dec-2022 10:35:20 GMT; Max-Age=2592000; path=/
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

new.weatherplllatform.com/pick.js?v=2.11.2

91.211.91.114

200 OK

0 B

URL HTTP/2
new.weatherplllatform.com/pick.js?v=2.11.2
IP
91.211.91.114:0
ASN
#206638 PE Brezhnev Daniil

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /pick.js?v=2.11.2 HTTP/1.1
Host: new.weatherplllatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://broadbikkers.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 10:35:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 27 Oct 2022 17:28:29 GMT
vary: Accept-Encoding
etag: W/"635abfbd-921"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed16

185.177.94.152

200 OK

0 B

URL HTTP/2
greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed16
IP
185.177.94.152:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed16 HTTP/1.1
Host: greenskymotions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://away.cdnbestplatform.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 10:35:18 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=28c5c41f-6b0c-4eed-aaaf-1e71ee966670; expires=Wed, 28-Dec-2022 10:35:18 GMT; Max-Age=2592000; path=/; domain=greenskymotions.net
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

broworker4s.com/sw/bro.js

51.15.18.159

200 OK

0 B

URL HTTP/2
broworker4s.com/sw/bro.js
IP
51.15.18.159:0
ASN
#12876 Online S.a.s.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sw/bro.js HTTP/1.1
Host: broworker4s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenskymotions.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 10:35:18 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Tue, 28 Nov 2023 10:35:18 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations