Overview

URLvaluekidz.com/index.php
IP 199.79.62.225 (United States)
ASN#394695 PUBLIC-DOMAIN-REGISTRY
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-09 15:36:01 UTC
StatusLoading report..
IDS alerts0
Blocklist alert13
urlquery alerts No alerts detected
Tags None

Domain Summary (8)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
valuekidz.com (9) 0 2022-03-14 14:25:23 UTC 2022-11-09 10:51:55 UTC 199.79.62.225 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 34.218.164.174
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
unpkg.com (1) 11693 2016-01-07 23:26:01 UTC 2022-11-09 07:03:47 UTC 104.16.124.175
r3.o.lencr.org (7) 344 No data No data 23.36.76.226
ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-09 05:26:04 UTC 34.117.237.239

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-09 2 valuekidz.com/index.php Phishing
2022-11-09 2 valuekidz.com/jquery-latest.min.js Phishing
2022-11-09 2 valuekidz.com/jquery.payform.min.js Phishing
2022-11-09 2 valuekidz.com/fonts/unicredit-regular.otf Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-09 2 valuekidz.com Sinkholed
2022-11-09 2 valuekidz.com Sinkholed
2022-11-09 2 valuekidz.com Sinkholed
2022-11-09 2 valuekidz.com Sinkholed
2022-11-09 2 valuekidz.com Sinkholed
2022-11-09 2 valuekidz.com Sinkholed
2022-11-09 2 valuekidz.com Sinkholed
2022-11-09 2 valuekidz.com Sinkholed
2022-11-09 2 valuekidz.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 199.79.62.225
Date UQ / IDS / BL URL IP
2023-01-15 19:57:18 +0000 0 - 6 - 0 bagspk.com/ 199.79.62.225
2022-12-07 03:59:10 +0000 0 - 0 - 5 auditoroffice.com/ 199.79.62.225
2022-12-06 21:40:16 +0000 0 - 0 - 6 auditoroffice.com/on/index.php?QBOT.zip 199.79.62.225
2022-12-01 05:29:52 +0000 0 - 0 - 44 goyalhoteliers.com/ 199.79.62.225
2022-11-29 03:43:06 +0000 0 - 0 - 3 machines-cricut.com/download/ 199.79.62.225


Last 5 reports on ASN: PUBLIC-DOMAIN-REGISTRY
Date UQ / IDS / BL URL IP
2023-01-28 10:55:52 +0000 0 - 0 - 2 bestbuidan.mn/wire/yxj/zbh/jht/plppcth.zip 208.91.198.26
2023-01-28 10:52:30 +0000 0 - 0 - 1 msdvc.com/new_xx_ahqudnowby159.bin 119.18.54.12
2023-01-28 10:51:33 +0000 0 - 0 - 2 bestbuidan.mn/wire/xc2/vxg/xay/vnranuz.zip 208.91.198.26
2023-01-28 10:47:28 +0000 0 - 0 - 2 bestbuidan.mn/wire/xd1upla891.zip 208.91.198.26
2023-01-28 10:44:11 +0000 0 - 0 - 2 bestbuidan.mn/wire/zb/hd/erandq7m.zip 208.91.198.26


Last 5 reports on domain: valuekidz.com
Date UQ / IDS / BL URL IP
2022-11-09 15:36:01 +0000 0 - 0 - 13 valuekidz.com/index.php 199.79.62.225
2022-10-13 00:19:26 +0000 0 - 0 - 3 valuekidz.com/ts/trsucks 199.79.62.225
2022-10-11 21:22:13 +0000 0 - 0 - 3 valuekidz.com/ts/trsucks 199.79.62.225
2022-10-10 19:04:35 +0000 0 - 0 - 3 valuekidz.com/ts/trsucks 199.79.62.225
2022-10-09 15:43:15 +0000 0 - 0 - 3 valuekidz.com/ts/trsucks 199.79.62.225


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-27 07:45:34 +0000 0 - 0 - 22 pangikailogold.com/ 66.29.130.139
2023-01-25 06:15:17 +0000 0 - 0 - 6 rarita.it/pp/ 86.107.32.37
2023-01-08 00:34:28 +0000 0 - 0 - 23 delacerralaw.com/ 192.185.100.10
2023-01-07 21:35:12 +0000 0 - 0 - 23 delacerralaw.com/ 192.185.100.10
2023-01-06 20:35:24 +0000 0 - 0 - 4 delacerralaw.com/ 192.185.100.10

JavaScript

Executed Scripts (4)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (30)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14159
Expires: Wed, 09 Nov 2022 19:31:49 GMT
Date: Wed, 09 Nov 2022 15:35:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5686
Cache-Control: max-age=160200
Date: Wed, 09 Nov 2022 15:35:50 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 12:05:50 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5686
Cache-Control: max-age=160200
Date: Wed, 09 Nov 2022 15:35:50 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 12:05:50 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "17894427C471F7FA02CA274795DC55DF1BFC99D7BD83F9EE36249394035110FD"
Last-Modified: Wed, 09 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10123
Expires: Wed, 09 Nov 2022 18:24:33 GMT
Date: Wed, 09 Nov 2022 15:35:50 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: AseaKnFywMIq0V7YGPHBXpaqDIWQ37synNiruqqYwF+5k89iIyPt6HaZR6Spe2a/LjJjPAA3D0TkpaTDpWfgpQ==
x-amz-request-id: F860BM1SNB4S6SE6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 09 Nov 2022 15:11:46 GMT
age: 1444
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 09 Nov 2022 15:35:50 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4545
Cache-Control: max-age=154004
Date: Wed, 09 Nov 2022 15:35:50 GMT
Etag: "636b6da9-1d7"
Expires: Fri, 11 Nov 2022 10:22:34 GMT
Last-Modified: Wed, 09 Nov 2022 09:06:49 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /index.php HTTP/1.1 
Host: valuekidz.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         199.79.62.225
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 09 Nov 2022 15:35:50 GMT
Server: Apache
Set-Cookie: COOKIE_KEY=166800815094; expires=Sat, 06-Nov-2032 15:35:50 GMT; Max-Age=315360000 COOKIE_KEY=166800815014; expires=Sat, 06-Nov-2032 15:35:50 GMT; Max-Age=315360000
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1613
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size:   1613
Md5:    a49fafcc8961d77f4d960aaed88bccab
Sha1:   3d02ddf45805d2179a5f8c5e51ee0dc444465c78
Sha256: fb4ee7a3ed24ac4018695af2b97c7742f1ca789513464e157897cd8fcbe0202d

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6537
Cache-Control: max-age=90485
Date: Wed, 09 Nov 2022 15:35:51 GMT
Etag: "636a6dc3-117"
Expires: Thu, 10 Nov 2022 16:43:56 GMT
Last-Modified: Tue, 08 Nov 2022 14:54:59 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BLDIdGWsDTKsPMYQFtuXpg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.218.164.174
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eb55OFdbCdk5E999zCmaiHG+2GE=

                                        
                                            GET /logo1.jpg HTTP/1.1 
Host: valuekidz.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://valuekidz.com/index.php
Cookie: COOKIE_KEY=166800815014

search
                                         199.79.62.225
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Wed, 09 Nov 2022 15:35:51 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 22 Feb 2022 23:46:38 GMT
Accept-Ranges: bytes
Content-Length: 14124
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 297x257, components 3\012- data
Size:   14124
Md5:    3157351cc398d7798e2b78250db355a8
Sha1:   e235cd975975efec061751727d477ee70bc0b886
Sha256: 5000659534ad5673ed8f0292fe8942fe248e552d4a05ce3d580ad8a9ec560a5d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /jquery-latest.min.js HTTP/1.1 
Host: valuekidz.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://valuekidz.com/index.php
Cookie: COOKIE_KEY=166800815014

search
                                         199.79.62.225
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 09 Nov 2022 15:35:51 GMT
Server: Apache
Last-Modified: Tue, 26 Jan 2021 23:41:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065)
Size:   37612
Md5:    619e5664a321b65bf4139f82773dbd80
Sha1:   b149909fa3281f2c0f6217ea74d90c97e90eb82f
Sha256: 4cb103cc24504b415bc9667e315a515ddbd58b2e17c82adff5a9fe25f12300fb

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /jquery.payform.min.js HTTP/1.1 
Host: valuekidz.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://valuekidz.com/index.php
Cookie: COOKIE_KEY=166800815014

search
                                         199.79.62.225
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 09 Nov 2022 15:35:51 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 24 Jan 2019 00:57:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5192
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (16348)
Size:   5192
Md5:    c318e0b04b4ea919a98b75e259e5014d
Sha1:   1113438d9f7995fd7e1a53c44f6f891d4bbb427a
Sha256: db3160e06832d64a362467714cee621ab5ffae2f43e032fa37faf57112c47362

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /barra.jpg HTTP/1.1 
Host: valuekidz.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://valuekidz.com/index.php
Cookie: COOKIE_KEY=166800815014

search
                                         199.79.62.225
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Wed, 09 Nov 2022 15:35:51 GMT
Server: Apache
Last-Modified: Tue, 22 Feb 2022 23:51:08 GMT
Accept-Ranges: bytes
Content-Length: 7999
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 389x84, components 3\012- data
Size:   7999
Md5:    bbb0cacd7e28d46d4bf30d2bb41463dc
Sha1:   75d9e7c22713350c5df6f8a99d834a90378be9c1
Sha256: 4712e2649e9407f997c8708642b3f01a854b61f686d39b4f40979eef1219b2d1

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /lock.png HTTP/1.1 
Host: valuekidz.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://valuekidz.com/index.php
Cookie: COOKIE_KEY=166800815014

search
                                         199.79.62.225
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 09 Nov 2022 15:35:51 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 23 Feb 2022 00:00:02 GMT
Accept-Ranges: bytes
Content-Length: 6144
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  PNG image data, 366 x 511, 8-bit/color RGBA, non-interlaced\012- data
Size:   6144
Md5:    64b87d8ef06bacf5b2a526168405b59f
Sha1:   04973f7bf0e825c834a3fdf251f45f4a0b19be3e
Sha256: d2eabbfd3a0f6b8c5b6ef0b25ecc59144b601f34cbdcc2ebc4c75ad304ce1d96

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /bperlogo.jpg HTTP/1.1 
Host: valuekidz.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://valuekidz.com/index.php
Cookie: COOKIE_KEY=166800815014

search
                                         199.79.62.225
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Wed, 09 Nov 2022 15:35:51 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 22 Feb 2022 23:49:18 GMT
Accept-Ranges: bytes
Content-Length: 15275
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 346x167, components 3\012- data
Size:   15275
Md5:    3e9e6cd034ffd23eb8cab90a59d474a2
Sha1:   e9baa56ba94e2eb793bf1f14d718335db7f7b21e
Sha256: d9ae869c3dd00f983666dde345708c6939f7f9f2c40077524de594c7783a7951

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: valuekidz.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://valuekidz.com/index.php
Cookie: COOKIE_KEY=166800815014

search
                                         199.79.62.225
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Wed, 09 Nov 2022 15:35:51 GMT
Server: Apache
Last-Modified: Thu, 17 Mar 2022 05:11:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 355
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   355
Md5:    cb50b952a1a41c3358018129e081d511
Sha1:   9b3ce22f173597240fd0c22ff649f3ffb9c6ea99
Sha256: 791b5cb893932898c350d1ec9888ee9c2feaea002431d12e9a1ba29331813be0

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10995
Expires: Wed, 09 Nov 2022 18:39:07 GMT
Date: Wed, 09 Nov 2022 15:35:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10995
Expires: Wed, 09 Nov 2022 18:39:07 GMT
Date: Wed, 09 Nov 2022 15:35:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10995
Expires: Wed, 09 Nov 2022 18:39:07 GMT
Date: Wed, 09 Nov 2022 15:35:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10995
Expires: Wed, 09 Nov 2022 18:39:07 GMT
Date: Wed, 09 Nov 2022 15:35:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10995
Expires: Wed, 09 Nov 2022 18:39:07 GMT
Date: Wed, 09 Nov 2022 15:35:52 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 09:08:58 GMT
age: 23214
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10462
Md5:    4e2853cc6ec6223160471401e6871f4b
Sha1:   f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
Sha256: bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8154
x-amzn-requestid: 1d9d6e13-69a4-473d-af4b-ef3d4382f3ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTU2EyZoAMF94w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc1e-0dec203434f42df01d9a1182;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GWFybdPyZxzujAi9urpfQ_1HZCiJpmxpzg6j7a2gwdZ5E89xfc1MXg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:54:55 GMT
age: 63657
etag: "8cafda5659f5b36c855a2bbcaeb03aa715ddeebd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8154
Md5:    c69b19d2273c3ade32fd0797921c0459
Sha1:   8cafda5659f5b36c855a2bbcaeb03aa715ddeebd
Sha256: d78b92e1175207b1179c85f9490f937e1647aeae3fe95cf8b3dc336db232945e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F609c6c88-4535-488a-8bf4-de0e93b9ae31.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10822
x-amzn-requestid: 1b1e2dfc-4096-45cf-adb3-58f0b1d614bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bEAXHFhroAMF_Zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364adc6-7b94977b4143970a48bc1857;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 06:14:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: vzUPLMO4CDywKUQvQ9gbltVLYlNher7ZTXYC9A00LfwycdEmG7m9wg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 04:21:46 GMT
age: 40446
etag: "e26769d82108f89057b05096061f1276d34e223a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10822
Md5:    86ec3f22045de1a100eccf27d91593ae
Sha1:   e26769d82108f89057b05096061f1276d34e223a
Sha256: b863d19ab12945922b4d014c517f5ffe349cefe2bbe1c2f16661371f22378cbd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9313
x-amzn-requestid: be3f6b0f-cf61-4bec-ad1a-87abdbc45d73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTwF5AoAMFZAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-5ca45b5b1065a4ea492f2ac6;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: SEA19-C3, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9lVY7YgQQ0FAP3ItgCSWePY0Msd4RIyBz4eNPc-K51BtnWUjOObv6g==
via: 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:43 GMT
etag: "9265cae98aa663a5498925b70079abdd8e7031fd"
age: 64329
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9313
Md5:    29429581f8dc762c69c5916009f70080
Sha1:   9265cae98aa663a5498925b70079abdd8e7031fd
Sha256: c3deee74c80905a1e92b84868b9987cb30ad7a210dca066b97c325cc2c83872e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4737
x-amzn-requestid: 3e45e647-43a6-43bf-b011-366e3899b400
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAvEEr7IAMF_JQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b2d-76f4e8dc345994823ef9ce4d;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:39:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tgUANh-QVW5J4xKViYY6NCQYFLJBjXYoEupDzvKa2UJ9TZ-sBclIPQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:56:11 GMT
age: 63581
etag: "349ea78f3ad0f2f7376ba22e417226b2e06806d7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4737
Md5:    39446652ee66d20bd73df20f1a29589c
Sha1:   349ea78f3ad0f2f7376ba22e417226b2e06806d7
Sha256: 655a00944a319ba167e99b43055044cb18bc48d53605ff0d1b6c8b1ba8ee8237
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84109408-bbc7-4166-8974-df4b4fbbf1c1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6272
x-amzn-requestid: 7287a2fe-853d-497f-a63e-1d521dd5326e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bG3dSGEIIAMF7Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365d2bb-4c6803ad2d4ea46e68abd386;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 03:04:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LDFjqTNKAf14q52-12SgdxG52y16CzeAmZFIIwxEnUFTYp8ZOTT4Ew==
via: 1.1 6a6653dfb47ccc5082f2a5b9d0d168ce.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 18:20:46 GMT
age: 76506
etag: "16f1e048895ed1ee0c0c071e3939e741113e4969"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6272
Md5:    11ef1d34ac2d42662fe53fc58c882fdf
Sha1:   16f1e048895ed1ee0c0c071e3939e741113e4969
Sha256: 61c42bae12654cf9bd1e7ca0f616164ff4139dc470fb6c1033176374444d6bda
                                        
                                            GET /fonts/unicredit-regular.otf HTTP/1.1 
Host: valuekidz.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://valuekidz.com/index.php
Cookie: COOKIE_KEY=166800815014

search
                                         199.79.62.225
HTTP/1.1 200 OK
Content-Type: font/otf
                                        
Date: Wed, 09 Nov 2022 15:35:54 GMT
Server: Apache
Last-Modified: Tue, 22 Feb 2022 15:31:12 GMT
Accept-Ranges: bytes
Content-Length: 100032
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive


--- Additional Info ---
Magic:  OpenType font data\012- data
Size:   100032
Md5:    be4e1d32dc568c2ce69fe98cf4826d54
Sha1:   ccf362a132bd957b84818c10c16bdd31922b064b
Sha256: fb3eee259238bb8f097a10f92ad30df49fe02fa3889ee4ee64407514840383a5

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /purecss@2.0.5/build/pure-min.css HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://valuekidz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.16.124.175
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Wed, 09 Nov 2022 15:35:51 GMT
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"4195-XLNKX4yxaMYG7+jslQdUA8knpHQ"
via: 1.1 fly.io
fly-request-id: 01G7565ARY19YAE8DJRYNQ6WM7-fra
cf-cache-status: HIT
age: 11050462
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76779ee0ae57b527-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---