Report - davi24.com/3ds-max-2022-free-download/

Report Overview

Submitted URL
davi24.com/3ds-max-2022-free-download/
IP
103.77.162.23
ASN
#45544 SUPERDATA
Submitted
2022-12-09 12:56:27
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
56

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
nanouwho.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	128 kB	139.45.197.242
interstitial-07.com	36198	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.7 kB	46 kB	139.45.197.153
translate.google.com	1156	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	807 B	142.250.74.174
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.1 kB	93.184.220.29
translate.googleapis.com	1005	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	410 B	4.6 kB	216.58.207.202
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	414 B	739 B	139.45.195.8
tzegilo.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	352 B	6.6 kB	104.21.84.149
datatechonert.com	46154	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	482 B	478 B	139.45.195.253
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.4 kB	12 kB	23.33.119.27
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.213.140.56
unphionetor.com	54035	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	464 B	694 B	139.45.197.236
bedrapiona.com	34930	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	409 B	2.6 kB	139.45.197.234
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	838 B	4.3 kB	142.250.74.99
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	56 kB	34.120.237.76
inklinkor.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	354 B	26 kB	104.21.91.63
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	963 B	104.18.32.68
www.adz2you.net	826380	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	358 B	769 B	172.67.148.181
onmarshtompor.com	24517	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	980 B	974 B	139.45.197.243
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
davi24.com	190590	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	15 kB	910 kB	103.77.162.23
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.9 kB	142.250.74.131
ibrapush.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	9.3 kB	139.45.197.250
betotodilea.com	52465	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	12 kB	139.45.197.237

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-09	medium	davi24.com/3ds-max-2022-free-download/	Malware
2022-12-09	medium	davi24.com/3ds-max-2022-free-download/	Malware
2022-12-09	medium	davi24.com/wp-content/fonts/904b9a3a0d79473f201bd766ac26b59d.css?ver=20201110	Malware
2022-12-09	medium	davi24.com/wp-content/plugins/wp-statistics/assets/css/frontend.css?ver=12.4.2	Malware
2022-12-09	medium	davi24.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Malware
2022-12-09	medium	davi24.com/wp-content/themes/donovan/assets/js/svgxuse.min.js?ver=1.2.6	Malware
2022-12-09	medium	davi24.com/wp-content/themes/donovan/style.css?ver=1.8.2	Malware
2022-12-09	medium	davi24.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.8	Malware
2022-12-09	medium	davi24.com/wp-content/plugins/related-post/assets/front/css/related-post.css?ver=5.7.8	Malware
2022-12-09	medium	davi24.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1	Malware
2022-12-09	medium	davi24.com/wp-includes/js/dist/hooks.min.js?ver=d0188aa6c336f8bb426fe5318b7f5b72	Malware
2022-12-09	medium	davi24.com/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.9	Malware
2022-12-09	medium	davi24.com/wp-content/themes/donovan/assets/js/navigation.min.js?ver=20200822	Malware
2022-12-09	medium	davi24.com/wp-content/plugins/wp-popups-lite/src/assets/js/wppopups.js?ver=2.1.4.5	Malware
2022-12-09	medium	davi24.com/wp-content/plugins/related-post//assets/front/js/owl.carousel.min.js?ver=5.7.8	Malware
2022-12-09	medium	davi24.com/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.9	Malware
2022-12-09	medium	davi24.com/wp-content/themes/donovan/assets/icons/genericons-neue.svg	Malware
2022-12-09	medium	davi24.com/wp-content/fonts/quicksand/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2	Malware
2022-12-09	medium	davi24.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2	Malware
2022-12-09	medium	davi24.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCGPrEHJA.woff2	Malware
2022-12-09	medium	davi24.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2	Malware
2022-12-09	medium	davi24.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCHPrEHJA.woff2	Malware
2022-12-09	medium	davi24.com/wp-content/fonts/raleway/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfIA.woff2	Malware
2022-12-09	medium	davi24.com/sw.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-09	medium	nanouwho.com	Sinkholed
2022-12-09	medium	nanouwho.com	Sinkholed
2022-12-09	medium	unphionetor.com	Sinkholed
2022-12-09	medium	nanouwho.com	Sinkholed

JavaScript (44)

	URL	Size	First Seen	Last Seen
	davi24.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1	90 kB	2023-03-07	2024-04-25
Pretty URL davi24.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1 IP 103.77.162.23 ASN #45544 SUPERDATA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:17 Last Seen2024-04-25 06:13:11 Times Seen9439 Hash b6f7093369a0e8b83703914ce731b13c d1889f5c173c2a4b20288f1f84758599afd346ef 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827 Loading...

	davi24.com/3ds-max-2022-free-download/	676 B	2023-03-08	2023-03-08
Pretty URL davi24.com/3ds-max-2022-free-download/ IP 103.77.162.23 ASN #45544 SUPERDATA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:53:26 Last Seen2023-03-08 23:53:26 Times Seen1 Hash 8491f3fbb57deb5b826dc60b8e5f06dd 0b0a2d323b9b9530f5c99b43e94f3ebe7f563dd9 07e41d31713c39abe36d0ec52c0eb16759439b2b58c01f47e34508c45dc940e6 Loading...

	davi24.com/wp-includes/js/dist/hooks.min.js?ver=d0188aa6c336f8bb426fe5318b7f5b72	7.0 kB	2023-03-07	2024-04-25
Pretty URL davi24.com/wp-includes/js/dist/hooks.min.js?ver=d0188aa6c336f8bb426fe5318b7f5b72 IP 103.77.162.23 ASN #45544 SUPERDATA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-04-25 06:13:08 Times Seen681 Hash fff58f50d2d6243f7705185a16cba7ea 144566a0887f77bf9126bd1bb46ccad9f29a5971 fcc650dabdeef66e791d2159bddf7e6ec415841c265e2e121bfdf8da9f898837 Loading...

	davi24.com/3ds-max-2022-free-download/	15 B	2023-03-07	2024-01-16
Pretty URL davi24.com/3ds-max-2022-free-download/ IP 103.77.162.23 ASN #45544 SUPERDATA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:23 Last Seen2024-01-16 00:42:23 Times Seen8 Hash 84cb1004593021dfeb7ff42c21f8a0e0 31d187d261a8b982a30ac40fd0755ebe4689feea ae491b219e750ac1eaa7c1d91ec2fe9f46d1779ac9464bca493470be36bcf849 Loading...

	inklinkor.com/tag.min.js	74 kB	2023-03-08	2023-03-09
Pretty URL inklinkor.com/tag.min.js IP 104.21.91.63 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:41:27 Last Seen2023-03-09 05:13:00 Times Seen1 Hash e8ecbb34ec1453a66ae85959f375127a 11d7f4f866a069fe97f61be8a867de83f2ad6117 bd22281f663f9eb5a8d183712e308050ad967d62b105899328cc53b7d5fe306a Loading...

	nanouwho.com/1?z=4606746	17 kB	2023-03-08	2023-03-08
Pretty URL nanouwho.com/1?z=4606746 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:53:26 Last Seen2023-03-08 23:53:26 Times Seen1 Hash d0349d8df6a27a662b53fdf5f4cf9226 dcc06bb32209d15664a04af67c8c6261bf9dfc92 5cbc046104d8390da8eb34c69855cd7707e4be7182140ab2b374900de5ee131e Loading...

	ibrapush.com/pfe/current/tag.min.js?z=4606747	15 kB	2023-03-08	2023-03-11
Pretty URL ibrapush.com/pfe/current/tag.min.js?z=4606747 IP 139.45.197.250 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:13 Last Seen2023-03-11 23:52:36 Times Seen1 Hash 191ea99ed07a7fe90b457168edd25141 0ace741f1e05b34e1e266360de25d4c29facd2e1 f28c7f29111515de23861d74072c7f60e4a06965c91476e8d7d3409062d9d358 Loading...

	davi24.com/3ds-max-2022-free-download/	103 B	2023-03-08	2023-03-08
Pretty URL davi24.com/3ds-max-2022-free-download/ IP 103.77.162.23 ASN #45544 SUPERDATA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:53:26 Last Seen2023-03-08 23:53:26 Times Seen1 Hash 2bb4ec45546f92361894171abbbb4b9b 9119a2a9fb8c28cb0424e2c3dde4b9a8a6f85fa3 05ee589a6d6616de2eaad9a42900d530540e61dac00a9276cbb6de196ef2c5e0 Loading...

	davi24.com/3ds-max-2022-free-download/	2.1 kB	2023-03-08	2023-03-08
Pretty URL davi24.com/3ds-max-2022-free-download/ IP 103.77.162.23 ASN #45544 SUPERDATA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:53:26 Last Seen2023-03-08 23:53:26 Times Seen1 Hash 2ecbce77b378918be724d24f4017a2f5 703d13cf03805d7af0cfb9c631ad8dbe2a8a2811 140b3d68e8605b5f9bcc3454d89420b8a042b59094425e729a097ba50de58e92 Loading...

	davi24.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4	99 kB	2023-03-07	2024-04-25
Pretty URL davi24.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4 IP 103.77.162.23 ASN #45544 SUPERDATA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-04-25 06:13:08 Times Seen3529 Hash 5090bae2c114802440412e301bdf5174 3850afd52816ee686eccd881df06764b426cd86a d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3 Loading...

	davi24.com/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.9	14 kB	2023-03-07	2024-04-17
Pretty URL davi24.com/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.9 IP 103.77.162.23 ASN #45544 SUPERDATA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:43 Last Seen2024-04-17 04:46:33 Times Seen575 Hash 9ce2ef9c51d872136c9bd85bd5428ea8 4b4f270db4ec228296f5127f22df9a0b502cec84 37b945e5fe609563e83b37edcbfe3d18aac072a55fc8962978afdf597a3c4aa8 Loading...

	davi24.com/3ds-max-2022-free-download/	327 B	2023-03-08	2023-10-29
Pretty URL davi24.com/3ds-max-2022-free-download/ IP 103.77.162.23 ASN #45544 SUPERDATA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:53:26 Last Seen2023-10-29 02:53:30 Times Seen2 Hash e397e8c3fd4e36ac153b27da3cea2a83 cdc87de2840b970a61d34dbaf36f260549c99349 fc1cde1204c74ccc54385dd9438ff06a9926ad0ca9fbbb81d2b64558ea4ff63f Loading...

	davi24.com/wp-includes/js/wp-embed.min.js?ver=5.7.8	1.4 kB	2023-03-07	2024-04-25
Pretty URL davi24.com/wp-includes/js/wp-embed.min.js?ver=5.7.8 IP 103.77.162.23 ASN #45544 SUPERDATA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-04-25 08:07:38 Times Seen6876 Hash 905225d5711b559d3092387d5ffbedbd 6f6c39075263bafb9e8c10f1b34a1a0f7ee03c9d 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991 Loading...

	translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit	77 kB	2023-03-08	2023-03-08
Pretty URL translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:53:26 Last Seen2023-03-08 23:53:26 Times Seen1 Hash 8d2d46a65e17eaaf6f943a465faecaa1 c871477145d7b4e2d18b9e2056200f6d858ec91c 8a416a466ccd795fd19c50e45858dbf6fcc0dc4ee2d1401bc874285944ec6095 Loading...

	davi24.com/3ds-max-2022-free-download/	1.2 kB	2023-03-08	2023-10-29
Pretty URL davi24.com/3ds-max-2022-free-download/ IP 103.77.162.23 ASN #45544 SUPERDATA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:53:26 Last Seen2023-10-29 02:53:30 Times Seen2 Hash 67e9040a337df098ef8482eabaef4c44 e01f5d9bda851253769f5d794c3bcb721cb666d5 0fb255ac9bd4881e075706b40620845cc4d376fdf70ce596373fc532e5d0f061 Loading...

	davi24.com/3ds-max-2022-free-download/	65 B	2023-03-08	2023-03-08
Pretty URL davi24.com/3ds-max-2022-free-download/ IP 103.77.162.23 ASN #45544 SUPERDATA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:53:26 Last Seen2023-03-08 23:53:26 Times Seen1 Hash efef90275abd94f7d40e49171ad0c131 97b356876c69db4ed5c1d783e7f713dcfb297cd0 3b7ce89d222e0143d86a3100a037adc4329c62fcb5621f46cd9d7d5430a3f5c7 Loading...

	davi24.com/3ds-max-2022-free-download/	193 B	2023-03-08	2023-03-08
Pretty URL davi24.com/3ds-max-2022-free-download/ IP 103.77.162.23 ASN #45544 SUPERDATA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:53:26 Last Seen2023-03-08 23:53:26 Times Seen1 Hash d71ae343a54d6ae8d1083799c6bce8ca 5fe4513a2ecd3dc9697f0ef63eb7223b0ff64234 cd1ae7d954b73c1726dab501dbf53298c4c718f1323f9668745e073426029dd4 Loading...

	davi24.com/wp-content/themes/donovan/assets/js/svgxuse.min.js?ver=1.2.6	2.9 kB	2023-03-07	2024-04-24
Pretty URL davi24.com/wp-content/themes/donovan/assets/js/svgxuse.min.js?ver=1.2.6 IP 103.77.162.23 ASN #45544 SUPERDATA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:11 Last Seen2024-04-24 05:54:39 Times Seen636 Hash a2b3c4a1205adeb5f57cd1db0acabcba 6f564918cbb2a673ab64564f4c60653c209b03bd fb16e51480f1812bba39f47a4dd2e154767356b870f1e5e2564f0f462f40098f Loading...

	www.adz2you.net/serve/ads.js	988 B	2023-03-08	2023-03-13
Pretty URL www.adz2you.net/serve/ads.js IP 172.67.148.181 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:53:26 Last Seen2023-03-13 14:18:52 Times Seen1 Hash d69c2d579c804b333c0fd3db8b248c26 186541db75a2a4890b05650fc6613436f56d7843 c604de1a1c54cdd0b6909ee0be8e5e42338b0cff7ab7b983c1c4e08e3690e534 Loading...

	davi24.com/3ds-max-2022-free-download/	374 B	2023-03-07	2023-04-05
Pretty URL davi24.com/3ds-max-2022-free-download/ IP 103.77.162.23 ASN #45544 SUPERDATA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:11 Last Seen2023-04-05 01:53:39 Times Seen11 Hash af65191ae0e8cfc708ce77c56d2c2f0b 8a0d69d753d61fec7c5f1af21568953dbb1f2e82 b868064c24e1329ece62c29479b6de078cb5e752ed6650c372383151bff2f107 Loading...

	davi24.com/3ds-max-2022-free-download/	1.3 kB	2023-03-08	2023-10-29
Pretty URL davi24.com/3ds-max-2022-free-download/ IP 103.77.162.23 ASN #45544 SUPERDATA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:53:26 Last Seen2023-10-29 02:53:30 Times Seen2 Hash e0e300fae57afcfaf6e0d1c8a73c2875 3815f64c00629d23c844e9d689c3aa6f9f5d6edb 8d0f6a3d7af3cc9a32fbffdda0da2dff4a9d3e30d996313be8fd35c9c214a374 Loading...

	davi24.com/3ds-max-2022-free-download/	192 B	2023-03-08	2023-10-29
Pretty URL davi24.com/3ds-max-2022-free-download/ IP 103.77.162.23 ASN #45544 SUPERDATA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:53:26 Last Seen2023-10-29 02:53:30 Times Seen2 Hash 4af4b36558434b9437cacf7bae44e7d6 e6865b5544f4280ed6fda9353ff4350de299dec6 fb6ed2ffcd8de35ea7560b2c9c4058e813056e9edb89ef5ca794924ed779c1ea Loading...

	nanouwho.com/27/11a99959c11b6755664b3df2c6eb7de1	378 kB	2023-03-08	2023-03-09
Pretty URL nanouwho.com/27/11a99959c11b6755664b3df2c6eb7de1 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:57:58 Last Seen2023-03-09 04:16:40 Times Seen1 Hash 8329878d587fbdcac856c9fd94f33cc6 7cf5f77795ba843e0cc082d706a20b517d320237 ebd7c3e2063610b60f05f5ab122555c66a5cdcf9fe443b470465591ca76cb7eb Loading...

	davi24.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-25
Pretty URL davi24.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 103.77.162.23 ASN #45544 SUPERDATA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 06:13:12 Times Seen68612 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	davi24.com/wp-content/plugins/wp-popups-lite/src/assets/js/wppopups.js?ver=2.1.4.5	48 kB	2023-03-07	2024-02-21
Pretty URL davi24.com/wp-content/plugins/wp-popups-lite/src/assets/js/wppopups.js?ver=2.1.4.5 IP 103.77.162.23 ASN #45544 SUPERDATA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26:52 Last Seen2024-02-21 04:08:53 Times Seen38 Hash d96ec9b36839d11ffb322518cc376138 706d19ddb93e5c9c819df90281a1fd1a730f5538 eab007b887d70722ac2232014f1085551e3d262da75db00a05952d529872bfa8 Loading...

	davi24.com/wp-content/themes/donovan/assets/js/navigation.min.js?ver=20200822	2.0 kB	2023-03-08	2023-11-02
Pretty URL davi24.com/wp-content/themes/donovan/assets/js/navigation.min.js?ver=20200822 IP 103.77.162.23 ASN #45544 SUPERDATA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:53:26 Last Seen2023-11-02 04:47:59 Times Seen12 Hash 53f6d774e6f6ffdb29fbd56d7c15366d 035408bba4f7f4e39d205eb11204a87c622663f7 73318d6aba5551abd695904a7e686a17ae42ee85d6911fd437bb06a3bb2b63c9 Loading...

	betotodilea.com/400/4606745	83 kB	2023-03-08	2023-03-08
Pretty URL betotodilea.com/400/4606745 IP 139.45.197.237 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:53:26 Last Seen2023-03-08 23:53:26 Times Seen1 Hash 1812cc7a45b5fd61269c68e9a22459d5 e33641d6ef1fac645c679713f143cbf9d260fff9 e411c1041b88adcbe21dbc44944a1c802cd89c27cc1ac70e0656f025dd1578c6 Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.c2_H6h0zvYw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfraNL4hBUxcHD1JwUr3OofpEUwLhQ/m=el_main	212 kB	2023-03-08	2023-12-02
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.c2_H6h0zvYw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfraNL4hBUxcHD1JwUr3OofpEUwLhQ/m=el_main IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:50:09 Last Seen2023-12-02 15:44:19 Times Seen21 Hash 8bf322278cc4d5349d9f216543dad348 836605271acad0b93010bf2a97c2b4d2cdab6527 dbc13e868fc37e5decb688b506ac4dea2da1690396694b7289530600e15f0816 Loading...

	unphionetor.com/fv.js?t=72747&cb=1977164967	5.2 kB	2023-03-07	2024-04-24
Pretty URL unphionetor.com/fv.js?t=72747&cb=1977164967 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-24 01:48:23 Times Seen2355 Hash 563d777535ce88943a94a6be86f378c8 8753745424d367275e3fe55a5661fe51b1e1fb72 0f467a48a494f7f63968707dc43785b728d0c17f93c12937c1e5b12798f3a98a Loading...

	interstitial-07.com/?l=a4VyXDG0eyp5w7A&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D2783989656%26z%3D4606746%26b%3D16043341%26c%3D6407127%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DYLR_2yMoDx8oEZOi03EUwiBrd-SKnsyshIFzc3oA3_P4ngG4lpy_LeEc0md-JKN0slS-y3v9E1dnlPJQKqFEltKRRlAyQIawhvNpI2JJgkcovA10nZSk9twqgp5tEuxoE1cVGdSS9EpYjD3M42T1PPdR8GI01w1lG5E88E_B-wN43FQMBvxKiJIsPJ4qEv_kYhpzJgxDHMidw9cyCbcI9UY-TIWBs2HbyeuVLUogPvFntikQfaTxf4j_rDd7giP5iMwFhXhc21cHqPrACLF0QUAOeC32UOcug3T-Wy7cnIwL8H9G5NevtNTBz0orPj9kqJt9SGo86wO09-4wwtE_u6olT8I6Cpe_q2SBl5iEoOnHCk_T3A6b4sAvS61buOPvqmv0o-11-VOexh0EbDV4SKKEQ02SAygKIrXVucrKgh1Z-YFCAMfCwLNWLIYhcA-plgLNVDg9oN9MpWVJwMZNTpZV8mdUrntLtvbTrdxgjZFWIil9Ef2liCV1USvy8wNoFTKeOG6VzZrlY_giXP7wrDrKbOZg8-Y5HF8xmbWUeyx70jfhRamVkymiLAcRB0zGwv274kW71A5RP1bm9pEYsN2P1fyR53lkRpZCrPOXZ7zj7vFofGDjYSZjLLCZK-KmdHj0ucrlCfQuvuX9EOMiNl8xpJk%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3D4c6ebcc7-61e3-4db1-8612-ccb8bd6f6056%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fdavi24.com%252F3ds-max-2022-free-download%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0	1.4 kB	2023-03-08	2023-03-08
Pretty URL interstitial-07.com/?l=a4VyXDG0eyp5w7A&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D2783989656%26z%3D4606746%26b%3D16043341%26c%3D6407127%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DYLR_2yMoDx8oEZOi03EUwiBrd-SKnsyshIFzc3oA3_P4ngG4lpy_LeEc0md-JKN0slS-y3v9E1dnlPJQKqFEltKRRlAyQIawhvNpI2JJgkcovA10nZSk9twqgp5tEuxoE1cVGdSS9EpYjD3M42T1PPdR8GI01w1lG5E88E_B-wN43FQMBvxKiJIsPJ4qEv_kYhpzJgxDHMidw9cyCbcI9UY-TIWBs2HbyeuVLUogPvFntikQfaTxf4j_rDd7giP5iMwFhXhc21cHqPrACLF0QUAOeC32UOcug3T-Wy7cnIwL8H9G5NevtNTBz0orPj9kqJt9SGo86wO09-4wwtE_u6olT8I6Cpe_q2SBl5iEoOnHCk_T3A6b4sAvS61buOPvqmv0o-11-VOexh0EbDV4SKKEQ02SAygKIrXVucrKgh1Z-YFCAMfCwLNWLIYhcA-plgLNVDg9oN9MpWVJwMZNTpZV8mdUrntLtvbTrdxgjZFWIil9Ef2liCV1USvy8wNoFTKeOG6VzZrlY_giXP7wrDrKbOZg8-Y5HF8xmbWUeyx70jfhRamVkymiLAcRB0zGwv274kW71A5RP1bm9pEYsN2P1fyR53lkRpZCrPOXZ7zj7vFofGDjYSZjLLCZK-KmdHj0ucrlCfQuvuX9EOMiNl8xpJk%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3D4c6ebcc7-61e3-4db1-8612-ccb8bd6f6056%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fdavi24.com%252F3ds-max-2022-free-download%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 IP 139.45.197.153 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:53:26 Last Seen2023-03-08 23:53:26 Times Seen1 Hash b81b58ba2c49805d59d33b22a955bf2e 25da40c53177ab6dc6894684b787fc9cdcd7be56 3606336080e525b5a22c5b2462963073ef312abb01fb7e04835a390e76c76955 Loading...

	davi24.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.8	14 kB	2023-03-07	2024-04-24
Pretty URL davi24.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.8 IP 103.77.162.23 ASN #45544 SUPERDATA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:17 Last Seen2024-04-24 18:48:51 Times Seen7900 Hash eaa8641bcda2371f4024a71fbb67de3b 0e46c39d3821683c856605a82254115f9a6a7792 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c Loading...

	davi24.com/wp-content/plugins/related-post//assets/front/js/owl.carousel.min.js?ver=5.7.8	85 kB	2023-03-08	2024-03-27
Pretty URL davi24.com/wp-content/plugins/related-post//assets/front/js/owl.carousel.min.js?ver=5.7.8 IP 103.77.162.23 ASN #45544 SUPERDATA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:40:33 Last Seen2024-03-27 19:20:31 Times Seen70 Hash c580af66c6b04b963d4b76a90569d6b5 b7b7280d64bf9402e3b101cc07f5b38abd146205 0a1aebdca3b69662a8cb029eb3909c5d8d5d20022b2be9c5497e6d2e12539b1f Loading...

	tzegilo.com/stattag.js	13 kB	2023-03-08	2023-03-12
Pretty URL tzegilo.com/stattag.js IP 104.21.84.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:59 Last Seen2023-03-12 10:48:49 Times Seen1 Hash d0de06f954f7dedba242231b0ec4052d 188d75bb9077832384f889dd15584845790bc146 efae63871ebdeb69e7d64c6782924f72584f962d540b8c55237cba93c026af16 Loading...

	davi24.com/3ds-max-2022-free-download/	102 kB	2023-03-08	2023-03-11
Pretty URL davi24.com/3ds-max-2022-free-download/ IP 103.77.162.23 ASN #45544 SUPERDATA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:13 Last Seen2023-03-11 23:52:37 Times Seen1 Hash 4224657dcd443a3bd29476e92ab48558 d237d75a44e44df6826a0f3fe76a848de0599070 e3abef6168f06a92edfc05945cd2336f3ba3bb2719c3380393ec498e755c97fb Loading...

		Size	First Seen	Last Seen
	#1 Eval - b2d8354526b6409df417be705f5ccd16	80 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 23:53:26 Last Seen2023-03-08 23:53:26 Times Seen1 Hash b2d8354526b6409df417be705f5ccd16 ab409bc298e35633d7faa42d90b0487f522f05c1 b2a99976e6f884231540330ca7f98ae2130432639f80692ddacd13b159b01b91 Loading...

		Size	First Seen	Last Seen
	#1 Write - 1817d3c9b96ae6d1697103cf3667a602	50 B	2023-03-07	2024-03-12
Pretty Observations First Seen2023-03-07 12:02:11 Last Seen2024-03-12 10:03:17 Times Seen132 Hash 1817d3c9b96ae6d1697103cf3667a602 1181a06c85915fad2a7714fde5ec973a6ce8149b 6fb659130ae8f7ddfb117d3a9194b39b895f2f0c82226c1d4bc9ec1342ee10b0 Loading...

	#2 Write - 038dd4bffca0890a6c53109f9c1c37f6	51 B	2023-03-07	2024-03-12
Pretty Observations First Seen2023-03-07 12:02:11 Last Seen2024-03-12 10:03:17 Times Seen132 Hash 038dd4bffca0890a6c53109f9c1c37f6 21148dcea6de7c8b771e004db502a644110ab4fa 5b2d8986f54a34694aec96c516406dc8c86c2a111474861ee97327d0176cfc70 Loading...

	#3 Write - 749610dc40d290ea268e7e101269141a	181 B	2023-03-07	2024-03-12
Pretty Observations First Seen2023-03-07 12:02:11 Last Seen2024-03-12 10:03:17 Times Seen128 Hash 749610dc40d290ea268e7e101269141a bbb92b7eb56458fc01e707862ff68cce02921dc8 725140c5cd8d80410293f34bd30e418a61dc2151741bed9ada5fa07c8c295d4a Loading...

	#4 Write - fff7eba2293f86bd4cd2378961920889	33 B	2023-03-07	2024-03-12
Pretty Observations First Seen2023-03-07 12:02:11 Last Seen2024-03-12 10:03:17 Times Seen131 Hash fff7eba2293f86bd4cd2378961920889 618b377f203962fc60fe3759259ad2554a8bb3d3 816171af53e3aebdf85e91d6056413357a7a9ae63935c7df38a1d0731ea99d88 Loading...

	#5 Write - cbb184dd8e05c9709e5dcaedaa0495cf	1 B	2023-03-07	2024-04-23
Pretty Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-23 18:09:56 Times Seen3492 Hash cbb184dd8e05c9709e5dcaedaa0495cf c2b7df6201fdd3362399091f0a29550df3505b6a d10b36aa74a59bcf4a88185837f658afaf3646eff2bb16c3928d0e9335e945d2 Loading...

	#6 Write - b9a798aed08df79a5142affa318c3497	9 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:02:04 Last Seen2024-04-24 14:00:50 Times Seen2779 Hash b9a798aed08df79a5142affa318c3497 0c3b60ab45672b031ce7ef792359922ae4d7f640 6c9656210a0202719c1cc3f33bba512135c26bb8d970d2350552e75d257631ca Loading...

	#7 Write - 67e66ada5fb57007668c551dc81bf572	41 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 23:53:26 Last Seen2023-03-08 23:53:26 Times Seen1 Hash 67e66ada5fb57007668c551dc81bf572 e1759b89f2b4033379c7283aaf5c42e95ea30b5f 9b169739957480b8414df33438b89d3118fcc66ac672019ac6778704abde61d7 Loading...

	#8 Write - 8cd03c2da7b97e107ce990e50b6886cf	8 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-24 14:00:50 Times Seen3781 Hash 8cd03c2da7b97e107ce990e50b6886cf fb1c2d66bbf94a08a5bda7f06316c022ca66cfa7 5b63e5b2097fc6906601e85e381d998a7db971aca73c9213dc2b107ccab734d4 Loading...

	#9 Write - dbd446b6a10cc2cac685cfe059e693b0	58 B	2023-03-07	2024-03-12
Pretty Observations First Seen2023-03-07 12:02:11 Last Seen2024-03-12 10:03:17 Times Seen131 Hash dbd446b6a10cc2cac685cfe059e693b0 cea3aa0506052ffc5bfd3b86d0b75a2f9ce44f65 568dcf3d6b6e4b87c5f21b5e5000865ba1416625a4ab9f1e253cb70347eb0be1 Loading...

HTTP Transactions (96)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21546
Expires: Fri, 09 Dec 2022 18:55:22 GMT
Date: Fri, 09 Dec 2022 12:56:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11798
Expires: Fri, 09 Dec 2022 16:12:54 GMT
Date: Fri, 09 Dec 2022 12:56:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11259
Expires: Fri, 09 Dec 2022 16:03:55 GMT
Date: Fri, 09 Dec 2022 12:56:16 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 12:07:50 GMT
content-type: application/json
age: 2906
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: r/H8IqvRIYeXrVw3H5ZWhB9RA4eDr1pNwKoSTipgdhz9yy3MDNq3Ln+15qQOvWLJ/Ok6KNqtrFs=
x-amz-request-id: STEHBF74DJSXN3ZB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 12:48:20 GMT
age: 476
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:16 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 12:07:55 GMT
age: 2901
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

davi24.com/3ds-max-2022-free-download/

103.77.162.23

301 Moved Permanently

0 B

URL HTTP/1.1
davi24.com/3ds-max-2022-free-download/
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /3ds-max-2022-free-download/ HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 12:56:16 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Expires: Fri, 09 Dec 2022 13:56:16 GMT
Cache-Control: max-age=3600
X-Redirect-By: WordPress
Location: https://davi24.com/3ds-max-2022-free-download/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3233
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:56:16 GMT
Last-Modified: Fri, 09 Dec 2022 12:02:23 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.213.140.56

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.213.140.56:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NGVq+rCo3b0eeBSS4yLECw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Xv5/VKrY7+10NcP+goXSSsx3A9g=

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3001
Expires: Fri, 09 Dec 2022 13:46:19 GMT
Date: Fri, 09 Dec 2022 12:56:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3001
Expires: Fri, 09 Dec 2022 13:46:19 GMT
Date: Fri, 09 Dec 2022 12:56:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3001
Expires: Fri, 09 Dec 2022 13:46:19 GMT
Date: Fri, 09 Dec 2022 12:56:18 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5188 bytes)
Hash
fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7Dp35PIr_WYUI1bBa21AvmCMEPi0d3jnhuS8eEk3Q3CXRcGWAnkD8g==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 17:01:04 GMT
age: 71714
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
d60e535659f21b4a18a798472779ec1a
5eba8756c2188c8e3c73c621a132123eda6f3778
68628710591427bdc1cccf2808e84bae912533938400a7a756f0b8a57b6d7e86

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=169829
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:56:18 GMT
Etag: "639324d7-117"
Expires: Sun, 11 Dec 2022 12:06:47 GMT
Last-Modified: Fri, 09 Dec 2022 12:06:47 GMT
Server: nginx
Content-Length: 279

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7960 bytes)
Hash
eb00a2a503a690cee3e4dd729b5bc9bd
cfb1e5bcab2148a777889680e6e36b9d7e8917ec
7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7960
x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEd8HC0oAMFUag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kTEbkncBnAJmQE8cdAqvDtejiwaetpRBsVcpLXy1h52lO4iUkzmOGA==
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 16:28:48 GMT
age: 73650
etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7897 bytes)
Hash
8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: N-zFZ8yeL7RrOZ5xfqvfBaE3zcXWecvr6Jd-93nKiUZlCXp2n2_Bgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:41:46 GMT
age: 33272
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6578 bytes)
Hash
8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H067kZXU_djWxbWO34bYMqa0xZ-WF9ntEBhZ-kV_TDoJFXQL_J1hqQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:34:27 GMT
age: 33711
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5169 bytes)
Hash
06514ce96ae21cb01f526a5febdcbeb4
ebb97e5b97f394e8c67098f55581d5329ce819a2
4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xi-bshsYa4LlKbJgAt0h-lPnB_5uQbqln5JGBRE8io2Fp1y41cS9xg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:08:48 GMT
age: 31650
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7557 bytes)
Hash
5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 400d1465-ecbf-4d95-8aa8-4dce5dca0716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctluwGo4oAMFhTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee991-6dba29ae7065d5347a1a420d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Lazl-stakC-31gMuQ2WzH9uFkIb0g7HaaM3xkwSFdFJMWKTaKqrBEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:07:07 GMT
age: 31751
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
d60e535659f21b4a18a798472779ec1a
5eba8756c2188c8e3c73c621a132123eda6f3778
68628710591427bdc1cccf2808e84bae912533938400a7a756f0b8a57b6d7e86

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=169829
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:56:18 GMT
Etag: "639324d7-117"
Expires: Sun, 11 Dec 2022 12:06:47 GMT
Last-Modified: Fri, 09 Dec 2022 12:06:47 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

davi24.com/3ds-max-2022-free-download/

103.77.162.23

200 OK

47 kB

URL HTTP/1.1
davi24.com/3ds-max-2022-free-download/
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1820), with CRLF, LF line terminators
Size
47 kB (46668 bytes)
Hash
7d3a0ccef80af8e89e89741d24a78c1f
954726be4e71d0bb0b41749bc7dd9706f75f63f2
fca1f5f56b73bc509c3d6c079a5e75a5cfcd55180c3878622b3aab7b9a4a5839

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /3ds-max-2022-free-download/ HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:17 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Link: <https://davi24.com/wp-json/>; rel="https://api.w.org/", <https://davi24.com/wp-json/wp/v2/posts/3493>; rel="alternate"; type="application/json", <https://davi24.com/?p=3493>; rel=shortlink
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:56:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:56:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

davi24.com/wp-content/plugins/wp-popups-lite/src/assets/css/wppopups-base.css?ver=2.1.4.5

103.77.162.23

200 OK

8.7 kB

URL HTTP/1.1
davi24.com/wp-content/plugins/wp-popups-lite/src/assets/css/wppopups-base.css?ver=2.1.4.5
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
ASCII text
Size
8.7 kB (8650 bytes)
Hash
a560040312229062493dd4ebb2a5f8dc
1e4279b02ba4444d7ea76fd6a05de45ca3c1e610
1324a06a3a4e142ab8add34477b0309b68ef7b7a699540a7791bbbe929f7c0a9

HTTP Headers

GET /wp-content/plugins/wp-popups-lite/src/assets/css/wppopups-base.css?ver=2.1.4.5 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:18 GMT
Server: Apache
Last-Modified: Mon, 25 Oct 2021 01:09:58 GMT
Accept-Ranges: bytes
Content-Length: 8650
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

davi24.com/wp-content/fonts/904b9a3a0d79473f201bd766ac26b59d.css?ver=20201110

103.77.162.23

200 OK

9.4 kB

URL HTTP/1.1
davi24.com/wp-content/fonts/904b9a3a0d79473f201bd766ac26b59d.css?ver=20201110
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
ASCII text
Size
9.4 kB (9414 bytes)
Hash
2b65e71b603a85359278b8c29593514f
418a8812f6d10371738c8be32d4cf8a22865cf15
0715958139a5bdb51640f5b27ab80ea4165095fed3a4ffbe0e1390dceb25c91b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/fonts/904b9a3a0d79473f201bd766ac26b59d.css?ver=20201110 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:18 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 09:22:08 GMT
Accept-Ranges: bytes
Content-Length: 9414
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

davi24.com/wp-content/plugins/related-posts-by-taxonomy/includes/assets/css/styles.css?ver=5.7.8

103.77.162.23

200 OK

416 B

URL HTTP/1.1
davi24.com/wp-content/plugins/related-posts-by-taxonomy/includes/assets/css/styles.css?ver=5.7.8
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
ASCII text
Size
416 B (416 bytes)
Hash
ef87605f3e119bb43a79486ebaae3979
cf87ed116cb0623729615a652ec444f6d7acb602
715d95401a0252ab3f290b8d318f8f6bfd0bf1163f025767fa065200c5e6f883

HTTP Headers

GET /wp-content/plugins/related-posts-by-taxonomy/includes/assets/css/styles.css?ver=5.7.8 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:18 GMT
Server: Apache
Last-Modified: Mon, 23 Aug 2021 00:21:08 GMT
Accept-Ranges: bytes
Content-Length: 416
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

davi24.com/wp-content/plugins/wp-statistics/assets/css/frontend.css?ver=12.4.2

103.77.162.23

200 OK

102 B

URL HTTP/1.1
davi24.com/wp-content/plugins/wp-statistics/assets/css/frontend.css?ver=12.4.2
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
ASCII text, with CRLF line terminators
Size
102 B (102 bytes)
Hash
d859237df9c6cae9a0bb730f762f544d
fdb0ecccf47646f316a6760dc0cb780259459374
8d3dbed10901eab7ea5726b18b9b4ad41b59993e1c079e9e71f6b8130364d576

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/wp-statistics/assets/css/frontend.css?ver=12.4.2 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:18 GMT
Server: Apache
Last-Modified: Thu, 06 Sep 2018 01:26:09 GMT
Accept-Ranges: bytes
Content-Length: 102
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

davi24.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

103.77.162.23

200 OK

11 kB

URL HTTP/1.1
davi24.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
ASCII text, with very long lines (11126)
Size
11 kB (11224 bytes)
Hash
79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:18 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 08:14:22 GMT
Accept-Ranges: bytes
Content-Length: 11224
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

davi24.com/wp-content/themes/donovan/assets/js/svgxuse.min.js?ver=1.2.6

103.77.162.23

200 OK

2.9 kB

URL HTTP/1.1
davi24.com/wp-content/themes/donovan/assets/js/svgxuse.min.js?ver=1.2.6
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
ASCII text, with very long lines (522)
Size
2.9 kB (2927 bytes)
Hash
a2b3c4a1205adeb5f57cd1db0acabcba
6f564918cbb2a673ab64564f4c60653c209b03bd
fb16e51480f1812bba39f47a4dd2e154767356b870f1e5e2564f0f462f40098f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/donovan/assets/js/svgxuse.min.js?ver=1.2.6 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:18 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 09:21:19 GMT
Accept-Ranges: bytes
Content-Length: 2927
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

davi24.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.8

103.77.162.23

200 OK

58 kB

URL HTTP/1.1
davi24.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.8
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
Unicode text, UTF-8 text, with very long lines (29677)
Size
58 kB (58171 bytes)
Hash
b5d1e2c87b60ce71c3fd90ca27073250
b65e3890ef1565f98971b344b4c85866a5f33860
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=5.7.8 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:18 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 08:14:57 GMT
Accept-Ranges: bytes
Content-Length: 58171
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

davi24.com/wp-content/themes/donovan/style.css?ver=1.8.2

103.77.162.23

200 OK

72 kB

URL HTTP/1.1
davi24.com/wp-content/themes/donovan/style.css?ver=1.8.2
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
ASCII text, with very long lines (382)
Size
72 kB (71673 bytes)
Hash
4b5cb3bd06612a5c93996fe727ab6ce0
03bd5d290e49a6426be4cffb05a511dcf3996c4b
88794cdb73d7ecf2803e22c4978722d88dbce97ebc153002282acb1fac8f999d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/donovan/style.css?ver=1.8.2 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:18 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 10:28:05 GMT
Accept-Ranges: bytes
Content-Length: 71673
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

davi24.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.8

103.77.162.23

200 OK

14 kB

URL HTTP/1.1
davi24.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.8
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
ASCII text, with very long lines (11272)
Size
14 kB (14229 bytes)
Hash
eaa8641bcda2371f4024a71fbb67de3b
0e46c39d3821683c856605a82254115f9a6a7792
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=5.7.8 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:19 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 08:14:22 GMT
Accept-Ranges: bytes
Content-Length: 14229
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

davi24.com/wp-content/plugins/related-post/assets/front/css/owl.carousel.min.css?ver=5.7.8

103.77.162.23

200 OK

3.0 kB

URL HTTP/1.1
davi24.com/wp-content/plugins/related-post/assets/front/css/owl.carousel.min.css?ver=5.7.8
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
ASCII text, with very long lines (2854)
Size
3.0 kB (3011 bytes)
Hash
e0422f812aba45254cf47f9a3c96504c
e009863352e7e464712dd23e6160d2318333a1da
ca6300d7f9068654315e7d2af431731d1b77548635121ec125c11f33723cf1ae

HTTP Headers

GET /wp-content/plugins/related-post/assets/front/css/owl.carousel.min.css?ver=5.7.8 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:19 GMT
Server: Apache
Last-Modified: Mon, 23 Aug 2021 00:24:07 GMT
Accept-Ranges: bytes
Content-Length: 3011
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

davi24.com/wp-content/plugins/related-post/assets/front/css/related-post.css?ver=5.7.8

103.77.162.23

200 OK

1.4 kB

URL HTTP/1.1
davi24.com/wp-content/plugins/related-post/assets/front/css/related-post.css?ver=5.7.8
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
ASCII text, with CRLF line terminators
Size
1.4 kB (1433 bytes)
Hash
448dadb0e8e65cbc8c63325299574bf1
613bf0643658e7a237eb4c0766a38214c163da56
33c81623ca55244432d30e3dc52a98f44f26e379062b5f8385b52218d9703c54

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/related-post/assets/front/css/related-post.css?ver=5.7.8 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:19 GMT
Server: Apache
Last-Modified: Mon, 23 Aug 2021 00:24:07 GMT
Accept-Ranges: bytes
Content-Length: 1433
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

davi24.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

103.77.162.23

200 OK

90 kB

URL HTTP/1.1
davi24.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
ASCII text, with very long lines (65451)
Size
90 kB (89496 bytes)
Hash
b6f7093369a0e8b83703914ce731b13c
d1889f5c173c2a4b20288f1f84758599afd346ef
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.5.1 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:18 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 08:14:22 GMT
Accept-Ranges: bytes
Content-Length: 89496
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

davi24.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4

103.77.162.23

200 OK

99 kB

URL HTTP/1.1
davi24.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
Unicode text, UTF-8 text, with very long lines (34729), with NEL line terminators
Size
99 kB (99310 bytes)
Hash
5090bae2c114802440412e301bdf5174
3850afd52816ee686eccd881df06764b426cd86a
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:19 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 08:14:53 GMT
Accept-Ranges: bytes
Content-Length: 99310
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

davi24.com/wp-includes/js/dist/hooks.min.js?ver=d0188aa6c336f8bb426fe5318b7f5b72

103.77.162.23

200 OK

7.0 kB

URL HTTP/1.1
davi24.com/wp-includes/js/dist/hooks.min.js?ver=d0188aa6c336f8bb426fe5318b7f5b72
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
ASCII text, with very long lines (6944)
Size
7.0 kB (6979 bytes)
Hash
fff58f50d2d6243f7705185a16cba7ea
144566a0887f77bf9126bd1bb46ccad9f29a5971
fcc650dabdeef66e791d2159bddf7e6ec415841c265e2e121bfdf8da9f898837

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/dist/hooks.min.js?ver=d0188aa6c336f8bb426fe5318b7f5b72 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:19 GMT
Server: Apache
Last-Modified: Thu, 09 Sep 2021 19:44:35 GMT
Accept-Ranges: bytes
Content-Length: 6979
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

davi24.com/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.9

103.77.162.23

200 OK

14 kB

URL HTTP/1.1
davi24.com/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.9
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
ASCII text
Size
14 kB (13797 bytes)
Hash
9ce2ef9c51d872136c9bd85bd5428ea8
4b4f270db4ec228296f5127f22df9a0b502cec84
37b945e5fe609563e83b37edcbfe3d18aac072a55fc8962978afdf597a3c4aa8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.9 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:19 GMT
Server: Apache
Last-Modified: Thu, 01 Jul 2021 11:32:36 GMT
Accept-Ranges: bytes
Content-Length: 13797
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

davi24.com/wp-content/themes/donovan/assets/js/navigation.min.js?ver=20200822

103.77.162.23

200 OK

2.0 kB

URL HTTP/1.1
davi24.com/wp-content/themes/donovan/assets/js/navigation.min.js?ver=20200822
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
ASCII text, with very long lines (2032), with no line terminators
Size
2.0 kB (2032 bytes)
Hash
53f6d774e6f6ffdb29fbd56d7c15366d
035408bba4f7f4e39d205eb11204a87c622663f7
73318d6aba5551abd695904a7e686a17ae42ee85d6911fd437bb06a3bb2b63c9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/donovan/assets/js/navigation.min.js?ver=20200822 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:19 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 09:21:19 GMT
Accept-Ranges: bytes
Content-Length: 2032
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

davi24.com/wp-includes/js/wp-embed.min.js?ver=5.7.8

103.77.162.23

200 OK

1.4 kB

URL HTTP/1.1
davi24.com/wp-includes/js/wp-embed.min.js?ver=5.7.8
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
ASCII text, with very long lines (1391)
Size
1.4 kB (1426 bytes)
Hash
905225d5711b559d3092387d5ffbedbd
6f6c39075263bafb9e8c10f1b34a1a0f7ee03c9d
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

HTTP Headers

GET /wp-includes/js/wp-embed.min.js?ver=5.7.8 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:19 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 08:14:22 GMT
Accept-Ranges: bytes
Content-Length: 1426
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

davi24.com/wp-content/plugins/wp-popups-lite/src/assets/js/wppopups.js?ver=2.1.4.5

103.77.162.23

200 OK

48 kB

URL HTTP/1.1
davi24.com/wp-content/plugins/wp-popups-lite/src/assets/js/wppopups.js?ver=2.1.4.5
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
ASCII text
Size
48 kB (47635 bytes)
Hash
d96ec9b36839d11ffb322518cc376138
706d19ddb93e5c9c819df90281a1fd1a730f5538
eab007b887d70722ac2232014f1085551e3d262da75db00a05952d529872bfa8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/wp-popups-lite/src/assets/js/wppopups.js?ver=2.1.4.5 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:19 GMT
Server: Apache
Last-Modified: Mon, 25 Oct 2021 01:09:58 GMT
Accept-Ranges: bytes
Content-Length: 47635
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

davi24.com/wp-content/plugins/related-post//assets/front/js/owl.carousel.min.js?ver=5.7.8

103.77.162.23

200 OK

85 kB

URL HTTP/1.1
davi24.com/wp-content/plugins/related-post//assets/front/js/owl.carousel.min.js?ver=5.7.8
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
ASCII text, with very long lines (359)
Size
85 kB (85100 bytes)
Hash
c580af66c6b04b963d4b76a90569d6b5
b7b7280d64bf9402e3b101cc07f5b38abd146205
0a1aebdca3b69662a8cb029eb3909c5d8d5d20022b2be9c5497e6d2e12539b1f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/related-post//assets/front/js/owl.carousel.min.js?ver=5.7.8 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:19 GMT
Server: Apache
Last-Modified: Mon, 23 Aug 2021 00:24:07 GMT
Accept-Ranges: bytes
Content-Length: 85100
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

davi24.com/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.9

103.77.162.23

200 OK

129 kB

URL HTTP/1.1
davi24.com/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.9
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
ASCII text
Size
129 kB (128983 bytes)
Hash
f3bd90ed9190418715605b8aaa05debd
5ef128434040cdc17b99048da8c56287894ed542
e2fb63ea3b3d832a17e88ce1bdc0ec080117e17f1c9331697c822015e501cb13

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/google-language-translator/css/style.css?ver=6.0.9 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:19 GMT
Server: Apache
Last-Modified: Thu, 01 Jul 2021 11:32:36 GMT
Accept-Ranges: bytes
Content-Length: 128983
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
6fba40dfdcde443855844f6241ca6d85
4ad19aa8f3a191688fbf7038760f757ddaebf11b
09b6375f2b0780ffb3c0bc96a5ab4a7332a43b23717779bd05523ee978ce5d4d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4161
Cache-Control: max-age=108831
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:56:20 GMT
Etag: "63922652-116"
Expires: Sat, 10 Dec 2022 19:10:11 GMT
Last-Modified: Thu, 08 Dec 2022 18:00:50 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278

inklinkor.com/tag.min.js

104.21.91.63

200 OK

25 kB

URL HTTP/2
inklinkor.com/tag.min.js
IP
104.21.91.63:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
25 kB (25310 bytes)
Hash
3cbfc73c52332403255e85307ac7439d
f87cd3a6a6455a38151c7fb2c406ebb100cf3ba8
84332aa8bdd210ffc39d2c47f56417c3f2bdcd8ee4890674d7c905fc951088cf

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 09 Dec 2022 12:56:20 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: c97ad7132cf395f2d37f0bf2bab4d060
cache-control: max-age=86400
last-modified: Fri, 09 Dec 2022 06:46:36 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Sat, 10 Dec 2022 11:49:37 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 4003
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDuCEJRFE5OFC8b%2FH7vm%2FPqelCOJPhoAgviNPtYfRJH1aV9APz1ld8n8Y8XxmlKpPhvHVZMia%2BOV8eSQ%2F6HdfrbcmZS%2FKcyXeH2p72h5QLeRxXxooJoYNFyIvLpyHGdv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776de6796f23b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4e3dc85fd71bdb106039966a96cdd02b
53d3487232ddcac30b53c224c94e63571633e5af
d0a3a292876b50c590a3fa6c04d3471a6fb726c54f57e75c21f2e1bd45424ace

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:56:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

translate.googleapis.com/translate_static/css/translateelement.css

216.58.207.202

200 OK

3.6 kB

URL HTTP/2
translate.googleapis.com/translate_static/css/translateelement.css
IP
216.58.207.202:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (18670)
Size
3.6 kB (3619 bytes)
Hash
897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0

HTTP Headers

GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 12:00:32 GMT
expires: Fri, 09 Dec 2022 13:00:32 GMT
cache-control: public, max-age=3600
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
age: 3348
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4e3dc85fd71bdb106039966a96cdd02b
53d3487232ddcac30b53c224c94e63571633e5af
d0a3a292876b50c590a3fa6c04d3471a6fb726c54f57e75c21f2e1bd45424ace

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:56:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

davi24.com/wp-content/themes/donovan/assets/icons/genericons-neue.svg

103.77.162.23

200 OK

28 kB

URL HTTP/1.1
davi24.com/wp-content/themes/donovan/assets/icons/genericons-neue.svg
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (861)
Size
28 kB (28006 bytes)
Hash
4080d1f5f976c56fb30f2150d520c49e
081eebd1ca84882c6e51e4c7c57c8bd1c89f7c42
1ef564b89fc8b8baa6609f30535c85a5f7e793f16879169cbf7a8987fd85405d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/donovan/assets/icons/genericons-neue.svg HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:20 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 09:21:19 GMT
Accept-Ranges: bytes
Content-Length: 28006
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d3c2666db3c15225923dddb92dacf735
64e9db12b4b93a22a1f1246f2f53c605aecd2a5b
e951f784500dc601aa5687424d9ed761d651deedd0e05f5bf1c89127988dbdfd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E951F784500DC601AA5687424D9ED761D651DEEDD0E05F5BF1C89127988DBDFD"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15802
Expires: Fri, 09 Dec 2022 17:19:42 GMT
Date: Fri, 09 Dec 2022 12:56:20 GMT
Connection: keep-alive

davi24.com/wp-content/fonts/quicksand/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2

103.77.162.23

200 OK

14 kB

URL HTTP/1.1
davi24.com/wp-content/fonts/quicksand/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
Web Open Font Format (Version 2), TrueType, length 13788, version 1.0\012- data
Size
14 kB (13788 bytes)
Hash
37cb9c1de0984928fe29407fc13edd13
9241b34301953bfe0bf9b5ccac42d9dbc27e78b7
6be37f36989880a124a0df21a0b4931bfd75d67bd9d844418ecbb79a47514507

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/fonts/quicksand/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://davi24.com/wp-content/fonts/904b9a3a0d79473f201bd766ac26b59d.css?ver=20201110
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:20 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 09:21:33 GMT
Accept-Ranges: bytes
Content-Length: 13788
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/woff2

davi24.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2

103.77.162.23

200 OK

21 kB

URL HTTP/1.1
davi24.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
Web Open Font Format (Version 2), TrueType, length 21028, version 1.0\012- data
Size
21 kB (21028 bytes)
Hash
131f660715196288a68bd84296ada895
b7509bd4352f0b015c8b7d7f27157ffbab0cc3a1
1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://davi24.com/wp-content/fonts/904b9a3a0d79473f201bd766ac26b59d.css?ver=20201110
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:20 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 09:22:01 GMT
Accept-Ranges: bytes
Content-Length: 21028
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff2

davi24.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCGPrEHJA.woff2

103.77.162.23

200 OK

15 kB

URL HTTP/1.1
davi24.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCGPrEHJA.woff2
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
Web Open Font Format (Version 2), TrueType, length 15004, version 1.0\012- data
Size
15 kB (15004 bytes)
Hash
47dfd7aed0af42f7acbadac1aeca6843
3ce05577fadfc5be08851eb482083c9b9f53c008
455b818fc3f0e627ec1837e801bff6ac1443638d486fee01f1354b0d5e30faf5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCGPrEHJA.woff2 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://davi24.com/wp-content/fonts/904b9a3a0d79473f201bd766ac26b59d.css?ver=20201110
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:20 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 09:22:01 GMT
Accept-Ranges: bytes
Content-Length: 15004
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff2

davi24.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2

103.77.162.23

200 OK

21 kB

URL HTTP/1.1
davi24.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
Web Open Font Format (Version 2), TrueType, length 21352, version 1.0\012- data
Size
21 kB (21352 bytes)
Hash
01a273e07cf0950b760ee6cd9540a72f
270bb462018cc354ee6ff44d8e1b8b8fcb0e8641
0d3b3a3f34ffd3526eea2f77aebe34caa8e86c59002dfd89aa834b0986feeaa2

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://davi24.com/wp-content/fonts/904b9a3a0d79473f201bd766ac26b59d.css?ver=20201110
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:20 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 09:22:08 GMT
Accept-Ranges: bytes
Content-Length: 21352
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/woff2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5befea1ff179e1346422afeace6ac43d
313a8a8c24dd6a29b69d6fa15a29826250995e29
f61f64c91aed0910ea20c1b3cf030f219d080a3bb2087a1fe2b80a403074edb9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F61F64C91AED0910EA20C1B3CF030F219D080A3BB2087A1FE2B80A403074EDB9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4956
Expires: Fri, 09 Dec 2022 14:18:57 GMT
Date: Fri, 09 Dec 2022 12:56:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c5e1f14021541984fb7c7ba4f76c5ef9
3334cf1d6297d8fb36a4af2ebf9b993b94897658
aa935a586a8f1e18c93bf12958884d1ee590bedf8531b0f81a90ee09bf66896a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA935A586A8F1E18C93BF12958884D1EE590BEDF8531B0F81A90EE09BF66896A"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1959
Expires: Fri, 09 Dec 2022 13:29:00 GMT
Date: Fri, 09 Dec 2022 12:56:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
27f907a256adb2c2f78f02a5f9b10c99
3411bd289f7e48859cde22993e8bd795ac9b19b2
907bff5886c7b9a138f540090f7e0010621667c24aa02c3fd075f083d0a3b683

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "907BFF5886C7B9A138F540090F7E0010621667C24AA02C3FD075F083D0A3B683"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1924
Expires: Fri, 09 Dec 2022 13:28:25 GMT
Date: Fri, 09 Dec 2022 12:56:21 GMT
Connection: keep-alive

my.rtmark.net/gid.js?userId=ff7a3498e00b46f2bc04040a4bbce394

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?userId=ff7a3498e00b46f2bc04040a4bbce394
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
82680a28d5c61fdec4c6f7a71cb412ec
43406dcb908f6246cc72a3646ad501ade52ccc88
53828294d6997a727469a83dadf213cccf41a040f3d769a5b279bda18ee28e4e

HTTP Headers

GET /gid.js?userId=ff7a3498e00b46f2bc04040a4bbce394 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://davi24.com
Connection: keep-alive
Referer: https://davi24.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://davi24.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=ff7a3498e00b46f2bc04040a4bbce394; expires=Sat, 09 Dec 2023 12:56:21 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

davi24.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCHPrEHJA.woff2

103.77.162.23

200 OK

6.4 kB

URL HTTP/1.1
davi24.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCHPrEHJA.woff2
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
Web Open Font Format (Version 2), TrueType, length 6376, version 1.0\012- data
Size
6.4 kB (6376 bytes)
Hash
60c3e2494a29e8072e29f85b789d11c0
883738ce03bb1299c071b79261c77ef209f2a5d1
a2f00e25fcc747bc0e35ccfc4c055e5fadfc7bfaa59d0766e1b387c3540d58b0

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCHPrEHJA.woff2 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://davi24.com/wp-content/fonts/904b9a3a0d79473f201bd766ac26b59d.css?ver=20201110
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:21 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 09:22:01 GMT
Accept-Ranges: bytes
Content-Length: 6376
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2

tzegilo.com/stattag.js

104.21.84.149

200 OK

5.7 kB

URL HTTP/2
tzegilo.com/stattag.js
IP
104.21.84.149:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (12966), with no line terminators
Size
5.7 kB (5735 bytes)
Hash
a8d268e4a9655b858206748e741560c8
a2682e8eb03d393397264eb19b01d9b6a32c448b
ec883a9b7fdf46d784e15a615e193fac91569e4843cfa36ff392065e868ac0e2

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1678
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8vQNrrsuAs3QQ41Dt79OMvrut%2FimF3IsVGLMrxiDwHkYFqHgTUDiiE6Anhtjpqunecvu2ox94AH1b5%2FRht9H8dZl8XqP0GK0TulDSF3sGELb4WIhGa2%2FUv4bkY6JOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776de67b4cc5b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
f93fe0c44e63867b7f8553c1ca73460e
e664d98cd9803e5f179af596d8a2f50d79fc92b0
dbb9ed743e3bf5d61dd66e676c81d5e2a43c8287d61ef34d90b6c7790ca6106e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 01:33:16 GMT
Expires: Tue, 13 Dec 2022 01:33:15 GMT
Etag: "e664d98cd9803e5f179af596d8a2f50d79fc92b0"
Cache-Control: max-age=304013,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776de67c7ab1b4e8-OSL

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
45be028bb2118e21286d1256970bc0df
a4eeba1ad375008ef21bc53e25e307d5ba68f331
3ff76cbd3481f2b6fa457b7c243e11a059a2850e49c59ab89d69fb4dee3c52a3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FF76CBD3481F2B6FA457B7C243E11A059A2850E49C59AB89D69FB4DEE3C52A3"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6068
Expires: Fri, 09 Dec 2022 14:37:29 GMT
Date: Fri, 09 Dec 2022 12:56:21 GMT
Connection: keep-alive

datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

139.45.195.253

200 OK

12 B

URL HTTP/1.1
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
139.45.195.253:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 908
Origin: https://davi24.com
Connection: keep-alive
Referer: https://davi24.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 09 Dec 2022 12:56:21 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://davi24.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

ibrapush.com/zone?pub=0&zone_id=4606747&is_mobile=false&domain=davi24.com&var=&ymid=&var_3=

139.45.197.250

200 OK

664 B

URL HTTP/2
ibrapush.com/zone?pub=0&zone_id=4606747&is_mobile=false&domain=davi24.com&var=&ymid=&var_3=
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (663)
Size
664 B (664 bytes)
Hash
8e562e438628ab3dc67cd8a22b636846
47c35207ae2e1a2b629a4ab0bb935c9341c377ee
8eff38f8d9c52ef08d58ee4fae74da0aebf28bc71b48396c8a9a03d778f067db

HTTP Headers

GET /zone?pub=0&zone_id=4606747&is_mobile=false&domain=davi24.com&var=&ymid=&var_3= HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://davi24.com/
Origin: https://davi24.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: application/json; charset=utf-8
content-length: 664
x-trace-id: 860cb3bb5a26221c18b2d0b5625f045b
access-control-allow-origin: https://davi24.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

davi24.com/wp-content/fonts/raleway/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfIA.woff2

103.77.162.23

200 OK

21 kB

URL HTTP/1.1
davi24.com/wp-content/fonts/raleway/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfIA.woff2
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
Web Open Font Format (Version 2), TrueType, length 21448, version 1.0\012- data
Size
21 kB (21448 bytes)
Hash
876b6921f86fad633876677718ee1b2a
96d24469bb923bacbffeb89ba38957464ebe8d35
9448e5e35e9cfba49612fab330c7ef1384a4708be5205b028486288ae260b85f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/fonts/raleway/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfIA.woff2 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://davi24.com/wp-content/fonts/904b9a3a0d79473f201bd766ac26b59d.css?ver=20201110
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:21 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 09:21:42 GMT
Accept-Ranges: bytes
Content-Length: 21448
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff2

nanouwho.com/9?z=4606746&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdavi24.com%2F3ds-max-2022-free-download%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=ff7a3498e00b46f2bc04040a4bbce394

139.45.197.242

204 No Content

0 B

URL HTTP/2
nanouwho.com/9?z=4606746&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdavi24.com%2F3ds-max-2022-free-download%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=ff7a3498e00b46f2bc04040a4bbce394
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

OPTIONS /9?z=4606746&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdavi24.com%2F3ds-max-2022-free-download%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=ff7a3498e00b46f2bc04040a4bbce394 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://davi24.com/
Origin: https://davi24.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://davi24.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

nanouwho.com/27/11a99959c11b6755664b3df2c6eb7de1

139.45.197.242

200 OK

126 kB

URL HTTP/2
nanouwho.com/27/11a99959c11b6755664b3df2c6eb7de1
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type
ASCII text, with very long lines (65523)
Size
126 kB (125975 bytes)
Hash
402c6c65b4148049cbe2151e6cb48a19
727a5eff371583ccf8ed44152ef6770899d0ac48
a8609daaba1c4e644f04bc06f3b9a510ff0a5975d84834552a5e07c10e08427d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /27/11a99959c11b6755664b3df2c6eb7de1 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/
Cookie: scm=1; OAID=9874d634698a4f35b6aa07462819e2d5; oaidts=1670590581
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Wed, 07 Dec 2022 09:08:16 GMT
expires: Wed, 06 Jan 2083 09:08:16 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

bedrapiona.com/5/4606748/?oo=1&js_build=iclick-v1.459.0

139.45.197.234

200 OK

1.4 kB

URL HTTP/2
bedrapiona.com/5/4606748/?oo=1&js_build=iclick-v1.459.0
IP
139.45.197.234:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (2943), with no line terminators
Size
1.4 kB (1428 bytes)
Hash
2a2190f2fc77bc8a65b98a240ebba5b4
a2ed30622ad5b43906817b64041e957e9ebfeeee
db5dfd7673d0dc6fe14de655afc2b244516f2da100104014a45aa85641db1f0b

HTTP Headers

GET /5/4606748/?oo=1&js_build=iclick-v1.459.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://davi24.com
Connection: keep-alive
Referer: https://davi24.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:20 GMT
content-type: application/json
x-trace-id: 067c7562b5f557468c781a5f6c0dc894
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://davi24.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=ff7a3498e00b46f2bc04040a4bbce394; expires=Sat, 09 Dec 2023 12:56:20 GMT; path=/; secure; SameSite=None
oaidts=1670590580; expires=Sat, 09 Dec 2023 12:56:20 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

davi24.com/wp-content/uploads/2022/09/cropped-DAVI24ICON1-192x192.png

103.77.162.23

200 OK

14 kB

URL HTTP/1.1
davi24.com/wp-content/uploads/2022/09/cropped-DAVI24ICON1-192x192.png
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14438 bytes)
Hash
dd8dbc75cbbc2f953232968eadb2806c
e3c94a36d47006415601169b285c450ab1695ecd
6040f5362877011251c02e4d4431485df4c93140cbd74a19461caf076e814454

HTTP Headers

GET /wp-content/uploads/2022/09/cropped-DAVI24ICON1-192x192.png HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Cookie: prefetchAd_4606748=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:21 GMT
Server: Apache
Last-Modified: Sun, 11 Sep 2022 11:43:09 GMT
Accept-Ranges: bytes
Content-Length: 14438
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

davi24.com/wp-content/uploads/2022/09/cropped-DAVI24ICON1-32x32.png

103.77.162.23

200 OK

1.3 kB

URL HTTP/1.1
davi24.com/wp-content/uploads/2022/09/cropped-DAVI24ICON1-32x32.png
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1330 bytes)
Hash
6ff7db648ea97866f6c66db8b20433a8
8b5c88cd41c745a1f579fa67f9ceabd844767323
026ca12ec1c42d9ba44a85424ff270de3b653f3f8fcc8669165ec2ee875b1ee5

HTTP Headers

GET /wp-content/uploads/2022/09/cropped-DAVI24ICON1-32x32.png HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Cookie: prefetchAd_4606748=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:21 GMT
Server: Apache
Last-Modified: Sun, 11 Sep 2022 11:43:09 GMT
Accept-Ranges: bytes
Content-Length: 1330
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png

ibrapush.com/custom

139.45.197.250

200 OK

39 B

URL HTTP/2
ibrapush.com/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://davi24.com/
Content-Type: application/json
Origin: https://davi24.com
Content-Length: 384
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 08f6fdbad9723cd2bfce7a9cae2b8cc1
access-control-allow-origin: https://davi24.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09c3c1f68b4c0af769d418791b89b945
276148179360441d25d3ceea419021a31d23cd38
789b12b51dbb5d5a945e9a4f927ce33e4b3bb852320bb7bb8f904b83cc414c85

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "789B12B51DBB5D5A945E9A4F927CE33E4B3BB852320BB7BB8F904B83CC414C85"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2127
Expires: Fri, 09 Dec 2022 13:31:48 GMT
Date: Fri, 09 Dec 2022 12:56:21 GMT
Connection: keep-alive

ibrapush.com/pfe/current/tag.min.js?z=4606747

139.45.197.250

200 OK

6.0 kB

URL HTTP/2
ibrapush.com/pfe/current/tag.min.js?z=4606747
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
C source, ASCII text, with very long lines (14602), with no line terminators
Size
6.0 kB (5999 bytes)
Hash
d657bf53422fb936c772380d4f10b0a0
12c9bae16b02c957f06b1b0ec8dccef18e51e353
c0285a69f50de67dd9ac0067e87e0c2dd154a36681c02620dbd0892793adb177

HTTP Headers

GET /pfe/current/tag.min.js?z=4606747 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-390a"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
link: <https://my.rtmark.net>; rel=dns-prefetch;, <https://my.rtmark.net>; rel=preconnect
content-encoding: gzip
X-Firefox-Spdy: h2

interstitial-07.com/contents/s/45/ad/fc/5dac387ae41ca4a0c1b6a9ac37/01606490601807.jpeg

139.45.197.153

200 OK

9.3 kB

URL HTTP/2
interstitial-07.com/contents/s/45/ad/fc/5dac387ae41ca4a0c1b6a9ac37/01606490601807.jpeg
IP
139.45.197.153:0
ASN
#9002 RETN Limited

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
9.3 kB (9271 bytes)
Hash
45adfc5dac387ae41ca4a0c1b6a9ac37
d972ecfcf25c8d8c697beac01a3fa85635e564f5
a653f78b2f5c5f1dd923fb9291bb67832dad4014266ef34b6bff707a381b1bda

HTTP Headers

GET /contents/s/45/ad/fc/5dac387ae41ca4a0c1b6a9ac37/01606490601807.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=a4VyXDG0eyp5w7A&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D2783989656%26z%3D4606746%26b%3D16043341%26c%3D6407127%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DYLR_2yMoDx8oEZOi03EUwiBrd-SKnsyshIFzc3oA3_P4ngG4lpy_LeEc0md-JKN0slS-y3v9E1dnlPJQKqFEltKRRlAyQIawhvNpI2JJgkcovA10nZSk9twqgp5tEuxoE1cVGdSS9EpYjD3M42T1PPdR8GI01w1lG5E88E_B-wN43FQMBvxKiJIsPJ4qEv_kYhpzJgxDHMidw9cyCbcI9UY-TIWBs2HbyeuVLUogPvFntikQfaTxf4j_rDd7giP5iMwFhXhc21cHqPrACLF0QUAOeC32UOcug3T-Wy7cnIwL8H9G5NevtNTBz0orPj9kqJt9SGo86wO09-4wwtE_u6olT8I6Cpe_q2SBl5iEoOnHCk_T3A6b4sAvS61buOPvqmv0o-11-VOexh0EbDV4SKKEQ02SAygKIrXVucrKgh1Z-YFCAMfCwLNWLIYhcA-plgLNVDg9oN9MpWVJwMZNTpZV8mdUrntLtvbTrdxgjZFWIil9Ef2liCV1USvy8wNoFTKeOG6VzZrlY_giXP7wrDrKbOZg8-Y5HF8xmbWUeyx70jfhRamVkymiLAcRB0zGwv274kW71A5RP1bm9pEYsN2P1fyR53lkRpZCrPOXZ7zj7vFofGDjYSZjLLCZK-KmdHj0ucrlCfQuvuX9EOMiNl8xpJk%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3D4c6ebcc7-61e3-4db1-8612-ccb8bd6f6056%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fdavi24.com%252F3ds-max-2022-free-download%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: image/jpeg
content-length: 9271
last-modified: Thu, 20 Oct 2022 03:21:06 GMT
vary: Accept-Encoding
etag: "6350bea2-2437"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2

interstitial-07.com/contents/s/32/13/a8/e6ac43e59294f402bbbe324953/0596778554123.jpeg

139.45.197.153

200 OK

30 kB

URL HTTP/2
interstitial-07.com/contents/s/32/13/a8/e6ac43e59294f402bbbe324953/0596778554123.jpeg
IP
139.45.197.153:0
ASN
#9002 RETN Limited

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Size
30 kB (29997 bytes)
Hash
3213a8e6ac43e59294f402bbbe324953
3e66ba9e6978ca9fef50e07274bd9899e3fed9c3
f880d432fbedbe3a15e8fed32985860e84e8ec4425ad6ff3e6cae446be0a6714

HTTP Headers

GET /contents/s/32/13/a8/e6ac43e59294f402bbbe324953/0596778554123.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=a4VyXDG0eyp5w7A&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D2783989656%26z%3D4606746%26b%3D16043341%26c%3D6407127%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DYLR_2yMoDx8oEZOi03EUwiBrd-SKnsyshIFzc3oA3_P4ngG4lpy_LeEc0md-JKN0slS-y3v9E1dnlPJQKqFEltKRRlAyQIawhvNpI2JJgkcovA10nZSk9twqgp5tEuxoE1cVGdSS9EpYjD3M42T1PPdR8GI01w1lG5E88E_B-wN43FQMBvxKiJIsPJ4qEv_kYhpzJgxDHMidw9cyCbcI9UY-TIWBs2HbyeuVLUogPvFntikQfaTxf4j_rDd7giP5iMwFhXhc21cHqPrACLF0QUAOeC32UOcug3T-Wy7cnIwL8H9G5NevtNTBz0orPj9kqJt9SGo86wO09-4wwtE_u6olT8I6Cpe_q2SBl5iEoOnHCk_T3A6b4sAvS61buOPvqmv0o-11-VOexh0EbDV4SKKEQ02SAygKIrXVucrKgh1Z-YFCAMfCwLNWLIYhcA-plgLNVDg9oN9MpWVJwMZNTpZV8mdUrntLtvbTrdxgjZFWIil9Ef2liCV1USvy8wNoFTKeOG6VzZrlY_giXP7wrDrKbOZg8-Y5HF8xmbWUeyx70jfhRamVkymiLAcRB0zGwv274kW71A5RP1bm9pEYsN2P1fyR53lkRpZCrPOXZ7zj7vFofGDjYSZjLLCZK-KmdHj0ucrlCfQuvuX9EOMiNl8xpJk%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3D4c6ebcc7-61e3-4db1-8612-ccb8bd6f6056%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fdavi24.com%252F3ds-max-2022-free-download%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: image/jpeg
content-length: 29997
last-modified: Thu, 20 Oct 2022 03:21:02 GMT
vary: Accept-Encoding
etag: "6350be9e-752d"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
814fe52c4aeed574082cd7e710264365
f5b51f3a7a6f8dd635975ec4a4065155b96b5e8b
110ab90d6cd1b47566ff3524136449ef590f42dcd838fb5d3802b67c846a84f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "110AB90D6CD1B47566FF3524136449EF590F42DCD838FB5D3802B67C846A84F9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2406
Expires: Fri, 09 Dec 2022 13:36:27 GMT
Date: Fri, 09 Dec 2022 12:56:21 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
4fbea77a0d1d179d738cb7851746552e
8808e4b54c414ca5a58c5b859ff335d61b472a8c
414fa4b36451eb121315b4a80993f6632206eb5ea7fe8c65ddf65acfdf18ae15

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2311
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:56:21 GMT
Last-Modified: Fri, 09 Dec 2022 12:17:50 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278

betotodilea.com/500/4606745?excludes=&oaid=ff7a3498e00b46f2bc04040a4bbce394&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fdavi24.com%2F3ds-max-2022-free-download%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

10 kB

URL HTTP/2
betotodilea.com/500/4606745?excludes=&oaid=ff7a3498e00b46f2bc04040a4bbce394&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fdavi24.com%2F3ds-max-2022-free-download%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
data
Size
10 kB (10397 bytes)
Hash
4439dca056191655ad51b4625133ec26
c65228f561ddad85ed74106646a8808375e5bc9a
d34511fbb4a65de9957284970d29ff3f971fb0ccb3e9ff713e46aa694a941551

HTTP Headers

GET /500/4606745?excludes=&oaid=ff7a3498e00b46f2bc04040a4bbce394&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fdavi24.com%2F3ds-max-2022-free-download%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://davi24.com
Connection: keep-alive
Referer: https://davi24.com/
Cookie: OAID=cd92cfd9d1224fae9a30d78ea3b37659
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: application/javascript
x-trace-id: 682a510b489f8cfb70e53250379ac5f6
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://davi24.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=ff7a3498e00b46f2bc04040a4bbce394; expires=Sat, 09 Dec 2023 12:56:21 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

interstitial-07.com/?l=a4VyXDG0eyp5w7A&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D2783989656%26z%3D4606746%26b%3D16043341%26c%3D6407127%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DYLR_2yMoDx8oEZOi03EUwiBrd-SKnsyshIFzc3oA3_P4ngG4lpy_LeEc0md-JKN0slS-y3v9E1dnlPJQKqFEltKRRlAyQIawhvNpI2JJgkcovA10nZSk9twqgp5tEuxoE1cVGdSS9EpYjD3M42T1PPdR8GI01w1lG5E88E_B-wN43FQMBvxKiJIsPJ4qEv_kYhpzJgxDHMidw9cyCbcI9UY-TIWBs2HbyeuVLUogPvFntikQfaTxf4j_rDd7giP5iMwFhXhc21cHqPrACLF0QUAOeC32UOcug3T-Wy7cnIwL8H9G5NevtNTBz0orPj9kqJt9SGo86wO09-4wwtE_u6olT8I6Cpe_q2SBl5iEoOnHCk_T3A6b4sAvS61buOPvqmv0o-11-VOexh0EbDV4SKKEQ02SAygKIrXVucrKgh1Z-YFCAMfCwLNWLIYhcA-plgLNVDg9oN9MpWVJwMZNTpZV8mdUrntLtvbTrdxgjZFWIil9Ef2liCV1USvy8wNoFTKeOG6VzZrlY_giXP7wrDrKbOZg8-Y5HF8xmbWUeyx70jfhRamVkymiLAcRB0zGwv274kW71A5RP1bm9pEYsN2P1fyR53lkRpZCrPOXZ7zj7vFofGDjYSZjLLCZK-KmdHj0ucrlCfQuvuX9EOMiNl8xpJk%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3D4c6ebcc7-61e3-4db1-8612-ccb8bd6f6056%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fdavi24.com%252F3ds-max-2022-free-download%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0

139.45.197.153

200 OK

4.7 kB

URL HTTP/2
interstitial-07.com/?l=a4VyXDG0eyp5w7A&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D2783989656%26z%3D4606746%26b%3D16043341%26c%3D6407127%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DYLR_2yMoDx8oEZOi03EUwiBrd-SKnsyshIFzc3oA3_P4ngG4lpy_LeEc0md-JKN0slS-y3v9E1dnlPJQKqFEltKRRlAyQIawhvNpI2JJgkcovA10nZSk9twqgp5tEuxoE1cVGdSS9EpYjD3M42T1PPdR8GI01w1lG5E88E_B-wN43FQMBvxKiJIsPJ4qEv_kYhpzJgxDHMidw9cyCbcI9UY-TIWBs2HbyeuVLUogPvFntikQfaTxf4j_rDd7giP5iMwFhXhc21cHqPrACLF0QUAOeC32UOcug3T-Wy7cnIwL8H9G5NevtNTBz0orPj9kqJt9SGo86wO09-4wwtE_u6olT8I6Cpe_q2SBl5iEoOnHCk_T3A6b4sAvS61buOPvqmv0o-11-VOexh0EbDV4SKKEQ02SAygKIrXVucrKgh1Z-YFCAMfCwLNWLIYhcA-plgLNVDg9oN9MpWVJwMZNTpZV8mdUrntLtvbTrdxgjZFWIil9Ef2liCV1USvy8wNoFTKeOG6VzZrlY_giXP7wrDrKbOZg8-Y5HF8xmbWUeyx70jfhRamVkymiLAcRB0zGwv274kW71A5RP1bm9pEYsN2P1fyR53lkRpZCrPOXZ7zj7vFofGDjYSZjLLCZK-KmdHj0ucrlCfQuvuX9EOMiNl8xpJk%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3D4c6ebcc7-61e3-4db1-8612-ccb8bd6f6056%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fdavi24.com%252F3ds-max-2022-free-download%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP
139.45.197.153:0
ASN
#9002 RETN Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1463)
Size
4.7 kB (4738 bytes)
Hash
0f643313eb5fbbf11a154e7ee168c626
316541faa419edb6b91f45d839af2d784f4aea6f
6fcac4124704e6d64fbdf495e0d9cb4ee9203ed909515b16e729a1ffe89a6590

HTTP Headers

GET /?l=a4VyXDG0eyp5w7A&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D2783989656%26z%3D4606746%26b%3D16043341%26c%3D6407127%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DYLR_2yMoDx8oEZOi03EUwiBrd-SKnsyshIFzc3oA3_P4ngG4lpy_LeEc0md-JKN0slS-y3v9E1dnlPJQKqFEltKRRlAyQIawhvNpI2JJgkcovA10nZSk9twqgp5tEuxoE1cVGdSS9EpYjD3M42T1PPdR8GI01w1lG5E88E_B-wN43FQMBvxKiJIsPJ4qEv_kYhpzJgxDHMidw9cyCbcI9UY-TIWBs2HbyeuVLUogPvFntikQfaTxf4j_rDd7giP5iMwFhXhc21cHqPrACLF0QUAOeC32UOcug3T-Wy7cnIwL8H9G5NevtNTBz0orPj9kqJt9SGo86wO09-4wwtE_u6olT8I6Cpe_q2SBl5iEoOnHCk_T3A6b4sAvS61buOPvqmv0o-11-VOexh0EbDV4SKKEQ02SAygKIrXVucrKgh1Z-YFCAMfCwLNWLIYhcA-plgLNVDg9oN9MpWVJwMZNTpZV8mdUrntLtvbTrdxgjZFWIil9Ef2liCV1USvy8wNoFTKeOG6VzZrlY_giXP7wrDrKbOZg8-Y5HF8xmbWUeyx70jfhRamVkymiLAcRB0zGwv274kW71A5RP1bm9pEYsN2P1fyR53lkRpZCrPOXZ7zj7vFofGDjYSZjLLCZK-KmdHj0ucrlCfQuvuX9EOMiNl8xpJk%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3D4c6ebcc7-61e3-4db1-8612-ccb8bd6f6056%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fdavi24.com%252F3ds-max-2022-free-download%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.24
set-cookie: reverse=8QrBMyPcjucjyUdlpAdHPqCLfKo1Y93N1rKkuVrHZ0g; expires=Fri, 09-Dec-2022 13:56:21 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2

unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined

139.45.197.236

204 No Content

0 B

URL HTTP/2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 29069485f70cb5f99c18aee0b32ece34
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:56:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:56:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/images/branding/product/1x/translate_24dp.png

142.250.74.99

200 OK

846 B

URL HTTP/2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
846 B (846 bytes)
Hash
e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

HTTP Headers

GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 10:31:30 GMT
expires: Sat, 09 Dec 2023 10:31:30 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 8692
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.99

200 OK

1.8 kB

URL HTTP/2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 12:36:33 GMT
expires: Sat, 09 Dec 2023 12:36:33 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 1189
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:56:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ibrapush.com/custom

139.45.197.250

200 OK

39 B

URL HTTP/2
ibrapush.com/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://davi24.com/
Content-Type: application/json
Origin: https://davi24.com
Content-Length: 754
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:22 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 1f1e832eadb4806bf5734b98d0817f41
access-control-allow-origin: https://davi24.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

davi24.com/sw.js

103.77.162.23

404 Not Found

56 kB

URL HTTP/1.1
davi24.com/sw.js
IP
103.77.162.23:0
ASN
#45544 SUPERDATA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1820), with CRLF, LF line terminators
Size
56 kB (56112 bytes)
Hash
4c6edb7bb95cc86ae3e0a23e0cbc40d7
02be2988d5c52634bab96cd5c0c84df9ee0d2469
325ce7fc78a956bf4296341b806711b22bac3b4184b692e4ce16dc5d2901d83a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /sw.js HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://davi24.com/3ds-max-2022-free-download/
Connection: keep-alive
Cookie: prefetchAd_4606748=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Fri, 09 Dec 2022 12:56:21 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://davi24.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8345 bytes)
Hash
659b6eb1f1c430e2780758c7787b9a23
4792b0893827924e84cc51450012407717da4d2b
f14393b6bcc036fa9ed61114944ebb25192adfec72c09807eb7948a88c790d69

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8345
x-amzn-requestid: 4e42c335-cc27-41bc-8d5c-cbe3dcc1f623
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwRBF_gIAMFdCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-254d38575d76726a4462c66f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Z2JMjvOva19O3uj7la6UmjCpwleEyo3y2IfRCp4qp5iuob0AYN9Mng==
via: 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 12:32:24 GMT
age: 1440
etag: "4792b0893827924e84cc51450012407717da4d2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ibrapush.com/custom

139.45.197.250

200 OK

39 B

URL HTTP/2
ibrapush.com/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://davi24.com/
Content-Type: application/json
Origin: https://davi24.com
Content-Length: 392
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:25 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 117ecfdda8f21854a9f9961372968b6a
access-control-allow-origin: https://davi24.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

nanouwho.com/1?z=4606746

139.45.197.242

200 OK

0 B

URL HTTP/2
nanouwho.com/1?z=4606746
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /1?z=4606746 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: f9fd20bb24d857e09f31a43f4d1ea114
access-control-expose-headers: X-Sc
x-sc: bcR0WzVNx9Ujl6QqOViUjzIjHTndvz89lXf5cdGJoDiAh0SDGbLrjFYacDSsH03n_8s-enovXlZWUcfwpCxn3MNdkPY=
set-cookie: scm=1; expires=Sat, 09 Dec 2023 12:56:21 GMT; secure; SameSite=None
OAID=9874d634698a4f35b6aa07462819e2d5; expires=Sat, 09 Dec 2023 12:56:21 GMT; secure; SameSite=None
oaidts=1670590581; expires=Sat, 09 Dec 2023 12:56:21 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

betotodilea.com/400/4606745

139.45.197.237

200 OK

0 B

URL HTTP/2
betotodilea.com/400/4606745
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /400/4606745 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: application/javascript
x-trace-id: 5d36a35d4264552f9945eff051b10b6a
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=cd92cfd9d1224fae9a30d78ea3b37659; expires=Sat, 09 Dec 2023 12:56:21 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

ibrapush.com/pfe/current/universal.min.js?v=3.1.409

139.45.197.250

200 OK

0 B

URL HTTP/2
ibrapush.com/pfe/current/universal.min.js?v=3.1.409
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.409 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://davi24.com/
Origin: https://davi24.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-18c6c"
access-control-allow-origin: https://davi24.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

www.adz2you.net/serve/ads.js

172.67.148.181

200 OK

0 B

URL HTTP/2
www.adz2you.net/serve/ads.js
IP
172.67.148.181:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /serve/ads.js HTTP/1.1
Host: www.adz2you.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 09 Dec 2022 12:56:18 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1263
etag: W/"5d4508b2-4ef"
last-modified: Sat, 03 Aug 2019 04:08:18 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0mlA1uIh4OKsjNVmWDzNq5eQNPTVj%2B%2FxKqWGWwMJxHDwZOyw%2BO4x4lVDZeK2CO38wGA4J66JyTPtQkwYZfXedVvI8%2FcAIO2J6%2FIggqwgklfM8vSobEAhnUSWRE%2F8cUgs%2Bc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776de6695f86b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

onmarshtompor.com/?rb=AxAZ4NusEj93h34U0_gJM901pXQJyUTpI243C4fS2CJK7BFtdm1JCaCYBXjJ_X6qKvQj6HnDRUCkSNIM_fgDLZJ-mGgR1vMZpfSA9hW7Q_yIMCapRrRrhG3b1w4C9a7MTznLlvjgVAGOpVNWj1e153ULM3ZABz5kmhg8l4gvAzXxHSFvm7VPtREMR1Kih0Y2VnX5HCfO0IyrQxfw_WrmWMJq5IQFVgr2FRuKOJIV6y0%3D&request_ab2=96003&zoneid=4606748&js_build=iclick-v1.459.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fdavi24.com%2F3ds-max-2022-free-download%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.459.0&bs=b13e7f89-4ce9-4385-8755-f9724908d125&userId=ff7a3498e00b46f2bc04040a4bbce394&m=link

139.45.197.243

200 OK

0 B

URL HTTP/2
onmarshtompor.com/?rb=AxAZ4NusEj93h34U0_gJM901pXQJyUTpI243C4fS2CJK7BFtdm1JCaCYBXjJ_X6qKvQj6HnDRUCkSNIM_fgDLZJ-mGgR1vMZpfSA9hW7Q_yIMCapRrRrhG3b1w4C9a7MTznLlvjgVAGOpVNWj1e153ULM3ZABz5kmhg8l4gvAzXxHSFvm7VPtREMR1Kih0Y2VnX5HCfO0IyrQxfw_WrmWMJq5IQFVgr2FRuKOJIV6y0%3D&request_ab2=96003&zoneid=4606748&js_build=iclick-v1.459.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fdavi24.com%2F3ds-max-2022-free-download%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.459.0&bs=b13e7f89-4ce9-4385-8755-f9724908d125&userId=ff7a3498e00b46f2bc04040a4bbce394&m=link
IP
139.45.197.243:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?rb=AxAZ4NusEj93h34U0_gJM901pXQJyUTpI243C4fS2CJK7BFtdm1JCaCYBXjJ_X6qKvQj6HnDRUCkSNIM_fgDLZJ-mGgR1vMZpfSA9hW7Q_yIMCapRrRrhG3b1w4C9a7MTznLlvjgVAGOpVNWj1e153ULM3ZABz5kmhg8l4gvAzXxHSFvm7VPtREMR1Kih0Y2VnX5HCfO0IyrQxfw_WrmWMJq5IQFVgr2FRuKOJIV6y0%3D&request_ab2=96003&zoneid=4606748&js_build=iclick-v1.459.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fdavi24.com%2F3ds-max-2022-free-download%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.459.0&bs=b13e7f89-4ce9-4385-8755-f9724908d125&userId=ff7a3498e00b46f2bc04040a4bbce394&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://davi24.com/
Origin: https://davi24.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: application/json
x-trace-id: 592c33556246b28bb0534562a4a92199
access-control-allow-origin: https://davi24.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=ff7a3498e00b46f2bc04040a4bbce394; expires=Sat, 09 Dec 2023 12:56:21 GMT; path=/; secure; SameSite=None
oaidts=1670590581; expires=Sat, 09 Dec 2023 12:56:21 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 16 Dec 2022 12:56:21 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit

142.250.74.174

200 OK

0 B

URL HTTP/2
translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /translate_a/element.js?cb=GoogleLanguageTranslatorInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 09 Dec 2022 12:56:18 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+213; expires=Sun, 08-Dec-2024 12:56:18 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (44)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations