Report - mascotahub.com/ena/index.php?e=qbot.zip

Report Overview

Submitted URL
mascotahub.com/ena/index.php?e=qbot.zip
IP
198.187.29.26
ASN
#22612 NAMECHEAP-NET
Submitted
2022-11-19 19:19:20
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
170

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	41 kB	34.120.237.76
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	3.1 kB	6.3 kB	142.250.74.3
www.google.com	7	2015-05-10T13:11:19Z	2023-03-10T12:19:40Z	818 B	2.4 kB	142.250.74.164
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-10T14:35:32Z	340 B	964 B	172.64.155.188
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	2.0 kB	60 kB	216.58.207.195
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	2.2 kB	3.0 kB	142.250.74.10
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	52.89.217.163
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.4 kB	6.2 kB	23.36.77.32
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	682 B	1.6 kB	93.184.220.29
mascotahub.com	unknown	2021-05-05T19:47:57Z	2023-03-03T13:02:52Z	23 kB	611 kB	198.187.29.26
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-10T12:47:01Z	439 B	164 kB	142.250.74.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-19	medium	mascotahub.com/ena/index.php?e=qbot.zip	Malware
2022-11-19	medium	mascotahub.com/wp-content/plugins/burst-statistics/helpers/timeme/timeme.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-content/plugins/burst-statistics/assets/js/build/burst.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-includes/js/jquery/jquery.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-includes/js/jquery/jquery-migrate.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-content/plugins/advanced-google-recaptcha/assets/js/captcha.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js	Phishing
2022-11-19	medium	mascotahub.com/wp-content/plugins/contact-form-7/includes/js/index.js	Phishing
2022-11-19	medium	mascotahub.com/wp-includes/js/masonry.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-includes/js/imagesloaded.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-includes/js/dist/vendor/wp-polyfill.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-content/plugins/anno-core/public/assets/js/front-end-widget.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js	Phishing
2022-11-19	medium	mascotahub.com/wp-includes/js/hoverIntent.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-content/plugins/jet-blocks/assets/js/jet-blocks.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-content/plugins/elementor/assets/js/frontend.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-includes/js/underscore.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-includes/js/jquery/ui/core.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-includes/js/wp-util.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-includes/js/wp-emoji-release.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-content/plugins/anno-core/public/assets/js/extension.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-content/plugins/jet-elements/assets/js/jet-elements.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-content/themes/anno/assets/js/apps.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js	Phishing
2022-11-19	medium	mascotahub.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2	Phishing
2022-11-19	medium	mascotahub.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2	Phishing
2022-11-19	medium	mascotahub.com/ena/?e=qbot.zip	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed
2022-11-19	medium	mascotahub.com	Sinkholed

JavaScript (45)

	URL	Size	First Seen	Last Seen
	mascotahub.com/ena/?e=qbot.zip	141 B	2023-03-11	2023-03-11
Pretty URL mascotahub.com/ena/?e=qbot.zip IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:36:35 Last Seen2023-03-11 14:36:35 Times Seen1 Hash 7ff0feae6ce2832885004d111dc77bf5 27484853faca002e4966df432472c6875fa94b04 a7b5cadf4e2173511937ceb15d4fc9f0995f9dd4cdc4e47a231f4b2f77af6a00 Loading...

	mascotahub.com/wp-content/plugins/elementor/assets/js/frontend.min.js	41 kB	2023-03-11	2023-03-11
Pretty URL mascotahub.com/wp-content/plugins/elementor/assets/js/frontend.min.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:36:35 Last Seen2023-03-11 14:36:35 Times Seen1 Hash 99cccd33ae2cf3d014e28ae96d0d032d c6ae1ecc4dffec9d95c0296a11236a63d1aa4c52 0c9f7fa6e4f831ac767164d6ff4699ee3aed10dfbe8ef251105592a395228b3d Loading...

	mascotahub.com/wp-includes/js/underscore.min.js	19 kB	2023-03-08	2024-04-25
Pretty URL mascotahub.com/wp-includes/js/underscore.min.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:29 Last Seen2024-04-25 19:04:12 Times Seen41447 Hash f88d5720bb454ed5d204cbdb56901f6b f1952292fde4b15936e9aac16b2b9896684db95b 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 19:26:54 Times Seen37071099 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	mascotahub.com/ena/?e=qbot.zip	115 B	2023-03-11	2023-03-11
Pretty URL mascotahub.com/ena/?e=qbot.zip IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:36:35 Last Seen2023-03-11 14:36:35 Times Seen1 Hash e2b19f957cbd766b6506a95d49bca80b def93fbae34c44ceed9894aa806253c27c475075 2c6b33a4b6a02529ace0f0b0557802705bcdb27fd3ba0e9949f86603a07559ad Loading...

	mascotahub.com/ena/?e=qbot.zip	70 B	2023-03-07	2024-04-25
Pretty URL mascotahub.com/ena/?e=qbot.zip IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:32 Last Seen2024-04-25 19:04:11 Times Seen6535 Hash 4ff152a840e29705f2933718a2571bc3 6c7ed239bcd74ab7a0ea03b3dd4ab74ffceaff49 e426295764322c0b4d881b5da28c2591e9ff651fc07636da1e2979a62a2f349c Loading...

	mascotahub.com/wp-includes/js/wp-util.min.js	1.4 kB	2023-03-08	2024-04-25
Pretty URL mascotahub.com/wp-includes/js/wp-util.min.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:29 Last Seen2024-04-25 19:04:11 Times Seen24431 Hash 19d386c9004e54941c1cc61d357efa5d 0a77594006c8d86fdcc0adbc2b9aecaef3869586 3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95 Loading...

	www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js	409 kB	2023-03-08	2023-03-17
Pretty URL www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash b2507198388fcc94ca9e94ed4c5561c5 8853fc86f1c616bd20a73e3e24442036fd90fd2f 02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0 Loading...

	mascotahub.com/wp-content/plugins/contact-form-7/includes/js/index.js	12 kB	2023-03-08	2024-04-24
Pretty URL mascotahub.com/wp-content/plugins/contact-form-7/includes/js/index.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:19 Last Seen2024-04-24 20:13:16 Times Seen3481 Hash 1f9968a7c7a2a02491393fb9d4103dae 0032c8a6a692e6f072b2cef20828449402fdd57d f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49 Loading...

	mascotahub.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js	128 kB	2023-03-11	2023-03-11
Pretty URL mascotahub.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:36:35 Last Seen2023-03-11 14:36:35 Times Seen1 Hash 1cf207da012b59d2f8d8a31c44036124 6f082fe6ecec613db58f201f03cbf212bcbd3781 e316779aaa93747aff303a7a4fcc0e4b37f0e156c4ba75bc477390c179dd2dc0 Loading...

	mascotahub.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js	18 kB	2023-03-11	2023-03-11
Pretty URL mascotahub.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:36:35 Last Seen2023-03-11 14:36:35 Times Seen1 Hash 5c2b4f47d4d2d20abd419b44cb75bba6 d4709f9fc20b34b9c8af016c04f590f3f369d548 a5a02e971c7bd63ec958032f59c446a8b0e20e6ee6efe40d3cfbf1d15bc88039 Loading...

	mascotahub.com/wp-includes/js/wp-emoji-release.min.js	19 kB	2023-03-07	2024-04-25
Pretty URL mascotahub.com/wp-includes/js/wp-emoji-release.min.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 18:37:13 Times Seen38049 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	mascotahub.com/wp-content/plugins/anno-core/public/assets/js/extension.min.js	64 kB	2023-03-11	2023-03-11
Pretty URL mascotahub.com/wp-content/plugins/anno-core/public/assets/js/extension.min.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:36:35 Last Seen2023-03-11 14:36:35 Times Seen1 Hash 12257c4061ae89afee29bb9809c74e8d 7f9eec39a5a07c5f2701828983001a7a54a38fd9 27f0ba977481d49b41edabc244e6e59f1c74dabdc451f93aa04ec820a83d7150 Loading...

	mascotahub.com/ena/?e=qbot.zip	77 B	2023-03-11	2023-03-11
Pretty URL mascotahub.com/ena/?e=qbot.zip IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:36:35 Last Seen2023-03-11 14:36:35 Times Seen1 Hash f5d8e1e318094b05fdef81987650c131 36dd60e31b49f1fc38b5f28668b78da405020917 467841e156243ffdbdd0d1ae9641721f350105450ed6bfdc5402d0c2d895fa90 Loading...

	mascotahub.com/ena/?e=qbot.zip	276 B	2023-03-11	2023-03-11
Pretty URL mascotahub.com/ena/?e=qbot.zip IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:36:35 Last Seen2023-03-11 14:36:35 Times Seen1 Hash 4c17febded3de5c6fed7294ddd88a976 c9734be9d52573cdca82063c4fe948b6d07db935 7efce0a46598b778fcfd988fa537bcb8549d44ab2243e674a486d213b454d8e0 Loading...

	mascotahub.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js	9.9 kB	2023-03-08	2024-04-24
Pretty URL mascotahub.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:19 Last Seen2024-04-24 20:13:16 Times Seen3136 Hash dc74c9954b1944928eca0172c3b8c6b3 e9e00e587e0e28491b69563b4e768945ff2e0ed5 d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b Loading...

	www.google.com/recaptcha/api.js?hl=en_US&onload=agrLoad&render=explicit	902 B	2023-03-11	2023-03-11
Pretty URL www.google.com/recaptcha/api.js?hl=en_US&onload=agrLoad&render=explicit IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:36:35 Last Seen2023-03-11 21:54:44 Times Seen1 Hash 2f41e22eed28eac29d87b8b91196a717 060c6ec2445c5f6879f09df39714bb8104da179d c13e9f966b8abd0c2a8c5f5f227c467672aa7bded5386942b6d6c49b22b04d9e Loading...

	mascotahub.com/ena/?e=qbot.zip	280 B	2023-03-11	2023-03-11
Pretty URL mascotahub.com/ena/?e=qbot.zip IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:36:35 Last Seen2023-03-11 14:36:35 Times Seen1 Hash b2de2257d498aaa0f03c75094975a917 bda3eef80979ee63045a5032bfa584dfe5c8d9a0 d032e6d9f13b1b88ddc6a43fa1d320fab54cf0aac22447ae1b384ba1387b3ede Loading...

	mascotahub.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js	999 B	2023-03-07	2024-04-25
Pretty URL mascotahub.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:28 Last Seen2024-04-25 18:37:12 Times Seen11039 Hash 6a0e8318d42803736d2fafcc12238026 c955314a7e0a9a9871329b0f042c8f0b5df49a78 2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c Loading...

	mascotahub.com/wp-includes/js/hoverIntent.min.js	1.5 kB	2023-03-07	2024-04-25
Pretty URL mascotahub.com/wp-includes/js/hoverIntent.min.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:10 Last Seen2024-04-25 15:57:16 Times Seen27422 Hash 8c0498e2f1f7a684a8d2a3feb934b64b 76099689ccaee466d4608da621c403b368dcae03 ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40 Loading...

	mascotahub.com/ena/?e=qbot.zip	2.1 kB	2023-03-11	2023-03-11
Pretty URL mascotahub.com/ena/?e=qbot.zip IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:36:35 Last Seen2023-03-11 14:36:35 Times Seen1 Hash baef1aacc925d9f8792850fe854dedd6 4199dbdbbf4dc31c21a6967e75f4c6e411c9665b 37ff225ec76e928982dd0c6738e2d78ad9bf6ba25ae1bd903c4ebd2c4f291872 Loading...

	mascotahub.com/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js	49 kB	2023-03-08	2024-02-28
Pretty URL mascotahub.com/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:57 Last Seen2024-02-28 18:02:20 Times Seen88 Hash 876a724f32ecab9859a9f863e1c3823a cd145be32664d85d2d1e8385443e549e1cfc2152 667cf079e0c4ea0eac896d368aacf29aa7b4a53f1a1685e14748840ed70a67b0 Loading...

	mascotahub.com/wp-includes/js/jquery/ui/core.min.js	21 kB	2023-03-08	2024-04-25
Pretty URL mascotahub.com/wp-includes/js/jquery/ui/core.min.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-25 19:04:11 Times Seen9807 Hash 034bd11ecaf6fb9240d905245e42e202 ff136c394ed95badfc0107fb98a890dcff642828 ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651 Loading...

	mascotahub.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js	8.6 kB	2023-03-11	2023-03-11
Pretty URL mascotahub.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:36:35 Last Seen2023-03-11 14:36:35 Times Seen1 Hash 52f0650c3762406792639cc5c5ae4109 a0f19afafd7ee2720943bef4de4be220968ec026 4c20c1f8861c24c49b743bc4b6ae07922ff3101cf57f36a87fb8299845d068cb Loading...

	mascotahub.com/ena/?e=qbot.zip	873 B	2023-03-11	2023-03-11
Pretty URL mascotahub.com/ena/?e=qbot.zip IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:36:35 Last Seen2023-03-11 14:36:35 Times Seen1 Hash dc497dfe5c263017a1f7ca92e9717514 a718f7d1126632c3a6579467f03fc63e44720b8f 83380182298896c55ffc6f75879a30ff30ee2673e015768d5a82dae786e15c1a Loading...

	mascotahub.com/wp-includes/js/imagesloaded.min.js	5.6 kB	2023-03-07	2024-04-25
Pretty URL mascotahub.com/wp-includes/js/imagesloaded.min.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:40 Last Seen2024-04-25 19:04:10 Times Seen30970 Hash 3a56752b736635bf69cb069b8818cbfd 42e0951fe74bb3f56a30f51291823bcd4a84d76e ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869 Loading...

	mascotahub.com/wp-content/plugins/anno-core/public/assets/js/front-end-widget.min.js	19 kB	2023-03-11	2023-03-11
Pretty URL mascotahub.com/wp-content/plugins/anno-core/public/assets/js/front-end-widget.min.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:36:35 Last Seen2023-03-11 14:36:35 Times Seen1 Hash 3cd6ccf9e8dced19077292862541b592 ccba61e6f5bb09fe0b0ef5a21355dfda7cac0f9e c965452f82eb774a1313f31612849d9475df59d8c64f72f6fed55f12da7e38f6 Loading...

	mascotahub.com/wp-includes/js/masonry.min.js	24 kB	2023-03-07	2024-04-25
Pretty URL mascotahub.com/wp-includes/js/masonry.min.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2024-04-25 19:04:12 Times Seen15279 Hash 3b3fc826e58fc554108e4a651c9c7848 76778fd446e2ff2377588a7b4ac4d79f258427c9 e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb Loading...

	mascotahub.com/ena/?e=qbot.zip	1.6 kB	2023-03-07	2024-03-14
Pretty URL mascotahub.com/ena/?e=qbot.zip IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:05 Last Seen2024-03-14 11:01:06 Times Seen157 Hash 2ecac6b161cf12ee34bb408070b69f93 7f6a2f65812fabe770c88743237700513adda8e0 c518045f30a82a2095b9644c42dac220d916292eb9666325850b2e23eada5e68 Loading...

	mascotahub.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js	754 B	2023-03-07	2024-04-25
Pretty URL mascotahub.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:32 Last Seen2024-04-25 13:07:05 Times Seen2671 Hash afb55c29bdbcfc262d9fa56743572cad d4b6cb9df2b1b5477cd968fb05cf5faa1d13d6bf c30dab20b677f2b13f42a4a04385a3c6d380fa023a4a1c32f45f2996e152bfba Loading...

	mascotahub.com/wp-content/plugins/burst-statistics/assets/js/build/burst.min.js	6.2 kB	2023-03-08	2023-08-31
Pretty URL mascotahub.com/wp-content/plugins/burst-statistics/assets/js/build/burst.min.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:44:29 Last Seen2023-08-31 00:21:53 Times Seen5 Hash fd049e56100741e7d3d71861ce28a061 32ff592b47a2fddfe21ef3322fa938892ffb145b b81cd825a016f93360229c5ff5b774f23ffdc2f5689758ed51be2e26b703a78c Loading...

	mascotahub.com/wp-includes/js/jquery/jquery-migrate.min.js	11 kB	2023-03-07	2024-04-25
Pretty URL mascotahub.com/wp-includes/js/jquery/jquery-migrate.min.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 19:04:13 Times Seen68632 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	mascotahub.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js	296 kB	2023-03-11	2023-03-11
Pretty URL mascotahub.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:36:35 Last Seen2023-03-11 14:36:35 Times Seen1 Hash 87c81256347fc1d09878919b84e07653 985d75253f40076537db58ac95c5df06da1e501b 784cb510482f6708dfe1d9532e1df11b05a135af199b7621b3c0f2ef74c527b1 Loading...

	mascotahub.com/wp-includes/js/jquery/jquery.min.js	90 kB	2023-03-08	2024-04-25
Pretty URL mascotahub.com/wp-includes/js/jquery/jquery.min.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-25 19:04:13 Times Seen31813 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	mascotahub.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js	6.5 kB	2023-03-07	2024-04-25
Pretty URL mascotahub.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 19:04:11 Times Seen15500 Hash 61449413a42d2daaa79dbe7298b40e21 d86c474164c603084397bdc50fb0e469d28b5772 f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a Loading...

	mascotahub.com/wp-content/plugins/jet-blocks/assets/js/jet-blocks.min.js	18 kB	2023-03-11	2023-03-11
Pretty URL mascotahub.com/wp-content/plugins/jet-blocks/assets/js/jet-blocks.min.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:36:35 Last Seen2023-03-11 14:36:35 Times Seen1 Hash 36f8be480657b2fcc4f532c15d110c7e 3bf28d403f5691bd720d5bc0bbb573682e091350 eeca1a772bb86fb9fdce54858fe933248b1193342d0a1452cf57f9b92732b3b5 Loading...

	mascotahub.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js	16 kB	2023-03-11	2023-03-11
Pretty URL mascotahub.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:36:35 Last Seen2023-03-11 14:36:35 Times Seen1 Hash 2dca9c2396f9d0a8793fb9f34ad03c74 0f4f1291c59c62256f010e241659cac0b635a9db 59d087c1c2e12497886a31a1d94edb6f13b8daa2ddeac50dba19c60e9765e2a5 Loading...

	mascotahub.com/wp-content/plugins/jet-elements/assets/js/jet-elements.min.js	56 kB	2023-03-11	2023-03-11
Pretty URL mascotahub.com/wp-content/plugins/jet-elements/assets/js/jet-elements.min.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:36:35 Last Seen2023-03-11 14:36:35 Times Seen1 Hash bd77eaf365c572a37664afc432ce2585 090c27a901b3fa92a10ad0257d69a36d52930ea0 abf87fcb83c6792a3d7bf4e9713aca8924c26b340d9c1d0129369f9960b95009 Loading...

	mascotahub.com/wp-content/plugins/advanced-google-recaptcha/assets/js/captcha.min.js	376 B	2023-03-08	2024-04-12
Pretty URL mascotahub.com/wp-content/plugins/advanced-google-recaptcha/assets/js/captcha.min.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:38:26 Last Seen2024-04-12 09:25:28 Times Seen612 Hash 8da8e0fe15a5a3da34fba7afcbf15286 3d76373a9379a76e7683b127900f91de9b7de12a cfce838bf08d7934a42f812673c2f6dabf547ed90f67288edd5ee14d0ec303f9 Loading...

	mascotahub.com/wp-content/plugins/burst-statistics/helpers/timeme/timeme.min.js	6.4 kB	2023-03-07	2024-04-21
Pretty URL mascotahub.com/wp-content/plugins/burst-statistics/helpers/timeme/timeme.min.js IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:05 Last Seen2024-04-21 18:22:38 Times Seen1009 Hash 421e614656f7380a73fff0417c2c5c29 3d78737fe7c0436160cda8678e9fdcd84525417b 683c9b0530c613523f1b02a246d7bccaa9f68af46df061f4d9f72c178c01b874 Loading...

	mascotahub.com/ena/?e=qbot.zip	280 B	2023-03-11	2023-03-11
Pretty URL mascotahub.com/ena/?e=qbot.zip IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:36:35 Last Seen2023-03-11 14:36:35 Times Seen1 Hash a53fcd79d4d0292863245811cdd6bba7 638b8ae15ee544c50dea065cf0a159973701ffe3 eb0688fea7d3ab94e9d11f0542bb90774d49da312b180eede0e60b310ddb023b Loading...

	mascotahub.com/ena/?e=qbot.zip	1.9 kB	2023-03-11	2023-03-11
Pretty URL mascotahub.com/ena/?e=qbot.zip IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:36:35 Last Seen2023-03-11 14:36:35 Times Seen1 Hash ff6a39ebf8181a05510fb78c65bf5040 5c0de4d05bb1fecfab03c5e55455267b5f23772b 1fe6947c1dc6cfce3084ebc53a3a48868af8ec4d6ac6a987445a66648773c5e3 Loading...

	mascotahub.com/ena/?e=qbot.zip	84 B	2023-03-07	2024-04-25
Pretty URL mascotahub.com/ena/?e=qbot.zip IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:32 Last Seen2024-04-25 18:11:53 Times Seen3213 Hash 7f215c9370788561e1b9e30dd40697ef aca5a8d9d6bae876f32a5b9fb7d1d948afe855b0 eed9d591cae9c609fb97d73f7fe3d192432da0246d97bbbad6d0de0a1bc0cc2d Loading...

	mascotahub.com/ena/?e=qbot.zip	2.1 kB	2023-03-07	2024-04-25
Pretty URL mascotahub.com/ena/?e=qbot.zip IP 198.187.29.26 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:35 Last Seen2024-04-25 11:31:42 Times Seen768 Hash cf7e35900d1944baad163d56dcee15c0 505faed283188adb3e34bd03448ab0910aa53e22 a7cc60ead42206fa20ee5c0286cead9c6d9c6b8d4b5b9b9690bb35567683626b Loading...

	www.google.com/recaptcha/api.js?render=6Lci8O0iAAAAAHTYmXVw0ByN8pHDDl_2k2mNCrpf	884 B	2023-03-11	2023-03-11
Pretty URL www.google.com/recaptcha/api.js?render=6Lci8O0iAAAAAHTYmXVw0ByN8pHDDl_2k2mNCrpf IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:36:35 Last Seen2023-03-11 14:36:35 Times Seen1 Hash 11119be2b213a2d4e682f77790aec6cd 8208b26f511559fcd164281fe9da8a8a8fcce60a d1672f40cac45d72d090e3d765e63b8e84a94262f9a1337e9dc174513b40272a Loading...

HTTP Transactions (92)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
eb76c0b3adf4098ad8a9d1e38250758f
99610ddb2b4ec6d04250ac244f966951695d4f00
01ed8c191c175471aee23cbc196d558e5bf5209f166806fc97db08eb06544bab

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01ED8C191C175471AEE23CBC196D558E5BF5209F166806FC97DB08EB06544BAB"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16359
Expires: Sat, 19 Nov 2022 23:51:48 GMT
Date: Sat, 19 Nov 2022 19:19:09 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f732c50f6a2482aeea20552e0370c2d0
6f33119d5c38e92a0a62f3a46766ff86014e4d68
a47e38c199c5fecd5594544a3889e1cfca5547d85f19056f06eaeeadf17f4fe9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5245
Cache-Control: max-age=146369
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:19:09 GMT
Etag: "6378b071-1d7"
Expires: Mon, 21 Nov 2022 11:58:38 GMT
Last-Modified: Sat, 19 Nov 2022 10:31:13 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1cee7787feebac18f9eca273e56e3741
3a7dac544172921e24c2a1701beef5079b21d01b
79ff4a450c749d64e116c00ca3b00d40e968906c5c3881d6eeb2dc6374a4c858

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79FF4A450C749D64E116C00CA3B00D40E968906C5C3881D6EEB2DC6374A4C858"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13903
Expires: Sat, 19 Nov 2022 23:10:52 GMT
Date: Sat, 19 Nov 2022 19:19:09 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 19 Nov 2022 18:45:10 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2039
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 3CZWzKUqWLjQeWHsIGGUgdDQugvQKSUCvq3a3aolGBOZpyp388k2RFdfuY3Ov84Ta2f8EyMeh7k=
x-amz-request-id: Q0XG6K8X5BX9H2VE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 19 Nov 2022 18:38:25 GMT
age: 2444
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 19:19:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 19 Nov 2022 18:44:49 GMT
cache-control: public,max-age=3600
age: 2060
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
0bbd773739d481035d5756de6e86fe4b
2602368bc8e921c1db12f98df83dc47b7fe78264
6a6aa403139753b5324ba42cc8c7dbd8bead2ee6711e91d4100de2a22aaa3607

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 19:19:09 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 22:14:28 GMT
Expires: Fri, 25 Nov 2022 22:14:27 GMT
Etag: "2602368bc8e921c1db12f98df83dc47b7fe78264"
Cache-Control: max-age=528317,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76cb4bbbc8a00b69-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
060d538b33e370fcd033339830d33a42
4a37d427988358eb318e18e2678c3484ef4a5ebd
efa33f92547243814b5bd3bca4f94d26055d590a4431611b3ba251a8d774bfbb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3900
Cache-Control: max-age=139963
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:19:09 GMT
Etag: "63789cac-1d7"
Expires: Mon, 21 Nov 2022 10:11:52 GMT
Last-Modified: Sat, 19 Nov 2022 09:06:52 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.89.217.163

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.217.163:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3xPMZqwJzQ512Va8SRQceA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9/SNXLyZY5/jzyHOmYD4AWJPdzU=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12109
Expires: Sat, 19 Nov 2022 22:41:00 GMT
Date: Sat, 19 Nov 2022 19:19:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12109
Expires: Sat, 19 Nov 2022 22:41:00 GMT
Date: Sat, 19 Nov 2022 19:19:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12109
Expires: Sat, 19 Nov 2022 22:41:00 GMT
Date: Sat, 19 Nov 2022 19:19:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12109
Expires: Sat, 19 Nov 2022 22:41:00 GMT
Date: Sat, 19 Nov 2022 19:19:11 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4851 bytes)
Hash
459df915ce91b32b2dcc4850516d68a0
d7a5473d367e7965a4af55acbf4675ed7088fab2
a03e26ebee79ad9b9dda1bf680e0d2467ae6d5e582589ada9fe6ddfa437c483c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4851
x-amzn-requestid: 8c868655-d0eb-428d-9fc0-a7449f770bd4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brtDFF9HoAMFV9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748ee0-4f7daf8f7451dc5e0840f620;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:18:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xirMw5z5GPbmx9Sii_I4iNeh1GS5k9lGmaaJvUGAPWoVyP0Tldhf1w==
via: 1.1 e9ba0a9a729ff2960a04323bf1833df8.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 07:17:42 GMT
age: 43289
etag: "d7a5473d367e7965a4af55acbf4675ed7088fab2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12109
Expires: Sat, 19 Nov 2022 22:41:00 GMT
Date: Sat, 19 Nov 2022 19:19:11 GMT
Connection: keep-alive

34.120.237.76

200 OK

3.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F680965e1-a075-4bd9-8788-73e1a3c92de2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.8 kB (3842 bytes)
Hash
2e9f6e24e829065d4f201b4c9d9c8fd1
317ec439968641329b83210f7fcab59023310077
d1d304d12f3e1c2ad9cf9279bbb7cab4a954942ab86f41d5333e030cdc7a55c8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F680965e1-a075-4bd9-8788-73e1a3c92de2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3842
x-amzn-requestid: 8effd7ec-299f-471f-8746-3cb81d94998b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: boYBREE6oAMFmfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63733a07-46160f6159dfb4a729e5d688;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 07:04:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 37fj6lqvqFTCEPkclxpI6OuYvlIB57GI2bS4wySNP3X4eQ3Lwy3WQA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 10:26:23 GMT
age: 31968
etag: "317ec439968641329b83210f7fcab59023310077"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb1ea6fe-f968-42eb-9bb6-5965ae4e6ce6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7045 bytes)
Hash
e5fb6d72b647aabea33ab4017f4a0847
ed93ac946111340a254b92f8ce27e8be93ae87e8
0782ed4ffaea8f9487461d5a9b0c241d30dfe057676753b24e180d0a94efad99

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb1ea6fe-f968-42eb-9bb6-5965ae4e6ce6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7045
x-amzn-requestid: e8dace8b-0cc8-4ea0-b47a-e42a66576f72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-K3EuCIAMFsmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa45-71c191e462be52006858817b;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: S0Sq8vuP-MbcuYVx_WFXTkmrY966mBTY1Qpowx_E_to1tDk1b8R-Bw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:49:21 GMT
age: 77390
etag: "ed93ac946111340a254b92f8ce27e8be93ae87e8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7631 bytes)
Hash
b2b393e36ee2c9649d90db136aa49542
e88c5832ff0c49bab181d948c3a510d88343bb6f
8b524701df43bff56ac52a021ff0fbd964e06f00e84b4861aa557ec6ae6b4ffd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7631
x-amzn-requestid: b47e545d-1fb6-4a62-ab45-28cdb9d3f0b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-vQE0XoAMFS3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab2e-56365eed3d4c082c53b172b3;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WpaBFpaCu0GBiHiiQzCCsyXrA7uzesHS92c_PsgxROxPkqjZ8RyI6Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:52:45 GMT
age: 77186
etag: "e88c5832ff0c49bab181d948c3a510d88343bb6f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8089 bytes)
Hash
c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9FO1gkdftjvJFDvAlxwLD63BP-liwnS2MImVhVdjg83wi4xJdM73Kg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:36:25 GMT
age: 78166
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.0 kB (3035 bytes)
Hash
d6b026c34985bbf2ebf89a62d0724c66
72369ebeccf447fa91ef77711d6297063c99777e
e5598ada634274ab9995dedda8c1fd18344abcfdd49b3a1aaede0a86fafc0f40

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3035
x-amzn-requestid: 3e3f3a7f-9a1d-4b37-b932-22c6e3e638f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QRcFOuoAMF_fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6f-09dc20ea5620dd167e3f7265;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xvVfLfP2DUilu7GSJMGArO90Kdoq5cPBVtmtyVjZmX5ZKnvOjpR_UQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:36:25 GMT
age: 78166
etag: "72369ebeccf447fa91ef77711d6297063c99777e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

mascotahub.com/ena/index.php?e=qbot.zip

198.187.29.26

301 Moved Permanently

0 B

URL HTTP/2
mascotahub.com/ena/index.php?e=qbot.zip
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /ena/index.php?e=qbot.zip HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://mascotahub.com/ena/?e=qbot.zip
x-litespeed-cache: miss
content-length: 0
date: Sat, 19 Nov 2022 19:19:12 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
07caf241d63e15426cd26434ef88e9dd
ec289ab860ffccd49ce9a62d2c47c59dc181fbd5
d1f4bc6604b8a399049b5943d23dbfb842d9a100bf6f5c71e91a27cd3588cecb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
07caf241d63e15426cd26434ef88e9dd
ec289ab860ffccd49ce9a62d2c47c59dc181fbd5
d1f4bc6604b8a399049b5943d23dbfb842d9a100bf6f5c71e91a27cd3588cecb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5e884c53db72411f06e2209d005f7586
6e1049a7fc26d6a3259a97bfca9dc6ba7b0dd5af
2965603dd297987ffa36ffd33c133f2c6a67fa6df1551554160b65ce804b0198

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5e884c53db72411f06e2209d005f7586
6e1049a7fc26d6a3259a97bfca9dc6ba7b0dd5af
2965603dd297987ffa36ffd33c133f2c6a67fa6df1551554160b65ce804b0198

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
07caf241d63e15426cd26434ef88e9dd
ec289ab860ffccd49ce9a62d2c47c59dc181fbd5
d1f4bc6604b8a399049b5943d23dbfb842d9a100bf6f5c71e91a27cd3588cecb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?hl=en_US&onload=agrLoad&render=explicit

142.250.74.164

200 OK

574 B

URL HTTP/2
www.google.com/recaptcha/api.js?hl=en_US&onload=agrLoad&render=explicit
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (902), with no line terminators
Size
574 B (574 bytes)
Hash
3496b8a73c9f424d3c22be886c5d6429
39efd9ac4feb76e51da77ddefd07d3b2d4889173
7e49229559e0dad9019a407066941bcd4ab908fdfd68f0c04b60bfa4616d84af

HTTP Headers

GET /recaptcha/api.js?hl=en_US&onload=agrLoad&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Sat, 19 Nov 2022 19:19:14 GMT
date: Sat, 19 Nov 2022 19:19:14 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 574
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/recaptcha/api.js?render=6Lci8O0iAAAAAHTYmXVw0ByN8pHDDl_2k2mNCrpf

142.250.74.164

200 OK

582 B

URL HTTP/2
www.google.com/recaptcha/api.js?render=6Lci8O0iAAAAAHTYmXVw0ByN8pHDDl_2k2mNCrpf
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (884), with no line terminators
Size
582 B (582 bytes)
Hash
321caba28af1d298f49f2f121589ab3f
041c1e5e5a4756f381b0e1e0d9f5f13f4ab19cb7
d8889c9ede848130fb3e5d7ac8835e0f528355ffcbdab8a3c2169d48958bb07c

HTTP Headers

GET /recaptcha/api.js?render=6Lci8O0iAAAAAHTYmXVw0ByN8pHDDl_2k2mNCrpf HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Sat, 19 Nov 2022 19:19:14 GMT
date: Sat, 19 Nov 2022 19:19:14 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
07caf241d63e15426cd26434ef88e9dd
ec289ab860ffccd49ce9a62d2c47c59dc181fbd5
d1f4bc6604b8a399049b5943d23dbfb842d9a100bf6f5c71e91a27cd3588cecb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mascotahub.com/wp-includes/css/dist/block-library/style.min.css

198.187.29.26

200 OK

12 kB

URL HTTP/2
mascotahub.com/wp-includes/css/dist/block-library/style.min.css
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (47826)
Size
12 kB (11616 bytes)
Hash
c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: text/css
last-modified: Tue, 15 Nov 2022 21:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-includes/css/classic-themes.min.css

198.187.29.26

200 OK

217 B

URL HTTP/2
mascotahub.com/wp-includes/css/classic-themes.min.css
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
217 B (217 bytes)
Hash
95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/classic-themes.min.css HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 06:08:08 GMT
accept-ranges: bytes
content-length: 217
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/contact-form-7/includes/css/styles.css

198.187.29.26

200 OK

848 B

URL HTTP/2
mascotahub.com/wp-content/plugins/contact-form-7/includes/css/styles.css
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
848 B (848 bytes)
Hash
c962ba8e7d42ff9da18392b41dad5151
7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 22:12:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 848
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a00fff9dd1711061b285e2136c973d13
66548ac11fc58024c6994539ab81804add41d2f2
4b87c5468c15817686a8497324c2a06d18fd5574141aa0476bf98aa3b8395a8f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mascotahub.com/wp-content/plugins/revslider/public/assets/css/rs6.css

198.187.29.26

200 OK

12 kB

URL HTTP/2
mascotahub.com/wp-content/plugins/revslider/public/assets/css/rs6.css
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Size
12 kB (11649 bytes)
Hash
8c56df0bf7178d462e61475087524101
fd9c2ef288827c04f68757f07451388f2a01c626
afa0ec69a19b51f8e6e1471cb873c27c52864d70fad53b286c94d71f54d697fa

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/rs6.css HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 22:12:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11649
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css

198.187.29.26

200 OK

605 B

URL HTTP/2
mascotahub.com/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2723), with no line terminators
Size
605 B (605 bytes)
Hash
2699ab4f80f3b570c722b19a41d201ad
200f03467816356e1962e46209ef382485674844
9157afd63f20bfcea453198277b7a1f3ea74ba0f75107a239eff29dabaff6545

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 22:12:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 605
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/advanced-google-recaptcha/assets/css/captcha.min.css

198.187.29.26

200 OK

128 B

URL HTTP/2
mascotahub.com/wp-content/plugins/advanced-google-recaptcha/assets/css/captcha.min.css
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with no line terminators
Size
128 B (128 bytes)
Hash
82c41743b95f3214eb99e6d78a11d1c2
784152c09860ab79555b138f88e36b52435319ab
f15c0e6e911cc7b11c95c9f60b60e5cc0326d7261d3c523899cf47dab4597a33

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/advanced-google-recaptcha/assets/css/captcha.min.css HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 22:12:45 GMT
accept-ranges: bytes
content-length: 128
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/themes/anno/style.css

198.187.29.26

200 OK

630 B

URL HTTP/2
mascotahub.com/wp-content/themes/anno/style.css
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (627)
Size
630 B (630 bytes)
Hash
1ce73bc7989e2a15d39ecde9aed8b0aa
18fdace37f3461f96a8b481b81497388a32fdf98
dc0686bbb521ef73e324b5ee7d59c14a276512b73b00428af526adb8c7dba99a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/anno/style.css HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 22:12:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 630
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/themes/anno/assets/css/apps.min.css

198.187.29.26

200 OK

47 kB

URL HTTP/2
mascotahub.com/wp-content/themes/anno/assets/css/apps.min.css
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
47 kB (47091 bytes)
Hash
b5279b3a275666ea0c25eb48498274d8
1b3aa5310ffd45e68c6df7f3820e62eae2a56a14
3fa65dd96a058a1b6f18dd2c2a8d80ec5baedf65efeffb052ec8ac927c795e90

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/anno/assets/css/apps.min.css HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 22:12:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 47091
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css

198.187.29.26

200 OK

12 kB

URL HTTP/2
mascotahub.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (57726)
Size
12 kB (12133 bytes)
Hash
f463afd8661ddc733305df1f0cbdaff2
77262f0209e75e340eb7014aba9cd8d69966032f
c4b6541be58a0ca61549cd4562850315077880c459c019f01e835cf2d7b764de

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 22:12:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12133
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css

198.187.29.26

200 OK

284 B

URL HTTP/2
mascotahub.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (489)
Size
284 B (284 bytes)
Hash
dc279c928e2924b07a4a7575f8070ee8
0196756cacdb61ef40483af7ea982b699b0933de
80b6d9e3f0304f4199350c6015fd96084646c2a0121332bcb5a46d3956b7df5c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 22:12:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 284
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css

198.187.29.26

200 OK

286 B

URL HTTP/2
mascotahub.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (483)
Size
286 B (286 bytes)
Hash
8828fa3c5bdcfa66615714a2b8c9d807
4f556d0b005ac7754af607418df445f8cf98e8b1
16950dcce60bc3ee2613b60439c99e7ed74d10245f59fe6f68346b7e72dd95e7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 22:12:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 286
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/burst-statistics/helpers/timeme/timeme.min.js

198.187.29.26

200 OK

1.8 kB

URL HTTP/2
mascotahub.com/wp-content/plugins/burst-statistics/helpers/timeme/timeme.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6448), with no line terminators
Size
1.8 kB (1831 bytes)
Hash
a5606b4ef203499b565c0201b182959d
4de8efbd1e5ca94550793f8bb352d0e143336ae5
265789002984de853cbb9041479061f2313d1088e5c934277928ba044bc74469

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/burst-statistics/helpers/timeme/timeme.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 22:12:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1831
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/burst-statistics/assets/js/build/burst.min.js

198.187.29.26

200 OK

2.5 kB

URL HTTP/2
mascotahub.com/wp-content/plugins/burst-statistics/assets/js/build/burst.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6171), with no line terminators
Size
2.5 kB (2548 bytes)
Hash
bb123d4bd64f831a02ea7abf502628cd
34ae5e348ca1e7f73b090c27f89109919cfafa79
116367f7506137dac230d5b97a122339c656f7fc5f77caca04b96739a2cd4b41

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/burst-statistics/assets/js/build/burst.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 22:12:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2548
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-includes/js/jquery/jquery.min.js

198.187.29.26

200 OK

30 kB

URL HTTP/2
mascotahub.com/wp-includes/js/jquery/jquery.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65447)
Size
30 kB (30324 bytes)
Hash
3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 06:08:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-includes/js/jquery/jquery-migrate.min.js

198.187.29.26

200 OK

4.0 kB

URL HTTP/2
mascotahub.com/wp-includes/js/jquery/jquery-migrate.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (11126)
Size
4.0 kB (3995 bytes)
Hash
7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 06:08:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/advanced-google-recaptcha/assets/js/captcha.min.js

198.187.29.26

200 OK

210 B

URL HTTP/2
mascotahub.com/wp-content/plugins/advanced-google-recaptcha/assets/js/captcha.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (376), with no line terminators
Size
210 B (210 bytes)
Hash
5689d63f71cfd66c8ec1b0d5624cd948
88509fe5d54bdf05399a2578312eadac44cf85fd
79cb79faffffae8caa958f41eb139b429f26556e463dc525c30c8e76fb1a7d1e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/advanced-google-recaptcha/assets/js/captcha.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 22:12:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 210
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/uploads/2020/05/Logo-Header-White.png

198.187.29.26

200 OK

11 kB

URL HTTP/2
mascotahub.com/wp-content/uploads/2020/05/Logo-Header-White.png
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 500 x 142, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (11288 bytes)
Hash
2f80e4178b7ff70f0fdfd6ff1f01461b
78603979b9b3b8b5509f10c701ff79065b6c4d10
f25f13131f3cb6ac723e336e6d8b1392ff48d078acf1b954143603576a9699de

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/05/Logo-Header-White.png HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: image/png
last-modified: Tue, 08 Nov 2022 22:13:05 GMT
accept-ranges: bytes
content-length: 11288
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/jet-blocks/assets/css/jet-blocks.css

198.187.29.26

200 OK

4.0 kB

URL HTTP/2
mascotahub.com/wp-content/plugins/jet-blocks/assets/css/jet-blocks.css
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (41083)
Size
4.0 kB (4037 bytes)
Hash
c5d6d89fb39123c1f1354f67ccc61ffa
a120b3ffd25150c000594e618964c5ed88392d45
1d4867cdd8c42c4ee3c5d5d80ae4aa4e1259cdab1958838091a2aeb455d47c6c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/jet-blocks/assets/css/jet-blocks.css HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 22:12:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4037
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css

198.187.29.26

200 OK

2.7 kB

URL HTTP/2
mascotahub.com/wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (17644)
Size
2.7 kB (2673 bytes)
Hash
5b7a5fc84a801908d019d7e31520bdae
552a6e6bda8f2079e20ea91b20674998ee7c93e8
ea5b3c448d27222b5171483b61864de432152abf30695892425485c00ca2d04e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 22:12:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2673
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css

198.187.29.26

200 OK

3.6 kB

URL HTTP/2
mascotahub.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (18854)
Size
3.6 kB (3554 bytes)
Hash
23d0cda7fbd7f269a200dfff8ee211c6
497cc19819270e7a3795ab61e775c130ac7b255a
299d22db4a8362551089748bb93645f190469be3b392fa206b9872bd298bb41b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 22:12:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3554
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/elementor/assets/css/frontend.min.css

198.187.29.26

200 OK

16 kB

URL HTTP/2
mascotahub.com/wp-content/plugins/elementor/assets/css/frontend.min.css
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65497)
Size
16 kB (16227 bytes)
Hash
5c61f5b04de22f9852627fca78f6c35b
e92cdd60b526190f570c2c61946f3f0ea821676d
bb8e5603560f01b2f8ce5f72923c60311630651068d8e4277e58121a01701f74

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend.min.css HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 22:12:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 16227
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js

198.187.29.26

200 OK

2.8 kB

URL HTTP/2
mascotahub.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (9937), with no line terminators
Size
2.8 kB (2817 bytes)
Hash
4317b1c024df372435f6482deadddeb3
5c8824a17e40a44ea8fc51568b98bdb1e2e7fab5
3798fb16289ba55459fb6d3b2efa915e3c019c5942759abb7bd19a0ef622b85d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 22:12:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2817
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/contact-form-7/includes/js/index.js

198.187.29.26

200 OK

3.7 kB

URL HTTP/2
mascotahub.com/wp-content/plugins/contact-form-7/includes/js/index.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text, with very long lines (12310), with no line terminators
Size
3.7 kB (3706 bytes)
Hash
dc6411bfa6891b75944f0074c945752d
03c1a8b686c287068c61ab90f58d905496d65085
96abeabc9cc7b4c2b7d46579f2827c67ccd02fbaef0343ae052f71accd381b0d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 22:12:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3706
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-includes/js/masonry.min.js

198.187.29.26

200 OK

7.1 kB

URL HTTP/2
mascotahub.com/wp-includes/js/masonry.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (23966)
Size
7.1 kB (7117 bytes)
Hash
acbcd70975a7cfaf92dc02b2ede1fd24
7a50461999972abb541d4baf1ccf23d8e435aad6
c1250ec4943afb181633078eb9d67c5944fc64b2bb219c98406c286e9449189e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/masonry.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 06:08:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7117
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-includes/js/imagesloaded.min.js

198.187.29.26

200 OK

1.7 kB

URL HTTP/2
mascotahub.com/wp-includes/js/imagesloaded.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (5477)
Size
1.7 kB (1733 bytes)
Hash
fa921f07ecc438baf227765de450e215
1fdd49d8bb681cb118ea8d67d4fc61b0ad46cc95
b2cc68637048b04952a2f33163f64571145dbe0817a14c68fe6f1661bd81091f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/imagesloaded.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 06:08:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1733
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js

198.187.29.26

200 OK

2.4 kB

URL HTTP/2
mascotahub.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6475), with no line terminators
Size
2.4 kB (2354 bytes)
Hash
4e773d7cec56bacab6d2db420be6f262
c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 06:08:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2354
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-includes/js/dist/vendor/wp-polyfill.min.js

198.187.29.26

200 OK

6.3 kB

URL HTTP/2
mascotahub.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Size
6.3 kB (6335 bytes)
Hash
fecbc00e8af71d8cfb678cd811c7cb2e
44e5dd77f62cb5c67271442b75cdff10d45f2f8d
d6f03fb4728d0c23251451df8d66b5107d3c87458dc624aacfbad437e99d01f1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 06:08:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6335
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/anno-core/public/assets/js/front-end-widget.min.js

198.187.29.26

200 OK

4.7 kB

URL HTTP/2
mascotahub.com/wp-content/plugins/anno-core/public/assets/js/front-end-widget.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (15032)
Size
4.7 kB (4704 bytes)
Hash
af9073b6077cc94821b479d84c9b5f5e
2e62cc021c17cc2fa49211c3685af4e61a1c4ac2
584a250967ab0efe5bfcff9fd3cdd54330d4ec8edcbdb3636dc9b10521e034d6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/anno-core/public/assets/js/front-end-widget.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 22:12:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4704
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js

198.187.29.26

200 OK

439 B

URL HTTP/2
mascotahub.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (999), with no line terminators
Size
439 B (439 bytes)
Hash
941c9d44f1c480a37006540de948ef9a
29bc99b84660341fc37d60774b3083025a19147c
d297692ee1e68d1e2499576903508be06859340a25eded15b2565631a592851e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 22:12:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 439
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-includes/js/hoverIntent.min.js

198.187.29.26

200 OK

668 B

URL HTTP/2
mascotahub.com/wp-includes/js/hoverIntent.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1464)
Size
668 B (668 bytes)
Hash
b57bb5f7f55be8837811df1bbfebd197
a9fd3372526724938daa13cba926cff79395cbae
26512154e931a4b5441386af49e0e6d93a298ec6ae9ce2088d292cba42d61c7c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/hoverIntent.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 06:08:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 668
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/jet-blocks/assets/js/jet-blocks.min.js

198.187.29.26

200 OK

5.3 kB

URL HTTP/2
mascotahub.com/wp-content/plugins/jet-blocks/assets/js/jet-blocks.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (13959)
Size
5.3 kB (5329 bytes)
Hash
5c6015470a14c3dc216f456963e0ce1a
97154a593350eca5217522412f26110fa5f10ec5
4326b9f25dc6f619f9b0bdfb03c23078f453019403db0f1412131a4457b94e94

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/jet-blocks/assets/js/jet-blocks.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 22:12:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5329
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js

198.187.29.26

200 OK

11 kB

URL HTTP/2
mascotahub.com/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
C source textAlgol 68 source text\012- Pascal source, ASCII text, with very long lines (48616), with no line terminators
Size
11 kB (10732 bytes)
Hash
e0a7ac753030b47eb7b381953caf1a37
918bc8fb19214bf801fddf2a7656c53700a77827
4117f72e00d2b81e6d57406ba71750d76e83a985ead67e61272a5db31e47bd5a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 22:12:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10732
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/elementor/assets/js/frontend.min.js

198.187.29.26

200 OK

12 kB

URL HTTP/2
mascotahub.com/wp-content/plugins/elementor/assets/js/frontend.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (36864)
Size
12 kB (11758 bytes)
Hash
2d67bcec6e4ffc94c28602598eb64ca4
3a8623f349940dbd4209a67a22070d8b36af3e54
8355c56dda239431d66df47865cde20b767c4338ef284d053757d057c942ab05

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 22:12:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11758
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-includes/js/underscore.min.js

198.187.29.26

200 OK

7.2 kB

URL HTTP/2
mascotahub.com/wp-includes/js/underscore.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (18798)
Size
7.2 kB (7179 bytes)
Hash
f4bb18d2e152ba945cb63980362f40e9
925f93a6c4ee411e97d8dc3186f9d66c4b5169ab
16ab496a6c74f5f272f7a5c31e9cb69c753fea994396ef6deacf641180ad317b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/underscore.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 06:08:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7179
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js

198.187.29.26

200 OK

5.8 kB

URL HTTP/2
mascotahub.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (14218)
Size
5.8 kB (5764 bytes)
Hash
91a22c1988be9df5285ab2287f405a3f
db2fbb4e31090970348ff60198d0d2c3cf235eb4
345657ba37c4c215887340651aa7b74046174935d1a697d22e1fefc606cfca0f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 22:12:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5764
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js

198.187.29.26

200 OK

339 B

URL HTTP/2
mascotahub.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (754), with no line terminators
Size
339 B (339 bytes)
Hash
f4cea5c82bb62f34a31f39a322513366
bab5dfb3f8d04b76f83ca994798534e697b85290
5b00e0c1288d5d1f1df303a55bd0ff67d9acf5b734bc0093a651727c48a077ff

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 22:12:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 339
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-includes/js/jquery/ui/core.min.js

198.187.29.26

200 OK

6.8 kB

URL HTTP/2
mascotahub.com/wp-includes/js/jquery/ui/core.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (8189)
Size
6.8 kB (6800 bytes)
Hash
3d0ff0f6731d9cef860af9a5a0e3ce62
13aed444304d782039e261475c8b4450b83e743e
e8d05db77732c71843ced6f386ea82eb32243ac36e7ca3e071cb7f53e2ffbce5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 06:08:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6800
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js

198.187.29.26

200 OK

4.2 kB

URL HTTP/2
mascotahub.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (12220)
Size
4.2 kB (4180 bytes)
Hash
a4a3bfad84f6eba6c66192afd4b4a3a9
c10503641628990ef68d815d890e9f16d351ca46
41a509e41b270a83e68590a43a17e063b1a4b7659c8a588f03f3306b1310c0ff

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 22:12:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4180
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-includes/js/wp-util.min.js

198.187.29.26

200 OK

690 B

URL HTTP/2
mascotahub.com/wp-includes/js/wp-util.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1391)
Size
690 B (690 bytes)
Hash
ebe552e54e3815c6867913d252ff2a79
4982bd9ba944833e821be18419ad8408290f5d75
8b0aedc73b1d41ab59c0ad42553259c90458cfb72b149946a3bae3298c012e40

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-util.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 06:08:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 690
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js

198.187.29.26

200 OK

3.3 kB

URL HTTP/2
mascotahub.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4888)
Size
3.3 kB (3312 bytes)
Hash
634fe888866149ffcc05931cdd7b5eb9
2a2658534c874f17d0fd83f392fd61076eec04fd
41ac7d22cf6463eadb69fc815d6e17969d8b9cf8fdf26a6b634c13e9ec686391

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 22:12:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3312
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-includes/js/wp-emoji-release.min.js

198.187.29.26

200 OK

4.6 kB

URL HTTP/2
mascotahub.com/wp-includes/js/wp-emoji-release.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (15660)
Size
4.6 kB (4619 bytes)
Hash
0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 06:08:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js

198.187.29.26

200 OK

47 kB

URL HTTP/2
mascotahub.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (54175), with CRLF line terminators
Size
47 kB (47276 bytes)
Hash
cc45bbdc82ecb782543ea065e1e4965f
e6142254b64fe16e4670ad569bdadc42b3d90b92
6c036902f764491abc23e32888c938ef048e31b238547434eef8948c72e9f983

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 22:12:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 47276
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/jet-elements/assets/css/jet-elements.css

198.187.29.26

200 OK

19 kB

URL HTTP/2
mascotahub.com/wp-content/plugins/jet-elements/assets/css/jet-elements.css
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
19 kB (19389 bytes)
Hash
9c937256858db243bddf35747c509303
119740db190070291b51f668756d263723f88023
4a09debce5eb6c7de8c0b090c24d52ff20767358027563f373a1bcacbd926a19

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/jet-elements/assets/css/jet-elements.css HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 22:12:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 19389
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/anno-core/public/assets/js/extension.min.js

198.187.29.26

200 OK

19 kB

URL HTTP/2
mascotahub.com/wp-content/plugins/anno-core/public/assets/js/extension.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (41153)
Size
19 kB (19116 bytes)
Hash
19f6994e100da5c911a9df9cf02e49df
62dc41322e0541b3857de9c7a3e1c0c503515c95
a6a9f4355d032653dae708240b55df9746e0d916c03282aea7c5328a487d677b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/anno-core/public/assets/js/extension.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 22:12:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 19116
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/jet-elements/assets/js/jet-elements.min.js

198.187.29.26

200 OK

18 kB

URL HTTP/2
mascotahub.com/wp-content/plugins/jet-elements/assets/js/jet-elements.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (51834)
Size
18 kB (18005 bytes)
Hash
d76cfff3f5bda1fc1972050d07d36cf0
5b518a6886b1fb3f929d904f23e765b1d4a2770b
f32b5b16eb54ee6b1cb8e1494c66516768fe4d1282e70b80a7b0467c8b027353

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/jet-elements/assets/js/jet-elements.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 22:12:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18005
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/themes/anno/assets/js/apps.min.js

198.187.29.26

200 OK

83 kB

URL HTTP/2
mascotahub.com/wp-content/themes/anno/assets/js/apps.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
83 kB (82986 bytes)
Hash
805c10d832eefeb9bf790cd072ee1190
7736b0617278b086e695e495e4b7d95b15962f1b
0a40ca799cdafde5f6da67f9d20c1fefa40ab0dc71c08fe7a489eab16b52112d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/anno/assets/js/apps.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 22:12:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 82986
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js

198.187.29.26

200 OK

73 kB

URL HTTP/2
mascotahub.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (63491)
Size
73 kB (72829 bytes)
Hash
febc3859937bf7de263a1a89a916f363
54ebe50e70eb45a8ddccb5457fd1aafaed761f9d
5c1bf1e25dcb487fe7d526103f8ac9fcb03c0d232408b78b4b1656c860e3e7a6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/ena/?e=qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:14 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 22:12:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 72829
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:19:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

216.58.207.195

200 OK

33 kB

URL HTTP/2
fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 32860, version 1.0\012- data
Size
33 kB (32860 bytes)
Hash
d010a9f2d5c7a0374b3b84706a43d2ec
c1fe465db08785c3f115555d39db23838960cb66
9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536

HTTP Headers

GET /s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mascotahub.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Nov 2022 15:39:48 GMT
expires: Sat, 18 Nov 2023 15:39:48 GMT
cache-control: public, max-age=31536000
age: 99569
last-modified: Mon, 11 Jul 2022 19:12:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.195

200 OK

7.9 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mascotahub.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 21:48:50 GMT
expires: Thu, 16 Nov 2023 21:48:50 GMT
cache-control: public, max-age=31536000
age: 250227
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

216.58.207.195

200 OK

7.8 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mascotahub.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:30:59 GMT
expires: Thu, 16 Nov 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 258498
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:19:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2

216.58.207.195

200 OK

7.8 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7824, version 1.0\012- data
Size
7.8 kB (7824 bytes)
Hash
af4d371a10271dafeb343f1eace762bc
6d11d743bc3cfb169d70bc86450f18351dc1a905
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mascotahub.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:50:37 GMT
expires: Thu, 16 Nov 2023 19:50:37 GMT
cache-control: public, max-age=31536000
age: 257320
last-modified: Wed, 27 Apr 2022 16:52:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2

198.187.29.26

200 OK

77 kB

URL HTTP/2
mascotahub.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Size
77 kB (76764 bytes)
Hash
f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mascotahub.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css
Cookie: burst_uid=fa1cb19a9f2671d909a84ff85f386bd8
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:17 GMT
content-type: font/woff2
last-modified: Tue, 08 Nov 2022 22:12:49 GMT
accept-ranges: bytes
content-length: 76764
date: Sat, 19 Nov 2022 19:19:17 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js

142.250.74.163

200 OK

163 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (730)
Size
163 kB (162976 bytes)
Hash
79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6

HTTP Headers

GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mascotahub.com
Connection: keep-alive
Referer: https://mascotahub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 15:30:33 GMT
expires: Fri, 17 Nov 2023 15:30:33 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 186525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto+Slab%3A200%2C300%2C400%2C500%2C600%2C700%2C800&subset=latin

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto+Slab%3A200%2C300%2C400%2C500%2C600%2C700%2C800&subset=latin
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto+Slab%3A200%2C300%2C400%2C500%2C600%2C700%2C800&subset=latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 19 Nov 2022 19:19:14 GMT
date: Sat, 19 Nov 2022 19:19:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Poppins%3A200%2C300%2C400%2C500%2C600%2C700%2C800&subset=latin

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Poppins%3A200%2C300%2C400%2C500%2C600%2C700%2C800&subset=latin
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Poppins%3A200%2C300%2C400%2C500%2C600%2C700%2C800&subset=latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 19 Nov 2022 19:19:14 GMT
date: Sat, 19 Nov 2022 19:19:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 19 Nov 2022 19:19:14 GMT
date: Sat, 19 Nov 2022 19:19:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mascotahub.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 19 Nov 2022 19:19:14 GMT
date: Sat, 19 Nov 2022 19:19:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

mascotahub.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2

198.187.29.26

200 OK

0 B

URL HTTP/2
mascotahub.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mascotahub.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css
Cookie: burst_uid=fa1cb19a9f2671d909a84ff85f386bd8
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:19:17 GMT
content-type: font/woff2
last-modified: Tue, 08 Nov 2022 22:12:49 GMT
accept-ranges: bytes
content-length: 78196
date: Sat, 19 Nov 2022 19:19:17 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mascotahub.com/ena/?e=qbot.zip

198.187.29.26

404 Not Found

0 B

URL HTTP/2
mascotahub.com/ena/?e=qbot.zip
IP
198.187.29.26:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /ena/?e=qbot.zip HTTP/1.1
Host: mascotahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://mascotahub.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: a4a_HTTP.404,a4a_404,a4a_URL.9de6d09c4ac972b46c99e8d0e362098b,a4a_
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Sat, 19 Nov 2022 19:19:14 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (45)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP