Report - luzytextura.com/marfinance/gdwyLku/

Report Overview

Submitted URL
luzytextura.com/marfinance/gdwyLku/
IP
185.37.226.48
ASN
#57286 Gigas Hosting S.A.
Submitted
2022-10-26 22:04:57
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
116

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.76.226
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	33 kB	142.250.74.42
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.214.236.46
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	56 kB	34.120.237.76
luzytextura.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	374 kB	185.37.226.48
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	142.250.74.3
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	21 kB	142.250.74.174

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-26	medium	luzytextura.com/marfinance/gdwyLku/	Malware
2022-10-26	medium	luzytextura.com/marfinance/gdwyLku/	Malware
2022-10-26	medium	luzytextura.com/templates/luzytextura/js/scripts.js?v=20220915	Malware
2022-10-26	medium	luzytextura.com/templates/luzytextura/fonts/gothic.woff	Malware

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed
2022-10-26	medium	luzytextura.com	Sinkholed

JavaScript (4)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js	91 kB	2023-03-07	2024-04-25
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-25 15:21:59 Times Seen1987 Hash a34f78c3aecd182144818eb4b7303fda 6fca78dac2797c02d86a4bf6514eda398b7dbe62 c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776 Loading...

	luzytextura.com/templates/luzytextura/js/scripts.js?v=20220915	52 kB	2023-03-08	2023-03-11
Pretty URL luzytextura.com/templates/luzytextura/js/scripts.js?v=20220915 IP 185.37.226.48 ASN #57286 Gigas Hosting S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:57:48 Last Seen2023-03-11 19:47:15 Times Seen1 Hash 28221b53d5d82041bf58f542715cc4d5 038063a6bc1a8bbd655ebefabd8982c10906ff9a fb412cccc9cd70ac8117bd0e8c4a1517d316102c45de240038d205a3124d9d03 Loading...

	luzytextura.com/marfinance/gdwyLku/	391 B	2023-03-08	2023-03-11
Pretty URL luzytextura.com/marfinance/gdwyLku/ IP 185.37.226.48 ASN #57286 Gigas Hosting S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:57:48 Last Seen2023-03-11 19:47:15 Times Seen1 Hash 8019dcc803836268b4b8a9a92a8bb8d9 6b08a4ef2635a711883c1ab27e74374208c85e47 8cf0036c69ec51997c789bbc05d33ec24b7f86bfb16e349d8c1887ad77082d21 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-26
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-26 05:50:27 Times Seen1534 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

HTTP Transactions (54)

URL IP Response Size

luzytextura.com/marfinance/gdwyLku/

185.37.226.48

301 Moved Permanently

178 B

URL HTTP/1.1
luzytextura.com/marfinance/gdwyLku/
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /marfinance/gdwyLku/ HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 26 Oct 2022 22:04:45 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://luzytextura.com/marfinance/gdwyLku/

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4c9ec202b798d350b6582220b7bb8457
d16ca24cd60b349231ad06fa5db32f54a3bc9e09
df036d315a613ac6396b77afb0a4ea5f793091786be0cbf3f3a0d043bc1d1d3c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF036D315A613AC6396B77AFB0A4EA5F793091786BE0CBF3F3A0D043BC1D1D3C"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6922
Expires: Thu, 27 Oct 2022 00:00:08 GMT
Date: Wed, 26 Oct 2022 22:04:46 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4199
Cache-Control: max-age=131775
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 22:04:46 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 10:41:01 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a39eea1096852891690eaee02a64383e
c273000f799fc3676e8e3ef3617611a31252cffc
d9d95319013d64bc2ef6d9870f4adba902ee970b6f9e96279c9ed86f556e0001

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9D95319013D64BC2EF6D9870F4ADBA902EE970B6F9E96279C9ED86F556E0001"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4843
Expires: Wed, 26 Oct 2022 23:25:29 GMT
Date: Wed, 26 Oct 2022 22:04:46 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: QlUQAlimsTaL8YUKzHeG4XuBrfUoYkMUaIdtpNYd2OQEVuRipYtrnc/X6HBkwVmEd5G3SY2tfGw=
x-amz-request-id: XD8QTAG1WM16N5R0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 26 Oct 2022 21:39:21 GMT
age: 1525
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 22:04:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fd22fa62b5735d8bb50bf78f10742f2b
841e6eb4af3587d35998a37fa5110d196d59b404
55c9fa80268c469fe6821d366515b4dc628a70fbf21a82e6c2ce67cac1bcc592

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "55C9FA80268C469FE6821D366515B4DC628A70FBF21A82E6C2CE67CAC1BCC592"
Last-Modified: Wed, 26 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 27 Oct 2022 04:04:46 GMT
Date: Wed, 26 Oct 2022 22:04:46 GMT
Connection: keep-alive

luzytextura.com/marfinance/gdwyLku/

185.37.226.48

404 Not Found

2.5 kB

URL HTTP/1.1
luzytextura.com/marfinance/gdwyLku/
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (321), with CRLF, LF line terminators
Size
2.5 kB (2461 bytes)
Hash
1951bb7a9a2dc2b6407c8114dd21349f
6fddf138a0a1876e6d247a14c966315351badd51
571d49a8cc2bd09e6bdcad78a28004f7b05903e5fcbfbc09e8f59539d80e7c23

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /marfinance/gdwyLku/ HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 26 Oct 2022 22:04:46 GMT
Content-Type: text/html
Content-Length: 2461
Connection: keep-alive
Set-Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7; path=/
LyT_regcode=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
MS-Author-Via: DAV
Vary: Accept-Encoding
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
dd283dfc036535bdeb8a8be1310ef930
d3b1c300dd75d7af630e0f3112e49d7492d66c17
578f9256faa188facb3f2d68b02b0c7fb2e30e02e2e74234d015429563cba7aa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6188
Cache-Control: max-age=128709
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 22:04:46 GMT
Etag: "6358ea97-1d7"
Expires: Fri, 28 Oct 2022 09:49:55 GMT
Last-Modified: Wed, 26 Oct 2022 08:06:47 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

luzytextura.com/templates/luzytextura/css/estilos.css

185.37.226.48

200 OK

7.0 kB

URL HTTP/1.1
luzytextura.com/templates/luzytextura/css/estilos.css
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
ASCII text, with very long lines (513)
Size
7.0 kB (7024 bytes)
Hash
8a03b330ff722ceef64b8f6ac49b340e
2b783eddbe67d888c5d2fb3ef59495f463442080
f928bb9b65640f59b0e9e53ff50c83f0d1b53fcf17ccfbbcca516f54dfc4b8b1

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /templates/luzytextura/css/estilos.css HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/marfinance/gdwyLku/
Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 22:04:46 GMT
Content-Type: text/css
Last-Modified: Tue, 28 Oct 2014 18:14:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=604800
Expires: Wed, 02 Nov 2022 22:04:46 GMT
ETag: W/"544fdd1c-7449"
X-Powered-By: PleskLin
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f046e6113dd1e5e499c765516be08b17
c2253055e09b46209469853cad8720e64f84a1bf
18663a8f0b5d4d7581b771da6c2dc897bc2b82d51d7dac1a56d22f9bebab6fb3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 22:04:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js

142.250.74.42

200 OK

32 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32764)
Size
32 kB (32124 bytes)
Hash
34fb740c21fb2f4be218932988fe68f2
2e2ee722aa0902a96a2ed3bd1f51ab762b666b9f
9e0ec1faab0c671db34a814b74946659d86ec455b89b4efd638806a146cfa51a

HTTP Headers

GET /ajax/libs/jquery/1.6.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 32124
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Oct 2022 03:24:46 GMT
expires: Thu, 26 Oct 2023 03:24:46 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 67201
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

luzytextura.com/templates/luzytextura/images/logo.png

185.37.226.48

200 OK

6.7 kB

URL HTTP/1.1
luzytextura.com/templates/luzytextura/images/logo.png
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
PNG image data, 158 x 177, 8-bit/color RGBA, non-interlaced\012- data
Size
6.7 kB (6662 bytes)
Hash
befb75a986384c07564f6b95f65e71cb
1860cd55fc24f2e4567e6ff400e3704e14390c2e
c93ed82ed5a6ef94d4a7deba68a0bf3f216f4dcefdd08feeadd836f7cbf4f705

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /templates/luzytextura/images/logo.png HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/marfinance/gdwyLku/
Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 22:04:47 GMT
Content-Type: image/png
Content-Length: 6662
Last-Modified: Fri, 13 Dec 2013 18:21:14 GMT
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Wed, 02 Nov 2022 22:04:47 GMT
ETag: "52ab501a-1a06"
X-Powered-By: PleskLin
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f046e6113dd1e5e499c765516be08b17
c2253055e09b46209469853cad8720e64f84a1bf
18663a8f0b5d4d7581b771da6c2dc897bc2b82d51d7dac1a56d22f9bebab6fb3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 22:04:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

luzytextura.com/templates/luzytextura/images/menu_3d.png

185.37.226.48

200 OK

2.0 kB

URL HTTP/1.1
luzytextura.com/templates/luzytextura/images/menu_3d.png
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
PNG image data, 63 x 219, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (1962 bytes)
Hash
e64594e3548261e8bf47bf6a53c00030
fd181ff6a166a19b9dd4eaaf3ed16e65ef9c194e
f34d160549dfe5cece6820f8002429580b549ba9e93b5a787535d73abfeb256a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /templates/luzytextura/images/menu_3d.png HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/marfinance/gdwyLku/
Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 22:04:47 GMT
Content-Type: image/png
Content-Length: 1962
Last-Modified: Fri, 13 Dec 2013 18:38:58 GMT
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Wed, 02 Nov 2022 22:04:47 GMT
ETag: "52ab5442-7aa"
X-Powered-By: PleskLin
Accept-Ranges: bytes

luzytextura.com/templates/luzytextura/images/menu_foto.png

185.37.226.48

200 OK

2.5 kB

URL HTTP/1.1
luzytextura.com/templates/luzytextura/images/menu_foto.png
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
PNG image data, 63 x 219, 8-bit/color RGBA, non-interlaced\012- data
Size
2.5 kB (2462 bytes)
Hash
0c36a408c7fe1cfa347a8ae61207d409
e43219853e7f6b6944823a46551d7c08281b2e4e
5ade8d88a3c1c4e07552e2f136aa6a2d0ced15acc5ec15c93a64d720e479befa

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /templates/luzytextura/images/menu_foto.png HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/marfinance/gdwyLku/
Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 22:04:47 GMT
Content-Type: image/png
Content-Length: 2462
Last-Modified: Fri, 13 Dec 2013 18:45:32 GMT
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Wed, 02 Nov 2022 22:04:47 GMT
ETag: "52ab55cc-99e"
X-Powered-By: PleskLin
Accept-Ranges: bytes

luzytextura.com/templates/luzytextura/images/menu_imagen.png

185.37.226.48

200 OK

3.3 kB

URL HTTP/1.1
luzytextura.com/templates/luzytextura/images/menu_imagen.png
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
PNG image data, 63 x 219, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3297 bytes)
Hash
8538c0138c77633b6efb13d00538c3ef
72ff4ee124089dbc84a12019ea4eef1a2e4be4d4
d3e6f854f85833e66b92961640a64681d70f28ade09b8a7e8ecbe7e33ee296a4

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /templates/luzytextura/images/menu_imagen.png HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/marfinance/gdwyLku/
Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 22:04:47 GMT
Content-Type: image/png
Content-Length: 3297
Last-Modified: Fri, 13 Dec 2013 18:46:24 GMT
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Wed, 02 Nov 2022 22:04:47 GMT
ETag: "52ab5600-ce1"
X-Powered-By: PleskLin
Accept-Ranges: bytes

luzytextura.com/templates/luzytextura/images/menu.png

185.37.226.48

200 OK

15 kB

URL HTTP/1.1
luzytextura.com/templates/luzytextura/images/menu.png
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
PNG image data, 554 x 177, 8-bit/color RGBA, non-interlaced\012- data
Size
15 kB (14908 bytes)
Hash
5ad45e20bbe362ec4e243002ea929cbc
b21e0322f0e337752229c1b144b80aabaf936e0f
e2760b14af6c47c5d0b09b8b4b08f4e260137ab8c42d023f67b9afe9b977a415

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /templates/luzytextura/images/menu.png HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/templates/luzytextura/css/estilos.css
Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 22:04:47 GMT
Content-Type: image/png
Content-Length: 14908
Last-Modified: Fri, 13 Dec 2013 18:26:38 GMT
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Wed, 02 Nov 2022 22:04:47 GMT
ETag: "52ab515e-3a3c"
X-Powered-By: PleskLin
Accept-Ranges: bytes

luzytextura.com/templates/luzytextura/images/navigation-left.png

185.37.226.48

200 OK

2.2 kB

URL HTTP/1.1
luzytextura.com/templates/luzytextura/images/navigation-left.png
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
PNG image data, 80 x 112, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2185 bytes)
Hash
4ab79fb2b0d5be81b2c7faafd2111e93
b33ae24cc92134666cfeae6bd44f780279a3c030
6f6acc06fa7fb73045a21354084001a2d41f9413bd48c24db414828cdd18b9f5

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /templates/luzytextura/images/navigation-left.png HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/marfinance/gdwyLku/
Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 22:04:47 GMT
Content-Type: image/png
Content-Length: 2185
Last-Modified: Tue, 03 Dec 2013 21:08:02 GMT
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Wed, 02 Nov 2022 22:04:47 GMT
ETag: "529e4832-889"
X-Powered-By: PleskLin
Accept-Ranges: bytes

luzytextura.com/templates/luzytextura/images/menu_web.png

185.37.226.48

200 OK

2.7 kB

URL HTTP/1.1
luzytextura.com/templates/luzytextura/images/menu_web.png
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
PNG image data, 63 x 219, 8-bit/color RGBA, non-interlaced\012- data
Size
2.7 kB (2686 bytes)
Hash
bc9337baff81ceef98f103c4129a6fa0
fc1a8f015d61ec6323a3949ff1cac34ff99ebdbb
715f4a765092f7538c802b43ca60abfa451c3e95f93d3e870482bcf07434dda1

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /templates/luzytextura/images/menu_web.png HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/marfinance/gdwyLku/
Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 22:04:47 GMT
Content-Type: image/png
Content-Length: 2686
Last-Modified: Fri, 13 Dec 2013 18:40:38 GMT
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Wed, 02 Nov 2022 22:04:47 GMT
ETag: "52ab54a6-a7e"
X-Powered-By: PleskLin
Accept-Ranges: bytes

push.services.mozilla.com/

34.214.236.46

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.214.236.46:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ptb5lZsGpMPPHhGNpjAJIA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Z1lgchrNXMzcAWxJr7tftVpZ6MI=

luzytextura.com/templates/luzytextura/images/menu_decoracion.png

185.37.226.48

200 OK

3.9 kB

URL HTTP/1.1
luzytextura.com/templates/luzytextura/images/menu_decoracion.png
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
PNG image data, 63 x 219, 8-bit/color RGBA, non-interlaced\012- data
Size
3.9 kB (3933 bytes)
Hash
dbc4b70a74437337ea98e81f95ce8438
b5cc3749ded5c61486f3b11ca8f26a486530b9db
6c8517bc12b6f1120dd748b6acba0023895b9d4c7758c23f16baa3cd0c4c9590

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /templates/luzytextura/images/menu_decoracion.png HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/marfinance/gdwyLku/
Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 22:04:47 GMT
Content-Type: image/png
Content-Length: 3933
Last-Modified: Fri, 13 Dec 2013 18:37:36 GMT
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Wed, 02 Nov 2022 22:04:47 GMT
ETag: "52ab53f0-f5d"
X-Powered-By: PleskLin
Accept-Ranges: bytes

luzytextura.com/templates/luzytextura/js/scripts.js?v=20220915

185.37.226.48

200 OK

52 kB

URL HTTP/1.1
luzytextura.com/templates/luzytextura/js/scripts.js?v=20220915
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (3818), with CRLF line terminators
Size
52 kB (51680 bytes)
Hash
28221b53d5d82041bf58f542715cc4d5
038063a6bc1a8bbd655ebefabd8982c10906ff9a
fb412cccc9cd70ac8117bd0e8c4a1517d316102c45de240038d205a3124d9d03

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /templates/luzytextura/js/scripts.js?v=20220915 HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/marfinance/gdwyLku/
Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 22:04:47 GMT
Content-Type: application/javascript
Content-Length: 51680
Last-Modified: Thu, 15 Sep 2022 16:51:12 GMT
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Wed, 02 Nov 2022 22:04:47 GMT
ETag: "63235800-c9e0"
X-Powered-By: PleskLin
Accept-Ranges: bytes

luzytextura.com/templates/luzytextura/images/footer.png

185.37.226.48

200 OK

1.6 kB

URL HTTP/1.1
luzytextura.com/templates/luzytextura/images/footer.png
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
PNG image data, 73 x 19, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1583 bytes)
Hash
61191eed4b7a29d4c5875d6798bd6604
2bdb72fd6437a191293e9e96553946c5f88cedb0
3a6287b9d4f6459035c19c2572f77f118111580869122b6090db0c21dafea729

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /templates/luzytextura/images/footer.png HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/marfinance/gdwyLku/
Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 22:04:47 GMT
Content-Type: image/png
Content-Length: 1583
Last-Modified: Sun, 08 Dec 2013 22:13:04 GMT
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Wed, 02 Nov 2022 22:04:47 GMT
ETag: "52a4eef0-62f"
X-Powered-By: PleskLin
Accept-Ranges: bytes

luzytextura.com/templates/luzytextura/images/ico_facebook.png

185.37.226.48

200 OK

1.0 kB

URL HTTP/1.1
luzytextura.com/templates/luzytextura/images/ico_facebook.png
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
PNG image data, 24 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1030 bytes)
Hash
f3e4592d98fc76eef53303aed359b7ff
2d4735dfedb3b77e98a45f00b3ef4b3c28d02902
437e8b4de7becf6d3b4f82e716f78332fbb8f3b319aa3d7caf49c3065c6447a2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /templates/luzytextura/images/ico_facebook.png HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/templates/luzytextura/css/estilos.css
Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 22:04:47 GMT
Content-Type: image/png
Content-Length: 1030
Last-Modified: Thu, 12 Dec 2013 20:55:56 GMT
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Wed, 02 Nov 2022 22:04:47 GMT
ETag: "52aa22dc-406"
X-Powered-By: PleskLin
Accept-Ranges: bytes

luzytextura.com/templates/luzytextura/images/ico_twitter.png

185.37.226.48

200 OK

1.0 kB

URL HTTP/1.1
luzytextura.com/templates/luzytextura/images/ico_twitter.png
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
PNG image data, 24 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1030 bytes)
Hash
58f3ccc2f797c1bad4c1a86e8b9d4349
5ae5887ba7af0955fb5df92f5ec8f0d050b45c66
8940d938540d6c701f07ba31bb560ed8ac96813508c9a7633d49ab9b579b52c3

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /templates/luzytextura/images/ico_twitter.png HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/templates/luzytextura/css/estilos.css
Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 22:04:47 GMT
Content-Type: image/png
Content-Length: 1030
Last-Modified: Thu, 12 Dec 2013 20:55:56 GMT
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Wed, 02 Nov 2022 22:04:47 GMT
ETag: "52aa22dc-406"
X-Powered-By: PleskLin
Accept-Ranges: bytes

luzytextura.com/templates/luzytextura/images/ico_googleplus.png

185.37.226.48

200 OK

1.7 kB

URL HTTP/1.1
luzytextura.com/templates/luzytextura/images/ico_googleplus.png
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
PNG image data, 24 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 kB (1749 bytes)
Hash
017ff9301cdf03b63eddf2521a5ccfb6
f4257e53c36ae2e00f3560851494be17e530ff13
441425e19e72126c88ed7661b6b0e1ec4e652c9325e2a2e7b1babdf310ea43b2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /templates/luzytextura/images/ico_googleplus.png HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/templates/luzytextura/css/estilos.css
Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 22:04:47 GMT
Content-Type: image/png
Content-Length: 1749
Last-Modified: Thu, 12 Dec 2013 20:55:56 GMT
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Wed, 02 Nov 2022 22:04:47 GMT
ETag: "52aa22dc-6d5"
X-Powered-By: PleskLin
Accept-Ranges: bytes

luzytextura.com/templates/luzytextura/images/ico_youtube.png

185.37.226.48

200 OK

1.6 kB

URL HTTP/1.1
luzytextura.com/templates/luzytextura/images/ico_youtube.png
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
PNG image data, 24 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1620 bytes)
Hash
9df09c0dbce008e1ddd85b67cd51f3df
17d29f78eefcc2c06dc1b6ace19fe38bafca3161
c986899f88a4906d0c0dd7e201a1ffad85e6224d843f151af3e18eefcf2f7abe

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /templates/luzytextura/images/ico_youtube.png HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/templates/luzytextura/css/estilos.css
Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 22:04:47 GMT
Content-Type: image/png
Content-Length: 1620
Last-Modified: Thu, 12 Dec 2013 20:55:56 GMT
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Wed, 02 Nov 2022 22:04:47 GMT
ETag: "52aa22dc-654"
X-Powered-By: PleskLin
Accept-Ranges: bytes

luzytextura.com/templates/luzytextura/images/logo-min.png

185.37.226.48

200 OK

4.1 kB

URL HTTP/1.1
luzytextura.com/templates/luzytextura/images/logo-min.png
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
PNG image data, 100 x 112, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4078 bytes)
Hash
25652f952112c2671e05719f113d1960
3c21a9a1da6770959d46e276d5626bc2ac4fe5bc
1c2be07429c89c6bfc2ee43a667f0bb61676a1235aa7450ddd4b5425018d9dee

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /templates/luzytextura/images/logo-min.png HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/marfinance/gdwyLku/
Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 22:04:47 GMT
Content-Type: image/png
Content-Length: 4078
Last-Modified: Sun, 08 Dec 2013 12:36:24 GMT
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Wed, 02 Nov 2022 22:04:47 GMT
ETag: "52a467c8-fee"
X-Powered-By: PleskLin
Accept-Ranges: bytes

luzytextura.com/templates/luzytextura/images/menu_3d-min.png

185.37.226.48

200 OK

1.7 kB

URL HTTP/1.1
luzytextura.com/templates/luzytextura/images/menu_3d-min.png
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
PNG image data, 30 x 74, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 kB (1710 bytes)
Hash
9d98630562a32a2ab4ce6e496b596aac
d18b2c4e3d1acb52e76656fc31c8c0d0142eb2dd
2eccefee65b798fcc87998e0136c9864617a1763684e936d1f0f81401cd37d5b

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /templates/luzytextura/images/menu_3d-min.png HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/marfinance/gdwyLku/
Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 22:04:47 GMT
Content-Type: image/png
Content-Length: 1710
Last-Modified: Sun, 08 Dec 2013 13:02:34 GMT
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Wed, 02 Nov 2022 22:04:47 GMT
ETag: "52a46dea-6ae"
X-Powered-By: PleskLin
Accept-Ranges: bytes

luzytextura.com/templates/luzytextura/images/menu_imagen-min.png

185.37.226.48

200 OK

2.0 kB

URL HTTP/1.1
luzytextura.com/templates/luzytextura/images/menu_imagen-min.png
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
PNG image data, 30 x 74, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (2033 bytes)
Hash
6f2f765cc6d3d42346ab005f78dc04f8
309dde82bb86f828e6b0ae9ba5f50ca5e2d734f5
661a7ac25e1dcda00d02509b2add7caa68c7e3f25b997c366fe907d6edf300aa

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /templates/luzytextura/images/menu_imagen-min.png HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/marfinance/gdwyLku/
Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 22:04:47 GMT
Content-Type: image/png
Content-Length: 2033
Last-Modified: Sun, 08 Dec 2013 12:52:50 GMT
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Wed, 02 Nov 2022 22:04:47 GMT
ETag: "52a46ba2-7f1"
X-Powered-By: PleskLin
Accept-Ranges: bytes

luzytextura.com/templates/luzytextura/images/menu_foto-min.png

185.37.226.48

200 OK

2.0 kB

URL HTTP/1.1
luzytextura.com/templates/luzytextura/images/menu_foto-min.png
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
PNG image data, 30 x 74, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (2003 bytes)
Hash
654c6bb3f7856e34bdbe0fd5c1e4f3e0
d20cddfe00e1df84a1ecb1b8ee32c829332947f0
5dcfdd2bc9230e24634ae754a0f5c21f7fff5e02cd0441370312d4e421dabe70

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /templates/luzytextura/images/menu_foto-min.png HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/marfinance/gdwyLku/
Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 22:04:47 GMT
Content-Type: image/png
Content-Length: 2003
Last-Modified: Sun, 08 Dec 2013 13:03:06 GMT
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Wed, 02 Nov 2022 22:04:47 GMT
ETag: "52a46e0a-7d3"
X-Powered-By: PleskLin
Accept-Ranges: bytes

luzytextura.com/templates/luzytextura/fonts/gothic.woff

185.37.226.48

200 OK

82 kB

URL HTTP/1.1
luzytextura.com/templates/luzytextura/fonts/gothic.woff
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
Web Open Font Format, TrueType, length 82192, version 0.0\012- data
Size
82 kB (82192 bytes)
Hash
151c4696847a325b6f5a672ec0c426bc
2ec0d00c4fbf4c1c1fecc41666d8687123106d17
cb6fb87881b74b91645be8b0eee4465a412051ee8c107dfa77367671dad62540

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /templates/luzytextura/fonts/gothic.woff HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://luzytextura.com/templates/luzytextura/css/estilos.css
Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 22:04:47 GMT
Content-Type: application/x-woff
Content-Length: 82192
Last-Modified: Mon, 14 Oct 2013 17:18:10 GMT
Connection: keep-alive
Cache-Control: max-age=31536000
Expires: Thu, 26 Oct 2023 22:04:47 GMT
ETag: "525c2752-14110"
X-Powered-By: PleskLin
Accept-Ranges: bytes

luzytextura.com/templates/luzytextura/images/menu_web-min.png

185.37.226.48

200 OK

2.1 kB

URL HTTP/1.1
luzytextura.com/templates/luzytextura/images/menu_web-min.png
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
PNG image data, 30 x 74, 8-bit/color RGBA, non-interlaced\012- data
Size
2.1 kB (2092 bytes)
Hash
012bd254885646dad09ddb0e5d118229
b904db538e40fa08d454130e20b5610853a333d4
66222ff8e164781c8d11cdbfd60ee2f85ef681a0d5124250b7207843638bf363

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /templates/luzytextura/images/menu_web-min.png HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/marfinance/gdwyLku/
Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 22:04:47 GMT
Content-Type: image/png
Content-Length: 2092
Last-Modified: Sun, 08 Dec 2013 12:52:18 GMT
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Wed, 02 Nov 2022 22:04:47 GMT
ETag: "52a46b82-82c"
X-Powered-By: PleskLin
Accept-Ranges: bytes

luzytextura.com/templates/luzytextura/images/menu_decoracion-min.png

185.37.226.48

200 OK

2.2 kB

URL HTTP/1.1
luzytextura.com/templates/luzytextura/images/menu_decoracion-min.png
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
PNG image data, 30 x 74, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2194 bytes)
Hash
297acfe129a0a2bba568a2b3244b898f
35330b1b17c3d62938f5ca3cc58650a28c53dfde
998a549f7898973b2264b35d22783d1e1b8f81eeb65fa9cb0331d47b02dcff32

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /templates/luzytextura/images/menu_decoracion-min.png HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/marfinance/gdwyLku/
Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 22:04:47 GMT
Content-Type: image/png
Content-Length: 2194
Last-Modified: Sun, 08 Dec 2013 12:53:48 GMT
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Wed, 02 Nov 2022 22:04:47 GMT
ETag: "52a46bdc-892"
X-Powered-By: PleskLin
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e7f1de4025eee44eed5a0ada1e998d6c
fd8bfad40b964ffd3534ac3aff68aaf31d38ba37
fba4107e5627b68a00dc9c31a657be714c85dc7c648b8e8e1c7373cc305f8228

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 22:04:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 26 Oct 2022 20:41:09 GMT
expires: Wed, 26 Oct 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 5018
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

luzytextura.com/templates/luzytextura/images/ico/favicon.ico

185.37.226.48

200 OK

4.3 kB

URL HTTP/1.1
luzytextura.com/templates/luzytextura/images/ico/favicon.ico
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size
4.3 kB (4286 bytes)
Hash
569801f81c9ef913950bb01b8a86bddc
1cfee3b5a61f290ffb4043e56958331ea6facc36
0580c5147f3eb5a68660216c0c386dc4a85e3a3ccff38a384432d57a499c063d

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /templates/luzytextura/images/ico/favicon.ico HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/marfinance/gdwyLku/
Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 22:04:47 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 4286
Last-Modified: Thu, 05 Dec 2013 14:48:26 GMT
Connection: keep-alive
ETag: "52a0923a-10be"
X-Powered-By: PleskLin
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e7f1de4025eee44eed5a0ada1e998d6c
fd8bfad40b964ffd3534ac3aff68aaf31d38ba37
fba4107e5627b68a00dc9c31a657be714c85dc7c648b8e8e1c7373cc305f8228

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 22:04:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/j/collect?v=1&_v=j98&a=114514884&t=pageview&_s=1&dl=https%3A%2F%2Fluzytextura.com%2Fmarfinance%2FgdwyLku%2F&ul=en-us&de=UTF-8&dt=luzyTextura%20estudio%20de%20dise%C3%B1o%20en%20%C3%81vila&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAAABAAAAACAAI~&jid=2046702432&gjid=325765541&cid=378968340.1666821887&tid=UA-46619840-1&_gid=230066882.1666821887&_r=1&_slc=1&z=352309964

142.250.74.174

200 OK

2 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j98&a=114514884&t=pageview&_s=1&dl=https%3A%2F%2Fluzytextura.com%2Fmarfinance%2FgdwyLku%2F&ul=en-us&de=UTF-8&dt=luzyTextura%20estudio%20de%20dise%C3%B1o%20en%20%C3%81vila&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAAABAAAAACAAI~&jid=2046702432&gjid=325765541&cid=378968340.1666821887&tid=UA-46619840-1&_gid=230066882.1666821887&_r=1&_slc=1&z=352309964
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

HTTP Headers

POST /j/collect?v=1&_v=j98&a=114514884&t=pageview&_s=1&dl=https%3A%2F%2Fluzytextura.com%2Fmarfinance%2FgdwyLku%2F&ul=en-us&de=UTF-8&dt=luzyTextura%20estudio%20de%20dise%C3%B1o%20en%20%C3%81vila&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAAABAAAAACAAI~&jid=2046702432&gjid=325765541&cid=378968340.1666821887&tid=UA-46619840-1&_gid=230066882.1666821887&_r=1&_slc=1&z=352309964 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://luzytextura.com
Connection: keep-alive
Referer: https://luzytextura.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://luzytextura.com
date: Wed, 26 Oct 2022 22:04:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

luzytextura.com/templates/luzytextura/images/bg-portada.jpg

185.37.226.48

200 OK

156 kB

URL HTTP/1.1
luzytextura.com/templates/luzytextura/images/bg-portada.jpg
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size
156 kB (156112 bytes)
Hash
c038acba684a7b5c29b73fa203af5cfd
dcf13d4cbfd40db97cc96a160b79640e8f7f4b66
20303c7b59e1a1e0748f15b7e26c21571e97c7d11a087460af7dc27e4518cb86

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /templates/luzytextura/images/bg-portada.jpg HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/marfinance/gdwyLku/
Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 22:04:47 GMT
Content-Type: image/jpeg
Content-Length: 156112
Last-Modified: Tue, 03 Dec 2013 20:36:04 GMT
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Wed, 02 Nov 2022 22:04:47 GMT
ETag: "529e40b4-261d0"
X-Powered-By: PleskLin
Accept-Ranges: bytes

luzytextura.com/templates/luzytextura/images/ico/apple-touch-icon-144-precomposed.png

185.37.226.48

404 Not Found

2.5 kB

URL HTTP/1.1
luzytextura.com/templates/luzytextura/images/ico/apple-touch-icon-144-precomposed.png
IP
185.37.226.48:0
ASN
#57286 Gigas Hosting S.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (321), with CRLF, LF line terminators
Size
2.5 kB (2461 bytes)
Hash
1951bb7a9a2dc2b6407c8114dd21349f
6fddf138a0a1876e6d247a14c966315351badd51
571d49a8cc2bd09e6bdcad78a28004f7b05903e5fcbfbc09e8f59539d80e7c23

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /templates/luzytextura/images/ico/apple-touch-icon-144-precomposed.png HTTP/1.1
Host: luzytextura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luzytextura.com/marfinance/gdwyLku/
Cookie: PHPSESSID=utv7sdkpng478i4dt5d6jlmev7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 26 Oct 2022 22:04:47 GMT
Content-Type: text/html
Content-Length: 2461
Connection: keep-alive
Set-Cookie: LyT_regcode=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
MS-Author-Via: DAV
Vary: Accept-Encoding
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4887
Expires: Wed, 26 Oct 2022 23:26:15 GMT
Date: Wed, 26 Oct 2022 22:04:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4887
Expires: Wed, 26 Oct 2022 23:26:15 GMT
Date: Wed, 26 Oct 2022 22:04:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4887
Expires: Wed, 26 Oct 2022 23:26:15 GMT
Date: Wed, 26 Oct 2022 22:04:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4887
Expires: Wed, 26 Oct 2022 23:26:15 GMT
Date: Wed, 26 Oct 2022 22:04:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4887
Expires: Wed, 26 Oct 2022 23:26:15 GMT
Date: Wed, 26 Oct 2022 22:04:48 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe98a4c03-5fa3-4445-a037-d229b86c94a6.jpeg

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe98a4c03-5fa3-4445-a037-d229b86c94a6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8936 bytes)
Hash
eb430e5efbc6c8c306fce87e26faf734
b05b7299a7e473e873510671a6abdd5227a53f46
c49d64e87ec8243a1ee7f214f21988b6f6a33ba93814ec31262d80e4a22b8504

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe98a4c03-5fa3-4445-a037-d229b86c94a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8936
x-amzn-requestid: d0698fc0-e4c9-4633-9b64-df09be35b450
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocuiGBlIAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7f6-7c78a1fc43552b934e6b8708;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:46 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gus8UKo03dRkfqPRhxnW6zzqx7o-2tZbbv-DsBSW7UREHPOA1uqdUw==
via: 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:37 GMT
etag: "b05b7299a7e473e873510671a6abdd5227a53f46"
content-type: image/jpeg
age: 1031
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24d0f74b-ba69-4b8a-bd11-56fb0231d2b7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9914 bytes)
Hash
76b8756bea7b9c29285f6b604ec13a8e
0ddd9f80782a4bda5643be710b498f0fdc2c50db
7068a15f10288c3de5fea422b360b8f20989ac33af4481fb8e5a0f125486b3fb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24d0f74b-ba69-4b8a-bd11-56fb0231d2b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9914
x-amzn-requestid: 3d0fb9c3-d606-497e-b196-6ac5ec846814
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aZRwIE1IoAMFYCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63539667-34f866976ebb7efd2c4e868d;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 07:06:15 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: apZ7KwORR0VbbnuY24PJJQ99-3BZdfWRqAOSHlOYxCAPPCwygrfzfw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 12:31:05 GMT
age: 34423
etag: "0ddd9f80782a4bda5643be710b498f0fdc2c50db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e0b7c1-7017-4894-9761-828cb604f9fb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5187 bytes)
Hash
25429df1160d8d6476ac5e0f0200934b
9218388d9ff2c7f1b38c71c8828146e62082b473
eea6fec35bce9dabe19a536f5f46b2b5de73521f3ffd95de8e515aa79cf714bd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e0b7c1-7017-4894-9761-828cb604f9fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5187
x-amzn-requestid: e46cca29-67b1-489c-ab26-fd51847523ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocufHQJoAMFg7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7f6-5189da342daf42831d51034d;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: -YlsaCqcr22sKngaylJdwlPb2R12YTdExZ8o8O9NwP6p-uH7XN3Ykg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:37 GMT
etag: "9218388d9ff2c7f1b38c71c8828146e62082b473"
content-type: image/jpeg
age: 1031
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4709 bytes)
Hash
c92c49279a7704d715e50836676d1abb
3092b4dbd87f7e5a2eff65c463da9c5103ff748a
6941145d63e68abf0f20081517faa4082eed3c59f8b8a69066f70b29d90fd355

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4709
x-amzn-requestid: c2923a57-57c4-4d62-83bc-e4c8b61aa2bd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocuiGeeIAMF9Dg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7f6-7e47cfe804e333cc540f162a;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: M72Vjcyc06ihmWcqr2_Xrk8dGcC5pCoDidg5rhtRkVddavcUFE6G6w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:37 GMT
etag: "3092b4dbd87f7e5a2eff65c463da9c5103ff748a"
content-type: image/jpeg
age: 1031
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb13a70d-b8c4-4350-b75f-4a792bbe0138.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5444 bytes)
Hash
8b3875b4f9986a58288fdb19744f275e
ee76902c43d2b348a194456e53978337cf5391a4
84e01baf1a4f51606a20f464990c1de066a10a0310abc3abffa5b143ad64c93f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb13a70d-b8c4-4350-b75f-4a792bbe0138.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5444
x-amzn-requestid: 6d58934a-f718-4bdc-9aa9-e570c3eb6d0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aI0DvG5voAMFmLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634d007e-2e60c6b673315a4034f09320;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 07:13:02 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: skpAlvhidM2bxW0pciEBF7LfKpWGnwLsq_Eg0y4VCOp5GdtJlgYhAQ==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:52:15 GMT
age: 753
etag: "ee76902c43d2b348a194456e53978337cf5391a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5109ae5-81e3-49db-bbdc-eb160eef1dfd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9686 bytes)
Hash
33e31f3d27d3068624029f7a917ac24d
d28a39cffb1d8a7a1a7bbfa3f95f98b790c6a673
31ead0fb893666b5c533ab6cb51e85b2646aa1ef46ef67ad80d2e7c911e0fdde

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5109ae5-81e3-49db-bbdc-eb160eef1dfd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9686
x-amzn-requestid: c9a788b9-1367-4050-9590-30ef6d9a4fa3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocugHsUoAMFjnQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7f6-444afe996c8df73779f78a53;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 3otUfQziZmocFHGSOWSKJtXpgCOPfhxY3TOkbrBT6pdNi5B2Xrf67A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:37 GMT
etag: "d28a39cffb1d8a7a1a7bbfa3f95f98b790c6a673"
content-type: image/jpeg
age: 1031
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd980e84d-7557-46f4-86fa-a1750bc0556c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4328 bytes)
Hash
67c7146ff56c9463c0b083309a978ea0
707b7879deeb50d13d83aafc7293995e937024a7
b7165804db9a86623445ee8dce01ac6cbbf65cc7f99b60089ca4382a230b093e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd980e84d-7557-46f4-86fa-a1750bc0556c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 4328
x-amzn-requestid: 0d4e3cd2-261d-48ca-9eaa-e8781bba8208
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocvjFZtIAMFWlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7fc-78d12691124af7052d77f5be;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: zhIR7YHR6tsp4mlWUeYqCk2QjLPiE_uyUwpSptMBqCjjtJQE6Fb5cw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:44 GMT
etag: "707b7879deeb50d13d83aafc7293995e937024a7"
content-type: image/jpeg
age: 1031
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (54)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type