Report - amason-reward.store/

Report Overview

URL

amason-reward.store/
IP

3.66.136.156

ASN

#16509 AMAZON-02
Submitted

2023-01-30T08:08:11Z

Access
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

0
Threat Detection Systems

32

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com (2)	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782	2374	35.241.9.150
ocsp.pki.goog (5)	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1715	3495	142.250.74.131
push.services.mozilla.com (1)	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606	127	34.210.150.237
fleraprt.com (1)	unknown	2022-01-14T23:55:14Z	2023-03-13T06:33:10Z	495	487	139.45.195.254
widget.supercounters.com (1)	168845	2012-06-27T14:27:10Z	2023-03-13T06:28:25Z	379	730	172.67.154.41
fonts.googleapis.com (1)	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	448	630	142.250.74.106
amason-reward.store (27)	unknown	2020-06-14T23:12:01Z	2023-02-24T09:07:50Z	21702	81024	18.158.98.109
r3.o.lencr.org (10)	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3380	8865	23.36.76.226
fonts.gstatic.com (4)	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	1967	91098	142.250.74.35
untimburra.com (3)	85523	2021-09-13T15:35:19Z	2023-03-13T10:00:24Z	1788	13764	139.45.197.239
secure.quantserve.com (1)	973	2012-05-22T22:26:25Z	2023-03-13T05:20:58Z	369	293	91.228.74.251
ocsp.digicert.com (4)	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1364	2490	93.184.220.29
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3245	54996	34.120.237.76
my.rtmark.net (1)	9054	2015-02-04T10:54:57Z	2023-03-13T05:11:40Z	392	748	139.45.195.8
service.supercounters.com (1)	unknown	2022-03-04T15:47:46Z	2023-03-13T06:28:26Z	573	266	172.104.29.90
rules.quantcount.com (1)	877	2018-06-15T17:43:28Z	2023-03-13T05:20:58Z	384	804	54.230.111.4
www.ezojs.com (1)	41202	2017-11-17T08:37:11Z	2023-03-13T07:59:25Z	528	801	104.21.36.242
tzegilo.com (1)	unknown	2022-01-14T16:27:15Z	2023-03-13T06:33:04Z	361	828	104.21.89.122
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413	5844	34.160.144.191
contile.services.mozilla.com (1)	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333	391	34.117.237.239
ocsp.sectigo.com (2)	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	680	12485	104.18.32.68
pixel.quantserve.com (1)	417	2012-05-21T21:45:06Z	2023-03-13T05:28:27Z	733	459	91.228.74.251

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-30	medium	widget.supercounters.com/ssl/online_i.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-29	medium	untimburra.com	Sinkholed
2023-01-29	medium	untimburra.com	Sinkholed
2023-01-30	medium	fleraprt.com	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-29	medium	untimburra.com	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed
2023-01-30	medium	amason-reward.store	Sinkholed

ThreatFox

No alerts detected

HTTP Transactions (76)

URL IP Response Size

amason-reward.store/

18.158.98.109

301 Moved Permanently

707

URL HTTP/1.1

amason-reward.store/
IP

18.158.98.109:0
ASN

#16509 AMAZON-02

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators

Size

707
Hash

1304294c0823ca486542ba408ed761e3

b2a70fb2d810ca13985882e6981f33998823e83e

3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

                                        GET / HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        HTTP/1.1 301 Moved Permanently
Cache-Control: public, max-age=2592000
Content-Type: text/html
Date: Mon, 30 Jan 2023 08:08:00 UTC
Display: staticcontent_sol, orig_site_sol
Location: https://amason-reward.store/
Pagespeed: off
Response: 301
Server: LiteSpeed
Vary: Accept-Encoding,User-Agent,Origin
X-Ez-Proxy-Out: true 2.3
X-Ezoic-Cdn: Hit ds;mm;69319cda39fd25ca81a16789ef4aca44;2-279054-0;feac6a8b-b8b3-4e30-7f84-f3818159074b
X-Middleton-Display: staticcontent_sol, orig_site_sol
X-Middleton-Response: 301
X-Origin-Cache-Control: 
X-Sol: orig
X-Turbo-Charged-By: LiteSpeed
Content-Length: 707

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

a2104f935c638b4767ca5ae0d738ef23

85c6af15af749be0ceeae6de17c36925b750f166

5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2535
Expires: Mon, 30 Jan 2023 08:50:15 GMT
Date: Mon, 30 Jan 2023 08:08:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

3eb88dea4fe00db1182370e72683c3ab

ca520abf1e91bfd2aef40c6a1270a911071e8922

d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16577
Expires: Mon, 30 Jan 2023 12:44:17 GMT
Date: Mon, 30 Jan 2023 08:08:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

09ee4b0fe6cf4ca5ed31b24452338d00

7e62b6e20f0d4737f4a8d94f9818a0883027839e

56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11597
Expires: Mon, 30 Jan 2023 11:21:17 GMT
Date: Mon, 30 Jan 2023 08:08:00 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939

URL HTTP/2

firefox.settings.services.mozilla.com/v1/
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (939), with no line terminators

Size

939
Hash

dcd75ca6daca51c5e39d431468511793

07f76d3bf23d65c9110d810fa71a994e39e085d3

73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

                                        GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 07:35:42 GMT
content-type: application/json
age: 1938
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5348

URL HTTP/2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP

34.160.144.191:0
ASN

#15169 GOOGLE

Magic

PEM certificate\012- , ASCII text

Size

5348
Hash

7b922915ebf1fa3639b333f994c74f24

144a3f80b98fd0652d4614f24cf6cbbee40f8938

adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

                                        GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
x-amz-id-2: lKpzc7Nk2Wnuo08K7fltKH7oRYA1S+iQNhRAzEB0uSKQU8Hh16aqYSQa5APCEInqHn1SoV5nIxQ=
x-amz-request-id: S5RZEKR627THW0F8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 07:50:39 GMT
age: 1041
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

URL HTTP/2

contile.services.mozilla.com/v1/tiles
IP

34.117.237.239:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with no line terminators

Size

12
Hash

23e88fb7b99543fb33315b29b1fad9d6

a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

                                        GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 08:08:00 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

1b877b554a893f2cae4c172eab26e0ed

4492f51c0955ddc68ea7e29a7978c7b9a32de9fe

ba2dcba0ddf079ab72601c613b52a79cfb1259030a9cc934f927d20c15d5052b

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BA2DCBA0DDF079AB72601C613B52A79CFB1259030A9CC934F927D20C15D5052B"
Last-Modified: Mon, 30 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21588
Expires: Mon, 30 Jan 2023 14:07:48 GMT
Date: Mon, 30 Jan 2023 08:08:00 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329

URL HTTP/2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (329), with no line terminators

Size

329
Hash

0333b0655111aa68de771adfcc4db243

63f295a144ac87a7c8e23417626724eeca68a7eb

60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

                                        GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 07:49:04 GMT
age: 1136
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

22b9916fc1fafc9bdc9bb37f9eac8a9a

86f640e134a741a0f906a8e3a0f5c6659dd0e394

a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11565
Expires: Mon, 30 Jan 2023 11:20:45 GMT
Date: Mon, 30 Jan 2023 08:08:00 GMT
Connection: keep-alive

amason-reward.store/utilcave_com/inc/ezcl.webp?cb=4

18.159.80.129

200 OK

606

URL HTTP/2

amason-reward.store/utilcave_com/inc/ezcl.webp?cb=4
IP

18.159.80.129:0
ASN

#16509 AMAZON-02

Magic

ASCII text, with very long lines (1337), with no line terminators

Size

606
Hash

929957068218d4492a324fb3c5398d11

9244b2fb09040edf9d31ae8d3e504d15434466f1

5618a0423875b9cd63c1b9bcf3c4cf2621b59fb607b0bb8536e696f8e84d1bc2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

                                        GET /utilcave_com/inc/ezcl.webp?cb=4 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=31118c18-a76e-474f-5107-8ffb1df95ba9; ezoab_279054=mod13; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1675066080; ezovuuid_279054=7b891cd9-6f19-482a-7b8e-61b35e59727b; ezopvc_279054=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
cache-control: max-age=86400
content-encoding: br
content-type: application/javascript
date: Mon, 30 Jan 2023 08:08:00 GMT
display: staticcontent_sol
server: Apache/2.4.39 (Ubuntu)
set-cookie: ezoab_279054=mod13; Path=/; Domain=amason-reward.store; Expires=Mon, 30 Jan 2023 10:08:00 UTC
ezoadgid_279054=-1; Path=/; Domain=amason-reward.store; Expires=Mon, 30 Jan 2023 08:38:00 UTC
ezoref_279054=; Path=/; Domain=amason-reward.store; Expires=Mon, 30 Jan 2023 10:08:00 UTC
ezosuibasgeneris-1=31118c18-a76e-474f-5107-8ffb1df95ba9; Path=/; Domain=amason-reward.store; Expires=Tue, 30 Jan 2024 08:08:00 UTC; Secure; SameSite=None
vary: Accept-Encoding
x-middleton-display: staticcontent_sol
x-sol: middleton
content-length: 606
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

75bf326700e29b1b06e57fb96ee2b064

4f979f28905b65637a058cd44be6c25bb51a42e4

385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 08:08:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

amason-reward.store/wp-content/themes/magbook/js/navigation.js?ver=6.1.1

18.159.80.129

200 OK

531

URL HTTP/2

amason-reward.store/wp-content/themes/magbook/js/navigation.js?ver=6.1.1
IP

18.159.80.129:0
ASN

#16509 AMAZON-02

Magic

ASCII text, with very long lines (1541), with no line terminators

Size

531
Hash

a83e96c579b61bc5e9105685b9c69fcf

f112da3787429a16fd6d9af5d6c55dee8f037e05

e95d7e1a039159c116537badf624899f453bef621d25d89b3081f887224d8c52

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

                                        GET /wp-content/themes/magbook/js/navigation.js?ver=6.1.1 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=31118c18-a76e-474f-5107-8ffb1df95ba9; ezoab_279054=mod13; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1675066080; ezovuuid_279054=7b891cd9-6f19-482a-7b8e-61b35e59727b; ezopvc_279054=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
cache-control: public, max-age=604800
content-encoding: br
content-type: application/javascript
date: Mon, 30 Jan 2023 08:08:01 UTC
display: staticcontent_sol
last-modified: Tue, 24 Jan 2023 19:08:54 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Hit ds;ds;a5c54019069fe42801661a7e6a91aaa1;2-279054-0;c35be99d-5a20-4948-4171-5c1586c32601
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-length: 531
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

f2c1e2376be7ae4f4253f99a9431c6f8

17c201264408f0ea0e1e8cf394e2b80c9c13f6e3

32645b28cf3d99c2d56f3c0afa7340bd0f42424810fffc54cdc8980885ebb656

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "32645B28CF3D99C2D56F3C0AFA7340BD0F42424810FFFC54CDC8980885EBB656"
Last-Modified: Sun, 29 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2195
Expires: Mon, 30 Jan 2023 08:44:36 GMT
Date: Mon, 30 Jan 2023 08:08:01 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

75bf326700e29b1b06e57fb96ee2b064

4f979f28905b65637a058cd44be6c25bb51a42e4

385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 08:08:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

34.210.150.237

101 Switching Protocols

URL HTTP/1.1

push.services.mozilla.com/
IP

34.210.150.237:0
ASN

#16509 AMAZON-02

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xtqbnGUP+qVGLnvt5gq8zQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 721kd99TsKXfmTuuu6s9ZViXo04=

amason-reward.store/wp-includes/css/classic-themes.min.css?ver=1

18.159.80.129

200 OK

147

URL HTTP/2

amason-reward.store/wp-includes/css/classic-themes.min.css?ver=1
IP

18.159.80.129:0
ASN

#16509 AMAZON-02

Magic

ASCII text

Size

147
Hash

c17edde4319627306a9db703afc1f4b7

81c9bf3ddadeb0b0f2b11062f550f9c491896f7a

7134a8432bfea574db64b77f428ec50c64299f53a03d64a2f9e67b86751ed7a2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

                                        GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=31118c18-a76e-474f-5107-8ffb1df95ba9; ezoab_279054=mod13; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1675066080; ezovuuid_279054=7b891cd9-6f19-482a-7b8e-61b35e59727b; ezopvc_279054=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
cache-control: public, max-age=604800
content-encoding: br
content-type: text/css
date: Mon, 30 Jan 2023 08:08:01 UTC
display: staticcontent_sol, orig_site_sol
expires: Mon, 06 Feb 2023 08:08:01 GMT
last-modified: Tue, 24 Jan 2023 19:08:54 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Miss
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-sol: orig
x-turbo-charged-by: LiteSpeed
content-length: 147
X-Firefox-Spdy: h2

amason-reward.store/wp-content/themes/magbook/assets/sticky/sticky-settings.js?ver=6.1.1

18.159.80.129

200 OK

111

URL HTTP/2

amason-reward.store/wp-content/themes/magbook/assets/sticky/sticky-settings.js?ver=6.1.1
IP

18.159.80.129:0
ASN

#16509 AMAZON-02

Magic

ASCII text, with no line terminators

Size

111
Hash

cb7a12589ff6d000681b418b98780359

1575afc4339fdc6d98fd86a10e0eb2f8bbd98b75

a3e228976c123893fde1ad656db9fd81baceee354dc924c70d3965ce16196dc8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

                                        GET /wp-content/themes/magbook/assets/sticky/sticky-settings.js?ver=6.1.1 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=31118c18-a76e-474f-5107-8ffb1df95ba9; ezoab_279054=mod13; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1675066080; ezovuuid_279054=7b891cd9-6f19-482a-7b8e-61b35e59727b; ezopvc_279054=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
cache-control: public, max-age=604800
content-encoding: br
content-type: application/javascript
date: Mon, 30 Jan 2023 08:08:01 UTC
display: staticcontent_sol
expires: Mon, 06 Feb 2023 08:08:01 GMT
last-modified: Tue, 24 Jan 2023 19:08:54 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Miss
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-length: 111
X-Firefox-Spdy: h2

amason-reward.store/wp-content/themes/magbook/js/flexslider-setting.js?ver=6.1.1

18.159.80.129

200 OK

404

URL HTTP/2

amason-reward.store/wp-content/themes/magbook/js/flexslider-setting.js?ver=6.1.1
IP

18.159.80.129:0
ASN

#16509 AMAZON-02

Magic

ASCII text, with very long lines (1584), with no line terminators

Size

404
Hash

1fffc9308831ace4a266b34d8024d4ee

19620536400dfd0250eb398265772675664f06aa

9d3e954c95634731f7501eb52a2c09b03d2c9b57a893133903f5479a929f4f22

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

                                        GET /wp-content/themes/magbook/js/flexslider-setting.js?ver=6.1.1 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=31118c18-a76e-474f-5107-8ffb1df95ba9; ezoab_279054=mod13; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1675066080; ezovuuid_279054=7b891cd9-6f19-482a-7b8e-61b35e59727b; ezopvc_279054=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
cache-control: public, max-age=604800
content-encoding: br
content-type: application/javascript
date: Mon, 30 Jan 2023 08:08:01 UTC
display: staticcontent_sol
expires: Mon, 06 Feb 2023 08:08:01 GMT
last-modified: Tue, 24 Jan 2023 19:08:54 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Miss
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-length: 404
X-Firefox-Spdy: h2

amason-reward.store/wp-content/themes/magbook/assets/sticky/jquery.sticky.min.js?ver=6.1.1

18.159.80.129

200 OK

1378

URL HTTP/2

amason-reward.store/wp-content/themes/magbook/assets/sticky/jquery.sticky.min.js?ver=6.1.1
IP

18.159.80.129:0
ASN

#16509 AMAZON-02

Magic

ASCII text, with very long lines (4325), with no line terminators

Size

1378
Hash

42e1af0169f2376f58e91c710ed6559a

22dd9d413b174cc00b0252d223607baab7394277

aa0f44efbfb4c7e58dbbf77e3175c4e5175d54bf1c8621b09f2cf6816c91a282

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

                                        GET /wp-content/themes/magbook/assets/sticky/jquery.sticky.min.js?ver=6.1.1 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=31118c18-a76e-474f-5107-8ffb1df95ba9; ezoab_279054=mod13; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1675066080; ezovuuid_279054=7b891cd9-6f19-482a-7b8e-61b35e59727b; ezopvc_279054=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
cache-control: public, max-age=604800
content-encoding: br
content-type: application/javascript
date: Mon, 30 Jan 2023 08:08:01 UTC
display: staticcontent_sol
expires: Mon, 06 Feb 2023 08:08:01 GMT
last-modified: Tue, 24 Jan 2023 19:08:54 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Miss
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-length: 1378
X-Firefox-Spdy: h2

amason-reward.store/wp-content/themes/magbook/js/skip-link-focus-fix.js?ver=6.1.1

18.159.80.129

200 OK

173

URL HTTP/2

amason-reward.store/wp-content/themes/magbook/js/skip-link-focus-fix.js?ver=6.1.1
IP

18.159.80.129:0
ASN

#16509 AMAZON-02

Magic

ASCII text, with very long lines (325), with no line terminators

Size

173
Hash

78f64ed535b78f61826ffd54a8c42540

3eaaedf3815725f8f17ea5f3581bab5fa52ef8cd

9744c591427e1fdf99dabb708bd748ecead99f2b9c991521503a1fc09dae8287

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

                                        GET /wp-content/themes/magbook/js/skip-link-focus-fix.js?ver=6.1.1 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=31118c18-a76e-474f-5107-8ffb1df95ba9; ezoab_279054=mod13; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1675066080; ezovuuid_279054=7b891cd9-6f19-482a-7b8e-61b35e59727b; ezopvc_279054=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
cache-control: public, max-age=604800
content-encoding: br
content-type: application/javascript
date: Mon, 30 Jan 2023 08:08:01 UTC
display: staticcontent_sol
expires: Mon, 06 Feb 2023 08:08:01 GMT
last-modified: Tue, 24 Jan 2023 19:08:54 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Miss
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-length: 173
X-Firefox-Spdy: h2

amason-reward.store/wp-content/themes/magbook/js/magbook-main.js?ver=6.1.1

18.159.80.129

200 OK

779

URL HTTP/2

amason-reward.store/wp-content/themes/magbook/js/magbook-main.js?ver=6.1.1
IP

18.159.80.129:0
ASN

#16509 AMAZON-02

Magic

ASCII text, with very long lines (2868), with no line terminators

Size

779
Hash

570e64f401bb2a43cc86223dbbf8fd1d

e37422812a951507110d819f4888b85da00cbfa3

f33a3673d4bd96d1a6daf88cf72f9657f673e543943ceecb360eda6fab083eba

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

                                        GET /wp-content/themes/magbook/js/magbook-main.js?ver=6.1.1 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=31118c18-a76e-474f-5107-8ffb1df95ba9; ezoab_279054=mod13; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1675066080; ezovuuid_279054=7b891cd9-6f19-482a-7b8e-61b35e59727b; ezopvc_279054=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
cache-control: public, max-age=604800
content-encoding: br
content-type: application/javascript
date: Mon, 30 Jan 2023 08:08:01 UTC
display: staticcontent_sol
expires: Mon, 06 Feb 2023 08:08:01 GMT
last-modified: Tue, 24 Jan 2023 19:08:54 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Miss
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-length: 779
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

db3290a85d0ba4da27406ae9636aa618

4c69da45eddd66a1e26fce5562fc45eda7005309

19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 08:08:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

amason-reward.store/wp-content/uploads/2021/07/images-7.png

18.159.80.129

200 OK

32979

URL HTTP/2

amason-reward.store/wp-content/uploads/2021/07/images-7.png
IP

18.159.80.129:0
ASN

#16509 AMAZON-02

Magic

PNG image data, 739 x 415, 8-bit colormap, non-interlaced\012- data

Size

32979
Hash

36f0e7968417fa5d54e0b3d0be147f05

39d44d09c1cedeebe208ad547d6a680641a5e2b7

66714d71897e55bd12da74543b8a54c48a6c1910629d94e70020474cf30976c1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

                                        GET /wp-content/uploads/2021/07/images-7.png HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=31118c18-a76e-474f-5107-8ffb1df95ba9; ezoab_279054=mod13; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1675066080; ezovuuid_279054=7b891cd9-6f19-482a-7b8e-61b35e59727b; ezopvc_279054=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
cache-control: public, max-age=2592000
content-encoding: br
content-type: image/png
date: Mon, 30 Jan 2023 08:08:01 UTC
display: staticcontent_sol
last-modified: Tue, 24 Jan 2023 19:08:54 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Hit ds;ds;62320f964449fdbcd9024db079db5443;2-279054-0;83de7076-4ff9-40ac-7883-afe298c7f9b4
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

amason-reward.store/wp-content/themes/magbook/style.css?ver=6.1.1

18.159.80.129

200 OK

18241

URL HTTP/2

amason-reward.store/wp-content/themes/magbook/style.css?ver=6.1.1
IP

18.159.80.129:0
ASN

#16509 AMAZON-02

Magic

ASCII text, with very long lines (996)

Size

18241
Hash

c947ab8f8cbd45337c9d14bf34cb6485

c3ffca59d0d3a7bc898a3721f285f2e1a6db75c0

5d1574e51c820cdbcd337dd5e1ce8e94f1bf9a542328fcf8d180bd2dc942be90

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

                                        GET /wp-content/themes/magbook/style.css?ver=6.1.1 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=31118c18-a76e-474f-5107-8ffb1df95ba9; ezoab_279054=mod13; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1675066080; ezovuuid_279054=7b891cd9-6f19-482a-7b8e-61b35e59727b; ezopvc_279054=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
cache-control: public, max-age=604800
content-encoding: br
content-type: text/css
date: Mon, 30 Jan 2023 08:08:01 UTC
display: staticcontent_sol, orig_site_sol
expires: Mon, 06 Feb 2023 08:08:01 GMT
last-modified: Tue, 24 Jan 2023 19:08:54 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Miss
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-sol: orig
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

amason-reward.store/wp-content/themes/magbook/css/responsive.css?ver=6.1.1

18.159.80.129

200 OK

3933

URL HTTP/2

amason-reward.store/wp-content/themes/magbook/css/responsive.css?ver=6.1.1
IP

18.159.80.129:0
ASN

#16509 AMAZON-02

Magic

ASCII text

Size

3933
Hash

6bc4f8f5cb1b6d51769d433c36e2ae35

0a17f6ea6f70665d2acba5e37487391e12765732

220da34c53534a74f7b0ebcd82ca31fca20d913529e234205826265df01a05a0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

                                        GET /wp-content/themes/magbook/css/responsive.css?ver=6.1.1 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=31118c18-a76e-474f-5107-8ffb1df95ba9; ezoab_279054=mod13; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1675066080; ezovuuid_279054=7b891cd9-6f19-482a-7b8e-61b35e59727b; ezopvc_279054=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
cache-control: public, max-age=604800
content-encoding: br
content-type: text/css
date: Mon, 30 Jan 2023 08:08:01 UTC
display: staticcontent_sol, orig_site_sol
expires: Mon, 06 Feb 2023 08:08:01 GMT
last-modified: Tue, 24 Jan 2023 19:08:54 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Miss
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-sol: orig
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

142.250.74.35

200 OK

23580

URL HTTP/2

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP

142.250.74.35:0
ASN

#15169 GOOGLE

Magic

Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data

Size

23580
Hash

e1b3b5908c9cf23dfb2b9c52b9a023ab

fcd4136085f2a03481d9958cc6793a5ed98e714c

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

                                        GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://amason-reward.store
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 04:29:08 GMT
expires: Wed, 24 Jan 2024 04:29:08 GMT
cache-control: public, max-age=31536000
age: 531534
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

db3290a85d0ba4da27406ae9636aa618

4c69da45eddd66a1e26fce5562fc45eda7005309

19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 08:08:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

142.250.74.35

200 OK

16740

URL HTTP/2

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP

142.250.74.35:0
ASN

#15169 GOOGLE

Magic

Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data

Size

16740
Hash

e43b535855a4ae53bd5b07a6eeb3bf67

6507312d9491156036316484bf8dc41e8b52ddd9

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

HTTP Headers

                                        GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://amason-reward.store
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 10:00:11 GMT
expires: Mon, 29 Jan 2024 10:00:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
age: 79671
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

142.250.74.35

200 OK

23040

URL HTTP/2

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP

142.250.74.35:0
ASN

#15169 GOOGLE

Magic

Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data

Size

23040
Hash

de69cf9e514df447d1b0bb16f49d2457

2ac78601179c3a63ba3f3f3081556b12ddcaf655

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

                                        GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://amason-reward.store
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 10:25:03 GMT
expires: Mon, 29 Jan 2024 10:25:03 GMT
cache-control: public, max-age=31536000
age: 78179
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

278
Hash

6ab66daef897792f9c8cb6d5fcb830e8

ec320d880d548f3ee56b568bf85db27849b02b9d

ea193f65fccc954944ba94c8682727bf7d864cd057b1fac9425e32fb8e8c421b

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5191
Cache-Control: max-age=144823
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 08:08:02 GMT
Etag: "63d6f952-116"
Expires: Wed, 01 Feb 2023 00:21:45 GMT
Last-Modified: Sun, 29 Jan 2023 22:55:14 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 278

fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2

142.250.74.35

200 OK

24408

URL HTTP/2

fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
IP

142.250.74.35:0
ASN

#15169 GOOGLE

Magic

Web Open Font Format (Version 2), TrueType, length 24408, version 1.0\012- data

Size

24408
Hash

efee2d080d7bebdd2e0aeb2e030813a0

f8d38f9f9584e48c2e469877ebd94232265585f1

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

HTTP Headers

                                        GET /s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://amason-reward.store
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:31 GMT
expires: Fri, 26 Jan 2024 21:48:31 GMT
cache-control: public, max-age=31536000
age: 296371
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

db3290a85d0ba4da27406ae9636aa618

4c69da45eddd66a1e26fce5562fc45eda7005309

19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 08:08:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

278

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

278
Hash

6ab66daef897792f9c8cb6d5fcb830e8

ec320d880d548f3ee56b568bf85db27849b02b9d

ea193f65fccc954944ba94c8682727bf7d864cd057b1fac9425e32fb8e8c421b

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5191
Cache-Control: max-age=144823
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 08:08:02 GMT
Etag: "63d6f952-116"
Expires: Wed, 01 Feb 2023 00:21:45 GMT
Last-Modified: Sun, 29 Jan 2023 22:55:14 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 278

amason-reward.store/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

18.159.80.129

200 OK

4663

URL HTTP/2

amason-reward.store/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP

18.159.80.129:0
ASN

#16509 AMAZON-02

Magic

ASCII text, with very long lines (15660)

Size

4663
Hash

5f64e3846edffc87954c3a952837e8df

1877c453b1a98816c4866b2ad38061e48f8c1107

1c18066110cdfdfe632ecd64888c220c3fcc58c5725a5ff49c09191a52dc9cc5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

                                        GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=31118c18-a76e-474f-5107-8ffb1df95ba9; ezoab_279054=mod13; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1675066080; ezovuuid_279054=7b891cd9-6f19-482a-7b8e-61b35e59727b; ezopvc_279054=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
cache-control: public, max-age=604800
content-encoding: br
content-type: application/javascript
date: Mon, 30 Jan 2023 08:08:01 UTC
display: staticcontent_sol
last-modified: Tue, 24 Jan 2023 19:08:54 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Hit ds;ds;ff4bee1d596babae5ce753ae2d51c09d;2-279054-0;0d717ec6-5531-4b43-5ceb-a00e27faf338
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

e2d2b00ed4a3970f9b7c4561eec1f2ba

5d51d00a750a05bcad6aac56b5dcd410afff7591

20f4ee50766ee62c45e9a18f9646a856c1ae9b702a055c7d9131026dce630c42

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "20F4EE50766EE62C45E9A18F9646A856C1AE9B702A055C7D9131026DCE630C42"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13889
Expires: Mon, 30 Jan 2023 11:59:31 GMT
Date: Mon, 30 Jan 2023 08:08:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

dfb84426fed94988d5c90372baff059c

f1c4740830034ff8a5759d59ae3f657ea524d083

d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7586
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 08:08:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

dfb84426fed94988d5c90372baff059c

f1c4740830034ff8a5759d59ae3f657ea524d083

d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7586
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 08:08:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (32)

#1 JS:Script (size: 1005)

#2 JS:Script (size: 209)

#3 JS:Script (size: 28)

#4 JS:Script (size: 17)

#5 JS:Script (size: 39)

#6 JS:Script (size: 160)

#7 JS:Script (size: 320)

#8 JS:Script (size: 1337)

#9 JS:Script (size: 13121)

#10 JS:Script (size: 23089)

#11 JS:Script (size: 64198)

#12 JS:Script (size: 1584)

#13 JS:Script (size: 84617)

#14 JS:Script (size: 89684)

#15 JS:Script (size: 161)

#16 JS:Script (size: 881)

#17 JS:Script (size: 325)

#18 JS:Script (size: 4259)

#19 JS:Script (size: 41486)

#20 JS:Script (size: 2153)

#21 JS:Script (size: 26104)

#22 JS:Script (size: 104)

#23 JS:Script (size: 1541)

#24 JS:Script (size: 154)

#25 JS:Script (size: 172)

#26 JS:Script (size: 18617)

#27 JS:Script (size: 11224)

#28 JS:Script (size: 2868)

#29 JS:Script (size: 4325)

#30 JS:Script (size: 204)

#31 JS:Script (size: 1)

#32 JS:Script (size: 4768)

HTTP Transactions (76)

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1