Report - fanaticaviation.com/

Report Overview

Submitted URL
fanaticaviation.com/
IP
114.119.188.73
ASN
#136907 HUAWEI CLOUDS
Submitted
2023-01-15 05:37:46
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
70

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	840 B	12 kB	34.160.144.191
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	60 kB	34.120.237.76
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	8.4 kB	142.250.74.106
firefox-settings-attachments.cdn.mozilla.net	11509	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	412 B	808 kB	34.111.73.144
fanaticaviation.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	2.3 MB	114.119.188.73
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.149.213.50
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.1 kB	118 kB	35.241.9.150
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	142.250.74.131
shavar.services.mozilla.com	3602	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	453 B	204 B	54.149.73.9
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	485 B	48 kB	142.250.74.35
detectportal.firefox.com	1601	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	428 B	34.107.221.82
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.76.226
getpocket.cdn.mozilla.net	1369	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	435 B	47 kB	34.120.5.221

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed
2023-01-15	medium	fanaticaviation.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	fanaticaviation.com/wp-includes/js/wp-embed.min.js?ver=5.5.11	1.4 kB	2023-03-07	2024-04-26
Pretty URL fanaticaviation.com/wp-includes/js/wp-embed.min.js?ver=5.5.11 IP 114.119.188.73 ASN #136907 HUAWEI CLOUDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-04-26 10:10:59 Times Seen6878 Hash 905225d5711b559d3092387d5ffbedbd 6f6c39075263bafb9e8c10f1b34a1a0f7ee03c9d 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991 Loading...

	fanaticaviation.com/wp-content/themes/sydney/js/scripts.js?ver=5.5.11	74 kB	2023-03-07	2024-01-03
Pretty URL fanaticaviation.com/wp-content/themes/sydney/js/scripts.js?ver=5.5.11 IP 114.119.188.73 ASN #136907 HUAWEI CLOUDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:26:48 Last Seen2024-01-03 03:46:38 Times Seen13 Hash be109c43bf158031c9d5e0b8290a1964 d71839a990dbabaf0350ca67706701909993d04e 87dcc45bb858a37810c4b5442c26d2920286c6f3babfc98d1124d7111b1617bd Loading...

	fanaticaviation.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.0.12	64 kB	2023-03-07	2024-02-24
Pretty URL fanaticaviation.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.0.12 IP 114.119.188.73 ASN #136907 HUAWEI CLOUDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:45 Last Seen2024-02-24 09:49:01 Times Seen42 Hash d830f9810c31d520a1441e29ae13d6f1 bc0570d18a1561588a105642b9d865b7d2bf775c 839ec9368116f2cb9ad6a4ee25e2002d82b50335fda266ba0d74c6a3cc279ad8 Loading...

	fanaticaviation.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.0.12	120 kB	2023-03-07	2024-02-24
Pretty URL fanaticaviation.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.0.12 IP 114.119.188.73 ASN #136907 HUAWEI CLOUDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:45 Last Seen2024-02-24 09:49:01 Times Seen46 Hash 6f3be395d700affdc5aa1c1f2c9c908d 2bb17b5d3ff0d38cd72958f5ee2af2dc1993ce44 be821fed1bb2bf8d4b6588436a0055332634b4cde6f564ac03a4d36b881d73df Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 03:43:59 Times Seen37110181 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	fanaticaviation.com/wp-content/plugins/sydney-toolbox/js/main.js?ver=20200504	4.0 kB	2023-03-08	2023-11-26
Pretty URL fanaticaviation.com/wp-content/plugins/sydney-toolbox/js/main.js?ver=20200504 IP 114.119.188.73 ASN #136907 HUAWEI CLOUDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:49:43 Last Seen2023-11-26 17:48:24 Times Seen4 Hash eff7596afc60f5bcc257dc334e3f27cf 59cc11c7b24a2fb99262e8920255ea62ded42646 12233b5e9d0e451ddb818efcfafcb597441f65ada193e19682dceb05a4a490a4 Loading...

	fanaticaviation.com/	984 B	2023-03-12	2023-03-12
Pretty URL fanaticaviation.com/ IP 114.119.188.73 ASN #136907 HUAWEI CLOUDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:54:16 Last Seen2023-03-12 23:54:16 Times Seen1 Hash 37a7e0ab4748f5ce3dc4907df20b2fcf 337e86cd049cd24663840dc09dce7d2c9d447230 2974b5262c68a340d972bb1ffca5b493e8606ccaf4ebb46778319a0692c679af Loading...

	fanaticaviation.com/	2.1 kB	2023-03-12	2023-03-12
Pretty URL fanaticaviation.com/ IP 114.119.188.73 ASN #136907 HUAWEI CLOUDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:54:16 Last Seen2023-03-12 23:54:16 Times Seen1 Hash 4254420e348786038a8db69414f9de7a 6326fc954024fcf7969e9ef95243f5621ad368ff c3fa82bf244d39809b3e89335d134cd9c1dca3b6bbedc039230b1063992c22e2 Loading...

	fanaticaviation.com/wp-content/themes/sydney/js/main.js?ver=20200504	11 kB	2023-03-08	2023-03-26
Pretty URL fanaticaviation.com/wp-content/themes/sydney/js/main.js?ver=20200504 IP 114.119.188.73 ASN #136907 HUAWEI CLOUDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:32:44 Last Seen2023-03-26 11:42:24 Times Seen2 Hash fe568cd4eaf0e2eda5d83500a5009d4f 05d4a9702d4a5718cea4480ac3e8b8af16f3e48f 1b6906f668663068355cc0ba365f9d3658f91a1e7c23836bfadacf72bd797cb3 Loading...

	fanaticaviation.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2	12 kB	2023-03-07	2024-04-27
Pretty URL fanaticaviation.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 IP 114.119.188.73 ASN #136907 HUAWEI CLOUDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-27 02:39:29 Times Seen52849 Hash 3819c3569da71daec283a75483735f7e ecd40a5cc6f0b76200c454ca880210dc301cfab8 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0 Loading...

	fanaticaviation.com/	329 B	2023-03-07	2024-04-26
Pretty URL fanaticaviation.com/ IP 114.119.188.73 ASN #136907 HUAWEI CLOUDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 23:19:42 Times Seen3721 Hash 03d6d38af8c34d50a7d4f77919f3f6c7 90e18129a2b50addce02c98c923534d242233216 9f7a87d73cf34cd5d76d600a5ce326ac1ce32a021067b1bb50587fa488b13444 Loading...

	fanaticaviation.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1	11 kB	2023-03-07	2024-04-27
Pretty URL fanaticaviation.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1 IP 114.119.188.73 ASN #136907 HUAWEI CLOUDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:39 Last Seen2024-04-27 02:39:29 Times Seen3504 Hash 58baf0f238d7afc7ab926b8d51e5b559 8515e5f578269e29c048450f78c107935d325dff 2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb Loading...

	fanaticaviation.com/wp-content/themes/sydney/js/elementor.js?ver=20200504	2.6 kB	2023-03-12	2023-03-14
Pretty URL fanaticaviation.com/wp-content/themes/sydney/js/elementor.js?ver=20200504 IP 114.119.188.73 ASN #136907 HUAWEI CLOUDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:54:16 Last Seen2023-03-14 14:55:52 Times Seen1 Hash c9ca696ca515ed966cc60f1d57ccaea2 b6ecb035365496585f7770702340ccbdfaaa63ae ba0c1bd2d66d7e01840de39412d439f10649f0d759c804b98ad0a9003547c709 Loading...

	fanaticaviation.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.0.12	2.6 kB	2023-03-07	2024-04-27
Pretty URL fanaticaviation.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.0.12 IP 114.119.188.73 ASN #136907 HUAWEI CLOUDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:28 Last Seen2024-04-27 02:39:29 Times Seen4635 Hash 9bb8540493a7fe11b229870eb37be165 d77f17cb9057dc8f622b8c0bf23f6acb739b3b8e 4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580 Loading...

	fanaticaviation.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.11	14 kB	2023-03-07	2024-04-26
Pretty URL fanaticaviation.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.11 IP 114.119.188.73 ASN #136907 HUAWEI CLOUDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:38 Last Seen2024-04-26 09:56:43 Times Seen3532 Hash 878184c5d285d4d52d926d36ef19b718 dd260ffe0f8e3f38f58efd23cac8a1e5c788dad9 07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847 Loading...

	fanaticaviation.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp	97 kB	2023-03-07	2024-04-26
Pretty URL fanaticaviation.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp IP 114.119.188.73 ASN #136907 HUAWEI CLOUDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:38 Last Seen2024-04-26 23:52:46 Times Seen17764 Hash 49edccea2e7ba985cadc9ba0531cbed1 f8747f8ee704d9af31d0950015e01d3f9635b070 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df Loading...

	fanaticaviation.com/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4	6.4 kB	2023-03-07	2024-04-25
Pretty URL fanaticaviation.com/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4 IP 114.119.188.73 ASN #136907 HUAWEI CLOUDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:55 Last Seen2024-04-25 11:31:44 Times Seen1807 Hash d1c2e97eeca08ca067ccf2c5736f0390 5281985542fcc8c5a651d1991296e12c39bfcb82 0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3 Loading...

HTTP Transactions (82)

URL IP Response Size

detectportal.firefox.com/success.txt?ipv4

34.107.221.82

200 OK

8 B

URL HTTP/1.1
detectportal.firefox.com/success.txt?ipv4
IP
34.107.221.82:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
8 B (8 bytes)
Hash
ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5

HTTP Headers

GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Sat, 14 Jan 2023 23:05:34 GMT
Age: 23514
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2258cd6b877a3aca8f4c84074e65ac4b
4e46c70941f8e497e8afc8d078644e7f81761a1c
faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14564
Expires: Sun, 15 Jan 2023 09:40:12 GMT
Date: Sun, 15 Jan 2023 05:37:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d49bb7f71e6a198bcca53375cb604b0
1ef84ebfc953da002506f2c7297661dbe55868c4
a7893e0dceb849ce99aff9bcd3ea1324c205ee498b88beb3803be45533d502b4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A7893E0DCEB849CE99AFF9BCD3EA1324C205EE498B88BEB3803BE45533D502B4"
Last-Modified: Sat, 14 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8466
Expires: Sun, 15 Jan 2023 07:58:34 GMT
Date: Sun, 15 Jan 2023 05:37:28 GMT
Connection: keep-alive

getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30

34.120.5.221

200 OK

46 kB

URL HTTP/2
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30
IP
34.120.5.221:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
46 kB (46267 bytes)
Hash
379b25e5daaaec43d92e0042d0082fdc
d54d2371e44404e43ce8e2f28d7b4dd1bc69a007
93e97a181d8f71c43df860fb7feb7f6b0baa0130432a327693a0c706b15f7594

HTTP Headers

GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: M7hjbLLLdFyL2AnxNqCQ1OASQavDBc5a__TBg0vkvojRo_CvWJLnxw==
content-encoding: gzip
via: 1.1 f62c9ca47e35df5c65764381977823a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 05:35:49 GMT
content-type: application/json
content-length: 46267
age: 99
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
64765d3d978fd74d7bc47d55d4f097cf
92eb3f0d55ba99be28105c0b28ef7dd456817f1f
761aab02513e7a0ec55ea59109e88b39cbd4e17df0cd2035aa37a4693f22d1f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "761AAB02513E7A0EC55EA59109E88B39CBD4E17DF0CD2035AA37A4693F22D1F3"
Last-Modified: Thu, 12 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9713
Expires: Sun, 15 Jan 2023 08:19:21 GMT
Date: Sun, 15 Jan 2023 05:37:28 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: TgCbGvz9uHGmyvUc8ewvrOUxkConT2D+CkVzRAx7rpaVdKTd8Vir7KzJw6oupEf+tweVwYM1VEA=
x-amz-request-id: T4RBZTWYRXK2XZCG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 15 Jan 2023 05:26:35 GMT
age: 653
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3063227f59d1935298b0620fa7919145
478e1d8bef04b1f95381cac01829c03b6779d420
619281d3b9753bc6d2845786da75e8566687362769517aacf90f953ffbb8407c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "619281D3B9753BC6D2845786DA75E8566687362769517AACF90F953FFBB8407C"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5486
Expires: Sun, 15 Jan 2023 07:08:54 GMT
Date: Sun, 15 Jan 2023 05:37:28 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 05:37:28 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 15 Jan 2023 04:42:05 GMT
content-type: application/json
age: 3323
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

detectportal.firefox.com/success.txt?ipv4

34.107.221.82

200 OK

8 B

URL HTTP/1.1
detectportal.firefox.com/success.txt?ipv4
IP
34.107.221.82:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
8 B (8 bytes)
Hash
ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5

HTTP Headers

GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Sat, 14 Jan 2023 23:05:34 GMT
Age: 23515
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600

fanaticaviation.com/

114.119.188.73

200 OK

9.9 kB

URL HTTP/1.1
fanaticaviation.com/
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1820), with CRLF, LF line terminators
Size
9.9 kB (9926 bytes)
Hash
c370eced76c97887ffe696aef1e340e7
0678efd7064019fe7ad49d53c686d730c1eedbd6
a3b76e82c25bd6f30e5f9401c6f602d05576c90133572e0bc72b7a54812b8a12

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:28 GMT
Server: Apache/2
Link: <http://fanaticaviation.com/wp-json/>; rel="https://api.w.org/", <http://fanaticaviation.com/wp-json/wp/v2/pages/13>; rel="alternate"; type="application/json", <http://fanaticaviation.com/>; rel=shortlink
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9926
Keep-Alive: timeout=2, max=100
Content-Type: text/html; charset=UTF-8

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
6cefb79229df092a3c7d30995252acf4
3a2c3d907c326e1d326fc06228ffc595e8e2d30c
4eb79f4e4addacb7636bd2d886adacda0acafa0805003688b2854c5f9a05d11d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5641
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 05:37:29 GMT
Last-Modified: Sun, 15 Jan 2023 04:03:28 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
83579ff88cab4d4d05d4741599104d9c
fe74c219f8655a4ca36fe397884e55ab63d1288a
a492a770e88739fac8094f7b73f87474cee4ad2ccbf9f1963b935474544ef3f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 05:37:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fanaticaviation.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.11

114.119.188.73

200 OK

7.9 kB

URL HTTP/1.1
fanaticaviation.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.11
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
ASCII text, with very long lines (27100)
Size
7.9 kB (7907 bytes)
Hash
cc421ea7bd44a8d71de0cce7456713f8
6644acaa564e4ce2e231c4606f09bbca92374d29
e55c9ab4d75acebeafb3e1e517667ef6a4aa237f217cd6929d9091166526a18e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=5.5.11 HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:29 GMT
Server: Apache/2
Last-Modified: Tue, 06 Oct 2020 09:43:02 GMT
ETag: "d293-5b0fd6cd3d20e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7907
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/css

fanaticaviation.com/wp-content/themes/sydney/css/bootstrap/bootstrap.min.css?ver=1

114.119.188.73

200 OK

4.4 kB

URL HTTP/1.1
fanaticaviation.com/wp-content/themes/sydney/css/bootstrap/bootstrap.min.css?ver=1
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
ASCII text, with very long lines (16271)
Size
4.4 kB (4401 bytes)
Hash
223b52fbd9ca9cf81cac14f5feff5f6c
00e638ebd170c5710c3e632a3e6339c9c07fdb5a
719d1dee548bf5c2fa3592f87b3d6b16e71d2dfc67c412c8557cc4488efca684

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/sydney/css/bootstrap/bootstrap.min.css?ver=1 HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:29 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 06 Oct 2020 10:15:13 GMT
ETag: "40f4-5b0fddff22ffe-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4401
Keep-Alive: timeout=2, max=100
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
83579ff88cab4d4d05d4741599104d9c
fe74c219f8655a4ca36fe397884e55ab63d1288a
a492a770e88739fac8094f7b73f87474cee4ad2ccbf9f1963b935474544ef3f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 05:37:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c01ec61f7ca77158f474b3ab519c12fa
fc82ae0fcd73a83a980b75709a08e65239894e4a
f533e0fac9b92e79d4fbd6e70b42a83067de95f0a13cc737d7e5fa459baa4c54

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5583
Cache-Control: max-age=104540
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 05:37:29 GMT
Etag: "63c270a7-1d7"
Expires: Mon, 16 Jan 2023 10:39:49 GMT
Last-Modified: Sat, 14 Jan 2023 09:06:47 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
83579ff88cab4d4d05d4741599104d9c
fe74c219f8655a4ca36fe397884e55ab63d1288a
a492a770e88739fac8094f7b73f87474cee4ad2ccbf9f1963b935474544ef3f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 05:37:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2

54.149.73.9

200 OK

8 B

URL HTTP/1.1
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP
54.149.73.9:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
8 B (8 bytes)
Hash
29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b

HTTP Headers

POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Sun, 15 Jan 2023 05:37:29 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 15 Jan 2023 05:17:25 GMT
age: 1204
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.149.213.50

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.213.50:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tQFIytZyDv3WoynVxriunA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hVG4Z07exL5+OStE0nQcAkCVPow=

fanaticaviation.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.0.12

114.119.188.73

200 OK

2.6 kB

URL HTTP/1.1
fanaticaviation.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.0.12
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
ASCII text, with very long lines (10019)
Size
2.6 kB (2592 bytes)
Hash
0ea81c35141c6a4692506e4fe8d36edb
392c5f96995e66d74c27ed5a42f93169c2f32d18
b7488fd21ad73e483cdcaf42097ea7787ffe0616477e29a537f53f6064e321ab

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.0.12 HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:29 GMT
Server: Apache/2
Last-Modified: Wed, 21 Oct 2020 06:53:36 GMT
ETag: "4824-5b228ce80f011-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2592
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/css

fanaticaviation.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.0.12

114.119.188.73

200 OK

536 B

URL HTTP/1.1
fanaticaviation.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.0.12
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
ASCII text, with very long lines (3815)
Size
536 B (536 bytes)
Hash
d26bbb1362b2fb62b4a6f7fa4a17a5f7
3c5a8b388864066e6075038266b2b99edc676176
033ea79404dc509cf6a453fbdca761ed70c8c530877ecc6041d57384576f0f00

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.0.12 HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:29 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 21 Oct 2020 06:53:37 GMT
ETag: "f0f-5b228ce953b72-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 536
Keep-Alive: timeout=2, max=100
Content-Type: text/css

fanaticaviation.com/wp-content/uploads/elementor/css/post-13.css?ver=1603860468

114.119.188.73

200 OK

2.5 kB

URL HTTP/1.1
fanaticaviation.com/wp-content/uploads/elementor/css/post-13.css?ver=1603860468
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
ASCII text, with very long lines (34528), with no line terminators
Size
2.5 kB (2543 bytes)
Hash
f4c7e34310f41aedca92dc32b5b0e4a8
bb7264c8c033635f1666d7d21bc7e1d6bc7b373b
8924de5feeb982a5883cd36f479a058a0fa9f024dc0b8e50dee271a9c948ce9a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-13.css?ver=1603860468 HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:29 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 28 Oct 2020 04:47:48 GMT
ETag: "86e0-5b2b3dd7a829f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2543
Keep-Alive: timeout=2, max=100
Content-Type: text/css

fanaticaviation.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.12.0

114.119.188.73

200 OK

12 kB

URL HTTP/1.1
fanaticaviation.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.12.0
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
ASCII text, with very long lines (55567)
Size
12 kB (12121 bytes)
Hash
63d58fe0821a0b4e6d97b59f11bf5075
4322ee6337c719701d0df065d62c0ab6cc1f6788
596e9beb8d0a9f672f67bab9b0766eb32e004c3e7c04c3b367649ca83008c861

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.12.0 HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:29 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 21 Oct 2020 06:53:37 GMT
ETag: "d9c9-5b228ce892990-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 12121
Keep-Alive: timeout=2, max=100
Content-Type: text/css

fanaticaviation.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.12.0

114.119.188.73

200 OK

308 B

URL HTTP/1.1
fanaticaviation.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.12.0
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
ASCII text, with very long lines (482)
Size
308 B (308 bytes)
Hash
c71311e820b2cb84dcaea8c014ad22d1
e4353378e73cf50e44677251f806716af3e3565a
4775682b1094029968fef77866c6edac5887b8e8a3367edc31064fdcb7288489

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.12.0 HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:29 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 21 Oct 2020 06:53:37 GMT
ETag: "29c-5b228ce891dd8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 308
Keep-Alive: timeout=2, max=100
Content-Type: text/css

firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221673751432635%22

35.241.9.150

200 OK

21 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221673751432635%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (20973), with no line terminators
Size
21 kB (20973 bytes)
Hash
75c23d118a28c280c928065cd96874d3
140ec3a1030344cd489635434bee1b4ae9433554
a27dcb45e772123683b27e1a368bb2f661c359c9e262388a27e6b511977bbaf4

HTTP Headers

GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221673751432635%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 20973
via: 1.1 google
date: Sun, 15 Jan 2023 05:01:57 GMT
age: 2132
last-modified: Sun, 15 Jan 2023 02:57:12 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

fanaticaviation.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.11

114.119.188.73

200 OK

4.7 kB

URL HTTP/1.1
fanaticaviation.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.11
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
ASCII text, with very long lines (11272)
Size
4.7 kB (4662 bytes)
Hash
80712bcce465dea429e6ff1e5c35bbc1
daff29755ee729dbeb0d30c93570f1fc9b673972
f444c094422ff2d56c4f52a022881e68e1f07d567e0fb3969f80259452995f8f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=5.5.11 HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:29 GMT
Server: Apache/2
Last-Modified: Fri, 16 Apr 2021 00:09:12 GMT
ETag: "3795-5c00bca2a1206-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4662
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: application/javascript

fanaticaviation.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

114.119.188.73

200 OK

34 kB

URL HTTP/1.1
fanaticaviation.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
ASCII text, with very long lines (31997)
Size
34 kB (33776 bytes)
Hash
acf54950dfb2d6981e941d733b377591
340de686aecd9e6246a32c71e7de63ed69229ceb
d97f66caea5260bc71609f0da43ac0d937ecc09253910e5dda4c9fe4dbde20fc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:29 GMT
Server: Apache/2
Last-Modified: Tue, 06 Oct 2020 09:42:41 GMT
ETag: "17a69-5b0fd6b927769-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 33776
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: application/javascript

fanaticaviation.com/wp-content/plugins/sydney-toolbox/js/main.js?ver=20200504

114.119.188.73

200 OK

1.2 kB

URL HTTP/1.1
fanaticaviation.com/wp-content/plugins/sydney-toolbox/js/main.js?ver=20200504
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
ASCII text
Size
1.2 kB (1189 bytes)
Hash
78faa9c3ca5ff66fae4427130191b305
1db8e245092576ccb7bb7783518389d341f25f43
ee125d377d4c6089b8ff49cd74923afdb1ebbc7866b2bbb9c4a84e17821816b5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/sydney-toolbox/js/main.js?ver=20200504 HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:29 GMT
Server: Apache/2
Last-Modified: Tue, 06 Oct 2020 10:15:56 GMT
ETag: "f95-5b0fde27eb8f1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1189
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript

fanaticaviation.com/wp-content/themes/sydney/js/elementor.js?ver=20200504

114.119.188.73

200 OK

756 B

URL HTTP/1.1
fanaticaviation.com/wp-content/themes/sydney/js/elementor.js?ver=20200504
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
ASCII text, with CRLF line terminators
Size
756 B (756 bytes)
Hash
7ea84206a5e0861422cbc572fa5393f6
1fb82a57b4ca6e5501e17034abdfb31e79034654
f04e84fe1cbfa770eecd28761356afb00b38d90ce8a9e0000b0470f01ef46983

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/sydney/js/elementor.js?ver=20200504 HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:29 GMT
Server: Apache/2
Last-Modified: Tue, 06 Oct 2020 10:15:13 GMT
ETag: "a4a-5b0fddff2205e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 756
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript

fanaticaviation.com/wp-content/themes/sydney/js/scripts.js?ver=5.5.11

114.119.188.73

200 OK

21 kB

URL HTTP/1.1
fanaticaviation.com/wp-content/themes/sydney/js/scripts.js?ver=5.5.11
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
ASCII text, with very long lines (25403)
Size
21 kB (20708 bytes)
Hash
73758bb181af2eea5c793ea21bc61daa
a652ca303e2c6554ac7b23e7bf2e1386b8d35144
57e061f018bebc72e1d677cee95e35605dab836563a654c40c111fbe24d6ccc3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/sydney/js/scripts.js?ver=5.5.11 HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:29 GMT
Server: Apache/2
Last-Modified: Tue, 06 Oct 2020 10:15:13 GMT
ETag: "122e8-5b0fddff2188e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 20708
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript

firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1673635037704&_since=%221666204638208%22

35.241.9.150

200 OK

9.8 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1673635037704&_since=%221666204638208%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (9775), with no line terminators
Size
9.8 kB (9775 bytes)
Hash
6f2d8cd4024a78fe517073a4b5f0b53e
9f726c87b8fdff155bd8d318a7f5aa9266e7d631
59bda788c6ba08ac6e4ba6be463d22700365cab5fe8e0c41d2779b311240245b

HTTP Headers

GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1673635037704&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 9775
via: 1.1 google
date: Sun, 15 Jan 2023 04:39:07 GMT
age: 3503
last-modified: Fri, 13 Jan 2023 18:37:17 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

fanaticaviation.com/wp-content/themes/sydney/js/main.js?ver=20200504

114.119.188.73

200 OK

3.3 kB

URL HTTP/1.1
fanaticaviation.com/wp-content/themes/sydney/js/main.js?ver=20200504
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
ASCII text, with very long lines (389), with CRLF line terminators
Size
3.3 kB (3289 bytes)
Hash
b13b520e91dcdc4e7c4b2491e9ef7ca3
87885a113761337f4817ef46098fd9ae1c87e8d3
0b15c4e32dbbd94149be4559b06567dd0d79706699a0d36946470e7a90f0b91f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/sydney/js/main.js?ver=20200504 HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:29 GMT
Server: Apache/2
Last-Modified: Tue, 06 Oct 2020 10:15:13 GMT
ETag: "2c70-5b0fddff2205e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3289
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript

fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.11

142.250.74.106

200 OK

6.9 kB

URL HTTP/2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.11
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
6.9 kB (6891 bytes)
Hash
3f4a58ae40a00b8881fece7e236c563a
c44ad91b1e1aae94f06fba1aa72523b81a7841d0
288ca9620830cf8657daca2b97efd5633c635513754800e43604f1ce9c6f62ba

HTTP Headers

GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.11 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fanaticaviation.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 15 Jan 2023 05:37:29 GMT
date: Sun, 15 Jan 2023 05:37:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 15 Jan 2023 04:48:58 GMT
content-type: application/json
age: 2912
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f3713ddf19b0894638e65640db650bf6
4002520929448b62224b84b2e585aed62801fb99
544716af787a5de72ce54d0b2d9e1083260643d8a67b251553bb35443862a570

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544716AF787A5DE72CE54D0B2D9E1083260643D8A67B251553BB35443862A570"
Last-Modified: Sat, 14 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10856
Expires: Sun, 15 Jan 2023 08:38:26 GMT
Date: Sun, 15 Jan 2023 05:37:30 GMT
Connection: keep-alive

fanaticaviation.com/wp-includes/js/wp-embed.min.js?ver=5.5.11

114.119.188.73

200 OK

765 B

URL HTTP/1.1
fanaticaviation.com/wp-includes/js/wp-embed.min.js?ver=5.5.11
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
ASCII text, with very long lines (1391)
Size
765 B (765 bytes)
Hash
fe875afb236ee8f0d50040fe58d848d4
e6b1b67093b429c95d5b9db07a7eba39e02cf0e5
328a6a072b91134f2802ae25e070f38ff156ceee2c6ec6a6253ae4b27af73b49

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-embed.min.js?ver=5.5.11 HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:30 GMT
Server: Apache/2
Last-Modified: Fri, 16 Apr 2021 00:09:12 GMT
ETag: "592-5c00bca2b9c8f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 765
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: application/javascript

fanaticaviation.com/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4

114.119.188.73

200 OK

2.5 kB

URL HTTP/1.1
fanaticaviation.com/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
ASCII text, with very long lines (6217)
Size
2.5 kB (2469 bytes)
Hash
345eddc9208f95b5c31d7b05a3c992c4
5b7ad24a190e2e30d7b9a652fe108ae5ad5ab519
c20344e9e062bac0da53cbe32cfbef8c34ee5f4142cfaac85ee6415e334de614

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/ui/position.min.js?ver=1.11.4 HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:30 GMT
Server: Apache/2
Last-Modified: Fri, 16 Apr 2021 00:09:12 GMT
ETag: "1926-5c00bca2f422a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2469
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: application/javascript

fanaticaviation.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1

114.119.188.73

200 OK

3.5 kB

URL HTTP/1.1
fanaticaviation.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
ASCII text, with very long lines (10725)
Size
3.5 kB (3510 bytes)
Hash
7cfd02f91cb9e6033a4c4f712d90e6c7
b7da7a7aac93f699cb245b50b0c4449cad5036f2
397327e595ffa0aadde96cdac849edd1db5ef2f5a956f5e33876ce70f4d1ac26

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1 HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:30 GMT
Server: Apache/2
Last-Modified: Wed, 21 Oct 2020 06:53:36 GMT
ETag: "2a6f-5b228ce80c131-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3510
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: application/javascript

fanaticaviation.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

114.119.188.73

200 OK

3.0 kB

URL HTTP/1.1
fanaticaviation.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
ASCII text, with very long lines (12198), with no line terminators
Size
3.0 kB (2993 bytes)
Hash
cfea3c51880820f2962a7773fbc864f9
45aa7ddc9b0c4201097d0df36791ab346470b734
12296ac9ef200103f8eea198a2bcd92692119dacece39538499758a0349035fb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:30 GMT
Server: Apache/2
Last-Modified: Wed, 21 Oct 2020 06:53:36 GMT
ETag: "2fa6-5b228ce80dc89-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2993
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: application/javascript

firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin

34.111.73.144

200 OK

807 kB

URL HTTP/2
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
IP
34.111.73.144:0
ASN
#15169 GOOGLE

File type
data
Size
807 kB (807180 bytes)
Hash
914be443bdfbe8a1c3ded61e1c114bd6
4fe7c5ff83f6a29e6699f4cebc17550891504661
41b036d0c889509d547296b238027a063c313261ad52d5f7bb81922011791857

HTTP Headers

GET /staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: UOg71bpVrYdrwOM4AoLCWcWU77SWj5UEl+TKwur2PgaSEHC8JMlGrhPzVu3H1NNxD8c2rfhdgNs=
x-amz-request-id: SFZVW17EWEJKVS5Z
x-amz-version-id: K1ODzappZsD35qeu0OM5zvs_BP1eybj7
accept-ranges: bytes
server: AmazonS3
content-length: 807180
via: 1.1 google
date: Tue, 10 Jan 2023 12:41:58 GMT
last-modified: Tue, 10 Jan 2023 12:38:46 GMT
etag: "914be443bdfbe8a1c3ded61e1c114bd6"
content-type: application/octet-stream
age: 406532
cache-control: public,max-age=604800
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1673740864288&_since=%221666483264567%22

35.241.9.150

200 OK

55 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1673740864288&_since=%221666483264567%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (55161), with no line terminators
Size
55 kB (55161 bytes)
Hash
360b3f5ed499908d68270577778efd1e
4a1e77e02bd6a8b2608de2af9483bdb7be98e0f3
f2ca5eb230a86556c6549fda9809c883dcd6f5d57ef9f717ddea686a9c92754e

HTTP Headers

GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1673740864288&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 55161
via: 1.1 google
date: Sun, 15 Jan 2023 04:57:13 GMT
age: 2417
last-modified: Sun, 15 Jan 2023 00:01:04 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

fanaticaviation.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.0.12

114.119.188.73

200 OK

18 kB

URL HTTP/1.1
fanaticaviation.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.0.12
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
Unicode text, UTF-8 text, with very long lines (47304), with LF, NEL line terminators
Size
18 kB (18084 bytes)
Hash
83e1a786e2c0042c547a1aa5fa00c6f1
cbfb35cd825eb4ea21cad7d9f6a0c0ae19efde6f
8857f14ec69161f8f025ef527869daa18bee78fc8512d8ba89e073f533233ea4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.0.12 HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:30 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 21 Oct 2020 06:53:37 GMT
ETag: "fa7a-5b228ce8f24d5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 18084
Keep-Alive: timeout=2, max=100
Content-Type: application/javascript

fanaticaviation.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.0.12

114.119.188.73

200 OK

1.1 kB

URL HTTP/1.1
fanaticaviation.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.0.12
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
ASCII text, with very long lines (2577)
Size
1.1 kB (1099 bytes)
Hash
71a6972e79bfdcc72ffc068e6e845a23
0e37b7f3c6252f6701998fa0e2e1b555b4804a97
dc7dbf2f94f1c49a262b4be428f54349805cfa2841806bc8d691fda13b82e90f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.0.12 HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:30 GMT
Server: Apache/2
Last-Modified: Wed, 21 Oct 2020 06:53:36 GMT
ETag: "a12-5b228ce80c131-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1099
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: application/javascript

firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258

35.241.9.150

200 OK

682 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (682), with no line terminators
Size
682 B (682 bytes)
Hash
668f51f448163fe951f3449c028bfd40
8d624c9419b30c8be7f62724ccd6095f7c4794ef
f3feec2c60186018c18cfcd262d851e35223e8285139c96a89335bb473972395

HTTP Headers

GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 682
via: 1.1 google
date: Sun, 15 Jan 2023 05:22:40 GMT
age: 890
last-modified: Fri, 13 Jan 2023 16:36:53 GMT
etag: "1673627813356"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22

35.241.9.150

200 OK

934 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (934), with no line terminators
Size
934 B (934 bytes)
Hash
20b9199d0871aa8d1f02e09fc0de6a48
874015ed48e4ccc4d1d3dc4a979d50eaeb059d8c
07214176412ea5e83b5be84ca1d401061fac8b20275e2ee7da3189de2fdba7ed

HTTP Headers

GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 934
via: 1.1 google
date: Sun, 15 Jan 2023 04:48:35 GMT
age: 2935
last-modified: Fri, 13 Jan 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

fanaticaviation.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.9.1

114.119.188.73

200 OK

3.5 kB

URL HTTP/1.1
fanaticaviation.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.9.1
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
ASCII text, with very long lines (16591)
Size
3.5 kB (3478 bytes)
Hash
049fef4884cab9115d2cad4d2a8d10be
a637bb42c5778b3df7b81658cab981d55012ae96
e4a98b1db9ce04b42cca38c6a32815d793182d7a3bbaf2bc75ecca36273742b1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.9.1 HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:30 GMT
Server: Apache/2
Last-Modified: Wed, 21 Oct 2020 06:53:36 GMT
ETag: "40fc-5b228ce80b961-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3478
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: text/css

fanaticaviation.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6

114.119.188.73

200 OK

36 kB

URL HTTP/1.1
fanaticaviation.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
ASCII text, with very long lines (65280)
Size
36 kB (35491 bytes)
Hash
f2f239cb6e82311cd197aa5888632811
e2376a981fa3bf8e7e36e86b979f3a3ea6443d29
c4ceac2088d1b38f5263c50bdfb2e54ed643186248b3a81c5850214b55336e4d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:30 GMT
Server: Apache/2
Last-Modified: Wed, 21 Oct 2020 06:53:37 GMT
ETag: "21f91-5b228ce893160-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 35491
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: application/javascript

firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1673517253376&_since=%221657747510534%22

35.241.9.150

200 OK

2.1 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1673517253376&_since=%221657747510534%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (2053), with no line terminators
Size
2.1 kB (2053 bytes)
Hash
c9dfad8fb4f66de06991e6a07810fd81
f52da6b70dcdbc23965b701d5814910db2b352f4
809ef846c4956a8fce795fe871cb2d6c5ab2746c1fc3c76c4cd182e4cbf3aded

HTTP Headers

GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1673517253376&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 2053
via: 1.1 google
date: Sun, 15 Jan 2023 04:57:14 GMT
age: 2416
last-modified: Thu, 12 Jan 2023 09:54:13 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22

35.241.9.150

200 OK

1.5 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (1506), with no line terminators
Size
1.5 kB (1506 bytes)
Hash
04e8681bd37cd9936118efcc4f31393e
c4fc04440eaabf9fd6cbb8fa329e3613c20f4af9
c30333d7ffeb2568b19b0574dfe60261a7fe5920b8cf8f3309928638dad4007c

HTTP Headers

GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1506
via: 1.1 google
date: Sun, 15 Jan 2023 05:22:12 GMT
age: 918
last-modified: Wed, 11 Jan 2023 16:36:47 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

fanaticaviation.com/wp-content/uploads/elementor/css/post-651.css?ver=1627200311

114.119.188.73

200 OK

332 B

URL HTTP/1.1
fanaticaviation.com/wp-content/uploads/elementor/css/post-651.css?ver=1627200311
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
ASCII text, with very long lines (948), with no line terminators
Size
332 B (332 bytes)
Hash
373efbe03c6dc8a1ee27791f5ee11703
44d43895b652d475218181ccc1c579bdaa23e069
daecbaa7d60ef22ea94a8d146e4bde8d614607caad2e7d966bd22c22d3b132ed

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-651.css?ver=1627200311 HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:30 GMT
Server: Apache/2
Last-Modified: Sun, 25 Jul 2021 08:05:11 GMT
ETag: "3b4-5c7ee188d0d4f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 332
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: text/css

firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1672778333687&_since=%221661199949574%22

35.241.9.150

200 OK

15 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1672778333687&_since=%221661199949574%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (15184), with no line terminators
Size
15 kB (15184 bytes)
Hash
916d3ce5150a0223e7fa70a174231ae0
885d48d877af9ff31a0af142664d9716f25e816a
8e75c22521885eeab98b4cd6aae8bc2ebff94e3e5c45b4e8a0c6869e376a7e93

HTTP Headers

GET /v1/buckets/main/collections/search-config/changeset?_expected=1672778333687&_since=%221661199949574%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 15184
via: 1.1 google
date: Sun, 15 Jan 2023 04:54:12 GMT
age: 2598
last-modified: Wed, 11 Jan 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

fanaticaviation.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.0.12

114.119.188.73

200 OK

16 kB

URL HTTP/1.1
fanaticaviation.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.0.12
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
ASCII text, with very long lines (65496)
Size
16 kB (15888 bytes)
Hash
8ad20cd3a0308ffb63675582336237c7
9c2280bc0096db778f577b345aff07eaddc25f96
d44f3f0751080e5c34018811d0083dbd808ad310f0dd7e3d8bcfa054f1dc956c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.0.12 HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:30 GMT
Server: Apache/2
Last-Modified: Wed, 21 Oct 2020 06:53:37 GMT
ETag: "1b655-5b228ce954efa-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 15888
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/css

fanaticaviation.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.0.12

114.119.188.73

200 OK

32 kB

URL HTTP/1.1
fanaticaviation.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.0.12
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
Unicode text, UTF-8 text, with very long lines (47239), with LF, NEL line terminators
Size
32 kB (31706 bytes)
Hash
17b3ad5c59c32931aeab302845d7aa80
e2c0115e37f3ad741922040ac30519619bd476df
effba2500ff6df39a8930f43bbef2dc6b08a969025255ddb256a1d63ff2e57ca

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.0.12 HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:30 GMT
Server: Apache/2
Last-Modified: Wed, 21 Oct 2020 06:53:37 GMT
ETag: "1d586-5b228ce923218-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 31706
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: application/javascript

fanaticaviation.com/wp-content/themes/sydney/style.css?ver=20200129

114.119.188.73

200 OK

17 kB

URL HTTP/1.1
fanaticaviation.com/wp-content/themes/sydney/style.css?ver=20200129
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
ASCII text, with very long lines (492)
Size
17 kB (16799 bytes)
Hash
ddb0f8da7793e26cab2e718b31ed2786
9c7ba51bebacf8f0921e71866bb70de9be0b273c
7eb0bcb43b637fcd9f7004269eb85884057ccf35daaebb5482c65760ed3f5fb0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/sydney/style.css?ver=20200129 HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:30 GMT
Server: Apache/2
Last-Modified: Tue, 06 Oct 2020 10:15:13 GMT
ETag: "1645d-5b0fddfef74c4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 16799
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: text/css

firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22

35.241.9.150

200 OK

1.3 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (1250), with no line terminators
Size
1.3 kB (1250 bytes)
Hash
f4bfc548895b7182bf7479e2a17a4cf4
dd58abaf2c8724d3d7c86153600d7465f7520745
f16866ca809fa1496147b014c5d7bb4d98b6909897ffe29ee5deebfbd5336011

HTTP Headers

GET /v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1250
via: 1.1 google
date: Sun, 15 Jan 2023 05:23:26 GMT
age: 844
last-modified: Mon, 09 Jan 2023 13:18:42 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: D/3qv+BKb4Hm9amg2mVX+Oq0jBm1eUV58GIgCNwEYVucE5Mgy9LwRtpURgJsjOQjCYFdxpmei43CsNB11oDK8g==
x-amz-request-id: EP3KEWR0Z88QMSPY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 15 Jan 2023 05:18:35 GMT
age: 1135
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22

35.241.9.150

200 OK

1.7 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (1719), with no line terminators
Size
1.7 kB (1719 bytes)
Hash
5dcc9284583dc7197138f26e818425b2
228e5cb98f175f44dea8f1c858b6621c58f74293
299aa567ad2af0eec26fe9011e6182b1e143a2f9937cfc0b006dbec621e2ea2d

HTTP Headers

GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1719
via: 1.1 google
date: Sun, 15 Jan 2023 04:32:21 GMT
age: 3909
last-modified: Sun, 08 Jan 2023 16:36:45 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 05:37:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 05:37:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

142.250.74.35

200 OK

46 kB

URL HTTP/2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Size
46 kB (46524 bytes)
Hash
c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

HTTP Headers

GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://fanaticaviation.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 09 Jan 2023 21:08:54 GMT
expires: Tue, 09 Jan 2024 21:08:54 GMT
cache-control: public, max-age=31536000
age: 462517
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 05:37:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fanaticaviation.com/wp-content/uploads/2020/10/Untitled.png

114.119.188.73

200 OK

52 kB

URL HTTP/1.1
fanaticaviation.com/wp-content/uploads/2020/10/Untitled.png
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
PNG image data, 809 x 286, 8-bit/color RGBA, non-interlaced\012- data
Size
52 kB (51533 bytes)
Hash
6f076f8d85491336b869aac64c9e17ae
aecee43133fa0c9e18203320dfe93ed5d567fcd5
aeba739947186b1df808da5b1610d76d872200f31a283dd2275b9eb6243aac4b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/10/Untitled.png HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:31 GMT
Server: Apache/2
Last-Modified: Wed, 21 Oct 2020 06:52:21 GMT
ETag: "c94d-5b228ca0f654d"
Accept-Ranges: bytes
Content-Length: 51533
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: image/png

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2187
Expires: Sun, 15 Jan 2023 06:13:58 GMT
Date: Sun, 15 Jan 2023 05:37:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2187
Expires: Sun, 15 Jan 2023 06:13:58 GMT
Date: Sun, 15 Jan 2023 05:37:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2187
Expires: Sun, 15 Jan 2023 06:13:58 GMT
Date: Sun, 15 Jan 2023 05:37:31 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcab30cec-aee2-45fb-abc6-f5fa756655b4.jpeg

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcab30cec-aee2-45fb-abc6-f5fa756655b4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9382 bytes)
Hash
7f0683862b6f86f1dbf71a69968174df
76d87452f0944626196eb7fa54492e5a3eaaa3b0
d2ae2476f0b8b00c7ce4c11c24c3d558ac76fec3ea430d510ca024dd8f1b037a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcab30cec-aee2-45fb-abc6-f5fa756655b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9382
x-amzn-requestid: 6bae45b6-032c-497b-a7a3-0743c3eb3a14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: euKqYGTvIAMF84Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c257db-57ece8ea4d49061f66ec695c;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 07:20:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: C7I0evRddZnsbwSpYsBF1jWyES_DWsUayIv2qYpX6ZY2PBtbl0tt1g==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 12:05:46 GMT
age: 63105
etag: "76d87452f0944626196eb7fa54492e5a3eaaa3b0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6eabf5f-7d91-476e-9896-3162652163aa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.5 kB (5463 bytes)
Hash
9365e4ddb0fa0d3f6dbdec98433e02a9
a9e0dc338dabcdebb33b35a162b0fb6950b31ddb
cbe4cdf59e5a2f7433485637c88c3fba9c022de1c7559e42ceb9a2c8a872fd21

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6eabf5f-7d91-476e-9896-3162652163aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5463
x-amzn-requestid: 5e0c891d-c5f0-48a9-8f69-6ca2290039b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ejsaSEHpoAMFW6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63be2774-55e5f2937d688fb00a12d61b;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 03:05:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Feucn9ZUPUt4-pK95m7prVHR5OhBzEuYo4CHMvwqSyHEiRfHpz-25A==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:51:08 GMT
age: 27983
etag: "a9e0dc338dabcdebb33b35a162b0fb6950b31ddb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9539 bytes)
Hash
a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: eb427fd6-c342-4a22-af45-ecc528cf4a8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: epfDqEAZIAMFudQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0787d-4f61ecd2422081224869da76;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 21:15:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RRMRT2BC5p1x0Vh20ut0Kjbz2mnaNToUIbzIg9oczduvzYCckvFORA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 12:46:14 GMT
age: 60677
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22bc3d9c-c641-44bc-8984-14b267d61d21.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10853 bytes)
Hash
15d27349999654cef859ce88c7667481
9fff393bf1bfa3b7343f38377e8c8ba62f1c0330
86cb634ee11bcffc4f3ee27a2296391ef30db42fad0ff4175e972f326874f0a3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22bc3d9c-c641-44bc-8984-14b267d61d21.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10853
x-amzn-requestid: 4c222ab3-cccb-47d4-807f-414e2260915d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enKKoGmNoAMF6QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf8a43-3b8bfa6343396d0e72695658;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 04:19:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Sa7Ga2ul0S-_xwpeI_7RmvQKmNxwiwBRi7FFDwsIE2vYlogEe75zJA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 07:57:22 GMT
age: 78009
etag: "9fff393bf1bfa3b7343f38377e8c8ba62f1c0330"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d821e79-af3a-4b67-a79e-90cdf9701001.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11285 bytes)
Hash
91a664271b9042ab5a34c1259df6ab93
7ce177939ceed31dbe137996cace3f71eaab3cf4
08b872b4c8dc8d4b5e26d7c5e7985c144dcf45623737e6daf7813b2add8ab013

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d821e79-af3a-4b67-a79e-90cdf9701001.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11285
x-amzn-requestid: 46c0b124-5916-4067-99af-2fa9812dfb2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ev-1zHc4oAMFV6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c311be-3ffbee9348f4351459ed0099;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 20:34:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8FcfGYx-mcEZzF4IoADT5iGnf0vTk2cACE4nseVdonXHBXOSno9vQw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 04:27:28 GMT
age: 4203
etag: "7ce177939ceed31dbe137996cace3f71eaab3cf4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4f9b18a-acad-4584-bb09-000347f67b75.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7079 bytes)
Hash
63e6563cf37af474836f8d5d65cd2d0b
c2ad9366f32832bf2799f265683476713059e786
2d393d9ca4a3f4687b918bc2de654453a4fd3a5030da7322db97718905e1fbf9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4f9b18a-acad-4584-bb09-000347f67b75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7079
x-amzn-requestid: f8028d2a-bd1f-4b69-bec7-9c513d3b88b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etJfhESAIAMFRZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ef96-1c775bca6c8d1177720a5c0b;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 23:56:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6xA3ZxZHK9FxC5Uaji00Wsl_4mcNs-YElxNb0gGw6RRucCdkgKue_w==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 07:17:03 GMT
age: 80428
etag: "c2ad9366f32832bf2799f265683476713059e786"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fanaticaviation.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2

114.119.188.73

200 OK

76 kB

URL HTTP/1.1
fanaticaviation.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
Web Open Font Format (Version 2), TrueType, length 76084, version 330.-16253\012- data
Size
76 kB (76084 bytes)
Hash
f6121be597a72928f54e7ab5b95512a1
b2c74520c3f506efbfefca867918e5ae28bd5222
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://fanaticaviation.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.12.0

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:31 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 21 Oct 2020 06:53:36 GMT
ETag: "12934-5b228ce83a763"
Accept-Ranges: bytes
Content-Length: 76084
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=2, max=100

fanaticaviation.com/wp-content/uploads/2020/10/95C8B81F-710F-4272-831A-CDFA0D993B3A-scaled.jpg

114.119.188.73

200 OK

609 kB

URL HTTP/1.1
fanaticaviation.com/wp-content/uploads/2020/10/95C8B81F-710F-4272-831A-CDFA0D993B3A-scaled.jpg
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 2560x1706, components 3\012- data
Size
609 kB (609389 bytes)
Hash
c5b1273c52e8417665277910817139e0
af3ffb09ff19cfb05a03f2357e650b5f8bd47d4c
834b69b7dc1633acb828852a8200abd20b4b4879f3e686a98685cb7e0aea971f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/10/95C8B81F-710F-4272-831A-CDFA0D993B3A-scaled.jpg HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:31 GMT
Server: Apache/2
Last-Modified: Wed, 28 Oct 2020 04:25:12 GMT
ETag: "94c6d-5b2b38ca4a622"
Accept-Ranges: bytes
Content-Length: 609389
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

fanaticaviation.com/wp-content/uploads/2020/10/S__22880268-5.jpg

114.119.188.73

200 OK

348 kB

URL HTTP/1.1
fanaticaviation.com/wp-content/uploads/2020/10/S__22880268-5.jpg
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left], baseline, precision 8, 1568x1044, components 3\012- data
Size
348 kB (347820 bytes)
Hash
42d5648e29c3501391e85368c0bafcc7
cd92d6f32c0c81d05d5ef76a4245c77fcc8a3475
5b89b31d977b1860686231b5751bf8cc1e589ed7e2a2f087e629b562dca90c03

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/10/S__22880268-5.jpg HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/wp-content/uploads/elementor/css/post-13.css?ver=1603860468

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:31 GMT
Server: Apache/2
Last-Modified: Wed, 28 Oct 2020 04:39:35 GMT
ETag: "54eac-5b2b3c01c92e6"
Accept-Ranges: bytes
Content-Length: 347820
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

fanaticaviation.com/wp-content/uploads/2020/10/S__22880263.jpg

114.119.188.73

200 OK

452 kB

URL HTTP/1.1
fanaticaviation.com/wp-content/uploads/2020/10/S__22880263.jpg
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left], baseline, precision 8, 1568x1044, components 3\012- data
Size
452 kB (451605 bytes)
Hash
e0cec5470fc187b3b97805ec470f5400
36dc83fa0132e0a783ad298d613bc66e67c49e00
f57b36975d5219c71224cd2fd34f01d4004c38aa3b4a4a3812d21e41198c12a2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/10/S__22880263.jpg HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/wp-content/uploads/elementor/css/post-13.css?ver=1603860468

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:31 GMT
Server: Apache/2
Last-Modified: Wed, 28 Oct 2020 04:36:23 GMT
ETag: "6e415-5b2b3b4a500de"
Accept-Ranges: bytes
Content-Length: 451605
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

fanaticaviation.com/wp-content/uploads/2020/10/S__22880266-2.jpg

114.119.188.73

200 OK

228 kB

URL HTTP/1.1
fanaticaviation.com/wp-content/uploads/2020/10/S__22880266-2.jpg
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6], baseline, precision 8, 1505x1017, components 3\012- data
Size
228 kB (227491 bytes)
Hash
2aad67f7c019b217c5be7343f3932d74
dd850993fe598db232730ccfc7746a43ba489f00
e40c42658bce81d160a87a2133f0cc6fad0724386999a23a981c414b1598944f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/10/S__22880266-2.jpg HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/wp-content/uploads/elementor/css/post-13.css?ver=1603860468

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:31 GMT
Server: Apache/2
Last-Modified: Wed, 14 Oct 2020 03:27:18 GMT
ETag: "378a3-5b1991bcfd131"
Accept-Ranges: bytes
Content-Length: 227491
Keep-Alive: timeout=2, max=94
Connection: Keep-Alive
Content-Type: image/jpeg

fanaticaviation.com/wp-content/uploads/2020/10/S__22880267.jpg

114.119.188.73

200 OK

317 kB

URL HTTP/1.1
fanaticaviation.com/wp-content/uploads/2020/10/S__22880267.jpg
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left], baseline, precision 8, 1568x1044, components 3\012- data
Size
317 kB (316551 bytes)
Hash
422a3eb3cf3938f8b69cc5c5b26745dd
79e5a0843fcf99d7b0ec39e6ca8f74acf005e0f4
bb2091268fbe64ee29e8dc0c381da1d28d2cf59bcbd4e65bbf70d12bc92c8ca4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/10/S__22880267.jpg HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/wp-content/uploads/elementor/css/post-13.css?ver=1603860468

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:31 GMT
Server: Apache/2
Last-Modified: Wed, 14 Oct 2020 03:36:52 GMT
ETag: "4d487-5b1993e0ef0e2"
Accept-Ranges: bytes
Content-Length: 316551
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

fanaticaviation.com/favicon.ico

114.119.188.73

302 Found

0 B

URL HTTP/1.1
fanaticaviation.com/favicon.ico
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fanaticaviation.com/

HTTP/1.1 302 Found
Date: Sun, 15 Jan 2023 05:37:32 GMT
Server: Apache/2
Link: <http://fanaticaviation.com/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Location: http://fanaticaviation.com/wp-includes/images/w-logo-blue-white-bg.png
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

fanaticaviation.com/wp-includes/images/w-logo-blue-white-bg.png

114.119.188.73

200 OK

4.1 kB

URL HTTP/1.1
fanaticaviation.com/wp-includes/images/w-logo-blue-white-bg.png
IP
114.119.188.73:0
ASN
#136907 HUAWEI CLOUDS

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4119 bytes)
Hash
000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: fanaticaviation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://fanaticaviation.com/
Connection: keep-alive

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:37:32 GMT
Server: Apache/2
Last-Modified: Tue, 06 Oct 2020 09:41:46 GMT
ETag: "1017-5b0fd684d11a8"
Accept-Ranges: bytes
Content-Length: 4119
Keep-Alive: timeout=2, max=94
Connection: Keep-Alive
Content-Type: image/png

fonts.googleapis.com/css?family=Raleway%3A400%2C600&subset=latin&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Raleway%3A400%2C600&subset=latin&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Raleway%3A400%2C600&subset=latin&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fanaticaviation.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 15 Jan 2023 05:37:29 GMT
date: Sun, 15 Jan 2023 05:37:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL