Report - www.elevatebooks.com/

Report Overview

Submitted URL
www.elevatebooks.com/
IP
192.254.235.92
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2022-09-28 07:54:19
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	142.250.74.3
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	32 kB	34.120.237.76
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	793 B	1.5 kB	142.250.74.10
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	2.2 kB	93.184.220.29
www.elevatebooks.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	13 MB	192.254.235.92
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.218.159.206
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	472 B	19 kB	142.250.74.163
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	795 B	91 kB	157.240.200.14
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-28	medium	www.elevatebooks.com/	Phishing
2022-09-28	medium	www.elevatebooks.com/wp-content/themes/aurum/style.css?ver=3.14.1	Phishing
2022-09-28	medium	www.elevatebooks.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2	Phishing
2022-09-28	medium	www.elevatebooks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Phishing
2022-09-28	medium	www.elevatebooks.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.5.4	Phishing
2022-09-28	medium	www.elevatebooks.com/wp-content/themes/aurum/assets/js/bootstrap.min.js	Phishing
2022-09-28	medium	www.elevatebooks.com/wp-content/plugins/mailchimp-wp/assets/pagecount.min.js?ver=2.5.4	Phishing
2022-09-28	medium	www.elevatebooks.com/wp-content/themes/aurum/assets/js/TweenMax.min.js	Phishing
2022-09-28	medium	www.elevatebooks.com/wp-content/themes/aurum/assets/css/bootstrap.css?ver=3.14.1	Phishing
2022-09-28	medium	www.elevatebooks.com/	Phishing
2022-09-28	medium	www.elevatebooks.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.5.4	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	www.elevatebooks.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-23
Pretty URL www.elevatebooks.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 192.254.235.92 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-23 17:49:05 Times Seen31796 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	www.elevatebooks.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.5.4	20 kB	2023-03-07	2024-04-17
Pretty URL www.elevatebooks.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.5.4 IP 192.254.235.92 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-17 05:54:00 Times Seen1284 Hash 9d22f9409c43e4abec30c88531a5c5df 277c5fa5e6412254b72c12d4cdbc8a8063c2f854 2c0bcb73a9ca9483f3d74255ce1a77f5fbc491f09a5516929e55b4c38c2e9ecd Loading...

	www.elevatebooks.com/wp-content/themes/aurum/assets/js/bootstrap.min.js	37 kB	2023-03-07	2024-04-23
Pretty URL www.elevatebooks.com/wp-content/themes/aurum/assets/js/bootstrap.min.js IP 192.254.235.92 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-23 18:27:21 Times Seen54496 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	www.elevatebooks.com/wp-content/plugins/mailchimp-wp/assets/pagecount.min.js?ver=2.5.4	236 B	2023-03-07	2024-01-27
Pretty URL www.elevatebooks.com/wp-content/plugins/mailchimp-wp/assets/pagecount.min.js?ver=2.5.4 IP 192.254.235.92 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:39 Last Seen2024-01-27 02:09:05 Times Seen28 Hash 9b2ee9793d30586cad19b8c6f8fa228b 1636c558a3dd037ce2349ab8fd2441c648c2df6d 5f569cdd89e8fe3c8689502e8441d6288fb87d8d2b85908c8ecea8e13acbbfe1 Loading...

	connect.facebook.net/en_US/sdk.js?hash=31dd8aa6caff68614e3993940341ba69	321 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/en_US/sdk.js?hash=31dd8aa6caff68614e3993940341ba69 IP 157.240.200.14 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:00:44 Last Seen2023-03-08 03:00:58 Times Seen1 Hash 24bca9415512e4a384222904e5cf4fd8 ff9e52d72484aa20d0ba141ea654a823b3363a85 88b78b090d8b90118823ab01b72bd0700361dce62ac60b24dccdcbb2ce634e97 Loading...

	www.elevatebooks.com/wp-content/themes/aurum/assets/js/TweenMax.min.js	115 kB	2023-03-07	2024-04-22
Pretty URL www.elevatebooks.com/wp-content/themes/aurum/assets/js/TweenMax.min.js IP 192.254.235.92 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:40:58 Last Seen2024-04-22 00:08:21 Times Seen207 Hash 4b0d7645edfb6f68c4aa331835960f86 8598fc6507e8948a0f99a61bb1dc345ecc1e1f6f bb58e1784321d9201089afb299ee54bc723bf32145f50816f1a1f96060fc3150 Loading...

	www.elevatebooks.com/	88 B	2023-03-08	2023-03-08
Pretty URL www.elevatebooks.com/ IP 192.254.235.92 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:00:44 Last Seen2023-03-08 03:00:44 Times Seen1 Hash ef1e545b9f179a716992e1298cbb3dcb b6f546d5cbedcf0311b07eb22651cbc84afc2911 908c68d61062a3cdde32a089c81517f5ea93d9098194dd661d696e66c8947366 Loading...

	www.elevatebooks.com/	158 B	2023-03-07	2024-04-22
Pretty URL www.elevatebooks.com/ IP 192.254.235.92 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:53 Last Seen2024-04-22 02:02:22 Times Seen296 Hash 70ca739bdb000a9a1d2cff48d51e4704 cdc874e9b6d5a6a07cf405960b42f6d674230145 69ef44c52b462722da3f52f1837559def3afa4065ed509f3558f4919314c6603 Loading...

	www.elevatebooks.com/	434 B	2023-03-08	2023-12-13
Pretty URL www.elevatebooks.com/ IP 192.254.235.92 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:00:44 Last Seen2023-12-13 15:16:35 Times Seen25 Hash 75e8b6ee7c75cd309aec756c393308f5 316d82801a23ed026a1e91d7d7e4c44022bb1a04 bea4400b042c13371ca683c4e8dce0c8e73d1af3919042c3c3e88f3321fab00e Loading...

	www.elevatebooks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-23
Pretty URL www.elevatebooks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 192.254.235.92 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-23 18:26:49 Times Seen68566 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	www.elevatebooks.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2	19 kB	2023-03-07	2024-04-23
Pretty URL www.elevatebooks.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 IP 192.254.235.92 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-23 17:49:05 Times Seen38026 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	www.elevatebooks.com/wp-content/themes/aurum/assets/js/aurum-custom.min.js?ver=3.14.1	67 kB	2023-03-08	2023-05-04
Pretty URL www.elevatebooks.com/wp-content/themes/aurum/assets/js/aurum-custom.min.js?ver=3.14.1 IP 192.254.235.92 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:00:44 Last Seen2023-05-04 19:02:29 Times Seen18 Hash 6e61a6271db4ae54e57a48fb09ae70cd ada3d5c8129d8e0fbc41d20194430cf602533b1b 7bdb36b95bb410c1e4d1d35a269ac2337e9ea38f6c94f52af750e0bfb6d531f6 Loading...

	www.elevatebooks.com/	2.2 kB	2023-03-08	2023-03-08
Pretty URL www.elevatebooks.com/ IP 192.254.235.92 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:00:44 Last Seen2023-03-08 03:00:44 Times Seen1 Hash 0866585e79c5583185feabda76aedc19 fa0bf4737fbea4b6df60dbc57467ab8846716348 4d265451ada3d78a5914cc2fbc63e3d5f1faa0321f1d4366789ab8a30eeef256 Loading...

	www.elevatebooks.com/	318 B	2023-03-08	2023-03-08
Pretty URL www.elevatebooks.com/ IP 192.254.235.92 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:00:44 Last Seen2023-03-08 03:00:44 Times Seen1 Hash f14c65e3b073d6adb487a1cd98cfdf90 b90e3beb341f8718c1dc6213b1c0a1ff06049a66 747c05db4444e07b492ed712423d3bcdbd4cd2ec7e2a9ef71e2081cec56dac45 Loading...

	connect.facebook.net/en_US/sdk.js#xfbml=1&appId=1847521758837340&version=v2.3	3.1 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/en_US/sdk.js#xfbml=1&appId=1847521758837340&version=v2.3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:00:44 Last Seen2023-03-08 03:00:58 Times Seen1 Hash d460cf0a310681361fc975f9d9a08d92 8a50ee77a40846cd3fbec6a11d9cf81b932ca99a 6d0379fa9b02f9062c4e160093786d2a64aa78b2d4e3c49c950656888359fdf0 Loading...

HTTP Transactions (54)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 07:15:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KFt4_jvitnDXR5V0jS5rscIqIt4IlyFY5XeYKbgllITiHL-556zp0g==
Age: 2308

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5648
Expires: Wed, 28 Sep 2022 09:28:15 GMT
Date: Wed, 28 Sep 2022 07:54:07 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 312RzB8LP8LQ-9keCFab3qBNcEUT41uGzDmanJVyBeCa3McCdzfFIg==
age: 80994
X-Firefox-Spdy: h2

www.elevatebooks.com/

192.254.235.92

301 Moved Permanently

0 B

URL HTTP/1.1
www.elevatebooks.com/
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 28 Sep 2022 07:54:07 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 28 Sep 2022 08:54:03 GMT
Cache-Control: max-age=3600
X-Redirect-By: WordPress
Location: https://www.elevatebooks.com/
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
X-Server-Cache: true
X-Proxy-Cache: HIT

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:54:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 07:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 08:18:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: b6Vqb1B_x4rDbVauGc_C7bKq-J0n5bYDh8RDXQ4Fr-oej9VKwX5SSQ==
Age: 1475

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b83072dc2fe9fc697a06d06ecab19cb
c08e612a40e9180a69fcb57a216ed1855f66470b
226db55827b7283506af7bd6bae0f4b379a188fd37da72b8902c1b2f9416ecae

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "226DB55827B7283506AF7BD6BAE0F4B379A188FD37DA72B8902C1B2F9416ECAE"
Last-Modified: Mon, 26 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 28 Sep 2022 13:54:08 GMT
Date: Wed, 28 Sep 2022 07:54:08 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3393
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:54:08 GMT
Last-Modified: Wed, 28 Sep 2022 06:57:35 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.218.159.206

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.218.159.206:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qeEhqtkkobdqqNIUv63cbg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 77H7L5R4DuQam/vGC/QhN9Ws+t0=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:54:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:54:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:54:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.elevatebooks.com/wp-content/themes/aurum/style.css?ver=3.14.1

192.254.235.92

200 OK

459 B

URL HTTP/2
www.elevatebooks.com/wp-content/themes/aurum/style.css?ver=3.14.1
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with very long lines (611)
Size
459 B (459 bytes)
Hash
dc21da1438944ed868ca724d2e0d93a7
8fed9b099799b2e6badfd3373b7f0e42547063a5
35a4a3435200e2323282492767fcebc6ce6be431eaa1149da8ded888d01b9da3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/aurum/style.css?ver=3.14.1 HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 06 Apr 2022 12:54:55 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 28 Oct 2022 07:54:09 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 459
content-type: text/css
date: Wed, 28 Sep 2022 07:54:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.elevatebooks.com/wp-content/themes/aurum/assets/css/fonts/aurum-icons/font-icons.css

192.254.235.92

200 OK

468 B

URL HTTP/2
www.elevatebooks.com/wp-content/themes/aurum/assets/css/fonts/aurum-icons/font-icons.css
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
468 B (468 bytes)
Hash
cabe693ad427b6dbf17b531910b3228f
cc94b87743d694727e886ed9ecfc0c47dd8edbc6
4176eedd2e53678d3e3ea4314be80d8d43d1cde878b250846db0023e9dd7e65e

HTTP Headers

GET /wp-content/themes/aurum/assets/css/fonts/aurum-icons/font-icons.css HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Oct 2019 12:09:26 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 28 Oct 2022 07:54:09 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 468
content-type: text/css
date: Wed, 28 Sep 2022 07:54:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.elevatebooks.com/wp-content/themes/aurum/assets/css/fonts/font-awesome/css/font-awesome.min.css

192.254.235.92

200 OK

7.1 kB

URL HTTP/2
www.elevatebooks.com/wp-content/themes/aurum/assets/css/fonts/font-awesome/css/font-awesome.min.css
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (30837)
Size
7.1 kB (7114 bytes)
Hash
82a55032c4b614390aea6ef6870d3e90
bb21577feea531540a8d4f27ac3730ffac111e1b
4f068500ef9ef0dbffa5b76ac10f1970a7a9de8ff033f84228971a140eb20069

HTTP Headers

GET /wp-content/themes/aurum/assets/css/fonts/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 30 Jan 2018 07:57:34 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 28 Oct 2022 07:54:09 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 7114
content-type: text/css
date: Wed, 28 Sep 2022 07:54:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.elevatebooks.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2

192.254.235.92

200 OK

17 kB

URL HTTP/2
www.elevatebooks.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (43771)
Size
17 kB (16594 bytes)
Hash
2a67a4888baa44de739f3fe56203ce07
da175eae57f26b655747d79f055477e3fee1abb9
3a4d7627476a0099ca4bcc101685f27de04cb49dd66ef842d72c6cda270599dd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 12 Jul 2022 19:55:35 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 28 Oct 2022 07:54:09 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 16594
content-type: text/css
date: Wed, 28 Sep 2022 07:54:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.elevatebooks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

192.254.235.92

200 OK

4.6 kB

URL HTTP/2
www.elevatebooks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (11126)
Size
4.6 kB (4618 bytes)
Hash
acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 20:36:06 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Wed, 28 Sep 2022 13:54:09 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4618
content-type: application/javascript
date: Wed, 28 Sep 2022 07:54:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.elevatebooks.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2

192.254.235.92

200 OK

5.3 kB

URL HTTP/2
www.elevatebooks.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (15660)
Size
5.3 kB (5321 bytes)
Hash
710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 04 Jul 2022 19:43:08 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Wed, 28 Sep 2022 13:54:09 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 5321
content-type: application/javascript
date: Wed, 28 Sep 2022 07:54:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.elevatebooks.com/wp-content/uploads/2017/01/elevate-logo-hc-small-dark.png

192.254.235.92

200 OK

18 kB

URL HTTP/2
www.elevatebooks.com/wp-content/uploads/2017/01/elevate-logo-hc-small-dark.png
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 200 x 46, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (17698 bytes)
Hash
b36db3e0225142ad35c974aee9b31d03
0a91e15a2735a300cc096e130dd039958a3aa417
3fa687712a80c9d9b5dcaddd2d4d4ad0195fe56e237cac0d66af736542d4ee15

HTTP Headers

GET /wp-content/uploads/2017/01/elevate-logo-hc-small-dark.png HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 31 Jan 2017 23:25:34 GMT
accept-ranges: bytes
content-length: 17698
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 07:54:09 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Wed, 28 Sep 2022 07:54:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.elevatebooks.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.5.4

192.254.235.92

200 OK

7.1 kB

URL HTTP/2
www.elevatebooks.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.5.4
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (19706), with no line terminators
Size
7.1 kB (7131 bytes)
Hash
3224472ff3e8104a9d96d134cb014f26
b59e297dfb8190c7e03018f0715e80e4576334e5
738872ca6c0fa0cbc3cdd1f93f975d398b6aec3a9b07e8573c09a823c9d0f875

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.5.4 HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 13 Dec 2018 20:24:08 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Wed, 28 Sep 2022 13:54:09 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 7131
content-type: application/javascript
date: Wed, 28 Sep 2022 07:54:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.elevatebooks.com/wp-content/themes/aurum/assets/js/bootstrap.min.js

192.254.235.92

200 OK

14 kB

URL HTTP/2
www.elevatebooks.com/wp-content/themes/aurum/assets/js/bootstrap.min.js
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (32033)
Size
14 kB (14394 bytes)
Hash
ad7339964f395566ac9d75903d96b9de
ea5756ab8d399418e0f862a8ff1249df3f77790f
3adfc0a685bd6eee9638948b1085d3db733c75caff8409b7582e356671588491

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/aurum/assets/js/bootstrap.min.js HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 25 Jul 2016 06:51:54 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Wed, 28 Sep 2022 13:54:09 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 14394
content-type: application/javascript
date: Wed, 28 Sep 2022 07:54:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.elevatebooks.com/wp-content/plugins/mailchimp-wp/assets/pagecount.min.js?ver=2.5.4

192.254.235.92

200 OK

173 B

URL HTTP/2
www.elevatebooks.com/wp-content/plugins/mailchimp-wp/assets/pagecount.min.js?ver=2.5.4
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with no line terminators
Size
173 B (173 bytes)
Hash
93837895145ffc1b6ce9261cd1154f07
850877df4daf13386184999dcdca4747df070d84
6249627f3cc9ebcd746d01d9dac31d741af6d39d800be4418f27e9d1f4540d24

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/mailchimp-wp/assets/pagecount.min.js?ver=2.5.4 HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 06 Apr 2022 19:27:35 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Wed, 28 Sep 2022 13:54:09 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 173
content-type: application/javascript
date: Wed, 28 Sep 2022 07:54:09 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3950
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 07:54:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3950
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 07:54:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3950
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 07:54:10 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8480871-279b-49d0-8a83-97fd2e1ef4f1.jpeg

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8480871-279b-49d0-8a83-97fd2e1ef4f1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9304 bytes)
Hash
b97879edd864c4f251a6668c8201095f
28938e97773ac1a51a529e85284d228239641f01
143cd15afadce309b970b525818be68c23fcb2322a66ac915d1dc7418968b6c5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8480871-279b-49d0-8a83-97fd2e1ef4f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9304
x-amzn-requestid: d0045fdc-1e02-4039-9e0e-d3b8b255f205
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1-koF_eoAMFyHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bde1d-1cb029d169ec2b1651b2ac78;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 04:01:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tmb8MRUcU1isHAQcMljVY7nPOgYuSLF6lpNXIkLkFWts3jnH7f7NaQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 06:44:50 GMT
age: 4160
etag: "28938e97773ac1a51a529e85284d228239641f01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40456fc-e6ad-484b-8754-8b2b0e7abc7c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5944 bytes)
Hash
1fa8cb4f4be5057788cd1a2a4d0e76d6
1aec1d67a36867bee8069a144fb1b0d95ff2cb54
5193131db8040ef254554d59109002ec7b8cfc2eab1e872b63e5f65db7cf5105

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40456fc-e6ad-484b-8754-8b2b0e7abc7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5944
x-amzn-requestid: 040b4452-4120-4ae5-9ad2-c5b341abbb13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI34BFdmIAMFmew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cff-103adde82b57535e4f3fb16a;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:37:04 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: q03mXCSikJcsTBGqk1Xq7452EiDz4t9PFbp5Qj4xwobiFgqtPwGCBw==
via: 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 23:06:54 GMT
age: 31636
etag: "1aec1d67a36867bee8069a144fb1b0d95ff2cb54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6157 bytes)
Hash
b255b252ceed088d6f505e7e9acfcb55
a6b1c3e0d506ac1c66405e061e9910fafb176a7d
b796a98834c7ecf220d13bfba61e81a9b90d472d2aa725ff66888cbddad731e7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6157
x-amzn-requestid: a51846e4-4e25-455f-885b-acf2567f2e1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDlObH7XIAMFw6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63314f28-4e6a68a74edb1ad850e17dac;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 07:05:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2g98EnyiFhkZTsqis2_ASfjM-YTJmcUJ-Mwcl1dWlruzrWDuojPA0w==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 07:24:38 GMT
age: 1772
etag: "a6b1c3e0d506ac1c66405e061e9910fafb176a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.elevatebooks.com/wp-content/themes/aurum/assets/js/aurum-custom.min.js?ver=3.14.1

192.254.235.92

200 OK

33 kB

URL HTTP/2
www.elevatebooks.com/wp-content/themes/aurum/assets/js/aurum-custom.min.js?ver=3.14.1
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
data
Size
33 kB (33311 bytes)
Hash
702d3a774bd5a19e84990525a71a8094
48c0a16d70b131d898a4f7d5c0dcdef2926d24cb
c9b847513794c74fc6dfb2c905418b585211da5fafc392b7d60825251a0e245e

HTTP Headers

GET /wp-content/themes/aurum/assets/js/aurum-custom.min.js?ver=3.14.1 HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 25 Nov 2021 08:41:00 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Wed, 28 Sep 2022 13:54:09 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Wed, 28 Sep 2022 07:54:09 GMT
server: Apache
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6721 bytes)
Hash
c4a66beda24621e812a929933c52025d
e951f6b11e473b68d2fdd95b822cef120d37b1eb
28efb1495fdb363cea9ccc6c38f84b2731dbd44dd4dbbe42996fa6fab74e1ce6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6721
x-amzn-requestid: ea4416a4-ffbe-4006-bb09-aa0a70763ab2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xTGNOoAMFXeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-6634cd372bd677227f755769;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TlEcmqE03c_aVOwGbXRCTsU5MOTiUF4C93U3zcIVqzg6NCGJJGup7A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:09:10 GMT
age: 35100
etag: "e951f6b11e473b68d2fdd95b822cef120d37b1eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.elevatebooks.com/wp-content/themes/aurum/assets/js/TweenMax.min.js

192.254.235.92

200 OK

57 kB

URL HTTP/2
www.elevatebooks.com/wp-content/themes/aurum/assets/js/TweenMax.min.js
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
data
Size
57 kB (57105 bytes)
Hash
76e10c50e73cdfb92a46a1084c20b1a6
5b212a9cc90497f68e61bda1ea32a0a93b79c076
22f134504e0e2e5b6682934511cc610c625b492d38e966ee371015b42bf7fb8b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/aurum/assets/js/TweenMax.min.js HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 03 Oct 2017 05:58:52 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Wed, 28 Sep 2022 13:54:09 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Wed, 28 Sep 2022 07:54:09 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/glegoo/v14/_Xmt-HQyrTKWaw25jKOY.woff2

142.250.74.163

200 OK

18 kB

URL HTTP/2
fonts.gstatic.com/s/glegoo/v14/_Xmt-HQyrTKWaw25jKOY.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17604, version 1.0\012- data
Size
18 kB (17604 bytes)
Hash
62c81a99d75b94f68162af8e1bd0dba4
d4eb7798a843838f5782b0fe263524fbcc886dc2
f51cb0f5f4008a03c2432bd3656c09a4be658311e9849e423b1591f52f414f71

HTTP Headers

GET /s/glegoo/v14/_Xmt-HQyrTKWaw25jKOY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.elevatebooks.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 20:09:21 GMT
expires: Tue, 26 Sep 2023 20:09:21 GMT
cache-control: public, max-age=31536000
age: 128689
last-modified: Thu, 21 Apr 2022 17:07:33 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.elevatebooks.com/wp-content/uploads/2022/04/perfomance-cover.jpg

192.254.235.92

200 OK

91 kB

URL HTTP/2
www.elevatebooks.com/wp-content/uploads/2022/04/perfomance-cover.jpg
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 523x781, components 3\012- data
Size
91 kB (91412 bytes)
Hash
bcf7a0afecda51b4f5971f34609a417c
cfd00fba7fc254558f5c6c8e2dd7691e398507b0
c59c280e05c08638f6ef3b690c2eded8c11dcbc84b5a233c087e95253a6a1f5e

HTTP Headers

GET /wp-content/uploads/2022/04/perfomance-cover.jpg HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Cookie: fca_eoi_pagecount=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 08 Apr 2022 11:02:46 GMT
accept-ranges: bytes
content-length: 91412
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 07:54:10 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Wed, 28 Sep 2022 07:54:10 GMT
server: Apache
X-Firefox-Spdy: h2

www.elevatebooks.com/wp-content/uploads/2016/04/Elevate-Your-Energy-2D-Cover.jpg

192.254.235.92

200 OK

66 kB

URL HTTP/2
www.elevatebooks.com/wp-content/uploads/2016/04/Elevate-Your-Energy-2D-Cover.jpg
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 512x768, components 3\012- data
Size
66 kB (65754 bytes)
Hash
882b01f22497acfdc4219060845daa09
41b3e006d8845b8419865c68dc8db0cd39c355d0
3a91f839917908818dddec295b07d76b9ab4fcfc940a095ffaf5d4415dded79c

HTTP Headers

GET /wp-content/uploads/2016/04/Elevate-Your-Energy-2D-Cover.jpg HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Cookie: fca_eoi_pagecount=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 28 Sep 2021 20:50:04 GMT
accept-ranges: bytes
content-length: 65754
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 07:54:10 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Wed, 28 Sep 2022 07:54:10 GMT
server: Apache
X-Firefox-Spdy: h2

www.elevatebooks.com/wp-content/uploads/2016/04/Elevate-Your-Results-2D-Cover.jpg

192.254.235.92

200 OK

76 kB

URL HTTP/2
www.elevatebooks.com/wp-content/uploads/2016/04/Elevate-Your-Results-2D-Cover.jpg
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 511x768, components 3\012- data
Size
76 kB (75841 bytes)
Hash
8e72571e0f646a5385e3233ff1baa9a0
bc6c7c4b81f6f1048dc9aa383f48de640c9c33b4
71790ee61587fcffbf4b2535561d86e41cf3738ebdfd66d06b05745dc9704096

HTTP Headers

GET /wp-content/uploads/2016/04/Elevate-Your-Results-2D-Cover.jpg HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Cookie: fca_eoi_pagecount=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 28 Sep 2021 20:50:06 GMT
accept-ranges: bytes
content-length: 75841
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 07:54:10 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Wed, 28 Sep 2022 07:54:10 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fd9c95c1c24789f4041887b11468ab7e
bf202eeda47e79ac15d77325a02a1206bec63dcb
86f005e634685a4eb89dd87735b4cc0d91163be2912c470a529f0eb223531dbf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1889
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:54:11 GMT
Last-Modified: Wed, 28 Sep 2022 07:22:42 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/sdk.js

157.240.200.14

200 OK

1.7 kB

URL HTTP/2
connect.facebook.net/en_US/sdk.js
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (1961)
Size
1.7 kB (1687 bytes)
Hash
8c340363f14511d6c7346ca55ec9aa89
bb754c8cd9284c80721e48f46ec439f361c8cc1e
0d85aaaebd31528394f59296b08399a0b921638581fcf953c3ed8bd4b8f9f88d

HTTP Headers

GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: d460cf0a310681361fc975f9d9a08d92
etag: "b5e9a83648d8ce038b467cc9907a046a"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 28 Sep 2022 08:04:31 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: jDQDY/FFEdbHNGylXsmqiQ==
x-fb-debug: DaKu8PwMBkvCLcR/Vpyclb4+AjDzSj0HLkueBDuWgXO91fWW4BnMmhQLUP/fEMZlSLLiujQeHo09Q2OSTIDDYw==
content-length: 1687
x-fb-trip-id: 1679558926
date: Wed, 28 Sep 2022 07:54:11 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fd9c95c1c24789f4041887b11468ab7e
bf202eeda47e79ac15d77325a02a1206bec63dcb
86f005e634685a4eb89dd87735b4cc0d91163be2912c470a529f0eb223531dbf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1889
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:54:11 GMT
Last-Modified: Wed, 28 Sep 2022 07:22:42 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

www.elevatebooks.com/wp-content/uploads/2018/10/Multi-author-cover.png

192.254.235.92

200 OK

308 kB

URL HTTP/2
www.elevatebooks.com/wp-content/uploads/2018/10/Multi-author-cover.png
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 541 x 810, 8-bit/color RGBA, non-interlaced\012- data
Size
308 kB (307835 bytes)
Hash
6059f73f1cd69a694bfa2972d27be050
8a9739ccd080126ae505562d5c1282a6b265698c
16b739cd2b3833affb58bc330a78d0f254fb42ce9c28484912e5ca3b4db3b2ab

HTTP Headers

GET /wp-content/uploads/2018/10/Multi-author-cover.png HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Cookie: fca_eoi_pagecount=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 10 Oct 2018 17:39:16 GMT
accept-ranges: bytes
content-length: 307835
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 07:54:10 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Wed, 28 Sep 2022 07:54:10 GMT
server: Apache
X-Firefox-Spdy: h2

connect.facebook.net/en_US/sdk.js?hash=31dd8aa6caff68614e3993940341ba69

157.240.200.14

200 OK

87 kB

URL HTTP/2
connect.facebook.net/en_US/sdk.js?hash=31dd8aa6caff68614e3993940341ba69
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (13260)
Size
87 kB (87369 bytes)
Hash
51d54f8f4d8d992b23e9250d1443f58c
b0842ec6c76d376b7027ea4e3ded3b239ffd1bb3
8b1976f5e72073fd743ca74b855e5142e51d16ca3d3e8e7969e720e212f7f6e0

HTTP Headers

GET /en_US/sdk.js?hash=31dd8aa6caff68614e3993940341ba69 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.elevatebooks.com
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 24bca9415512e4a384222904e5cf4fd8
etag: "05a8e3254119ca122c3130745762b022"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 28 Sep 2023 07:09:22 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: UdVPj02NmSsj6SUNFEP1jA==
x-fb-debug: jiNann2OjbAYoQcoWfzvWiXloz4jTeHpcXeOBVdEK6dtjvQ0JU2zUP0O0OPnOkKcRzQp6/Hye5+0cxM+jUBetA==
content-length: 87369
x-fb-trip-id: 1679558926
date: Wed, 28 Sep 2022 07:54:11 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.elevatebooks.com/wp-content/uploads/2016/08/elevate-logo-small.jpg

192.254.235.92

200 OK

131 kB

URL HTTP/2
www.elevatebooks.com/wp-content/uploads/2016/08/elevate-logo-small.jpg
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2016:05:16 13:20:57], baseline, precision 8, 283x292, components 3\012- data
Size
131 kB (131348 bytes)
Hash
158ee24f9f890ebc4640ab84a5166187
460dbbf7d69f97e4db4906a8d221bb9729aaaa66
601eae16999b87cd0941018f8055b3d0f74f57eb5ce0842bef2eb4b4a49e2bbe

HTTP Headers

GET /wp-content/uploads/2016/08/elevate-logo-small.jpg HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Cookie: fca_eoi_pagecount=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 11 Oct 2016 18:27:34 GMT
accept-ranges: bytes
content-length: 131348
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 07:54:11 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Wed, 28 Sep 2022 07:54:11 GMT
server: Apache
X-Firefox-Spdy: h2

www.elevatebooks.com/wp-content/uploads/2018/06/Elevate-Your-Life-Cover.jpg

192.254.235.92

200 OK

1.8 MB

URL HTTP/2
www.elevatebooks.com/wp-content/uploads/2018/06/Elevate-Your-Life-Cover.jpg
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=2560, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1705], baseline, precision 8, 1705x2560, components 3\012- data
Size
1.8 MB (1823781 bytes)
Hash
f35bc01b6c95a4f779c8c9fcbcbc869c
7a84cfd3665bf9378ddbeed6994f963576b74aa4
c62a9bac8ecbe1eea9ca899e3967a62d5ab5b8be31ee045950635e2679278f64

HTTP Headers

GET /wp-content/uploads/2018/06/Elevate-Your-Life-Cover.jpg HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Cookie: fca_eoi_pagecount=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 14 Jun 2018 15:56:30 GMT
accept-ranges: bytes
content-length: 1823781
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 07:54:10 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Wed, 28 Sep 2022 07:54:10 GMT
server: Apache
X-Firefox-Spdy: h2

www.elevatebooks.com/wp-content/uploads/2018/06/Elevate-Your-Health-Cover.jpg

192.254.235.92

200 OK

1.8 MB

URL HTTP/2
www.elevatebooks.com/wp-content/uploads/2018/06/Elevate-Your-Health-Cover.jpg
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=2560, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1706], baseline, precision 8, 1706x2560, components 3\012- data
Size
1.8 MB (1848502 bytes)
Hash
92208c8659fdc0dcd5e3195d58387462
27849cd2a0201564b4b32a92cf3ad57d04da429a
8b6e444a96aed2c9be626fe9fb308001ed453ba0118c8a481888e03c94d8e2ef

HTTP Headers

GET /wp-content/uploads/2018/06/Elevate-Your-Health-Cover.jpg HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Cookie: fca_eoi_pagecount=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 14 Jun 2018 15:56:00 GMT
accept-ranges: bytes
content-length: 1848502
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 07:54:10 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Wed, 28 Sep 2022 07:54:10 GMT
server: Apache
X-Firefox-Spdy: h2

www.elevatebooks.com/wp-content/uploads/2018/06/Elevate-Your-Success-Cover.jpg

192.254.235.92

200 OK

1.9 MB

URL HTTP/2
www.elevatebooks.com/wp-content/uploads/2018/06/Elevate-Your-Success-Cover.jpg
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=2560, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1705], baseline, precision 8, 1705x2560, components 3\012- data
Size
1.9 MB (1905753 bytes)
Hash
1426dd2f2111efe78f0036fa0bc04115
98cc56062774ceb0640b99a6d3029fa031f3da96
0d2d3489fd95f58b217e51d24ec44bdca50a824429568e4a783f246c82ccc439

HTTP Headers

GET /wp-content/uploads/2018/06/Elevate-Your-Success-Cover.jpg HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Cookie: fca_eoi_pagecount=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 14 Jun 2018 15:54:44 GMT
accept-ranges: bytes
content-length: 1905753
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 07:54:10 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Wed, 28 Sep 2022 07:54:10 GMT
server: Apache
X-Firefox-Spdy: h2

www.elevatebooks.com/wp-content/uploads/2016/04/Wellbeing-Multi-Author-2D-Cover.jpg

192.254.235.92

200 OK

7.0 MB

URL HTTP/2
www.elevatebooks.com/wp-content/uploads/2016/04/Wellbeing-Multi-Author-2D-Cover.jpg
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop CC 2017 (Macintosh), datetime=2018:10:15 13:17:55], progressive, precision 8, 4574x6842, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 19751-4096, spot sensor temperature 0.000000, unit celsius, color scheme 10, show spot sensor, calibration: offset 0.000000, slope 46.001953\012- data
Size
7.0 MB (6969064 bytes)
Hash
cf33ccb143e891c91e5678d205ae2aae
e481fca1a6dee6026385dab7e8ed98b183714a51
a6347c36ba356c8aa6f58e14755f9e3711e4f5b636a52e3e6c391a132be56b1e

HTTP Headers

GET /wp-content/uploads/2016/04/Wellbeing-Multi-Author-2D-Cover.jpg HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Cookie: fca_eoi_pagecount=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 12 Nov 2018 16:40:46 GMT
accept-ranges: bytes
content-length: 6969064
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 07:54:10 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Wed, 28 Sep 2022 07:54:10 GMT
server: Apache
X-Firefox-Spdy: h2

www.elevatebooks.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

192.254.235.92

200 OK

0 B

URL HTTP/2
www.elevatebooks.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 11 Mar 2021 02:37:24 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Wed, 28 Sep 2022 13:54:09 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Wed, 28 Sep 2022 07:54:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.elevatebooks.com/wp-content/themes/aurum/assets/css/bootstrap.css?ver=3.14.1

192.254.235.92

200 OK

0 B

URL HTTP/2
www.elevatebooks.com/wp-content/themes/aurum/assets/css/bootstrap.css?ver=3.14.1
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/aurum/assets/css/bootstrap.css?ver=3.14.1 HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 30 Mar 2018 13:57:55 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 28 Oct 2022 07:54:09 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Wed, 28 Sep 2022 07:54:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.elevatebooks.com/wp-content/themes/aurum/assets/css/aurum.css?ver=3.14.1

192.254.235.92

200 OK

0 B

URL HTTP/2
www.elevatebooks.com/wp-content/themes/aurum/assets/css/aurum.css?ver=3.14.1
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/aurum/assets/css/aurum.css?ver=3.14.1 HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 11 Aug 2021 13:46:03 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 28 Oct 2022 07:54:09 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Wed, 28 Sep 2022 07:54:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.elevatebooks.com/

192.254.235.92

200 OK

0 B

URL HTTP/2
www.elevatebooks.com/
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:54:08 GMT
server: Apache
content-type: text/html; charset=UTF-8
link: <https://www.elevatebooks.com/wp-json/>; rel="https://api.w.org/", <https://www.elevatebooks.com/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://www.elevatebooks.com/>; rel=shortlink
cache-control: max-age=7200
expires: Wed, 28 Sep 2022 09:54:08 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: true
x-proxy-cache: EXPIRED
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Glegoo&ver=6.0.2

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Glegoo&ver=6.0.2
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Glegoo&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 07:54:09 GMT
date: Wed, 28 Sep 2022 07:54:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Glegoo&subset=latin&ver=6.0.2

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Glegoo&subset=latin&ver=6.0.2
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Glegoo&subset=latin&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 07:54:09 GMT
date: Wed, 28 Sep 2022 07:54:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.elevatebooks.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.5.4

192.254.235.92

200 OK

0 B

URL HTTP/2
www.elevatebooks.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.5.4
IP
192.254.235.92:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.5.4 HTTP/1.1
Host: www.elevatebooks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elevatebooks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 13 Dec 2018 20:24:06 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 28 Oct 2022 07:54:09 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Wed, 28 Sep 2022 07:54:09 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations