wozyzy.com/upload/files/2022/06/lQbtQLNkkv5kKy7PQ9yy_11_4b500e85414678adc2e8b246ab732c5c_file.pdf
200 OK 2.9 kB URL User Request GET HTTP/1.1 wozyzy.com/upload/files/2022/06/lQbtQLNkkv5kKy7PQ9yy_11_4b500e85414678adc2e8b246ab732c5c_file.pdf
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2930), with no line terminators
Hash 9686bb07f149efbde3cfe23a42f031cf
8b5808453866bb756c76c80465ee4ab95eafabf0
b3d1f154196da426457e06c00078270fb81560480366f98682df531ff7ea69fb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/files/2022/06/lQbtQLNkkv5kKy7PQ9yy_11_4b500e85414678adc2e8b246ab732c5c_file.pdf HTTP/1.1
Host: wozyzy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 18 Aug 2023 17:06:56 GMT
Content-Type: text/html
Content-Length: 2930
Last-Modified: Thu, 17 Aug 2023 20:26:13 GMT
ETag: "64de8265-b72"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_bU+XQRl3yfeXzR13Sc+PrvZ2BAByl0T5N/vCyw5yC7nvf+T4+JbibLm9YqZH1c04UDxO/7a3EPphxzvr5BqwYA
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: system=PW;Path=/;Max-Age=86400;
caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400;
country=NO;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
traffic_target=reseller;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google
ocsp.pki.goog/gts1c3
472 B IP
Hash 160e64b2d0062b822d3e7c77e233d539
dc677bd369d3c0871a511c81b650afd1fe6e7237
a709807540a33c0af4bf611d32ac09c6bb7fbf06f8966a4e3a4696d10a28ef62
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Aug 2023 17:06:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img1.wsimg.com/parking-lander/static/js/0.a16f62c5.chunk.js
200 OK 138 kB URL GET HTTP/2 img1.wsimg.com/parking-lander/static/js/0.a16f62c5.chunk.js
IP
ASN #20940 Akamai International B.V.
Requested by http://wozyzy.com/upload/files/2022/06/lQbtQLNkkv5kKy7PQ9yy_11_4b500e85414678adc2e8b246ab732c5c_file.pdf
Certificate IssuerStarfield Technologies, Inc.
Subject*.wsimg.com
Fingerprint4D:28:AB:B5:BB:E6:84:09:15:A9:80:A1:56:45:20:CB:87:93:83:A3
ValidityThu, 15 Sep 2022 21:44:19 GMT - Tue, 17 Oct 2023 21:44:19 GMT
File type ASCII text, with very long lines (65462)
Size 138 kB (137571 bytes)
Hash 0ec748bdd8fb4ec8bdc857ded25621bd
f0442ff68df1bff4e54965ddace5e95be70ca4c6
af0cfb6bd03aa508d13ba013ac1aaec1f4ae9de2acdbc1ecd74e8beff11fc909
GET /parking-lander/static/js/0.a16f62c5.chunk.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wozyzy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: WmYfEdA07Fmz/9cI9XJ2SvVbBYM+Kd4i/iLWiIQW4yMvM0KjThk+oQ49KDi5spd83nuOELPwCqk=
x-amz-request-id: 3EZCVWQF6E7EWZDC
last-modified: Thu, 17 Aug 2023 20:23:57 GMT
etag: "0ec748bdd8fb4ec8bdc857ded25621bd"
x-amz-server-side-encryption: AES256
x-amz-version-id: 6l2G7PmvP3Lbq__PrpD5iUMJ0sfUoSDe
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Sat, 17 Aug 2024 17:06:57 GMT
date: Fri, 18 Aug 2023 17:06:57 GMT
content-length: 137571
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
wozyzy.com/px.js?ch=2&abp=1
200 OK 476 B URL GET HTTP/1.1 wozyzy.com/px.js?ch=2&abp=1
IP
Requested by http://wozyzy.com/upload/files/2022/06/lQbtQLNkkv5kKy7PQ9yy_11_4b500e85414678adc2e8b246ab732c5c_file.pdf
Hash d2183968f9080b37babfeba3ccf10df2
24b9cf589ee6789e567fac3ae5acfc25826d00c6
4d9b83714539f82372e1e0177924bcb5180b75148e22d6725468fd2fb6f96bcc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /px.js?ch=2&abp=1 HTTP/1.1
Host: wozyzy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wozyzy.com/upload/files/2022/06/lQbtQLNkkv5kKy7PQ9yy_11_4b500e85414678adc2e8b246ab732c5c_file.pdf
Cookie: system=PW; caf_ipaddr=91.90.42.154; country=NO; city=""; traffic_target=reseller
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 18 Aug 2023 17:06:57 GMT
Content-Type: application/javascript
Content-Length: 476
Last-Modified: Fri, 18 Aug 2023 07:19:04 GMT
ETag: "64df1b68-1dc"
Accept-Ranges: bytes
Via: 1.1 google
img1.wsimg.com/parking-lander/static/js/main.2de80224.chunk.js
200 OK 1.7 kB URL GET HTTP/2 img1.wsimg.com/parking-lander/static/js/main.2de80224.chunk.js
IP
ASN #20940 Akamai International B.V.
Requested by http://wozyzy.com/upload/files/2022/06/lQbtQLNkkv5kKy7PQ9yy_11_4b500e85414678adc2e8b246ab732c5c_file.pdf
Certificate IssuerStarfield Technologies, Inc.
Subject*.wsimg.com
Fingerprint4D:28:AB:B5:BB:E6:84:09:15:A9:80:A1:56:45:20:CB:87:93:83:A3
ValidityThu, 15 Sep 2022 21:44:19 GMT - Tue, 17 Oct 2023 21:44:19 GMT
File type ASCII text, with very long lines (5022)
Hash feb4192f1c4437fbc4d42bdb90eec1d6
57f5169a59f2569ba6faa0fe84f773ba3fe907f0
01d84b991e086ab285b7d4ca0ac3680a08e829cc8807091a8dfe0d44c62797c3
GET /parking-lander/static/js/main.2de80224.chunk.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wozyzy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: xxDWv9WvhvFdnpxxUMDiUFjUrmWvFtLqPS4P+RwcjRBehgopGlSgl60QTdse8Z0RCbIcDbExKRfpcJcOl9ndZA==
x-amz-request-id: YFYZHCYF6F5K3EB5
last-modified: Thu, 17 Aug 2023 20:23:57 GMT
etag: "feb4192f1c4437fbc4d42bdb90eec1d6"
x-amz-server-side-encryption: AES256
x-amz-version-id: ylGTBGc8WjrOSvjSy36R4nFvX_RG1tjY
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Sat, 17 Aug 2024 17:06:57 GMT
date: Fri, 18 Aug 2023 17:06:57 GMT
content-length: 1748
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/parking-lander/static/css/1.b30f9100.chunk.css
200 OK 175 B URL GET HTTP/2 img1.wsimg.com/parking-lander/static/css/1.b30f9100.chunk.css
IP
ASN #20940 Akamai International B.V.
Requested by http://wozyzy.com/upload/files/2022/06/lQbtQLNkkv5kKy7PQ9yy_11_4b500e85414678adc2e8b246ab732c5c_file.pdf
Certificate IssuerStarfield Technologies, Inc.
Subject*.wsimg.com
Fingerprint4D:28:AB:B5:BB:E6:84:09:15:A9:80:A1:56:45:20:CB:87:93:83:A3
ValidityThu, 15 Sep 2022 21:44:19 GMT - Tue, 17 Oct 2023 21:44:19 GMT
Hash cde6ba410180d713de07be87f34e22aa
2ac17cbe65ee9b9cf414e50682f43e021cfd6287
bebee8c1fae5a7aec3aa03100456f6800108621adcd1f0c1f44cf561ef8d160f
GET /parking-lander/static/css/1.b30f9100.chunk.css HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wozyzy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: iHN83HWl9euScxAhTglQc7uPu+AnIMPRvVeHBIfoGPOf8t7j0O6qM833eOeMFBPx4LbMTY/Y5TU=
x-amz-request-id: E65H0AFRQZDFA8HN
last-modified: Wed, 09 Aug 2023 22:39:56 GMT
etag: "cde6ba410180d713de07be87f34e22aa"
x-amz-server-side-encryption: AES256
x-amz-version-id: g_IFY1GE6Csq5DqkyLh12PjR9VKTQ6kn
accept-ranges: bytes
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
content-length: 175
cache-control: max-age=31536000
expires: Sat, 17 Aug 2024 17:06:57 GMT
date: Fri, 18 Aug 2023 17:06:57 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/parking-lander/static/js/1.7b65773d.chunk.js
200 OK 57 kB URL GET HTTP/2 img1.wsimg.com/parking-lander/static/js/1.7b65773d.chunk.js
IP
ASN #20940 Akamai International B.V.
Requested by http://wozyzy.com/upload/files/2022/06/lQbtQLNkkv5kKy7PQ9yy_11_4b500e85414678adc2e8b246ab732c5c_file.pdf
Certificate IssuerStarfield Technologies, Inc.
Subject*.wsimg.com
Fingerprint4D:28:AB:B5:BB:E6:84:09:15:A9:80:A1:56:45:20:CB:87:93:83:A3
ValidityThu, 15 Sep 2022 21:44:19 GMT - Tue, 17 Oct 2023 21:44:19 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash a03ecc401d16a9a49159f6e1e6251099
0bbbb49181325183c4cf1b9e52c691f318701f42
21928e7962d72e1e9f3bc7f91e751fd0e44b8e4838e3cb5ddad0881b15b3fe20
GET /parking-lander/static/js/1.7b65773d.chunk.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wozyzy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: V5jzQI6wDYsTyqelr2Z8vyuW+hTqlDbR9N8+wIWnObo0s387ZiqvHjNxJRK78XqGuyCggJ539L562PmKsgdLug==
x-amz-request-id: 3EZ2WDX86J16D0VA
last-modified: Thu, 17 Aug 2023 20:23:56 GMT
etag: "a03ecc401d16a9a49159f6e1e6251099"
x-amz-server-side-encryption: AES256
x-amz-version-id: fKZRd9g3xo8rVoOozJq2aVgR664EuB8.
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Sat, 17 Aug 2024 17:06:57 GMT
date: Fri, 18 Aug 2023 17:06:57 GMT
content-length: 57412
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
wozyzy.com/px.js?ch=1&abp=1
200 OK 476 B URL GET HTTP/1.1 wozyzy.com/px.js?ch=1&abp=1
IP
Requested by http://wozyzy.com/upload/files/2022/06/lQbtQLNkkv5kKy7PQ9yy_11_4b500e85414678adc2e8b246ab732c5c_file.pdf
Hash d2183968f9080b37babfeba3ccf10df2
24b9cf589ee6789e567fac3ae5acfc25826d00c6
4d9b83714539f82372e1e0177924bcb5180b75148e22d6725468fd2fb6f96bcc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /px.js?ch=1&abp=1 HTTP/1.1
Host: wozyzy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wozyzy.com/upload/files/2022/06/lQbtQLNkkv5kKy7PQ9yy_11_4b500e85414678adc2e8b246ab732c5c_file.pdf
Cookie: system=PW; caf_ipaddr=91.90.42.154; country=NO; city=""; traffic_target=reseller
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 18 Aug 2023 17:06:57 GMT
Content-Type: application/javascript
Content-Length: 476
Last-Modified: Thu, 17 Aug 2023 22:56:28 GMT
ETag: "64dea59c-1dc"
Accept-Ranges: bytes
Via: 1.1 google
ocsp.pki.goog/gts1c3
471 B IP
Hash 05bfa324afd1d3400d2c4976ebbc8a80
117ce7c701b37e91c286526a336657c0a1247649
4a5a796ebfb2ede94464747f3b2031a0f284b0b516acbc94968bc97063cf5834
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Aug 2023 17:06:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/adsense/domains/caf.js?abp=1
200 OK 151 kB URL GET HTTP/2 www.google.com/adsense/domains/caf.js?abp=1
IP
Requested by http://wozyzy.com/upload/files/2022/06/lQbtQLNkkv5kKy7PQ9yy_11_4b500e85414678adc2e8b246ab732c5c_file.pdf
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint04:E5:DA:A8:FA:1A:A4:D3:8D:82:3E:8B:A5:7B:9F:FF:06:6B:6E:95
ValidityMon, 31 Jul 2023 08:22:58 GMT - Mon, 23 Oct 2023 08:22:57 GMT
File type ASCII text, with very long lines (2067)
Size 151 kB (151369 bytes)
Hash 5264bfb6d0a16049a266ff612181fcd4
78ea4f01d442f937a9c230f4025fe40dc3d66e59
8147d949e61bc2b9c39fd59a14e07eb3abecc8aceead84e0ff732b20b8da90d5
GET /adsense/domains/caf.js?abp=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wozyzy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Fri, 18 Aug 2023 17:06:57 GMT
expires: Fri, 18 Aug 2023 17:06:57 GMT
cache-control: private, max-age=3600
etag: "9606236318868169800"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
34.98.99.30
23.36.79.16