Report - bagoftricks.ml/

Report Overview

Submitted URL
bagoftricks.ml/
IP
144.217.252.90
ASN
#16276 OVH SAS
Submitted
2022-12-04 14:18:23
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
32

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.208.34.131
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.4 kB	142.250.74.131
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	58 kB	34.120.237.76
https-bagoftricks-ml.disqus.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.2 kB	199.232.196.134
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
bagoftricks.ml	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	10 kB	218 kB	144.217.252.90
s.w.org	748	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	117 kB	192.0.77.48
pbs.twimg.com	624	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	19 kB	93.184.220.70
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.6 kB	93.184.220.29
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
cdn-images-1.medium.com	50146	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	430 B	436 kB	162.159.153.4
maps.googleapis.com	33876	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	427 B	54 kB	142.250.74.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-04	medium	bagoftricks.ml/	Malware
2022-12-04	medium	bagoftricks.ml/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=3.1.3	Malware
2022-12-04	medium	bagoftricks.ml/wp-content/themes/generatepress/assets/fonts/generatepress.woff2	Malware
2022-12-04	medium	bagoftricks.ml/page/2/	Malware
2022-12-04	medium	bagoftricks.ml/wp-content/themes/generatepress/assets/css/mobile.min.css?ver=3.1.3	Malware
2022-12-04	medium	bagoftricks.ml/wp-content/plugins/custom-twitter-feeds/js/ctf-scripts.min.js?ver=2.0.3	Malware
2022-12-04	medium	bagoftricks.ml/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4	Malware
2022-12-04	medium	bagoftricks.ml/	Malware
2022-12-04	medium	bagoftricks.ml/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3	Malware
2022-12-04	medium	bagoftricks.ml/wp-content/themes/generatepress/assets/js/navigation-search.min.js?ver=3.1.3	Malware
2022-12-04	medium	bagoftricks.ml/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Malware
2022-12-04	medium	bagoftricks.ml/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4	Malware
2022-12-04	medium	bagoftricks.ml/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4	Malware
2022-12-04	medium	bagoftricks.ml/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22	Malware
2022-12-04	medium	bagoftricks.ml/wp-content/themes/generatepress/assets/css/unsemantic-grid.min.css?ver=3.1.3	Malware
2022-12-04	medium	bagoftricks.ml/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.1.3	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (26)

	URL	Size	First Seen	Last Seen
	bagoftricks.ml/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.1.3	763 B	2023-03-07	2024-03-13
Pretty URL bagoftricks.ml/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.1.3 IP 144.217.252.90 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:33 Last Seen2024-03-13 22:00:07 Times Seen88 Hash fa664125598aa4f20ad415f31970ff63 52fe933779da89629300fbf61b2c6c9d0d5f2c36 fa6953b24e42640645ebc36a7bdead13b10abdddd28abec1d8d7904d329e6cd0 Loading...

	https-bagoftricks-ml.disqus.com/count-data.js?1=29%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D29&1=321%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D321&1=333%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D333&1=338%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D338&1=341%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D341&1=344%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D344&1=347%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D347&1=352%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D352&1=357%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D357&1=364%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D364	798 B	2023-03-08	2023-03-13
Pretty URL https-bagoftricks-ml.disqus.com/count-data.js?1=29%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D29&1=321%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D321&1=333%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D333&1=338%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D338&1=341%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D341&1=344%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D344&1=347%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D347&1=352%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D352&1=357%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D357&1=364%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D364 IP 199.232.196.134 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:04:09 Last Seen2023-03-13 00:36:05 Times Seen1 Hash 2f48afc33fe3d36a0b1ea820c8558aba 49340d6acbe57fb9cf5320d2635966709ede2dd2 cd92066ef47e495f0d54b0c70a148be29137124281a104fe73b28637fe823a2d Loading...

	unknown	0 B	2023-03-07	2024-04-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 06:18:30 Times Seen36969779 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	bagoftricks.ml/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4	12 kB	2023-03-08	2024-04-18
Pretty URL bagoftricks.ml/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 IP 144.217.252.90 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:19 Last Seen2024-04-18 12:23:25 Times Seen3477 Hash 1f9968a7c7a2a02491393fb9d4103dae 0032c8a6a692e6f072b2cef20828449402fdd57d f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49 Loading...

	bagoftricks.ml/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.1.3	6.9 kB	2023-03-07	2024-04-11
Pretty URL bagoftricks.ml/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.1.3 IP 144.217.252.90 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:19 Last Seen2024-04-11 02:12:57 Times Seen887 Hash 203bfc7ab2d64673e71c76d7b20aefea 5479e74e26118cacfecee3f519a0a1a6f0e6dca6 775a02c37772954d38fe41b802b94a0ee37dccb98a03827cdef3eddd2abc13d1 Loading...

	bagoftricks.ml/	465 B	2023-03-08	2023-03-08
Pretty URL bagoftricks.ml/ IP 144.217.252.90 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:04:09 Last Seen2023-03-08 16:04:09 Times Seen1 Hash ae8cd57ee30f717c3d5366798b290047 3619805760da3c97b47c95f32d43f0f61cbdebb6 ec9d72ccc1a584ece45cc91b6b58be665ae8aee56d2931fbb049b63bbcdea0ce Loading...

	bagoftricks.ml/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22	889 B	2023-03-07	2024-04-18
Pretty URL bagoftricks.ml/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22 IP 144.217.252.90 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:46 Last Seen2024-04-18 09:40:54 Times Seen858 Hash b460f3e81ba63bfac78933670036ac69 16a3313c917ff4592286c52d058400275d934608 cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e Loading...

	bagoftricks.ml/	2.2 kB	2023-03-08	2023-03-13
Pretty URL bagoftricks.ml/ IP 144.217.252.90 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:04:09 Last Seen2023-03-13 00:36:05 Times Seen1 Hash cf25a8f7b6bff069176970d64e4bbcf2 2f28ce5d935ae2829fe8d2ff207245d13ad32b8e b5716a55067a0ee85e9ad9427f06651ef1af37025c037cd5bc9d8c30d7535c36 Loading...

	bagoftricks.ml/	115 B	2023-03-08	2023-03-13
Pretty URL bagoftricks.ml/ IP 144.217.252.90 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:04:09 Last Seen2023-03-13 00:36:05 Times Seen1 Hash aa25060769d7afee0f08775ddc78d662 661894a1a546c138ca6334887797110ab0e62531 a3b48f9af84da749c9c79441f6a83e3898c08fae5507ca1bc34f7b6571e41006 Loading...

	https-bagoftricks-ml.disqus.com/count-data.js?1=373%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D373	269 B	2023-03-08	2023-03-13
Pretty URL https-bagoftricks-ml.disqus.com/count-data.js?1=373%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D373 IP 199.232.196.134 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:04:09 Last Seen2023-03-13 00:36:05 Times Seen1 Hash f0c1f6d8e0bb85861340d6bf5de80add 4f646e50385487e63083b6195d19b831b1b6df08 f6d507bb9819be40af6c10bb4a86f419778d63843452b794b0e80073df4c247c Loading...

	bagoftricks.ml/	61 B	2023-03-08	2023-03-13
Pretty URL bagoftricks.ml/ IP 144.217.252.90 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:04:09 Last Seen2023-03-13 00:36:05 Times Seen1 Hash 4c0b42009b584851a060017735dc485b 0416da2255bb9e83bb7f9b6128fbfb0dac5e9da3 28b8084b7872c5f1f0f86c06fb32ac5d484c8ab30ee25087a4804d4ab9995be0 Loading...

	bagoftricks.ml/	85 B	2023-03-07	2024-04-19
Pretty URL bagoftricks.ml/ IP 144.217.252.90 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:32 Last Seen2024-04-19 10:36:22 Times Seen354 Hash 8b348f2ac0deb73ef37928beaa7b2844 7b7140ebb4e735302a63167e74527b28f81e4392 9da20d255f8ed30b0555097ae365bb467026992a07ba20d645d38173df4b6494 Loading...

	bagoftricks.ml/wp-content/themes/generatepress/assets/js/navigation-search.min.js?ver=3.1.3	2.1 kB	2023-03-07	2024-04-19
Pretty URL bagoftricks.ml/wp-content/themes/generatepress/assets/js/navigation-search.min.js?ver=3.1.3 IP 144.217.252.90 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:32 Last Seen2024-04-19 00:02:19 Times Seen710 Hash ef27b9a45dd338d185f28b6e218a9aa3 6965d3ba2badd211b772140b2afdbe7e3547f5d7 f4d0c6a094ec876c2dbea780dac5655e44bc1ec2b0c9c492f8513581879c89c5 Loading...

	bagoftricks.ml/	46 B	2023-03-07	2024-04-19
Pretty URL bagoftricks.ml/ IP 144.217.252.90 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:33 Last Seen2024-04-19 06:51:09 Times Seen613 Hash bec9c700df243a74235f459eeaa0d9cb 47c8b6aff8817c560284ab7f629d1fb9903a4391 b419ddf3962f2f32b55824f2bc29e97b342f8df820c6913c9f58e91cb1608df8 Loading...

	bagoftricks.ml/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-19
Pretty URL bagoftricks.ml/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 144.217.252.90 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-19 22:30:25 Times Seen31748 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	bagoftricks.ml/wp-content/plugins/custom-twitter-feeds/js/ctf-scripts.min.js?ver=2.0.3	16 kB	2023-03-07	2024-03-14
Pretty URL bagoftricks.ml/wp-content/plugins/custom-twitter-feeds/js/ctf-scripts.min.js?ver=2.0.3 IP 144.217.252.90 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:06:31 Last Seen2024-03-14 09:58:52 Times Seen191 Hash 157500691cb74b3acde44bcd88961066 73198d9062ca62f73a2c0c85348aef44c96c0e13 60be208ceb2e57dd1d7fb474803692b279c55e450871ee67dee3da8f7fa89c07 Loading...

	bagoftricks.ml/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3	19 kB	2023-03-07	2024-04-19
Pretty URL bagoftricks.ml/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 IP 144.217.252.90 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-19 20:39:52 Times Seen37996 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	maps.googleapis.com/maps/api/js?key=AIzaSyCx-7ILKpH7QGnxXhmIvogBZ1sQDg3wTc4&v=3.exp&ver=6.0.3	164 kB	2023-03-08	2023-03-08
Pretty URL maps.googleapis.com/maps/api/js?key=AIzaSyCx-7ILKpH7QGnxXhmIvogBZ1sQDg3wTc4&v=3.exp&ver=6.0.3 IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:04:09 Last Seen2023-03-08 16:04:09 Times Seen1 Hash e337fd929a188b72b29e56fa6f36434a c82e252fd1f9138be40dbd0fa622d3db713d0475 a3d706374ee6f91c803036a081d2da106330967b857089e151599799fc6dc701 Loading...

	https-bagoftricks-ml.disqus.com/count.js	1.5 kB	2023-03-07	2024-04-18
Pretty URL https-bagoftricks-ml.disqus.com/count.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-04-18 15:50:09 Times Seen4197 Hash 64932a1e2564351aa7642475acdf3fbf c3dd2b7d1d4604e3559c2732fd90d71059dd77d8 3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875 Loading...

	bagoftricks.ml/	127 B	2023-03-07	2024-04-19
Pretty URL bagoftricks.ml/ IP 144.217.252.90 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:19 Last Seen2024-04-19 10:36:22 Times Seen1576 Hash e891393f0be3a6ffaa3923b307180e7e bc0a7332b9846a5762a71b9b9811c1a8b19df194 2d1778345d3607ceb641cc5f21b0a2c045fa70052361ac91a17c39b2c9d96f71 Loading...

	bagoftricks.ml/	78 B	2023-03-08	2023-03-13
Pretty URL bagoftricks.ml/ IP 144.217.252.90 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:04:09 Last Seen2023-03-13 00:36:05 Times Seen1 Hash f30345d50764bd812789979d4701951f 82d9a6cc3e6a95e03e2bc569efa0b8a869622b3f 4de352f43223e81b9ab153bfffad4583ca44199f7f8289a972e6c829eb6e66a1 Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/2/util.js	170 kB	2023-03-08	2023-03-12
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/2/util.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:47 Last Seen2023-03-12 16:22:26 Times Seen1 Hash 57abc24730c5e3098df038528852b6bb bc15e0c81c4aaca2cbf840a357622a398d0299c6 ab0897fa86882119e4c205194b220af856781975b3485fd97df8ffda72835f0e Loading...

	bagoftricks.ml/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-19
Pretty URL bagoftricks.ml/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 144.217.252.90 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-19 22:30:21 Times Seen68500 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	bagoftricks.ml/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4	9.9 kB	2023-03-08	2024-04-18
Pretty URL bagoftricks.ml/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 IP 144.217.252.90 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:19 Last Seen2024-04-18 12:23:23 Times Seen3132 Hash dc74c9954b1944928eca0172c3b8c6b3 e9e00e587e0e28491b69563b4e768945ff2e0ed5 d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b Loading...

	bagoftricks.ml/	437 B	2023-03-08	2023-03-13
Pretty URL bagoftricks.ml/ IP 144.217.252.90 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:04:09 Last Seen2023-03-13 00:36:05 Times Seen1 Hash 60b7297673311a9adaeb59d2d19b13d3 d433daf2eea69927efba0aba22d86a9e62defc4a af5cabee93f4ae50c4cb79067b63bf5a86cea747f35a7a3c28646498000a2086 Loading...

	bagoftricks.ml/	260 B	2023-03-07	2024-04-19
Pretty URL bagoftricks.ml/ IP 144.217.252.90 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:19 Last Seen2024-04-19 06:51:09 Times Seen2510 Hash 9b78b28b396646badfc6017235ee4be9 18103240bf0cb760cdf7febc628b56b8fca44319 215f517010a20f2f4c55d34dd3c574568bd0fb83662f0b915ddb6561f97c3904 Loading...

HTTP Transactions (59)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2264
Expires: Sun, 04 Dec 2022 14:55:56 GMT
Date: Sun, 04 Dec 2022 14:18:12 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5176
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 14:18:12 GMT
Last-Modified: Sun, 04 Dec 2022 12:51:56 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6060
Expires: Sun, 04 Dec 2022 15:59:12 GMT
Date: Sun, 04 Dec 2022 14:18:12 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Zd6Os+xv95keFevUThFankVdeg0iRexgnKMAyGAJ5GCWN2NP7amGGGJEyiiVNIurJdW0sYwSbjM=
x-amz-request-id: 1QYHHPPH98VJDZZJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 13:47:34 GMT
age: 1838
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 13:18:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3588
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

bagoftricks.ml/

144.217.252.90

301 Moved Permanently

0 B

URL HTTP/1.1
bagoftricks.ml/
IP
144.217.252.90:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: bagoftricks.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 04 Dec 2022 14:18:12 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-UA-Compatible: IE=edge
X-Redirect-By: WordPress
Location: https://bagoftricks.ml/
X-Powered-By: PHP/7.1.33, PleskLin

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 14:08:58 GMT
cache-control: public,max-age=3600
age: 554
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5196
Cache-Control: max-age=159314
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 14:18:13 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:33:27 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
312cb6d332c6ef2f060d02d039d1bf37
2a54f8ee24861f9ef55d26c6eb69f94d8a412855
d55ce5db69a567929435e268f78cea2845ddcaf02982c2ee5210eb0725671aca

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D55CE5DB69A567929435E268F78CEA2845DDCAF02982C2EE5210EB0725671ACA"
Last-Modified: Fri, 02 Dec 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 04 Dec 2022 20:18:13 GMT
Date: Sun, 04 Dec 2022 14:18:13 GMT
Connection: keep-alive

push.services.mozilla.com/

34.208.34.131

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.208.34.131:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hTJySFWFfQQtBUCYBDJxrA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yzBASMivgZp5ktIE6D/i0sUDW3c=

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
3fc40de76cfe9e5763f4307db17580b5
e7437d7e43c85e1e9b3ded5aa2881a8641f2cf24
f73646ec8fc0ee365949d7918e9419895a2e719d279485ac55e84e5478cf56eb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5528
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 14:18:14 GMT
Last-Modified: Sun, 04 Dec 2022 12:46:06 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 14:18:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
3fc40de76cfe9e5763f4307db17580b5
e7437d7e43c85e1e9b3ded5aa2881a8641f2cf24
f73646ec8fc0ee365949d7918e9419895a2e719d279485ac55e84e5478cf56eb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5528
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 14:18:14 GMT
Last-Modified: Sun, 04 Dec 2022 12:46:06 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278

cdn-images-1.medium.com/max/1000/1*C8hNiOqur4OJyEZmC7OnzQ.png

162.159.153.4

200 OK

436 kB

URL HTTP/2
cdn-images-1.medium.com/max/1000/1*C8hNiOqur4OJyEZmC7OnzQ.png
IP
162.159.153.4:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1000 x 507, 8-bit/color RGB, non-interlaced\012- data
Size
436 kB (435652 bytes)
Hash
b162c475c23321d24f8a468d5b7bbe9e
f30625129fc0a20f597a2de110193c1cfb0d788a
8dc21d97af16efa5748356601248eef362ae7719d86c49bf20093cf53597217a

HTTP Headers

GET /max/1000/1*C8hNiOqur4OJyEZmC7OnzQ.png HTTP/1.1
Host: cdn-images-1.medium.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 14:18:14 GMT
content-type: image/png
content-length: 435652
sepia-upstream: medium
access-control-allow-origin: *
cache-control: public, max-age=2592000
etag: "16.3"
expires: Tue, 03 Jan 2023 14:18:14 GMT
medium-fulfilled-by: miro/main-20221122-003601-db8b653b35
pragma: public
x-envoy-upstream-service-time: 101
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77452b906b89b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7982
Expires: Sun, 04 Dec 2022 16:31:16 GMT
Date: Sun, 04 Dec 2022 14:18:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7982
Expires: Sun, 04 Dec 2022 16:31:16 GMT
Date: Sun, 04 Dec 2022 14:18:14 GMT
Connection: keep-alive

bagoftricks.ml/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=3.1.3

144.217.252.90

200 OK

1.2 kB

URL HTTP/2
bagoftricks.ml/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=3.1.3
IP
144.217.252.90:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (2964), with no line terminators
Size
1.2 kB (1184 bytes)
Hash
24d0ec728b08d4ea1650b1e8f8bba55e
1db6809627d33dd81faa7a5085bc35b1c21dcfd4
ce40c6f15d0b6aa63c413e3268211de312609ff377ea4515f0fe46a475be968a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=3.1.3 HTTP/1.1
Host: bagoftricks.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:14 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 14:48:27 GMT
etag: W/"63078bbb-b94"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7982
Expires: Sun, 04 Dec 2022 16:31:16 GMT
Date: Sun, 04 Dec 2022 14:18:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7982
Expires: Sun, 04 Dec 2022 16:31:16 GMT
Date: Sun, 04 Dec 2022 14:18:14 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5681 bytes)
Hash
43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:38 GMT
age: 59136
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8315 bytes)
Hash
db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6UQ_BhPmpVpe9w6gsExB-EpNq_syeCCK6fr4Y1FFK1jDJh_n1Sd0Eg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:47 GMT
age: 59127
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (16143 bytes)
Hash
14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:26:41 GMT
age: 24693
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4666 bytes)
Hash
c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 59653
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (8989 bytes)
Hash
a6e7b32ac999cf3c899a234c621fa91a
fc5d4f3163ebb9faf85968cbb1d194e8e68418be
f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 59293
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7503 bytes)
Hash
c1a6f4805f59db44f9d3520d88701a58
6a0258e8c97ce09f1723382c8a16d9682b7dc50c
ae120df5e96352c6998c24c69c709dfd2b01a7ff8a7b935d496757fd7661f2f5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7503
x-amzn-requestid: a4120308-c51e-4cff-99c2-90e86018b05d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cgZjCGkVIAMFpsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389a2e0-6fdf362a6d32449239476155;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 07:01:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dy619jlSTwCjwDhGuLmwTMcmuYj1Kg2oLA7xORyAYX8IHWimhNo6pw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:16:07 GMT
age: 25327
etag: "6a0258e8c97ce09f1723382c8a16d9682b7dc50c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

maps.googleapis.com/maps/api/js?key=AIzaSyCx-7ILKpH7QGnxXhmIvogBZ1sQDg3wTc4&v=3.exp&ver=6.0.3

142.250.74.74

200 OK

54 kB

URL HTTP/2
maps.googleapis.com/maps/api/js?key=AIzaSyCx-7ILKpH7QGnxXhmIvogBZ1sQDg3wTc4&v=3.exp&ver=6.0.3
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2453)
Size
54 kB (53556 bytes)
Hash
d8a116283da11f18c585209f6886a160
10d8e7443020e1b6cb0b43acb88c2d0faae9bb0f
902b2bb6e2fdd35981643770acb520c2d40b47f50f7d72d61c3ce93ce02098b2

HTTP Headers

GET /maps/api/js?key=AIzaSyCx-7ILKpH7QGnxXhmIvogBZ1sQDg3wTc4&v=3.exp&ver=6.0.3 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Sun, 04 Dec 2022 14:18:14 GMT
expires: Sun, 04 Dec 2022 14:48:14 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 53556
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=280
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 14:18:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bagoftricks.ml/wp-content/uploads/2021/07/IMG_6004-825x1024.jpg

144.217.252.90

200 OK

123 kB

URL HTTP/2
bagoftricks.ml/wp-content/uploads/2021/07/IMG_6004-825x1024.jpg
IP
144.217.252.90:0
ASN
#16276 OVH SAS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 825x1024, components 3\012- data
Size
123 kB (123072 bytes)
Hash
9e611dcea903880d054797bbf9a35d3b
6db67a6755786dd1e04da400ac3dfa7ebdc52a20
fae9ec36a18e3478f816d5b6bbf708ced7ab12dc5b000ef0fce40fb11310d315

HTTP Headers

GET /wp-content/uploads/2021/07/IMG_6004-825x1024.jpg HTTP/1.1
Host: bagoftricks.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:14 GMT
content-type: image/jpeg
content-length: 123072
last-modified: Sat, 31 Jul 2021 21:58:51 GMT
etag: "6105c79b-1e0c0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

s.w.org/images/core/emoji/14.0.0/svg/1f36e.svg

192.0.77.48

200 OK

654 B

URL HTTP/2
s.w.org/images/core/emoji/14.0.0/svg/1f36e.svg
IP
192.0.77.48:0
ASN
#2635 AUTOMATTIC

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (654), with no line terminators
Size
654 B (654 bytes)
Hash
15975b815581fb2e18622a682ca2380a
7e61e0c1d890be6b6e128438b0371f44eb550eb0
195cc4dfc34003278790d6c64b0fa30fa627ddaef73828e57b0150f583567db0

HTTP Headers

GET /images/core/emoji/14.0.0/svg/1f36e.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:15 GMT
content-type: image/svg+xml
content-length: 654
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

bagoftricks.ml/wp-content/themes/generatepress/assets/fonts/generatepress.woff2

144.217.252.90

200 OK

1.3 kB

URL HTTP/2
bagoftricks.ml/wp-content/themes/generatepress/assets/fonts/generatepress.woff2
IP
144.217.252.90:0
ASN
#16276 OVH SAS

File type
Web Open Font Format (Version 2), TrueType, length 1264, version 1.0\012- data
Size
1.3 kB (1264 bytes)
Hash
d72877fee7e6dcb759e9836518b47260
08c55d082c85e2f3cf8ef89d00cb1ea84e8ed937
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/generatepress/assets/fonts/generatepress.woff2 HTTP/1.1
Host: bagoftricks.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bagoftricks.ml/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=3.1.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:14 GMT
content-type: font/woff2
content-length: 1264
last-modified: Thu, 25 Aug 2022 14:48:27 GMT
etag: "63078bbb-4f0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

pbs.twimg.com/profile_images/1118913288304070656/FNf9dH5N_normal.png

93.184.220.70

200 OK

6.6 kB

URL HTTP/2
pbs.twimg.com/profile_images/1118913288304070656/FNf9dH5N_normal.png
IP
93.184.220.70:0
ASN
#15133 EDGECAST

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
6.6 kB (6595 bytes)
Hash
679421bdd68c305c7fd8d6e32e2a0897
aedcd3ab8840b4be372df17f984eec4c7c58cc30
a34f194108bb6b70330ba1c4ef0e0a9b2d747de3b9b970146af0829c3dd87af2

HTTP Headers

GET /profile_images/1118913288304070656/FNf9dH5N_normal.png HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length
age: 409413
cache-control: max-age=604800, must-revalidate
content-type: image/png
date: Sun, 04 Dec 2022 14:18:15 GMT
last-modified: Thu, 18 Apr 2019 16:22:50 GMT
perf: 7626143928
server: ECS (ska/F706)
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
strict-transport-security: max-age=631138519
surrogate-key: profile_images profile_images/bucket/5 profile_images/1118913288304070656
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-cache: HIT
x-connection-hash: 876060a6064373af934963722dc21e2ee333caf4c75825033ff775c34d14d001
x-content-type-options: nosniff
x-response-time: 115
x-transaction-id: 435cbd7d63099529
x-tw-cdn: VZ, VZ
content-length: 6595
X-Firefox-Spdy: h2

pbs.twimg.com/profile_images/1589200744619528192/OA9eojz9_normal.jpg

93.184.220.70

200 OK

2.1 kB

URL HTTP/2
pbs.twimg.com/profile_images/1589200744619528192/OA9eojz9_normal.jpg
IP
93.184.220.70:0
ASN
#15133 EDGECAST

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Size
2.1 kB (2111 bytes)
Hash
bf779a712dc04e696b85e334c615bdb5
088ec1ae3f87217ac256ccd1007292ee1d928c8c
fbe1592bf37c5756d599e2ad139befcd3cafc5b98ca9d45f455ce0c9a53b789f

HTTP Headers

GET /profile_images/1589200744619528192/OA9eojz9_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length
age: 10584
cache-control: max-age=604800, must-revalidate
content-type: image/jpeg
date: Sun, 04 Dec 2022 14:18:15 GMT
last-modified: Sun, 06 Nov 2022 10:17:18 GMT
perf: 7626143928
server: ECS (ska/F70C)
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
strict-transport-security: max-age=631138519
surrogate-key: profile_images profile_images/bucket/7 profile_images/1589200744619528192
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-cache: HIT
x-connection-hash: 7573fe36ef0409f7d6a64f8b1b5ce09cc163c806e85831919349799f636c4c5e
x-content-type-options: nosniff
x-response-time: 109
x-transaction-id: 5b507db222ae7855
x-tw-cdn: VZ, VZ
content-length: 2111
X-Firefox-Spdy: h2

pbs.twimg.com/profile_images/1172268595419721729/kQSCIzM6_normal.jpg

93.184.220.70

200 OK

2.0 kB

URL HTTP/2
pbs.twimg.com/profile_images/1172268595419721729/kQSCIzM6_normal.jpg
IP
93.184.220.70:0
ASN
#15133 EDGECAST

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Size
2.0 kB (2035 bytes)
Hash
cc6b41d813ad14dd629c3bf44124fed9
062dc2b6008c5fe1f47a7d6b692674e3a2e4fa17
d2135257448abd6cb2f0738686b129214be538663a7a0dcfa83687cf43774ab7

HTTP Headers

GET /profile_images/1172268595419721729/kQSCIzM6_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length
age: 534969
cache-control: max-age=604800, must-revalidate
content-type: image/jpeg
date: Sun, 04 Dec 2022 14:18:15 GMT
last-modified: Thu, 12 Sep 2019 21:57:47 GMT
perf: 7626143928
server: ECS (ska/F709)
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=27
strict-transport-security: max-age=631138519
surrogate-key: profile_images profile_images/bucket/0 profile_images/1172268595419721729
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-cache: HIT
x-connection-hash: eb0a59f83394f302548f6443d8de312b402ce980ac3d3d8fb2eb2b669b9f8846
x-content-type-options: nosniff
x-response-time: 114
x-transaction-id: 5eb62a8f09209f74
x-tw-cdn: VZ, VZ
content-length: 2035
X-Firefox-Spdy: h2

pbs.twimg.com/profile_images/758017588177858560/InTlLdn7_normal.jpg

93.184.220.70

200 OK

2.3 kB

URL HTTP/2
pbs.twimg.com/profile_images/758017588177858560/InTlLdn7_normal.jpg
IP
93.184.220.70:0
ASN
#15133 EDGECAST

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Size
2.3 kB (2263 bytes)
Hash
1f05926a68928af47df5eda93b8815e1
721315ed9f44a27205aa94c5b6d0ad7e947fbfca
339eca1b1801c17c8840a9c554672ad86ef574cdafc3862bf9bb787e42cf991b

HTTP Headers

GET /profile_images/758017588177858560/InTlLdn7_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length
age: 15637
cache-control: max-age=604800, must-revalidate
content-type: image/jpeg
date: Sun, 04 Dec 2022 14:18:15 GMT
last-modified: Tue, 26 Jul 2016 19:12:10 GMT
perf: 7626143928
server: ECS (ska/F716)
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=28
strict-transport-security: max-age=631138519
surrogate-key: profile_images profile_images/bucket/2 profile_images/758017588177858560
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-cache: HIT
x-connection-hash: b57827b090b0a949371b3493d4835a3f8ba54869e0d60b64db2a5bf9897b2668
x-content-type-options: nosniff
x-response-time: 121
x-transaction-id: 8091443dc3744b67
x-tw-cdn: VZ, VZ
content-length: 2263
X-Firefox-Spdy: h2

pbs.twimg.com/profile_images/564397385439141888/8WnILtyS_normal.jpeg

93.184.220.70

200 OK

1.6 kB

URL HTTP/2
pbs.twimg.com/profile_images/564397385439141888/8WnILtyS_normal.jpeg
IP
93.184.220.70:0
ASN
#15133 EDGECAST

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
1.6 kB (1579 bytes)
Hash
c864423c2ec3aabfa9246ce6feaf7699
9d613b5082a5f9041c1302f54f14954848211e1c
32303eebf707433bef94d2630a9d835338ce6e207b12fd65330a7e898f60cdab

HTTP Headers

GET /profile_images/564397385439141888/8WnILtyS_normal.jpeg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length
age: 601722
cache-control: max-age=604800, must-revalidate
content-type: image/jpeg
date: Sun, 04 Dec 2022 14:18:15 GMT
last-modified: Sun, 08 Feb 2015 12:14:37 GMT
perf: 7626143928
server: ECS (ska/F71A)
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=28
strict-transport-security: max-age=631138519
surrogate-key: profile_images profile_images/bucket/0 profile_images/564397385439141888
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-cache: MISS
x-connection-hash: 58f9a23c451d6f1f669f3868a171bb5f1926903b0dce3890e6ac3cd163082c41
x-content-type-options: nosniff
x-response-time: 107
x-transaction-id: f2f662e84f8f776f
x-tw-cdn: VZ, VZ
content-length: 1579
X-Firefox-Spdy: h2

s.w.org/images/core/emoji/14.0.0/svg/1f40a.svg

192.0.77.48

200 OK

1.4 kB

URL HTTP/2
s.w.org/images/core/emoji/14.0.0/svg/1f40a.svg
IP
192.0.77.48:0
ASN
#2635 AUTOMATTIC

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1201), with no line terminators
Size
1.4 kB (1405 bytes)
Hash
db4a8f2e503aac10800da7133f6eb9ed
dd9e511168bd2fb83d270c8c014ba3c097257cbc
ed4f116986e019a42aaf88b6eb628b397e0a63475e5ac5f1e63bc9f0608be36f

HTTP Headers

GET /images/core/emoji/14.0.0/svg/1f40a.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:15 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2

s.w.org/images/core/emoji/14.0.0/svg/1f9f5.svg

192.0.77.48

200 OK

114 kB

URL HTTP/2
s.w.org/images/core/emoji/14.0.0/svg/1f9f5.svg
IP
192.0.77.48:0
ASN
#2635 AUTOMATTIC

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1893), with no line terminators
Size
114 kB (113901 bytes)
Hash
3e010bbd23f5daea691fb25c866be908
81ecfa3fa879edeb4fd75371333d64bac9be30e8
f817b9a3adc89ed243db4dd6c97699965baf164dbcc537b521103de265fab448

HTTP Headers

GET /images/core/emoji/14.0.0/svg/1f9f5.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:15 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2

https-bagoftricks-ml.disqus.com/count-data.js?1=29%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D29&1=321%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D321&1=333%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D333&1=338%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D338&1=341%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D341&1=344%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D344&1=347%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D347&1=352%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D352&1=357%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D357&1=364%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D364

199.232.196.134

200 OK

798 B

URL HTTP/1.1
https-bagoftricks-ml.disqus.com/count-data.js?1=29%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D29&1=321%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D321&1=333%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D333&1=338%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D338&1=341%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D341&1=344%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D344&1=347%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D347&1=352%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D352&1=357%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D357&1=364%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D364
IP
199.232.196.134:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (733)
Size
798 B (798 bytes)
Hash
2f48afc33fe3d36a0b1ea820c8558aba
49340d6acbe57fb9cf5320d2635966709ede2dd2
cd92066ef47e495f0d54b0c70a148be29137124281a104fe73b28637fe823a2d

HTTP Headers

GET /count-data.js?1=29%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D29&1=321%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D321&1=333%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D333&1=338%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D338&1=341%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D341&1=344%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D344&1=347%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D347&1=352%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D352&1=357%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D357&1=364%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D364 HTTP/1.1
Host: https-bagoftricks-ml.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 798
Server: nginx
Content-Type: application/javascript; charset=UTF-8
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=600
Date: Sun, 04 Dec 2022 14:18:15 GMT
Age: 2972
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect

https-bagoftricks-ml.disqus.com/count-data.js?1=373%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D373

199.232.196.134

200 OK

269 B

URL HTTP/1.1
https-bagoftricks-ml.disqus.com/count-data.js?1=373%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D373
IP
199.232.196.134:0
ASN
#54113 FASTLY

File type
ASCII text
Size
269 B (269 bytes)
Hash
f0c1f6d8e0bb85861340d6bf5de80add
4f646e50385487e63083b6195d19b831b1b6df08
f6d507bb9819be40af6c10bb4a86f419778d63843452b794b0e80073df4c247c

HTTP Headers

GET /count-data.js?1=373%20https%3A%2F%2Fbagoftricks.ml%2F%3Fp%3D373 HTTP/1.1
Host: https-bagoftricks-ml.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 269
Server: nginx
Content-Type: application/javascript; charset=UTF-8
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=600
Date: Sun, 04 Dec 2022 14:18:15 GMT
Age: 2972
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect

bagoftricks.ml/page/2/

144.217.252.90

200 OK

87 kB

URL HTTP/2
bagoftricks.ml/page/2/
IP
144.217.252.90:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8364)
Size
87 kB (86560 bytes)
Hash
2fac643f618576242ab6427cb1a0365f
817bf12900e8a34afffb741274f35f6192c0f2b6
b878003daca96eb2762ebe754e019c6fcbd559021abca7113ad01428546514ff

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /page/2/ HTTP/1.1
Host: bagoftricks.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:17 GMT
content-type: text/html; charset=UTF-8
x-ua-compatible: IE=edge
link: <https://bagoftricks.ml/wp-json/>; rel="https://api.w.org/"
x-powered-by: PHP/7.1.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2

bagoftricks.ml/wp-content/themes/generatepress/assets/css/mobile.min.css?ver=3.1.3

144.217.252.90

200 OK

0 B

URL HTTP/2
bagoftricks.ml/wp-content/themes/generatepress/assets/css/mobile.min.css?ver=3.1.3
IP
144.217.252.90:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/generatepress/assets/css/mobile.min.css?ver=3.1.3 HTTP/1.1
Host: bagoftricks.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:14 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 14:48:27 GMT
etag: W/"63078bbb-ec5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

bagoftricks.ml/wp-content/plugins/custom-twitter-feeds/js/ctf-scripts.min.js?ver=2.0.3

144.217.252.90

200 OK

0 B

URL HTTP/2
bagoftricks.ml/wp-content/plugins/custom-twitter-feeds/js/ctf-scripts.min.js?ver=2.0.3
IP
144.217.252.90:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/custom-twitter-feeds/js/ctf-scripts.min.js?ver=2.0.3 HTTP/1.1
Host: bagoftricks.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:14 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 14:42:58 GMT
etag: W/"63078a72-3f0c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

bagoftricks.ml/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4

144.217.252.90

200 OK

0 B

URL HTTP/2
bagoftricks.ml/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP
144.217.252.90:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: bagoftricks.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:14 GMT
content-type: application/javascript
last-modified: Thu, 20 Oct 2022 07:10:00 GMT
etag: W/"6350f448-3016"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

bagoftricks.ml/

144.217.252.90

200 OK

0 B

URL HTTP/2
bagoftricks.ml/
IP
144.217.252.90:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: bagoftricks.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:14 GMT
content-type: text/html; charset=UTF-8
x-ua-compatible: IE=edge
link: <https://bagoftricks.ml/wp-json/>; rel="https://api.w.org/"
x-powered-by: PHP/7.1.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2

bagoftricks.ml/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3

144.217.252.90

200 OK

0 B

URL HTTP/2
bagoftricks.ml/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP
144.217.252.90:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: bagoftricks.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:14 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 14:46:15 GMT
etag: W/"63078b37-15b64"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

bagoftricks.ml/wp-content/themes/generatepress/assets/js/navigation-search.min.js?ver=3.1.3

144.217.252.90

200 OK

0 B

URL HTTP/2
bagoftricks.ml/wp-content/themes/generatepress/assets/js/navigation-search.min.js?ver=3.1.3
IP
144.217.252.90:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/generatepress/assets/js/navigation-search.min.js?ver=3.1.3 HTTP/1.1
Host: bagoftricks.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:14 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 14:48:27 GMT
etag: W/"63078bbb-858"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

bagoftricks.ml/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

144.217.252.90

200 OK

0 B

URL HTTP/2
bagoftricks.ml/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
144.217.252.90:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: bagoftricks.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:14 GMT
content-type: application/javascript
last-modified: Fri, 30 Jul 2021 04:05:40 GMT
etag: W/"61037a94-15db1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

bagoftricks.ml/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

144.217.252.90

200 OK

0 B

URL HTTP/2
bagoftricks.ml/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
144.217.252.90:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: bagoftricks.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:14 GMT
content-type: application/javascript
last-modified: Wed, 09 Jun 2021 04:35:19 GMT
etag: W/"60c04507-2bd8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

bagoftricks.ml/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3

144.217.252.90

200 OK

0 B

URL HTTP/2
bagoftricks.ml/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP
144.217.252.90:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: bagoftricks.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:14 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 14:46:16 GMT
etag: W/"63078b38-48b9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

bagoftricks.ml/wp-json/wp-statistics/v2/hit?_=1670163493&_wpnonce=7f1b57f6c4&wp_statistics_hit_rest=yes&referred=https%3A%2F%2Fbagoftricks.ml&exclusion_match=no&exclusion_reason&track_all=1&current_page_type=home&current_page_id=0&search_query&page_uri=/

144.217.252.90

200 OK

0 B

URL HTTP/2
bagoftricks.ml/wp-json/wp-statistics/v2/hit?_=1670163493&_wpnonce=7f1b57f6c4&wp_statistics_hit_rest=yes&referred=https%3A%2F%2Fbagoftricks.ml&exclusion_match=no&exclusion_reason&track_all=1&current_page_type=home&current_page_id=0&search_query&page_uri=/
IP
144.217.252.90:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-json/wp-statistics/v2/hit?_=1670163493&_wpnonce=7f1b57f6c4&wp_statistics_hit_rest=yes&referred=https%3A%2F%2Fbagoftricks.ml&exclusion_match=no&exclusion_reason&track_all=1&current_page_type=home&current_page_id=0&search_query&page_uri=/ HTTP/1.1
Host: bagoftricks.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:16 GMT
content-type: application/json; charset=UTF-8
x-robots-tag: noindex
link: <https://bagoftricks.ml/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-wp-nonce: 7f1b57f6c4
cache-control: no-cache
allow: GET
vary: Origin
x-powered-by: PHP/7.1.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2

bagoftricks.ml/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4

144.217.252.90

200 OK

0 B

URL HTTP/2
bagoftricks.ml/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP
144.217.252.90:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: bagoftricks.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:14 GMT
content-type: text/css
last-modified: Thu, 20 Oct 2022 07:10:00 GMT
etag: W/"6350f448-aab"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

bagoftricks.ml/wp-content/plugins/custom-twitter-feeds/css/ctf-styles.min.css?ver=2.0.3

144.217.252.90

200 OK

0 B

URL HTTP/2
bagoftricks.ml/wp-content/plugins/custom-twitter-feeds/css/ctf-styles.min.css?ver=2.0.3
IP
144.217.252.90:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/custom-twitter-feeds/css/ctf-styles.min.css?ver=2.0.3 HTTP/1.1
Host: bagoftricks.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:14 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 14:42:58 GMT
etag: W/"63078a72-4325"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

bagoftricks.ml/wp-content/themes/generatepress/assets/css/style.min.css?ver=3.1.3

144.217.252.90

200 OK

0 B

URL HTTP/2
bagoftricks.ml/wp-content/themes/generatepress/assets/css/style.min.css?ver=3.1.3
IP
144.217.252.90:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/generatepress/assets/css/style.min.css?ver=3.1.3 HTTP/1.1
Host: bagoftricks.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:14 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 14:48:27 GMT
etag: W/"63078bbb-55ce"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

bagoftricks.ml/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4

144.217.252.90

200 OK

0 B

URL HTTP/2
bagoftricks.ml/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP
144.217.252.90:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: bagoftricks.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:14 GMT
content-type: application/javascript
last-modified: Thu, 20 Oct 2022 07:10:00 GMT
etag: W/"6350f448-26d1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

bagoftricks.ml/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22

144.217.252.90

200 OK

0 B

URL HTTP/2
bagoftricks.ml/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
IP
144.217.252.90:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22 HTTP/1.1
Host: bagoftricks.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:14 GMT
content-type: application/javascript
x-accel-version: 0.01
last-modified: Wed, 09 Jun 2021 04:35:47 GMT
etag: W/"379-5c44dcef750bd"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

bagoftricks.ml/wp-content/themes/generatepress/assets/css/unsemantic-grid.min.css?ver=3.1.3

144.217.252.90

200 OK

0 B

URL HTTP/2
bagoftricks.ml/wp-content/themes/generatepress/assets/css/unsemantic-grid.min.css?ver=3.1.3
IP
144.217.252.90:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/generatepress/assets/css/unsemantic-grid.min.css?ver=3.1.3 HTTP/1.1
Host: bagoftricks.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:14 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 14:48:27 GMT
etag: W/"63078bbb-3107"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

bagoftricks.ml/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.1.3

144.217.252.90

200 OK

0 B

URL HTTP/2
bagoftricks.ml/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.1.3
IP
144.217.252.90:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.1.3 HTTP/1.1
Host: bagoftricks.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:14 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 14:48:27 GMT
etag: W/"63078bbb-1b1c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

bagoftricks.ml/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.1.3

144.217.252.90

200 OK

0 B

URL HTTP/2
bagoftricks.ml/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.1.3
IP
144.217.252.90:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.1.3 HTTP/1.1
Host: bagoftricks.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bagoftricks.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:18:14 GMT
content-type: application/javascript
x-accel-version: 0.01
last-modified: Thu, 25 Aug 2022 14:48:27 GMT
etag: W/"2fb-5e711e3e79a03"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP