Report - kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php

Report Overview

Submitted URL
kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php
IP
68.66.226.69
ASN
#55293 A2HOSTING
Submitted
2022-11-28 01:59:56
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
26

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
kaylajohnsonfitness.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	10 kB	532 kB	68.66.226.69
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	142.250.74.35
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	72 kB	216.58.207.195
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.5 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.214.236.46
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	66 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-28	medium	kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php	Phishing
2022-11-28	medium	kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php	Phishing
2022-11-28	medium	kaylajohnsonfitness.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.11	Phishing
2022-11-28	medium	kaylajohnsonfitness.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3	Phishing
2022-11-28	medium	kaylajohnsonfitness.com/wp-content/themes/Avada-Child-Theme/style.css?ver=5.5.11	Phishing
2022-11-28	medium	kaylajohnsonfitness.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp	Phishing
2022-11-28	medium	kaylajohnsonfitness.com/wp-content/themes/Avada/assets/css/style.min.css?ver=5.6	Phishing
2022-11-28	medium	kaylajohnsonfitness.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8	Phishing
2022-11-28	medium	kaylajohnsonfitness.com/wp-includes/js/wp-embed.min.js?ver=5.5.11	Phishing
2022-11-28	medium	kaylajohnsonfitness.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8	Phishing
2022-11-28	medium	kaylajohnsonfitness.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff	Phishing
2022-11-28	medium	kaylajohnsonfitness.com/wp-content/uploads/fusion-scripts/fd432c0cdae6cd36a438cf76dade2cbd.min.js?timestamp=1653441114	Phishing
2022-11-28	medium	kaylajohnsonfitness.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php	351 B	2023-03-07	2023-03-11
Pretty URL kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php IP 68.66.226.69 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:33:05 Last Seen2023-03-11 21:39:50 Times Seen1 Hash c3dc02a19a9d83bdfa9b7abb23583ccf 4fba38d9ae393f75fe73dc0ee28061b48ed0e28c 0d0bbc6fc0aa96ef406362b30031f9b5de0eb83dec8dadce104af589ad8ef580 Loading...

	kaylajohnsonfitness.com/wp-content/uploads/fusion-scripts/fd432c0cdae6cd36a438cf76dade2cbd.min.js?timestamp=1653441114	787 kB	2023-03-07	2023-03-11
Pretty URL kaylajohnsonfitness.com/wp-content/uploads/fusion-scripts/fd432c0cdae6cd36a438cf76dade2cbd.min.js?timestamp=1653441114 IP 68.66.226.69 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:33:05 Last Seen2023-03-11 21:39:50 Times Seen1 Hash d3774eb9f4d50298374d0e94acda6f37 4688b40cf9924738bbf74d8ab32faa76413ac823 6dfcc078e7b04150b75dada4deb80ea375d99b1a5bcbac45cb19c0cc759834c3 Loading...

	kaylajohnsonfitness.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.11	14 kB	2023-03-07	2024-04-15
Pretty URL kaylajohnsonfitness.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.11 IP 68.66.226.69 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:38 Last Seen2024-04-15 07:08:20 Times Seen3525 Hash 878184c5d285d4d52d926d36ef19b718 dd260ffe0f8e3f38f58efd23cac8a1e5c788dad9 07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847 Loading...

	kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php	99 B	2023-03-07	2024-04-18
Pretty URL kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php IP 68.66.226.69 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:50 Last Seen2024-04-18 08:26:31 Times Seen531 Hash a79331dcd33cb880dfb3d18907f9b049 408846d567520a7f2550bbd35464097ab98b44c4 fa221176cd9e28d5302e97a39246e177cac7bc2e1b66dc14ee71d5686708c6c7 Loading...

	kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php	77 B	2023-03-07	2023-03-11
Pretty URL kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php IP 68.66.226.69 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:33:05 Last Seen2023-03-11 21:39:50 Times Seen1 Hash 563619b4364683394a647eb14ba0bf4f 29e7d7003c4aac2d6fcb44b4a38668fc04761302 31b039cb122cde502fd427af2be99388393d444cad1ee773cf5f61d637344b40 Loading...

	kaylajohnsonfitness.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3	14 kB	2023-03-07	2024-04-12
Pretty URL kaylajohnsonfitness.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3 IP 68.66.226.69 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:58 Last Seen2024-04-12 23:52:15 Times Seen2165 Hash f89263c0c2f24398a1df52eead69f5f8 850e9cfb1680eb1df4365889724e69f38df7bb9e 125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c Loading...

	kaylajohnsonfitness.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8	111 kB	2023-03-07	2024-04-16
Pretty URL kaylajohnsonfitness.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8 IP 68.66.226.69 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:47 Last Seen2024-04-16 13:19:43 Times Seen4629 Hash 67a9644e880e7a471d49c73bb7621932 2ac89b145da02402ce1877c580850e08076c5109 a1dff8b0c66227748951c4ff891f146f49c5a382ac8e3d6e3c2e9cf8aa560dc8 Loading...

	kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php	1.1 kB	2023-03-07	2024-04-16
Pretty URL kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php IP 68.66.226.69 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-16 13:19:40 Times Seen3307 Hash b36955bf11fd2b943745960d036901e5 d9b5403fee4ae8ec7ad7a3cc6ed747bb62aacf6e 5f82f0ebcd0edef1c37dcba00935d90b65c18d2b0834fce752efe5960e532de3 Loading...

	kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php	163 B	2023-03-07	2023-03-11
Pretty URL kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php IP 68.66.226.69 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:33:05 Last Seen2023-03-11 21:39:50 Times Seen1 Hash bf2739209841f79c5bd91df4f5e00578 efffccfc7804338001623779cf050307c6a54e4b 112e2820512ddcee7ad008cb07e9c7a7cd0d2ffc19155f50aaeb6a6244bd0d24 Loading...

	kaylajohnsonfitness.com/wp-includes/js/wp-embed.min.js?ver=5.5.11	1.4 kB	2023-03-07	2024-04-18
Pretty URL kaylajohnsonfitness.com/wp-includes/js/wp-embed.min.js?ver=5.5.11 IP 68.66.226.69 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-04-18 00:30:32 Times Seen6855 Hash 905225d5711b559d3092387d5ffbedbd 6f6c39075263bafb9e8c10f1b34a1a0f7ee03c9d 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991 Loading...

	kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php	2.1 kB	2023-03-11	2023-03-11
Pretty URL kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php IP 68.66.226.69 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:39:50 Last Seen2023-03-11 21:39:50 Times Seen1 Hash 6f2d9aa53478c24d2ebeff9056d51ea6 17b64d4a4da9a97999c3d39871b50e51022bd098 9b5f13984b426aab43cdbb263719a51556d69db04547eb3bef1823da3be6f19c Loading...

	kaylajohnsonfitness.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp	97 kB	2023-03-07	2024-04-18
Pretty URL kaylajohnsonfitness.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp IP 68.66.226.69 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:38 Last Seen2024-04-18 02:51:38 Times Seen17702 Hash 49edccea2e7ba985cadc9ba0531cbed1 f8747f8ee704d9af31d0950015e01d3f9635b070 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df Loading...

	kaylajohnsonfitness.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8	65 kB	2023-03-07	2024-04-16
Pretty URL kaylajohnsonfitness.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8 IP 68.66.226.69 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-16 13:19:43 Times Seen3718 Hash e1223af8dbcd0552f6f6dc540431451e c01d6134f72ae04cb327a86918f3e88a63684e90 27ead7f47a3fb4d1e7cbef0c68e28bde7ea18923cf41d8ca82ba13584eebc710 Loading...

HTTP Transactions (44)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3107
Expires: Mon, 28 Nov 2022 02:51:31 GMT
Date: Mon, 28 Nov 2022 01:59:44 GMT
Connection: keep-alive

kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php

68.66.226.69

301 Moved Permanently

296 B

URL HTTP/1.1
kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php
IP
68.66.226.69:0
ASN
#55293 A2HOSTING

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
296 B (296 bytes)
Hash
8d63c161ae85e667e7598b35c5b1701b
0dbeb3eea3c358181222defdeb68878e9f58c5c6
1f472e4d57b8e89cfd8b000f3314334be41cbfdbfa46c1c1b6164865609bac20

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php HTTP/1.1
Host: kaylajohnsonfitness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 28 Nov 2022 01:59:43 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Location: https://kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php
Content-Length: 296
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5020
Cache-Control: max-age=122109
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:59:44 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 11:54:53 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16649
Expires: Mon, 28 Nov 2022 06:37:13 GMT
Date: Mon, 28 Nov 2022 01:59:44 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 01:17:45 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2519
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: XxfEnlTCBEMnunBkmD7wE0m1kwe31c1QPmUwvZ027uthVqWvp9X9NNllSgtoh2tVfJXZLRgz/5A=
x-amz-request-id: HHXMATQPJZF7GMME
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 01:41:52 GMT
age: 1072
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 01:59:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 01:08:54 GMT
cache-control: public,max-age=3600
age: 3051
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6273
Cache-Control: max-age=118300
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:59:45 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:51:25 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php

68.66.226.69

404 Not Found

5.3 kB

URL HTTP/1.1
kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php
IP
68.66.226.69:0
ASN
#55293 A2HOSTING

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1978), with CRLF, LF line terminators
Size
5.3 kB (5259 bytes)
Hash
14449e002a87574f6839c4ee6340fa9b
af2be78abe11cae53c50042cd469f920ba69116a
8fcd72e1c8c1d8a8400b1109da620e5f9a433f11b1022c86fcb6c5204a5425e4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php HTTP/1.1
Host: kaylajohnsonfitness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 404 Not Found
Date: Mon, 28 Nov 2022 01:59:44 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://kaylajohnsonfitness.com/wp-json/>; rel="https://api.w.org/"
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5259
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

kaylajohnsonfitness.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.5.4

68.66.226.69

200 OK

2.9 kB

URL HTTP/1.1
kaylajohnsonfitness.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.5.4
IP
68.66.226.69:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (16845), with no line terminators
Size
2.9 kB (2850 bytes)
Hash
293dc3ab37a779f674430b24add48dda
428c398ef138ecd2c60a3d6cf942bd92559ffdcc
010ebcc43818880d0af83955c60589adaa657ed5ff5defa817176c05eec4cd6e

HTTP Headers

GET /wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.5.4 HTTP/1.1
Host: kaylajohnsonfitness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 01:59:44 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 10 Nov 2020 19:36:39 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 2850
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Content-Type: text/css

push.services.mozilla.com/

34.214.236.46

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.214.236.46:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OWyjcU9YEq6T3IkPpJ+Y4w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LXxfRcJWe31Jh5dOeLYmR6H12Zw=

kaylajohnsonfitness.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8

68.66.226.69

200 OK

9.5 kB

URL HTTP/1.1
kaylajohnsonfitness.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8
IP
68.66.226.69:0
ASN
#55293 A2HOSTING

File type
Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Size
9.5 kB (9545 bytes)
Hash
d263d5eaa7c883c3657af7dbb878b8a1
3d7423e15e86031092227572a6bfea1d1400ce9e
adf2c10039a96f761770b8744b46b019d0e80b2c1ee5d2eb077bae0e19a23a43

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8 HTTP/1.1
Host: kaylajohnsonfitness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 01:59:45 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Mon, 09 Mar 2020 21:02:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 9545
Keep-Alive: timeout=3, max=498
Connection: Keep-Alive
Content-Type: text/css

kaylajohnsonfitness.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.11

68.66.226.69

200 OK

7.9 kB

URL HTTP/1.1
kaylajohnsonfitness.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.11
IP
68.66.226.69:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (27100)
Size
7.9 kB (7907 bytes)
Hash
cc421ea7bd44a8d71de0cce7456713f8
6644acaa564e4ce2e231c4606f09bbca92374d29
e55c9ab4d75acebeafb3e1e517667ef6a4aa237f217cd6929d9091166526a18e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=5.5.11 HTTP/1.1
Host: kaylajohnsonfitness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 01:59:45 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 10 Nov 2020 19:40:09 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 7907
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: text/css

kaylajohnsonfitness.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3

68.66.226.69

200 OK

730 B

URL HTTP/1.1
kaylajohnsonfitness.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3
IP
68.66.226.69:0
ASN
#55293 A2HOSTING

File type
ASCII text
Size
730 B (730 bytes)
Hash
b1529b0b8aa7b641b7874d8d7a03bcff
cb2f76b12e7c00b74e1cda43aeeceaebb1e1d3dd
bcb87fe953090203ad964b5bed39566b9cc4c410fb7c6d831f84128d8f376af2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3 HTTP/1.1
Host: kaylajohnsonfitness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 01:59:45 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 10 Nov 2020 19:36:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 730
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: text/css

kaylajohnsonfitness.com/wp-content/themes/Avada-Child-Theme/style.css?ver=5.5.11

68.66.226.69

200 OK

150 B

URL HTTP/1.1
kaylajohnsonfitness.com/wp-content/themes/Avada-Child-Theme/style.css?ver=5.5.11
IP
68.66.226.69:0
ASN
#55293 A2HOSTING

File type
ASCII text, with CRLF line terminators
Size
150 B (150 bytes)
Hash
d197906f156266614037d0023ee7c630
e5d2c5d85a71cfc34b9e718074fd0a61ea4326d1
8d3d521ab904d6fd3272c19b4cc8024a6a331c558aaf399080a15cf2be172d9e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/Avada-Child-Theme/style.css?ver=5.5.11 HTTP/1.1
Host: kaylajohnsonfitness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 01:59:45 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Mon, 09 Mar 2020 21:02:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 150
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: text/css

kaylajohnsonfitness.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

68.66.226.69

200 OK

34 kB

URL HTTP/1.1
kaylajohnsonfitness.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP
68.66.226.69:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (31997)
Size
34 kB (33776 bytes)
Hash
acf54950dfb2d6981e941d733b377591
340de686aecd9e6246a32c71e7de63ed69229ceb
d97f66caea5260bc71609f0da43ac0d937ecc09253910e5dda4c9fe4dbde20fc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: kaylajohnsonfitness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 01:59:45 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 17 May 2019 13:55:54 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 33776
Keep-Alive: timeout=3, max=497
Connection: Keep-Alive
Content-Type: application/javascript

kaylajohnsonfitness.com/wp-content/themes/Avada/assets/css/style.min.css?ver=5.6

68.66.226.69

200 OK

32 kB

URL HTTP/1.1
kaylajohnsonfitness.com/wp-content/themes/Avada/assets/css/style.min.css?ver=5.6
IP
68.66.226.69:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (65536), with no line terminators
Size
32 kB (31938 bytes)
Hash
62a4034c6c1cd9d368c45859c3aa3892
8d67d08ba69fdceabbeee98988819e89305634af
0f048a259054b2174e8c9c28e81e8ab44b7bc60c966afd0b7a30e1051c047bad

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/Avada/assets/css/style.min.css?ver=5.6 HTTP/1.1
Host: kaylajohnsonfitness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 01:59:45 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Mon, 09 Mar 2020 21:02:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 31938
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: text/css

kaylajohnsonfitness.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.11

68.66.226.69

200 OK

4.7 kB

URL HTTP/1.1
kaylajohnsonfitness.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.11
IP
68.66.226.69:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (11272)
Size
4.7 kB (4662 bytes)
Hash
80712bcce465dea429e6ff1e5c35bbc1
daff29755ee729dbeb0d30c93570f1fc9b673972
f444c094422ff2d56c4f52a022881e68e1f07d567e0fb3969f80259452995f8f

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=5.5.11 HTTP/1.1
Host: kaylajohnsonfitness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 01:59:45 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 15 Apr 2021 12:00:09 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 4662
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Content-Type: application/javascript

kaylajohnsonfitness.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8

68.66.226.69

200 OK

18 kB

URL HTTP/1.1
kaylajohnsonfitness.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8
IP
68.66.226.69:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (64614), with CRLF line terminators
Size
18 kB (18090 bytes)
Hash
b300af7280cf82d31e7f0b75c128598c
66b506bb8254f08ffe57c2b1e42722b73464670f
feffecee338ad546654ada73f52882c96356f6882a3e59cb540878415d77db1d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8 HTTP/1.1
Host: kaylajohnsonfitness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 01:59:45 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Mon, 09 Mar 2020 21:02:36 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 18090
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Content-Type: application/javascript

kaylajohnsonfitness.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3

68.66.226.69

200 OK

4.0 kB

URL HTTP/1.1
kaylajohnsonfitness.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3
IP
68.66.226.69:0
ASN
#55293 A2HOSTING

File type
ASCII text
Size
4.0 kB (3951 bytes)
Hash
9c3f35d25fc1f08e91d811f18b705309
4ff1be4c211d2e4ad3fa4b83abe9a71405d4e4df
af1ce72f37d8d8f7d80d7f3d81a05a1f0d441967b371237050e7ee38b30438a0

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3 HTTP/1.1
Host: kaylajohnsonfitness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 01:59:45 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 10 Nov 2020 19:36:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 3951
Keep-Alive: timeout=3, max=496
Connection: Keep-Alive
Content-Type: application/javascript

kaylajohnsonfitness.com/wp-includes/js/wp-embed.min.js?ver=5.5.11

68.66.226.69

200 OK

765 B

URL HTTP/1.1
kaylajohnsonfitness.com/wp-includes/js/wp-embed.min.js?ver=5.5.11
IP
68.66.226.69:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (1391)
Size
765 B (765 bytes)
Hash
fe875afb236ee8f0d50040fe58d848d4
e6b1b67093b429c95d5b9db07a7eba39e02cf0e5
328a6a072b91134f2802ae25e070f38ff156ceee2c6ec6a6253ae4b27af73b49

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-embed.min.js?ver=5.5.11 HTTP/1.1
Host: kaylajohnsonfitness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 01:59:45 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 15 Apr 2021 12:00:17 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 765
Keep-Alive: timeout=3, max=498
Connection: Keep-Alive
Content-Type: application/javascript

kaylajohnsonfitness.com/wp-content/uploads/fusion-styles/097f8c8b077d32a7bd996829f3c05ddc.min.css?timestamp=1669128587&ver=5.5.11

68.66.226.69

200 OK

75 kB

URL HTTP/1.1
kaylajohnsonfitness.com/wp-content/uploads/fusion-styles/097f8c8b077d32a7bd996829f3c05ddc.min.css?timestamp=1669128587&ver=5.5.11
IP
68.66.226.69:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (65536), with no line terminators
Size
75 kB (74914 bytes)
Hash
d30cfe4f42b61a146a7af29feb4d1034
26262bf2a53fd5d9e03acb17d3165cde7b15222b
967c7911c6d31dc9aab73dd3e40da1cec1267e75cfe9f3ae53c89ccc229c8ea5

HTTP Headers

GET /wp-content/uploads/fusion-styles/097f8c8b077d32a7bd996829f3c05ddc.min.css?timestamp=1669128587&ver=5.5.11 HTTP/1.1
Host: kaylajohnsonfitness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 01:59:45 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Nov 2022 14:49:47 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css

kaylajohnsonfitness.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8

68.66.226.69

200 OK

38 kB

URL HTTP/1.1
kaylajohnsonfitness.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8
IP
68.66.226.69:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (27287), with CRLF line terminators
Size
38 kB (38337 bytes)
Hash
33ad97fbd5f6d0ad97af5461cc857da3
a975057df83659e526059661a2dae1a5a4d23fe2
ba0476734001e6e0808e7882a24852cf298dacac37b2beaf2c17718d2032afb2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8 HTTP/1.1
Host: kaylajohnsonfitness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 01:59:45 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Mon, 09 Mar 2020 21:02:36 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 38337
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:59:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:59:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:59:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCIPrQ.ttf

216.58.207.195

200 OK

27 kB

URL HTTP/2
fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCIPrQ.ttf
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
TrueType Font data, 18 tables, 1st "GDEF", 14 names, Microsoft, language 0x409, Copyright 2010 The Raleway Project Authors (impallari@gmail.com), with Reserved Font Name "Ralew\012- data
Size
27 kB (27067 bytes)
Hash
5b2992116c442b6b4c53dae9c3da5609
625018d3656c3d7dc32c84426d57cb112c8898d0
4fe88e1fcb4e0225e6417e7fe3257c4cc6ba980ba1cdefdda3637ce9b5991616

HTTP Headers

GET /s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCIPrQ.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kaylajohnsonfitness.com
Connection: keep-alive
Referer: https://kaylajohnsonfitness.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27067
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 15:04:44 GMT
expires: Sun, 26 Nov 2023 15:04:44 GMT
cache-control: public, max-age=31536000
age: 125702
last-modified: Mon, 18 Jul 2022 19:57:59 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf

216.58.207.195

200 OK

21 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
TrueType Font data, 18 tables, 1st "GDEF", 14 names, Microsoft, language 0x409, Copyright 2020 The Open Sans Project Authors (https://github.com/googlefonts/opensans)Open SansR\012- data
Size
21 kB (21006 bytes)
Hash
63f124cc58fb3f1e5e04b2961edc0f7b
a7e225ab157af0246fbc151ffe513c0b555032c5
484be1fa4b0ddf5a535046b293963ce7cfe6f2659f50309d7bdb6399a732637d

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kaylajohnsonfitness.com
Connection: keep-alive
Referer: https://kaylajohnsonfitness.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21006
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 16:11:21 GMT
expires: Wed, 22 Nov 2023 16:11:21 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/ttf
age: 467305
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVc.ttf

216.58.207.195

200 OK

20 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVc.ttf
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
TrueType Font data, 18 tables, 1st "GDEF", 14 names, Microsoft, language 0x409, Copyright 2020 The Open Sans Project Authors (https://github.com/googlefonts/opensans)Open SansB\012- data
Size
20 kB (20549 bytes)
Hash
b73eebdd9c5c427b82775306f97ecdb2
bebd6da6ebbdb6c088dfaec52511abff8c83bf45
e2dbfef8e74289b61601e005da08f20676252fcbeea948d9f1e28a7744078ce1

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVc.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kaylajohnsonfitness.com
Connection: keep-alive
Referer: https://kaylajohnsonfitness.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20549
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 16:11:26 GMT
expires: Wed, 22 Nov 2023 16:11:26 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:14:45 GMT
content-type: font/ttf
age: 467300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:59:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

kaylajohnsonfitness.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff

68.66.226.69

200 OK

18 kB

URL HTTP/1.1
kaylajohnsonfitness.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff
IP
68.66.226.69:0
ASN
#55293 A2HOSTING

File type
Web Open Font Format, TrueType, length 17800, version 1.0\012- data
Size
18 kB (17800 bytes)
Hash
e6c468dc88bb6d2019faaf80ee06d8f1
99abc9c33e40e4d3e7cce283b7690e7f57d9fb5d
6af107cfcc3720e22e6821a417995ae8ff5b3b745f23d2239cbf639516e11e20

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff HTTP/1.1
Host: kaylajohnsonfitness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://kaylajohnsonfitness.com/wp-content/uploads/fusion-styles/097f8c8b077d32a7bd996829f3c05ddc.min.css?timestamp=1669128587&ver=5.5.11
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 01:59:45 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Mon, 09 Mar 2020 21:02:45 GMT
Accept-Ranges: bytes
Content-Length: 17800
Keep-Alive: timeout=3, max=498
Connection: Keep-Alive
Content-Type: font/woff

kaylajohnsonfitness.com/wp-content/uploads/fusion-scripts/fd432c0cdae6cd36a438cf76dade2cbd.min.js?timestamp=1653441114

68.66.226.69

200 OK

207 kB

URL HTTP/1.1
kaylajohnsonfitness.com/wp-content/uploads/fusion-scripts/fd432c0cdae6cd36a438cf76dade2cbd.min.js?timestamp=1653441114
IP
68.66.226.69:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (30557)
Size
207 kB (207228 bytes)
Hash
bd25a8aab7ec334e8b2ad49c20458383
c2ca932d7eee4481f701e5fcf214090e29ad733e
41533cf59a9c87b62f7ee5ae39bdff47c6e16511bc6f406c860610c47479d913

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/fusion-scripts/fd432c0cdae6cd36a438cf76dade2cbd.min.js?timestamp=1653441114 HTTP/1.1
Host: kaylajohnsonfitness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 01:59:45 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 May 2022 01:11:54 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

kaylajohnsonfitness.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2

68.66.226.69

200 OK

50 kB

URL HTTP/1.1
kaylajohnsonfitness.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
IP
68.66.226.69:0
ASN
#55293 A2HOSTING

File type
Web Open Font Format (Version 2), TrueType, length 50372, version 1.0\012- data
Size
50 kB (50372 bytes)
Hash
8a8c0474283e0d9ef41743e5e486bf05
1ba4dd60af529d1a72d0e57467c3bc0bbb728a4d
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: kaylajohnsonfitness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://kaylajohnsonfitness.com/wp-content/uploads/fusion-styles/097f8c8b077d32a7bd996829f3c05ddc.min.css?timestamp=1669128587&ver=5.5.11
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 01:59:45 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Mon, 09 Mar 2020 21:02:45 GMT
Accept-Ranges: bytes
Content-Length: 50372
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Content-Type: font/woff2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5530
Expires: Mon, 28 Nov 2022 03:31:56 GMT
Date: Mon, 28 Nov 2022 01:59:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5530
Expires: Mon, 28 Nov 2022 03:31:56 GMT
Date: Mon, 28 Nov 2022 01:59:46 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56dccc9-321b-431e-8a92-49471e788b4b.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56dccc9-321b-431e-8a92-49471e788b4b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11165 bytes)
Hash
a8935783026c10470f60033d3a860f7b
65941dd34eb1063a3f7fe2b6790a11a484a06b9a
e88c706458faf5b5512212692392c7c1a0d8e60af62962267166f5cb60ee9c89

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56dccc9-321b-431e-8a92-49471e788b4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11165
x-amzn-requestid: 9e35d865-adea-4d2a-b20f-beb014cdd42f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_JE2VIAMFYgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-7cf4db38152cdfa1448cba3d;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: SFO5-C3, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lu-Pi2xJUPfkpTK0vCDauedxSM1ZrNzEKka2-4m6l7pDkt04gUgpnA==
via: 1.1 dec8fa38a453902521b941c7cd70d33c.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:56:40 GMT
etag: "65941dd34eb1063a3f7fe2b6790a11a484a06b9a"
content-type: image/jpeg
age: 14586
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f14adca-9ca8-4ff4-8a3e-4620f8c1e8f8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8568 bytes)
Hash
13f4c2b3410532b6c756990f1759da46
16096289cd354fada56dbb3f2d75d406ae8ab62f
9894d998a884f2b5637bd12b0cd3df556835ea7a3134eb0f516fc03e3d31c26c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f14adca-9ca8-4ff4-8a3e-4620f8c1e8f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8568
x-amzn-requestid: da2726a2-20ad-4201-b4e9-3de9be88a485
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7-BHcUIAMFieA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9f3-370921803a9de7e627682c94;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MqWCYm26OnmydU-vE7YdPyUvmcS2Q9uqWJnG_0wOMymdkGJjI7tR6Q==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:19:39 GMT
age: 13207
etag: "16096289cd354fada56dbb3f2d75d406ae8ab62f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9430 bytes)
Hash
1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:16 GMT
age: 14310
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8885 bytes)
Hash
3a1a4e00f1f15827cf651f373863c379
70c2a238f06ca7e56ef80c83738e081bf0de3330
3d936e1f0c96297f121faece12d6f8173e12eed5087165cd4eefc0fab368419f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 7bac5d73-8d3e-4118-8e22-4887e5bcff1e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGCxIG4iIAMFiuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f1807-79abc1566b56f55a77e99fba;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:06:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: wjCHWlSR8xahgPhTM-aq6UY_isn1Rzk14sAEPjacga8FXJ-Kcnn_rg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 08:10:48 GMT
age: 64138
etag: "70c2a238f06ca7e56ef80c83738e081bf0de3330"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15639 bytes)
Hash
0a4e0bb1e2748bdce6bbf685a910f0fc
5b97bfd787afcb912cdbef0f137f78a059082992
a7bc9adeb22cb57675e907bd961a6f554e6b7a46414ed782bcc9b53d68b1c328

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15639
x-amzn-requestid: 98e846b4-287f-4698-9529-25bcc2727a4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78dGReoAMFiDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e9-62c41b2717bd8e6f3b3797da;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fxNulyOR88nEcjtrXm1dECsulI-MsAxm2Zl0Y83uMz23lGh18d-ZBA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:56:55 GMT
age: 14571
etag: "5b97bfd787afcb912cdbef0f137f78a059082992"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5989 bytes)
Hash
fa848cb85e85df184b078fe7aa95ae52
21aa6418f3a0d2b64925b66d5fb9079b7e84a11c
37d299c166e3350dee6dee647e98a86f8bd916d186bae12c42764ed0a3177085

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5989
x-amzn-requestid: db10fcc5-80ab-4650-af49-d5afe36706f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78LHQqIAMF9_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e7-4cbd19e3227894844807742c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: P0Nx-FcvcV-f5cRPwZr5sEMb8pH3AoYFr185q_D0X2bE7z40nDn91w==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:04 GMT
age: 14922
etag: "21aa6418f3a0d2b64925b66d5fb9079b7e84a11c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

kaylajohnsonfitness.com/wp-content/uploads/2020/02/cropped-fav-192x192.png

68.66.226.69

200 OK

13 kB

URL HTTP/1.1
kaylajohnsonfitness.com/wp-content/uploads/2020/02/cropped-fav-192x192.png
IP
68.66.226.69:0
ASN
#55293 A2HOSTING

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (12932 bytes)
Hash
08a817b3e98ee8e9bb0dac6f5ce2f538
f514d379b19ee9a0636fbf9d2fac40500af0cd61
9250e664f8fa46a6bc5b09c4a28b702ff76d9234037dd20911cb6d26506613b7

HTTP Headers

GET /wp-content/uploads/2020/02/cropped-fav-192x192.png HTTP/1.1
Host: kaylajohnsonfitness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 01:59:46 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Mon, 09 Mar 2020 21:03:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 12932
Keep-Alive: timeout=3, max=498
Connection: Keep-Alive
Content-Type: image/png

kaylajohnsonfitness.com/wp-content/uploads/2020/02/cropped-fav-32x32.png

68.66.226.69

200 OK

988 B

URL HTTP/1.1
kaylajohnsonfitness.com/wp-content/uploads/2020/02/cropped-fav-32x32.png
IP
68.66.226.69:0
ASN
#55293 A2HOSTING

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
988 B (988 bytes)
Hash
14cc6210c490d7a8b0f59dc4195f61a8
ab50ab2e31a1fa3f6f0f51fc718df39a48e5b5d7
cd45b8fe96ea83aadd739f51b278cb6315de22f2daa0b8849711a1912b5c58bb

HTTP Headers

GET /wp-content/uploads/2020/02/cropped-fav-32x32.png HTTP/1.1
Host: kaylajohnsonfitness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaylajohnsonfitness.com/QP/ZS/841aef740fb3746879cca87a546aaad0/enterpassword.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 01:59:46 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Mon, 09 Mar 2020 21:03:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 988
Keep-Alive: timeout=3, max=498
Connection: Keep-Alive
Content-Type: image/png

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations