Report - www.lostmarydanmark.com/tabte-mary-mt15000-c-1

Report Overview

Submitted URL
www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
IP
196.240.57.173
ASN
#48950 Global Colocation Limited
Submitted
2024-05-04 21:32:44
Access
public
Website Title
tabte mary mt15000 : LOST MARY DK | LOST MARY 600, LOST MARY qm600 vape og LOST MARY qm600 passer til dit behov.
Final URL
www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
38

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.lostmarydanmark.com	unknown	unknown	No data	No data	11 kB	2.1 MB	196.240.57.173
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-04	8.7 kB	244 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-04	2.1 kB	35 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	lostmarydanmark.com	Sinkholed
2024-05-04	medium	lostmarydanmark.com	Sinkholed
2024-05-04	medium	lostmarydanmark.com	Sinkholed
2024-05-04	medium	lostmarydanmark.com	Sinkholed
2024-05-04	medium	lostmarydanmark.com	Sinkholed
2024-05-04	medium	lostmarydanmark.com	Sinkholed
2024-05-04	medium	lostmarydanmark.com	Sinkholed
2024-05-04	medium	lostmarydanmark.com	Sinkholed
2024-05-04	medium	lostmarydanmark.com	Sinkholed
2024-05-04	medium	lostmarydanmark.com	Sinkholed
2024-05-04	medium	lostmarydanmark.com	Sinkholed
2024-05-04	medium	lostmarydanmark.com	Sinkholed
2024-05-04	medium	lostmarydanmark.com	Sinkholed
2024-05-04	medium	lostmarydanmark.com	Sinkholed
2024-05-04	medium	lostmarydanmark.com	Sinkholed
2024-05-04	medium	lostmarydanmark.com	Sinkholed
2024-05-04	medium	lostmarydanmark.com	Sinkholed
2024-05-04	medium	lostmarydanmark.com	Sinkholed
2024-05-04	medium	lostmarydanmark.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	www.lostmarydanmark.com/includes/templates/lostmarydanmark/jscript/jquery.min.js	90 kB	2023-03-07	2024-05-18
Pretty URL www.lostmarydanmark.com/includes/templates/lostmarydanmark/jscript/jquery.min.js IP 196.240.57.173 ASN #48950 Global Colocation Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-18 11:12:17 Times Seen274854 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	www.lostmarydanmark.com/includes/templates/lostmarydanmark/jscript/jscript_zmain.js	54 kB	2024-05-04	2024-05-04
Pretty URL www.lostmarydanmark.com/includes/templates/lostmarydanmark/jscript/jscript_zmain.js IP 196.240.57.173 ASN #48950 Global Colocation Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 23:32:50 Last Seen2024-05-04 23:32:51 Times Seen2 Hash 69c37b7aac8ed6ae3e23a11a13ed5077 7bb16164f8c323d90988569d7fd170a94f3b1acb 0d4669815743183426288ccd0a65db582b609ab45d1323eadf403edda247b815 Loading...

	unknown	37 B	2023-05-10	2024-05-16
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-05-10 05:59:15 Last Seen2024-05-16 17:46:18 Times Seen164 Hash 2ae35f23e69e0ebd06359dfbe0c5ce31 956b0ffc3c2eb6d3eeb8186f1d28a53d75d70506 8aade99f8e2e9831797b6836d32508679ccc13b2f63af0ca0015137690516e73 Loading...

	www.lostmarydanmark.com/includes/templates/lostmarydanmark/jscript/jscript_extend.js	641 B	2023-07-04	2024-05-16
Pretty URL www.lostmarydanmark.com/includes/templates/lostmarydanmark/jscript/jscript_extend.js IP 196.240.57.173 ASN #48950 Global Colocation Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-04 01:52:25 Last Seen2024-05-16 11:24:27 Times Seen98 Hash 3bb18f39e30a3049535f9b3fc6fdf9af 8a392a36689b7e763f71899673e2a58855ecb673 d23dc0c134e6b6c3e504f45e55a3bd6931051c3716e13bedb0490e0ba4a94d63 Loading...

	www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a	158 B	2023-03-07	2024-05-16
Pretty URL www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a IP 196.240.57.173 ASN #48950 Global Colocation Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:18:35 Last Seen2024-05-16 17:46:18 Times Seen436 Hash f898517faa32a1d50013fd8b9ab2aaa7 eaeadc084111ee29bc6e1c05e35cfb8a237cbf5f 828a54afa9f3f8d83b680f98ab03887c8fb7999d5eece48e4c7cb3a4842a03d9 Loading...

	www.lostmarydanmark.com/includes/templates/lostmarydanmark/jscript/jscript_cookies.js	745 B	2023-03-07	2024-05-16
Pretty URL www.lostmarydanmark.com/includes/templates/lostmarydanmark/jscript/jscript_cookies.js IP 196.240.57.173 ASN #48950 Global Colocation Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:18:35 Last Seen2024-05-16 17:46:19 Times Seen795 Hash 65807f4bee7bcb4f6af769919ee805d3 c75e394f474f9238cb539f8b7ef9708cc083eff2 6979054ef7300efc7abcaefb0168e095f82adc208a00837ae1a95e0f72e2b598 Loading...

	www.lostmarydanmark.com/includes/templates/lostmarydanmark/jscript/jscript_plugins.js	273 kB	2023-03-08	2024-05-16
Pretty URL www.lostmarydanmark.com/includes/templates/lostmarydanmark/jscript/jscript_plugins.js IP 196.240.57.173 ASN #48950 Global Colocation Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:00:23 Last Seen2024-05-16 17:46:18 Times Seen409 Hash 61bced23c3ca3a6b3623097507a8e2e4 fa6e156543aee6ad5fd3f14799140842880142aa 1736d465416b468d9836583f60c9a3165138120678649560a81f6365378a2743 Loading...

HTTP Transactions (41)

URL IP Response Size

www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a

196.240.57.173

200 OK

6.4 kB

URL User Request GET HTTP/2
www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
IP
196.240.57.173:443
ASN
#48950 Global Colocation Limited

Certificate
IssuerLet's Encrypt
Subjectlostmarydanmark.com
FingerprintEB:99:0D:14:59:16:29:31:07:09:BB:56:FD:08:25:45:AC:50:79:8A
ValiditySat, 13 Apr 2024 00:44:51 GMT - Fri, 12 Jul 2024 00:44:50 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3610), with CRLF, LF line terminators
Size
6.4 kB (6432 bytes)
Hash
32341571b7ca69e7e215eee1c87ac283
0842014d1e63dc88074ef185149e3079e551e777
e153e320a27a643120ec243efa74806de35f7cca1c6b8840c0bfcb934f62341d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tabte-mary-mt15000-c-1_4/?page=2&sort=20a HTTP/1.1
Host: www.lostmarydanmark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:26:24 GMT
content-type: text/html; charset=utf-8
content-length: 6432
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
set-cookie: zenid=rvarrlpsmjut9lg5vqra9u34sa; path=/; domain=.www.lostmarydanmark.com; secure; HttpOnly; SameSite=lax
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2

www.lostmarydanmark.com/images/loader.gif

196.240.57.173

200 OK

35 kB

URL GET HTTP/2
www.lostmarydanmark.com/images/loader.gif
IP
196.240.57.173:443
ASN
#48950 Global Colocation Limited

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerLet's Encrypt
Subjectlostmarydanmark.com
FingerprintEB:99:0D:14:59:16:29:31:07:09:BB:56:FD:08:25:45:AC:50:79:8A
ValiditySat, 13 Apr 2024 00:44:51 GMT - Fri, 12 Jul 2024 00:44:50 GMT

File type
GIF image data, version 89a, 128 x 38
Size
35 kB (35011 bytes)
Hash
362e988184d842aea3a0b5d09a64d13e
e4ab705fb063ffd2645ce8a25e59e889e98f211c
82656f23517068a7b3d92badc8c29716e53654cd2574d330b08823ca7f7b8fa4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/loader.gif HTTP/1.1
Host: www.lostmarydanmark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Cookie: zenid=rvarrlpsmjut9lg5vqra9u34sa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:26:25 GMT
content-type: image/gif
content-length: 35011
last-modified: Thu, 09 Jun 2022 11:23:04 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "62a1d818-88c3"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.lostmarydanmark.com/includes/templates/lostmarydanmark/jscript/jscript_extend.js

196.240.57.173

200 OK

311 B

URL GET HTTP/2
www.lostmarydanmark.com/includes/templates/lostmarydanmark/jscript/jscript_extend.js
IP
196.240.57.173:443
ASN
#48950 Global Colocation Limited

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerLet's Encrypt
Subjectlostmarydanmark.com
FingerprintEB:99:0D:14:59:16:29:31:07:09:BB:56:FD:08:25:45:AC:50:79:8A
ValiditySat, 13 Apr 2024 00:44:51 GMT - Fri, 12 Jul 2024 00:44:50 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
311 B (311 bytes)
Hash
3bb18f39e30a3049535f9b3fc6fdf9af
8a392a36689b7e763f71899673e2a58855ecb673
d23dc0c134e6b6c3e504f45e55a3bd6931051c3716e13bedb0490e0ba4a94d63

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/lostmarydanmark/jscript/jscript_extend.js HTTP/1.1
Host: www.lostmarydanmark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Cookie: zenid=rvarrlpsmjut9lg5vqra9u34sa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:26:25 GMT
content-type: application/javascript
content-length: 311
x-accel-version: 0.01
last-modified: Fri, 19 Apr 2024 11:03:18 GMT
accept-ranges: bytes
cache-control: max-age=300
expires: Sat, 04 May 2024 21:31:25 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2

www.lostmarydanmark.com/includes/templates/lostmarydanmark/jscript/jscript_cookies.js

196.240.57.173

200 OK

430 B

URL GET HTTP/2
www.lostmarydanmark.com/includes/templates/lostmarydanmark/jscript/jscript_cookies.js
IP
196.240.57.173:443
ASN
#48950 Global Colocation Limited

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerLet's Encrypt
Subjectlostmarydanmark.com
FingerprintEB:99:0D:14:59:16:29:31:07:09:BB:56:FD:08:25:45:AC:50:79:8A
ValiditySat, 13 Apr 2024 00:44:51 GMT - Fri, 12 Jul 2024 00:44:50 GMT

File type
JavaScript source, ASCII text, with very long lines (745), with no line terminators
Size
430 B (430 bytes)
Hash
65807f4bee7bcb4f6af769919ee805d3
c75e394f474f9238cb539f8b7ef9708cc083eff2
6979054ef7300efc7abcaefb0168e095f82adc208a00837ae1a95e0f72e2b598

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/lostmarydanmark/jscript/jscript_cookies.js HTTP/1.1
Host: www.lostmarydanmark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Cookie: zenid=rvarrlpsmjut9lg5vqra9u34sa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:26:25 GMT
content-type: application/javascript
content-length: 430
x-accel-version: 0.01
last-modified: Fri, 19 Apr 2024 11:03:18 GMT
accept-ranges: bytes
cache-control: max-age=300
expires: Sat, 04 May 2024 21:31:25 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2

www.lostmarydanmark.com/images/payment.png

196.240.57.173

200 OK

6.2 kB

URL GET HTTP/2
www.lostmarydanmark.com/images/payment.png
IP
196.240.57.173:443
ASN
#48950 Global Colocation Limited

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerLet's Encrypt
Subjectlostmarydanmark.com
FingerprintEB:99:0D:14:59:16:29:31:07:09:BB:56:FD:08:25:45:AC:50:79:8A
ValiditySat, 13 Apr 2024 00:44:51 GMT - Fri, 12 Jul 2024 00:44:50 GMT

File type
PNG image data, 248 x 26, 8-bit/color RGBA, non-interlaced
Size
6.2 kB (6248 bytes)
Hash
1fb5f66cada185d72ccefaeb9e9a2963
584108601272e3ed07abe10b4c3ca2f6b200d552
ef645db0e0a9a267fda954e584782b888929b2827548ecaef07600656022535b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/payment.png HTTP/1.1
Host: www.lostmarydanmark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Cookie: zenid=rvarrlpsmjut9lg5vqra9u34sa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:26:25 GMT
content-type: image/png
content-length: 6248
last-modified: Thu, 09 Jun 2022 11:19:36 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "62a1d748-1868"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.lostmarydanmark.com/images/engangs-vape/tabte-mary-mt15000/LOST_MARY_Vape_Danmark_tabt_mary_mt15000_turbo_str_melon_fersken_V6FN102.png

196.240.57.173

200 OK

165 kB

URL GET HTTP/2
www.lostmarydanmark.com/images/engangs-vape/tabte-mary-mt15000/LOST_MARY_Vape_Danmark_tabt_mary_mt15000_turbo_str_melon_fersken_V6FN102.png
IP
196.240.57.173:443
ASN
#48950 Global Colocation Limited

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerLet's Encrypt
Subjectlostmarydanmark.com
FingerprintEB:99:0D:14:59:16:29:31:07:09:BB:56:FD:08:25:45:AC:50:79:8A
ValiditySat, 13 Apr 2024 00:44:51 GMT - Fri, 12 Jul 2024 00:44:50 GMT

File type
PNG image data, 794 x 794, 8-bit/color RGBA, non-interlaced
Size
165 kB (164639 bytes)
Hash
f450063478683ad785d422bc87c308a3
827ccb3c9b192d840d45a1bee18a34acf4795a22
c205a512fb88d8d52f854b3877866c407ca647ca7d42c95519be7ccb7f6640de

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/engangs-vape/tabte-mary-mt15000/LOST_MARY_Vape_Danmark_tabt_mary_mt15000_turbo_str_melon_fersken_V6FN102.png HTTP/1.1
Host: www.lostmarydanmark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Cookie: zenid=rvarrlpsmjut9lg5vqra9u34sa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:26:25 GMT
content-type: image/png
content-length: 164639
last-modified: Wed, 17 Apr 2024 02:12:13 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "661f2ffd-2831f"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.lostmarydanmark.com/images/engangs-vape/tabte-mary-mt15000/LOST_MARY_Vape_EU_tabt_mary_mt15000_turbo_kirseb_r_strazz_V6FN108.png

196.240.57.173

200 OK

327 kB

URL GET HTTP/2
www.lostmarydanmark.com/images/engangs-vape/tabte-mary-mt15000/LOST_MARY_Vape_EU_tabt_mary_mt15000_turbo_kirseb_r_strazz_V6FN108.png
IP
196.240.57.173:443
ASN
#48950 Global Colocation Limited

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerLet's Encrypt
Subjectlostmarydanmark.com
FingerprintEB:99:0D:14:59:16:29:31:07:09:BB:56:FD:08:25:45:AC:50:79:8A
ValiditySat, 13 Apr 2024 00:44:51 GMT - Fri, 12 Jul 2024 00:44:50 GMT

File type
PNG image data, 794 x 794, 8-bit/color RGBA, non-interlaced
Size
327 kB (326819 bytes)
Hash
e08cce6b71fdddac79e10640380a5030
2af724fe2b652ff19b70bb1167fd67363cc0f1aa
67ffaae6efdd3b18c2993d95dbfd5c68a672991b15936fda9203a2259b90dbb7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/engangs-vape/tabte-mary-mt15000/LOST_MARY_Vape_EU_tabt_mary_mt15000_turbo_kirseb_r_strazz_V6FN108.png HTTP/1.1
Host: www.lostmarydanmark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Cookie: zenid=rvarrlpsmjut9lg5vqra9u34sa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:26:25 GMT
content-type: image/png
content-length: 326819
last-modified: Wed, 17 Apr 2024 02:12:24 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "661f3008-4fca3"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.lostmarydanmark.com/images/engangs-vape/tabte-mary-mt15000/LOST_MARY_Vape_Price_tabt_mary_mt15000_turbo_nana_kokosn_d_V6FN107.png

196.240.57.173

200 OK

260 kB

URL GET HTTP/2
www.lostmarydanmark.com/images/engangs-vape/tabte-mary-mt15000/LOST_MARY_Vape_Price_tabt_mary_mt15000_turbo_nana_kokosn_d_V6FN107.png
IP
196.240.57.173:443
ASN
#48950 Global Colocation Limited

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerLet's Encrypt
Subjectlostmarydanmark.com
FingerprintEB:99:0D:14:59:16:29:31:07:09:BB:56:FD:08:25:45:AC:50:79:8A
ValiditySat, 13 Apr 2024 00:44:51 GMT - Fri, 12 Jul 2024 00:44:50 GMT

File type
PNG image data, 794 x 794, 8-bit/color RGBA, non-interlaced
Size
260 kB (259938 bytes)
Hash
147715cee955c27adb3beee255c51660
82b4aa90d5e19953d62cc83e7b0bcd7665152731
da2021f2cad94a4e126fcdb5c8f0a54c99c5a041b5a89f4128de6f69e9e74710

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/engangs-vape/tabte-mary-mt15000/LOST_MARY_Vape_Price_tabt_mary_mt15000_turbo_nana_kokosn_d_V6FN107.png HTTP/1.1
Host: www.lostmarydanmark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Cookie: zenid=rvarrlpsmjut9lg5vqra9u34sa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:26:25 GMT
content-type: image/png
content-length: 259938
last-modified: Wed, 17 Apr 2024 02:12:22 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "661f3006-3f762"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.lostmarydanmark.com/images/engangs-vape/tabte-mary-mt15000/LOST_MARY_Vape_DK_tabt_mary_mt15000_turbo_banankage_V6FN106.png

196.240.57.173

200 OK

255 kB

URL GET HTTP/2
www.lostmarydanmark.com/images/engangs-vape/tabte-mary-mt15000/LOST_MARY_Vape_DK_tabt_mary_mt15000_turbo_banankage_V6FN106.png
IP
196.240.57.173:443
ASN
#48950 Global Colocation Limited

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerLet's Encrypt
Subjectlostmarydanmark.com
FingerprintEB:99:0D:14:59:16:29:31:07:09:BB:56:FD:08:25:45:AC:50:79:8A
ValiditySat, 13 Apr 2024 00:44:51 GMT - Fri, 12 Jul 2024 00:44:50 GMT

File type
PNG image data, 794 x 794, 8-bit/color RGBA, non-interlaced
Size
255 kB (255073 bytes)
Hash
20743c39de44c97f6675e731a94b4ab0
d38230caa35bbb2fae3fd064db786ab03be6bfb7
211b422f023df40b59ae58145ca7ae7c9a0ea84fb84d97bafaa784d7e224f76a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/engangs-vape/tabte-mary-mt15000/LOST_MARY_Vape_DK_tabt_mary_mt15000_turbo_banankage_V6FN106.png HTTP/1.1
Host: www.lostmarydanmark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Cookie: zenid=rvarrlpsmjut9lg5vqra9u34sa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:26:25 GMT
content-type: image/png
content-length: 255073
last-modified: Wed, 17 Apr 2024 02:12:20 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "661f3004-3e461"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Crimson+Pro:wght@200;300;400;500;600;700;800;900&display=swap

142.250.74.106

200 OK

141 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Crimson+Pro:wght@200;300;400;500;600;700;800;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
141 kB (141186 bytes)
Hash
cd85441aab29c6817cae14b107cabedf
e4cae99c27465a8294310a803c9318daee4d4222
450bb07ea5fc3753f0b9dc420b31482a49b0e31d1c4d98ba3b2a2eea538c1c43

HTTP Headers

GET /css2?family=Crimson+Pro:wght@200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 21:32:18 GMT
date: Sat, 04 May 2024 21:32:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&display=swap

142.250.74.106

200 OK

932 B

URL GET HTTP/2
fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
932 B (932 bytes)
Hash
50ff31512bb7f54583c4d1ff4a0ae6c9
b303decd493f9b7ca04b79ef461bbb3871250d82
536fe330d6d53ed80ea1fd71dab4878b37876b9461ab265a72980d8e2c49612e

HTTP Headers

GET /css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 21:32:18 GMT
date: Sat, 04 May 2024 21:32:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.227

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.lostmarydanmark.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 19:57:12 GMT
expires: Fri, 02 May 2025 19:57:12 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
age: 178507
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

216.58.207.227

200 OK

7.7 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.lostmarydanmark.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Apr 2024 03:25:26 GMT
expires: Wed, 30 Apr 2025 03:25:26 GMT
cache-control: public, max-age=31536000
age: 410813
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Alata&display=swap

142.250.74.106

200 OK

8.2 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Alata&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
8.2 kB (8239 bytes)
Hash
b40bd90e2d9652ce9bf6c07e90617b1f
c3c3cd3b8d69fbff7b20863a2f2732b8f20c4aba
1e6d6c02f5bdff8785ac99fd6935dc81a24b80722ef8996b0d14e5910b81c408

HTTP Headers

GET /css2?family=Alata&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 21:32:18 GMT
date: Sat, 04 May 2024 21:32:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

216.58.207.227

200 OK

8.0 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.lostmarydanmark.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 15:13:04 GMT
expires: Fri, 02 May 2025 15:13:04 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
age: 195555
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.lostmarydanmark.com/includes/templates/lostmarydanmark/images/favicon.ico

196.240.57.173

200 OK

4.3 kB

URL GET HTTP/2
www.lostmarydanmark.com/includes/templates/lostmarydanmark/images/favicon.ico
IP
196.240.57.173:443
ASN
#48950 Global Colocation Limited

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerLet's Encrypt
Subjectlostmarydanmark.com
FingerprintEB:99:0D:14:59:16:29:31:07:09:BB:56:FD:08:25:45:AC:50:79:8A
ValiditySat, 13 Apr 2024 00:44:51 GMT - Fri, 12 Jul 2024 00:44:50 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Size
4.3 kB (4286 bytes)
Hash
1c24ce9d6616111e0a49bf1004491d02
c2f63b22644e643e256f8ac4c59ea11eaa606d37
68240f0bd53cfe878724269338454471fc780bcea4c819dea69f99bf25ad0f8b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/lostmarydanmark/images/favicon.ico HTTP/1.1
Host: www.lostmarydanmark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Cookie: zenid=rvarrlpsmjut9lg5vqra9u34sa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:26:26 GMT
content-type: image/x-icon
content-length: 4286
last-modified: Mon, 15 Apr 2024 14:45:10 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Sun, 05 May 2024 21:26:26 GMT
etag: "661d3d76-10be"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,800;0,900;1,700&display=swap

142.250.74.106

200 OK

1.4 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,800;0,900;1,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
1.4 kB (1383 bytes)
Hash
c91d591dcc372f2970d4f74e97c4a316
7ac32d0c71f39886dfd79d41c9315f9a89deb657
afc50915f50ee68d58b060e063d899eacf9a0c256b4ac38456e6b6e3d2d1be00

HTTP Headers

GET /css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,800;0,900;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 21:32:18 GMT
date: Sat, 04 May 2024 21:32:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap

142.250.74.106

200 OK

1.4 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
1.4 kB (1383 bytes)
Hash
b08662d6d3c643677f8f8f6204aebff3
92dbd30ed5c41bfba4b2a73993ed7bb86ab713a0
8fa6d7204a0f3dc538f5bd60ad5ff695a0f2e7c525e440a30b2938433eb9a499

HTTP Headers

GET /css2?family=Roboto:wght@100;300;400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 21:32:18 GMT
date: Sat, 04 May 2024 21:32:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Staatliches&display=swap

142.250.74.106

200 OK

5.2 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Staatliches&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
5.2 kB (5187 bytes)
Hash
a5e4b1f53065236a54af1a92ddc40f5a
ecaaf871220d6a8df169a0d6f072109a954c1185
2d31c7d8fd48d5cda5e4b1d27e41e2ed31512f63238975b6ec649318c5b959bf

HTTP Headers

GET /css2?family=Staatliches&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 21:32:18 GMT
date: Sat, 04 May 2024 21:32:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

142.250.74.106

200 OK

6.0 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
6.0 kB (6036 bytes)
Hash
ea22d6ddf0467d0b324c7968799da756
e1c1139ff3920614cc43ff660343bb6eea17dc00
4b12e19606592f9b87c4dd5c4e33cb8867e5cc7cbda9eada11c21951a5b26dbd

HTTP Headers

GET /css2?family=Roboto+Condensed:wght@300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 21:32:18 GMT
date: Sat, 04 May 2024 21:32:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Jost:wght@300;400;500;600;700;800&display=swap

142.250.74.106

200 OK

6.3 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Jost:wght@300;400;500;600;700;800&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (6420), with no line terminators
Size
6.3 kB (6258 bytes)
Hash
74a37b69a4c15801b8edcc9cd42c503c
23d843eff81be41b551ff2ab24a550017f77207f
d706baa7aa0457db3dc2bbb3af441adb4dc2cf87f8c3611c85a281ddbe939ec7

HTTP Headers

GET /css2?family=Jost:wght@300;400;500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 21:32:18 GMT
date: Sat, 04 May 2024 21:32:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Merienda:wght@400;700&display=swap

142.250.74.106

200 OK

2.4 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Merienda:wght@400;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (2424), with no line terminators
Size
2.4 kB (2370 bytes)
Hash
4c11106146294a0f2e0f9a7cd792e1d2
53f4815a87a769d098f64ad9dfafc157f7d572d1
66f67ff9a9b48f878ba4db2df85dcb68e5640e189ecc19cb7a4a8604b7412e94

HTTP Headers

GET /css2?family=Merienda:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 21:32:18 GMT
date: Sat, 04 May 2024 21:32:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

216.58.207.227

200 OK

7.8 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.lostmarydanmark.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:53:08 GMT
expires: Fri, 02 May 2025 01:53:08 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
age: 243551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.lostmarydanmark.com/includes/templates/lostmarydanmark/jscript/jscript_plugins.js

196.240.57.173

200 OK

273 kB

URL GET HTTP/2
www.lostmarydanmark.com/includes/templates/lostmarydanmark/jscript/jscript_plugins.js
IP
196.240.57.173:443
ASN
#48950 Global Colocation Limited

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerLet's Encrypt
Subjectlostmarydanmark.com
FingerprintEB:99:0D:14:59:16:29:31:07:09:BB:56:FD:08:25:45:AC:50:79:8A
ValiditySat, 13 Apr 2024 00:44:51 GMT - Fri, 12 Jul 2024 00:44:50 GMT

File type

Size
273 kB (273266 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/lostmarydanmark/jscript/jscript_plugins.js HTTP/1.1
Host: www.lostmarydanmark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Cookie: zenid=rvarrlpsmjut9lg5vqra9u34sa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:26:25 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 11:03:22 GMT
vary: Accept-Encoding
cache-control: max-age=300
expires: Sat, 04 May 2024 21:31:25 GMT
etag: W/"66224f7a-42b72"
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap

142.250.74.106

200 OK

6.3 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (6448), with no line terminators
Size
6.3 kB (6304 bytes)
Hash
5597ed8188a3994391b999f6caf0d0ec
a647507c2dfaa80293672a339035e11335a7509b
40f0d46e2291b1365735633e70f2aac322fb4741fa001a7e8485692d660bb740

HTTP Headers

GET /css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 21:32:18 GMT
date: Sat, 04 May 2024 21:32:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.lostmarydanmark.com/includes/templates/lostmarydanmark/css/style_plugins.css

196.240.57.173

200 OK

221 kB

URL GET HTTP/2
www.lostmarydanmark.com/includes/templates/lostmarydanmark/css/style_plugins.css
IP
196.240.57.173:443
ASN
#48950 Global Colocation Limited

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerLet's Encrypt
Subjectlostmarydanmark.com
FingerprintEB:99:0D:14:59:16:29:31:07:09:BB:56:FD:08:25:45:AC:50:79:8A
ValiditySat, 13 Apr 2024 00:44:51 GMT - Fri, 12 Jul 2024 00:44:50 GMT

File type

Size
221 kB (220793 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/lostmarydanmark/css/style_plugins.css HTTP/1.1
Host: www.lostmarydanmark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Cookie: zenid=rvarrlpsmjut9lg5vqra9u34sa
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:26:25 GMT
content-type: text/css
last-modified: Fri, 19 Apr 2024 11:01:28 GMT
vary: Accept-Encoding
cache-control: max-age=3600
expires: Sat, 04 May 2024 22:26:25 GMT
etag: W/"66224f08-35e79"
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Libre+Franklin:wght@100;200;300;400;500;600;700;800;900&display=swap

142.250.74.106

200 OK

11 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Libre+Franklin:wght@100;200;300;400;500;600;700;800;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text
Size
11 kB (11178 bytes)
Hash
eb9023562ab1966f30dc99199c862e99
c61e56985a7df5262657c080393142f4f3e674b0
23daa07b4cbfa8e9a4a4aa17f77ebab31297e8dcd5f1c082dc21f284ab5dd03a

HTTP Headers

GET /css2?family=Libre+Franklin:wght@100;200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 21:32:18 GMT
date: Sat, 04 May 2024 21:32:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.lostmarydanmark.com/includes/templates/lostmarydanmark/images/logo.svg

196.240.57.173

200 OK

3.8 kB

URL GET HTTP/2
www.lostmarydanmark.com/includes/templates/lostmarydanmark/images/logo.svg
IP
196.240.57.173:443
ASN
#48950 Global Colocation Limited

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerLet's Encrypt
Subjectlostmarydanmark.com
FingerprintEB:99:0D:14:59:16:29:31:07:09:BB:56:FD:08:25:45:AC:50:79:8A
ValiditySat, 13 Apr 2024 00:44:51 GMT - Fri, 12 Jul 2024 00:44:50 GMT

File type
SVG Scalable Vector Graphics image
Size
3.8 kB (3829 bytes)
Hash
d6c02c97ea65242affdae072b83c14a1
0d88a4c6cfe4d71d1f6ef48920cf17327265cba7
7888cb666b94596f3cfca848445b42bf23bd2ca2ea642f3d932a64eb76ffbf74

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/lostmarydanmark/images/logo.svg HTTP/1.1
Host: www.lostmarydanmark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Cookie: zenid=rvarrlpsmjut9lg5vqra9u34sa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:26:25 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Apr 2024 15:43:06 GMT
vary: Accept-Encoding
cache-control: max-age=864000, public, must-revalidate
expires: Sat, 04 May 2024 21:31:25 GMT
etag: W/"661e9c8a-ef5"
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800&display=swap

142.250.74.106

200 OK

11 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text
Size
11 kB (10980 bytes)
Hash
0f3106ce705bbf98161187fc94d15542
99688690db95c115bbc142ac516d7aa8d8bfade8
376aa716f5acbcefc1b0a7684a56f4d642f23bf6534917d787d163c2ad81ebb4

HTTP Headers

GET /css2?family=Montserrat:wght@300;400;500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 21:32:18 GMT
date: Sat, 04 May 2024 21:32:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Arima+Madurai:wght@300;400;500;700;800;900&display=swap

142.250.74.106

200 OK

9.3 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Arima+Madurai:wght@300;400;500;700;800;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (9530), with no line terminators
Size
9.3 kB (9314 bytes)
Hash
c5939125786ce6b5ed8c4f0a2bedcf52
528777daa60c7b5d52e78018151ba873c94d640e
819fb2fbdc024c04b03c88da5d5c7e0bdb4616630d72ab65491cbaab120f46ec

HTTP Headers

GET /css2?family=Arima+Madurai:wght@300;400;500;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 21:32:18 GMT
date: Sat, 04 May 2024 21:32:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.lostmarydanmark.com/includes/templates/lostmarydanmark/jscript/jscript_zmain.js

196.240.57.173

200 OK

54 kB

URL GET HTTP/2
www.lostmarydanmark.com/includes/templates/lostmarydanmark/jscript/jscript_zmain.js
IP
196.240.57.173:443
ASN
#48950 Global Colocation Limited

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerLet's Encrypt
Subjectlostmarydanmark.com
FingerprintEB:99:0D:14:59:16:29:31:07:09:BB:56:FD:08:25:45:AC:50:79:8A
ValiditySat, 13 Apr 2024 00:44:51 GMT - Fri, 12 Jul 2024 00:44:50 GMT

File type
JavaScript source, ASCII text, with very long lines (528)
Size
54 kB (54267 bytes)
Hash
69c37b7aac8ed6ae3e23a11a13ed5077
7bb16164f8c323d90988569d7fd170a94f3b1acb
0d4669815743183426288ccd0a65db582b609ab45d1323eadf403edda247b815

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/lostmarydanmark/jscript/jscript_zmain.js HTTP/1.1
Host: www.lostmarydanmark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Cookie: zenid=rvarrlpsmjut9lg5vqra9u34sa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:26:25 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 11:03:22 GMT
vary: Accept-Encoding
cache-control: max-age=300
expires: Sat, 04 May 2024 21:31:25 GMT
etag: W/"66224f7a-d3fb"
content-encoding: gzip
X-Firefox-Spdy: h2

www.lostmarydanmark.com/includes/templates/lostmarydanmark/css/style_zp.css

196.240.57.173

200 OK

23 kB

URL GET HTTP/2
www.lostmarydanmark.com/includes/templates/lostmarydanmark/css/style_zp.css
IP
196.240.57.173:443
ASN
#48950 Global Colocation Limited

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerLet's Encrypt
Subjectlostmarydanmark.com
FingerprintEB:99:0D:14:59:16:29:31:07:09:BB:56:FD:08:25:45:AC:50:79:8A
ValiditySat, 13 Apr 2024 00:44:51 GMT - Fri, 12 Jul 2024 00:44:50 GMT

File type
ASCII text
Size
23 kB (22599 bytes)
Hash
776673e8075b89d5e7bfba58c041e109
4fb4cc762ec1f6813b883a706072a5ec7de1f109
f66b36d76eff921fda13a8aba9ec7ca14e4a55c473ce3b040e91e667d8ca4efb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/lostmarydanmark/css/style_zp.css HTTP/1.1
Host: www.lostmarydanmark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Cookie: zenid=rvarrlpsmjut9lg5vqra9u34sa
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:26:25 GMT
content-type: text/css
last-modified: Fri, 19 Apr 2024 11:01:28 GMT
vary: Accept-Encoding
cache-control: max-age=3600
expires: Sat, 04 May 2024 22:26:25 GMT
etag: W/"66224f08-5847"
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap

142.250.74.106

200 OK

5.0 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (5076), with no line terminators
Size
5.0 kB (4968 bytes)
Hash
48d4822accd8873d2852967645115cef
1b20048c205fa24b4fff0afa458ee1fa2c45612f
27b1f874ce4c14645ec6df13bdf94d9a3381db78c5e4720903dd20d0e4bbc0b7

HTTP Headers

GET /css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 21:32:18 GMT
date: Sat, 04 May 2024 21:32:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Glegoo:wght@400;700&display=swap

142.250.74.106

200 OK

2.3 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Glegoo:wght@400;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (2310), with no line terminators
Size
2.3 kB (2256 bytes)
Hash
5cf712cf2b0969e17db3030c359175fe
a6bd8bc94377508e45d8b0708c67057efd7ec40d
2590d0359a53a2ba40a5f4074121465e36893f365cf2a67f7c803249cbad479e

HTTP Headers

GET /css2?family=Glegoo:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 21:32:18 GMT
date: Sat, 04 May 2024 21:32:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Playfair+Display:wght@400;500;600;700;800;900&display=swap

142.250.74.106

200 OK

9.5 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Playfair+Display:wght@400;500;600;700;800;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (9708), with no line terminators
Size
9.5 kB (9492 bytes)
Hash
cbb724e5f0c70cc680b0a3cf208a602e
7bb23f4e0d2a2306ce2a8c44b5c29778235d4580
533e25ed8b776dfe43e6cfb857fa5feee61b4e554dead3ec80cbaf2afa928d21

HTTP Headers

GET /css2?family=Playfair+Display:wght@400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 21:32:18 GMT
date: Sat, 04 May 2024 21:32:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.106

200 OK

565 B

URL GET HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (588), with no line terminators
Size
565 B (565 bytes)
Hash
959a533a3dc02649e0cc3f8f67d942af
34db49ff64aed8b51beaba5b9928ad504a4df335
24864ed3ee6fab66640980d4c24640e579e5583764a8ee8c4f09decf27977247

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 21:32:18 GMT
date: Sat, 04 May 2024 21:32:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.lostmarydanmark.com/includes/templates/lostmarydanmark/css/stylesheet.css

196.240.57.173

200 OK

61 kB

URL GET HTTP/2
www.lostmarydanmark.com/includes/templates/lostmarydanmark/css/stylesheet.css
IP
196.240.57.173:443
ASN
#48950 Global Colocation Limited

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerLet's Encrypt
Subjectlostmarydanmark.com
FingerprintEB:99:0D:14:59:16:29:31:07:09:BB:56:FD:08:25:45:AC:50:79:8A
ValiditySat, 13 Apr 2024 00:44:51 GMT - Fri, 12 Jul 2024 00:44:50 GMT

File type
ASCII text, with very long lines (349)
Size
61 kB (60559 bytes)
Hash
ecc1ac6fed1f128de993119449abacf4
227e01ade5d648aeaef6844feb66440d758b6d27
e0f91b2a0d2d9b790fea6df541bb2f8ca5a67e56d04414c8f362de33daed5cce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/lostmarydanmark/css/stylesheet.css HTTP/1.1
Host: www.lostmarydanmark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Cookie: zenid=rvarrlpsmjut9lg5vqra9u34sa
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:26:25 GMT
content-type: text/css
last-modified: Fri, 19 Apr 2024 11:01:26 GMT
vary: Accept-Encoding
cache-control: max-age=3600
expires: Sat, 04 May 2024 22:26:25 GMT
etag: W/"66224f06-ec8f"
content-encoding: gzip
X-Firefox-Spdy: h2

www.lostmarydanmark.com/includes/templates/lostmarydanmark/jscript/jquery.min.js

196.240.57.173

200 OK

90 kB

URL GET HTTP/2
www.lostmarydanmark.com/includes/templates/lostmarydanmark/jscript/jquery.min.js
IP
196.240.57.173:443
ASN
#48950 Global Colocation Limited

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerLet's Encrypt
Subjectlostmarydanmark.com
FingerprintEB:99:0D:14:59:16:29:31:07:09:BB:56:FD:08:25:45:AC:50:79:8A
ValiditySat, 13 Apr 2024 00:44:51 GMT - Fri, 12 Jul 2024 00:44:50 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/lostmarydanmark/jscript/jquery.min.js HTTP/1.1
Host: www.lostmarydanmark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Cookie: zenid=rvarrlpsmjut9lg5vqra9u34sa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:26:25 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 11:03:18 GMT
vary: Accept-Encoding
cache-control: max-age=300
expires: Sat, 04 May 2024 21:31:25 GMT
etag: W/"66224f76-15d9d"
content-encoding: gzip
X-Firefox-Spdy: h2

www.lostmarydanmark.com/includes/templates/lostmarydanmark/css/style_zo.css

196.240.57.173

200 OK

154 kB

URL GET HTTP/2
www.lostmarydanmark.com/includes/templates/lostmarydanmark/css/style_zo.css
IP
196.240.57.173:443
ASN
#48950 Global Colocation Limited

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerLet's Encrypt
Subjectlostmarydanmark.com
FingerprintEB:99:0D:14:59:16:29:31:07:09:BB:56:FD:08:25:45:AC:50:79:8A
ValiditySat, 13 Apr 2024 00:44:51 GMT - Fri, 12 Jul 2024 00:44:50 GMT

File type
assembler source, ASCII text, with very long lines (539)
Size
154 kB (153513 bytes)
Hash
0b059126fa0e75b13cbe557e8ee04ff4
e04ae6ea2ec14a4c41cccd25de489eb442adb809
7f31d9b15e8c0290878c8cb33256d5a520cd1cc0fe73de9458fafe267872f15f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/lostmarydanmark/css/style_zo.css HTTP/1.1
Host: www.lostmarydanmark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Cookie: zenid=rvarrlpsmjut9lg5vqra9u34sa
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:26:25 GMT
content-type: text/css
last-modified: Fri, 19 Apr 2024 11:01:28 GMT
vary: Accept-Encoding
cache-control: max-age=3600
expires: Sat, 04 May 2024 22:26:25 GMT
etag: W/"66224f08-257a9"
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Quicksand:wght@400;500;600;700&display=swap

142.250.74.106

200 OK

4.8 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Quicksand:wght@400;500;600;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (4884), with no line terminators
Size
4.8 kB (4776 bytes)
Hash
b600e1e7a6306ebd12e31c84c6e1f1e1
f60eb78fc60e2436151e80ef892f5058a4fdf874
bf93d7866220f1f029dbd4d40e9c34c92f92b6ccc5cdd2fe091e2518941cb663

HTTP Headers

GET /css2?family=Quicksand:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 21:32:18 GMT
date: Sat, 04 May 2024 21:32:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.lostmarydanmark.com/includes/templates/lostmarydanmark/fonts/annimex-icons.ttf?teavmy

196.240.57.173

200 OK

141 kB

URL GET HTTP/2
www.lostmarydanmark.com/includes/templates/lostmarydanmark/fonts/annimex-icons.ttf?teavmy
IP
196.240.57.173:443
ASN
#48950 Global Colocation Limited

Requested by
https://www.lostmarydanmark.com/tabte-mary-mt15000-c-1_4/?page=2&sort=20a
Certificate
IssuerLet's Encrypt
Subjectlostmarydanmark.com
FingerprintEB:99:0D:14:59:16:29:31:07:09:BB:56:FD:08:25:45:AC:50:79:8A
ValiditySat, 13 Apr 2024 00:44:51 GMT - Fri, 12 Jul 2024 00:44:50 GMT

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, adorn-icons
Size
141 kB (140608 bytes)
Hash
7d3c0284348a1f07b4cd6ff41354551b
6ff4eb286a7b3c980866382a40dd9279c99cb9cd
924025d175bc0292a137b2b46a4ee48e77c8618c3ea19e44214b6abf30f16005

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/lostmarydanmark/fonts/annimex-icons.ttf?teavmy HTTP/1.1
Host: www.lostmarydanmark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.lostmarydanmark.com/includes/templates/lostmarydanmark/css/style_plugins.css
Cookie: zenid=rvarrlpsmjut9lg5vqra9u34sa
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:26:26 GMT
content-type: application/x-font-ttf
content-length: 140608
last-modified: Wed, 08 Jun 2022 21:11:08 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Sat, 04 May 2024 21:31:26 GMT
etag: "62a1106c-22540"
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (41)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash