Report - blog.anywho-com.com/anywho-com/canadian-anywho-com/

Report Overview

Visited public
2023-10-16 23:17:45
Tags
URL
blog.anywho-com.com/anywho-com/canadian-anywho-com/
Finishing URL
blog.anywho-com.com/anywho-com/canadian-anywho-com/
IP / ASN
104.21.72.194
#13335 CLOUDFLARENET
Title
canadian anywho com - Blog Anywho

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
blog.anywho-com.com	unknown	2016-01-29	2023-06-04 10:13:50	2023-07-18 09:24:51	10 kB	514 kB	104.21.72.194
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-10-16 18:08:19	428 B	79 kB	142.250.74.168
web.archive.org	35459	1995-12-14	2012-05-30 06:47:17	2023-09-18 10:11:40	2.0 kB	13 kB	207.241.237.3
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-10-16 18:11:26	445 B	6.1 kB	104.17.25.14
d3u598arehftfk.cloudfront.net	unknown	2008-04-25	2021-02-09 15:32:41	2023-10-16 22:28:56	1.3 kB	496 kB	143.204.42.42
hbagency.it	384254	2019-07-31	2019-09-21 19:15:44	2023-10-16 22:28:57	833 B	484 kB	172.64.143.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-10-16	medium	anywho-com.com	Sinkholed
2023-10-16	medium	anywho-com.com	Sinkholed
2023-10-16	medium	anywho-com.com	Sinkholed
2023-10-16	medium	anywho-com.com	Sinkholed
2023-10-16	medium	anywho-com.com	Sinkholed
2023-10-16	medium	anywho-com.com	Sinkholed
2023-10-16	medium	anywho-com.com	Sinkholed
2023-10-16	medium	anywho-com.com	Sinkholed
2023-10-16	medium	anywho-com.com	Sinkholed
2023-10-16	medium	anywho-com.com	Sinkholed
2023-10-16	medium	anywho-com.com	Sinkholed
2023-10-16	medium	anywho-com.com	Sinkholed
2023-10-16	medium	anywho-com.com	Sinkholed
2023-10-16	medium	anywho-com.com	Sinkholed
2023-10-16	medium	anywho-com.com	Sinkholed
2023-10-16	medium	anywho-com.com	Sinkholed
2023-10-16	medium	anywho-com.com	Sinkholed
2023-10-16	medium	anywho-com.com	Sinkholed
2023-10-16	medium	anywho-com.com	Sinkholed
2023-10-16	medium	anywho-com.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (24)

	URL	From	Size	First Seen	Last Seen
	hbagency.it/cdn/tcf2_cmp_hbagency.js	ScriptElement	1.7 kB	2023-07-12	2024-08-21
Pretty URL hbagency.it/cdn/tcf2_cmp_hbagency.js IP 172.64.143.36 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-12 01:30 Last Seen2024-08-21 09:32 Times Seen23 Hash e01edf90a80aaedee6bf8f92cc313fd0 efe9db4ce8789c14a83969eee95fb70bb57f9a7e 45f871b818a929fa4d8a3599f342a5b0c349d0b01462d0970ce57017596a56f1 Loading...

	blog.anywho-com.com/anywho-com/canadian-anywho-com/	ScriptElement	5.9 kB	2024-08-21	2024-08-21
Pretty URL blog.anywho-com.com/anywho-com/canadian-anywho-com/ IP 104.21.72.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 04:27 Last Seen2024-08-21 04:27 Times Seen2 Hash 1606204ed4879f746f649e3ccfc11884 201e33c0c0eda44015e68234c531b99f6c97436d 36d0515419ecbea2fb5777965581bb5c80ccf2f76e80a6931a3a098fbd9ce0a1 Loading...

	blog.anywho-com.com/anywho-com/canadian-anywho-com/	ScriptElement	3.3 kB	2024-08-21	2024-08-21
Pretty URL blog.anywho-com.com/anywho-com/canadian-anywho-com/ IP 104.21.72.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 04:27 Last Seen2024-08-21 04:27 Times Seen2 Hash a998dbcf82b46c9278f7783e265dc632 52308b5d7cd0b46e2cdf53f41fd32b916bbd1632 c0797a366a215fd8c4f21707ef09bbf5ad01210ed1da21da69549c8c0e49ad87 Loading...

	blog.anywho-com.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11	ScriptElement	6.6 kB	2023-03-14	2025-05-10
Pretty URL blog.anywho-com.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11 IP 104.21.72.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 07:30 Last Seen2025-05-10 01:02 Times Seen12767 Hash 9a4f28a615173df36cb84be2b345816e f709263841708d9e40268f24a0072ff4fe811b35 6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6 Loading...

	blog.anywho-com.com/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca	ScriptElement	498 B	2023-03-07	2025-05-07
Pretty URL blog.anywho-com.com/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca IP 104.21.72.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-05-07 14:22 Times Seen5018 Hash b0b80b0256874e70acdc820b52bbf1aa 9aace9a7989736bf535d65f229d0c10e9acea41b 166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0 Loading...

	blog.anywho-com.com/wp-content/themes/catch-box/js/html5.min.js?ver=3.7.3	ScriptElement	2.6 kB	2023-03-07	2025-04-13
Pretty URL blog.anywho-com.com/wp-content/themes/catch-box/js/html5.min.js?ver=3.7.3 IP 104.21.72.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06 Last Seen2025-04-13 03:28 Times Seen95 Hash 23e126e677813c9e82000968bc2d3860 0b3e6496e98c5ed304421f7e8a465e2f7a5a39f5 e87bcce4761b410d32df511bc602a89913a89bf460d121a7736175817d57552a Loading...

	blog.anywho-com.com/wp-content/themes/catch-box/js/skip-link-focus-fix.js?ver=20151112	ScriptElement	1.1 kB	2023-03-07	2025-04-13
Pretty URL blog.anywho-com.com/wp-content/themes/catch-box/js/skip-link-focus-fix.js?ver=20151112 IP 104.21.72.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06 Last Seen2025-04-13 03:28 Times Seen95 Hash 00def7d235b8a84810ce4838f06bc9d9 4cc4607386bcf2fdca8ddcabfa11f9e944fc2adb 66c48dc6be21195324a58b3fb2e2aeb740f1d226a44e926e8c074e029a307013 Loading...

	blog.anywho-com.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0	ScriptElement	88 kB	2023-06-13	2025-05-07
Pretty URL blog.anywho-com.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0 IP 104.21.72.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-13 23:41 Last Seen2025-05-07 14:22 Times Seen26125 Hash ff04dd1ef5c67998d8652330c0441689 5e6ff5bd5240181a8bdea983837f39ac231dac4d 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164 Loading...

	blog.anywho-com.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0	ScriptElement	16 kB	2023-07-22	2025-05-07
Pretty URL blog.anywho-com.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 IP 104.21.72.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-22 18:30 Last Seen2025-05-07 14:22 Times Seen9381 Hash 94dfdbe80f36b3be63ce74ff1135b996 5e05077d99e736af42b2da70e428e7f7df556dd4 4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032 Loading...

	blog.anywho-com.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.20.1	ScriptElement	12 kB	2023-06-30	2025-05-05
Pretty URL blog.anywho-com.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.20.1 IP 104.21.72.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-30 16:05 Last Seen2025-05-05 17:10 Times Seen1422 Hash 6339ec10a9afe65744730af482be76ac e1a99d02176008b569e15619442d1279a455265e bc7269d642327a2174736fc2b0231d1626e6fff1ca2f57e19c59835e73febe85 Loading...

	www.googletagmanager.com/gtag/js?id=G-VGHJDXMS5E	ScriptElement	220 kB	2023-10-17	2023-10-17
Pretty URL www.googletagmanager.com/gtag/js?id=G-VGHJDXMS5E IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-17 01:17 Last Seen2023-10-17 01:17 Times Seen1 Hash c0ceca48d804f67e259532c5cc4043d7 7e914f7ec76338a0f3834b27bc567542ee4b2a81 6770014499ab2327abfe635292d65126e5d1e01bd73a9a9ef3c5c381a5f810a8 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-10
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-10 03:04 Times Seen340764 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	blog.anywho-com.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1	ScriptElement	14 kB	2023-05-09	2025-05-10
Pretty URL blog.anywho-com.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP 104.21.72.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21 Last Seen2025-05-10 02:44 Times Seen105772 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

	blog.anywho-com.com/anywho-com/canadian-anywho-com/	ScriptElement	363 B	2023-07-12	2024-08-21
Pretty URL blog.anywho-com.com/anywho-com/canadian-anywho-com/ IP 104.21.72.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-12 13:18 Last Seen2024-08-21 04:27 Times Seen2 Hash 54f064ca53d19587b0ea84ffabfe8b54 55f33b4454feb937edc264aa74f62c2f64c9a1b9 e4809415b9aefa7e28b607027c3263caae8413ec9150ce071c6aad7b6c5a16e3 Loading...

	blog.anywho-com.com/wp-content/themes/catch-box/js/menu.min.js?ver=2.1.1.1	ScriptElement	4.2 kB	2023-03-14	2025-04-13
Pretty URL blog.anywho-com.com/wp-content/themes/catch-box/js/menu.min.js?ver=2.1.1.1 IP 104.21.72.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 07:31 Last Seen2025-04-13 03:28 Times Seen87 Hash fdfcb3d83943df5ec09bdd45f9012d8e c063ee2ff27877c5b303af57216df916fc4f72fb 325162e216f8db34e9275889cd5efbd4901bd975b2a2ef0aee0407a2ba5978ea Loading...

	blog.anywho-com.com/anywho-com/canadian-anywho-com/	ScriptElement	115 B	2023-03-07	2025-05-07
Pretty URL blog.anywho-com.com/anywho-com/canadian-anywho-com/ IP 104.21.72.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:08 Last Seen2025-05-07 22:38 Times Seen354 Hash 3e899451233a170edd181427e72e91ee 862cfe57d01fe08eaabee196e650ff913f89437e 39eb428d244e717a922e4dbcfc98a38c815b1ca6dcda4d2952b73a1229c83c58 Loading...

	d3u598arehftfk.cloudfront.net/prebid_hb_3189_5673.js	ScriptElement	165 kB	2023-10-17	2023-10-17
Pretty URL d3u598arehftfk.cloudfront.net/prebid_hb_3189_5673.js IP 143.204.42.42 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-17 01:17 Last Seen2023-10-17 01:17 Times Seen2 Hash 9632f855cbbada44aa1b31478a108aa5 9b4c5a433ae2e1f779534007bdfe59d9a03c176c cb2fdc02432755b17386800e571e2a39797df1245827605b43f436732b397e29 Loading...

	blog.anywho-com.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2	ScriptElement	8.2 kB	2023-03-13	2025-05-10
Pretty URL blog.anywho-com.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 IP 104.21.72.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:32 Last Seen2025-05-10 01:02 Times Seen29742 Hash dda652db133fddb9b80a05c6d1b5c540 60c8514c57a5db2980c4b046b0dd479bd427357b c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4 Loading...

	blog.anywho-com.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/base.js?ver=2.4.9	ScriptElement	720 B	2023-03-07	2025-05-03
Pretty URL blog.anywho-com.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/base.js?ver=2.4.9 IP 104.21.72.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-05-03 13:35 Times Seen346 Hash 817a2697d2c30ab90020f541f56d96d0 035692833f6e886e01e9d3c678f0a57a9cb598bd f58e30ab562e4d580aa3af24b123c2c296906742de518a749215e13d6bd2f0db Loading...

	blog.anywho-com.com/anywho-com/canadian-anywho-com/	ScriptElement	404 B	2023-06-10	2024-08-21
Pretty URL blog.anywho-com.com/anywho-com/canadian-anywho-com/ IP 104.21.72.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-10 09:48 Last Seen2024-08-21 04:27 Times Seen2 Hash 52c561abe19542e6932de93fb5c2cce7 598e6a384e69556381d852af77c280d3b4630c18 ac55f22c7dd0c5656e371032746cb4e97ffd833e460eba4deb830efcbb773983 Loading...

	blog.anywho-com.com/wp-content/themes/catch-box/js/catchbox-scrollup.min.js?ver=20072014	ScriptElement	327 B	2023-03-09	2025-04-13
Pretty URL blog.anywho-com.com/wp-content/themes/catch-box/js/catchbox-scrollup.min.js?ver=20072014 IP 104.21.72.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:51 Last Seen2025-04-13 03:28 Times Seen88 Hash 8508f2411f3e500c500f5ef5c631106f ad2a128f2f1c370abadbcfddb5ac3c79bf1d0ae0 4cf80393593908e0a01168329e38e06fdd547e13f09c31aa223859adbddbc57c Loading...

	blog.anywho-com.com/anywho-com/canadian-anywho-com/sandbox%20eval%20code		147 B	2023-04-11	2025-05-10
Pretty URL blog.anywho-com.com/anywho-com/canadian-anywho-com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-10 03:04 Times Seen341564 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js	ScriptElement	18 kB	2023-03-07	2025-05-10
Pretty URL cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-10 00:30 Times Seen2568 Hash 12dd498bf90c536803c2aad708b66c2b 5f9363d39a405d1c94328cf2303ff4a05c0ad163 c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a Loading...

	hbagency.it/cdn/prebid_7_44_ng.js	ScriptElement	481 kB	2023-04-15	2024-11-26
Pretty URL hbagency.it/cdn/prebid_7_44_ng.js IP 172.64.143.36 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-15 20:54 Last Seen2024-11-26 08:22 Times Seen84 Hash 5896fc05eff031688a3032862f09a580 2e83c9083dedc3c557f61eb074f8017afdea8275 62abb2acb82a1832beb6f7f01a455cc6101d6593963c744771434fc23cac2266 Loading...

HTTP Transactions (31)

URL IP Response Size

blog.anywho-com.com/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca

104.21.72.194

200 OK

769 B

URL GET HTTP/3
blog.anywho-com.com/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
IP
104.21.72.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerLet's Encrypt
Subjectanywho-com.com
FingerprintB1:07:56:3D:3F:8B:02:C6:01:21:42:7A:9C:37:0E:1F:0F:4D:1C:56
ValidityMon, 28 Aug 2023 08:52:40 GMT - Sun, 26 Nov 2023 08:52:39 GMT

File type
ASCII text, with very long lines (463)
Size
769 B (769 bytes)
Hash
b0b80b0256874e70acdc820b52bbf1aa
9aace9a7989736bf535d65f229d0c10e9acea41b
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca HTTP/1.1
Host: blog.anywho-com.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 16 Oct 2023 23:17:24 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Wed, 18 Oct 2023 03:51:24 GMT
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 118348
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRtplPRbmPNtFA9m2waiTyHRBJ617tFlq0hZ51pKf7EYRU5c%2FrD6evX2d9GOpf7R%2BFRfVw844mk5P%2Fl%2FyxDheQqwEqbhiHCIgU%2FBsTA75QPCV%2FPunGWC3X%2Fdj5T6B5zH%2Bj2OX7Oi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 817403ddeac156c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-VGHJDXMS5E

142.250.74.168

200 OK

78 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-VGHJDXMS5E
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint54:FD:04:1B:2E:C7:46:95:DD:15:A3:A0:3F:CE:7F:03:02:53:36:8F
ValidityMon, 18 Sep 2023 08:19:25 GMT - Mon, 11 Dec 2023 08:19:24 GMT

File type
ASCII text, with very long lines (5788)
Size
78 kB (78274 bytes)
Hash
c0ceca48d804f67e259532c5cc4043d7
7e914f7ec76338a0f3834b27bc567542ee4b2a81
6770014499ab2327abfe635292d65126e5d1e01bd73a9a9ef3c5c381a5f810a8

HTTP Headers

GET /gtag/js?id=G-VGHJDXMS5E HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 16 Oct 2023 23:17:24 GMT
expires: Mon, 16 Oct 2023 23:17:24 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78274
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

blog.anywho-com.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/base.js?ver=2.4.9

104.21.72.194

200 OK

746 B

URL GET HTTP/3
blog.anywho-com.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/base.js?ver=2.4.9
IP
104.21.72.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerLet's Encrypt
Subjectanywho-com.com
FingerprintB1:07:56:3D:3F:8B:02:C6:01:21:42:7A:9C:37:0E:1F:0F:4D:1C:56
ValidityMon, 28 Aug 2023 08:52:40 GMT - Sun, 26 Nov 2023 08:52:39 GMT

File type
ASCII text
Size
746 B (746 bytes)
Hash
817a2697d2c30ab90020f541f56d96d0
035692833f6e886e01e9d3c678f0a57a9cb598bd
f58e30ab562e4d580aa3af24b123c2c296906742de518a749215e13d6bd2f0db

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/base.js?ver=2.4.9 HTTP/1.1
Host: blog.anywho-com.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 16 Oct 2023 23:17:24 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Wed, 18 Oct 2023 01:23:29 GMT
last-modified: Wed, 14 Sep 2022 10:25:42 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 199869
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CfueBEJCGJRNh4SwjXOGJpKeYpMcOuGQDvOT4pSQGoXuFfZeNpxNSX6T%2FoULHtyrMOHhO%2Fx6jjgbNjI6FeKOwoEVbJ1IjuTGNxw%2FT3g0gAsEO9cO0fecDMOnW3385yl%2BCZK7vKt4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 817403ddeac256c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

blog.anywho-com.com/wp-content/uploads/2022/07/cropped-cropped-anywho-1-1-192x192.png

104.21.72.194

200 OK

14 kB

URL GET HTTP/3
blog.anywho-com.com/wp-content/uploads/2022/07/cropped-cropped-anywho-1-1-192x192.png
IP
104.21.72.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerLet's Encrypt
Subjectanywho-com.com
FingerprintB1:07:56:3D:3F:8B:02:C6:01:21:42:7A:9C:37:0E:1F:0F:4D:1C:56
ValidityMon, 28 Aug 2023 08:52:40 GMT - Sun, 26 Nov 2023 08:52:39 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (13708 bytes)
Hash
319237b0663d4514fc74aebe09ee13ff
9de799aa39047b0b7e3c5c659b7e76fd0d9242fc
03a8dbefaf127dd51b6d1c8fec08e8690936eb33f153f6f55d38c796ce5f6420

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/07/cropped-cropped-anywho-1-1-192x192.png HTTP/1.1
Host: blog.anywho-com.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 16 Oct 2023 23:17:25 GMT
content-type: image/png
content-length: 13708
cache-control: public, max-age=604800
expires: Wed, 18 Oct 2023 15:14:49 GMT
last-modified: Wed, 13 Jul 2022 19:42:05 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kYIWZpBUSodtOgI7bxvIK%2Fi57u6PSaQQftFLsmhYTakeuuuTujFsa0OnG3LJXLt3zNe8uwP7W2GydaDKfojoyYkYgEmWlDPNMo%2F5PGmRjTBuEdizycLj%2F0pUxRGv1Rc3xDx5UQP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 817403e05bae56c3-OSL
alt-svc: h3=":443"; ma=86400

blog.anywho-com.com/wp-content/uploads/2022/07/cropped-cropped-anywho-1-1-32x32.png

104.21.72.194

200 OK

1.6 kB

URL GET HTTP/3
blog.anywho-com.com/wp-content/uploads/2022/07/cropped-cropped-anywho-1-1-32x32.png
IP
104.21.72.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerLet's Encrypt
Subjectanywho-com.com
FingerprintB1:07:56:3D:3F:8B:02:C6:01:21:42:7A:9C:37:0E:1F:0F:4D:1C:56
ValidityMon, 28 Aug 2023 08:52:40 GMT - Sun, 26 Nov 2023 08:52:39 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1629 bytes)
Hash
d8d7a75c96b19457b919d69347442e90
2e7de882c654203a9b6caf6325e31260541cb065
007791e68906e0f68aa6e42704d1f06c9072c960764cc2d81a9d695901ffcd86

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/07/cropped-cropped-anywho-1-1-32x32.png HTTP/1.1
Host: blog.anywho-com.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 16 Oct 2023 23:17:25 GMT
content-type: image/png
content-length: 1629
cache-control: public, max-age=604800
expires: Wed, 18 Oct 2023 12:41:32 GMT
last-modified: Wed, 13 Jul 2022 19:42:05 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7RO%2FON1hdIX9yw6xxvluL1jz%2FOrtE30wEZ57%2BKWSSYwg6WxG8WcMV2p%2F%2FQ8Uiucy6FYLf7X%2FFaLnkmym3f9d0ad7MnUMfN1R%2BdNDc3ZerDCK2TSCtQ8ra0nqh1h7%2FGYzIhhQ51e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 817403e05baf56c3-OSL
alt-svc: h3=":443"; ma=86400

web.archive.org/web/20180825181937im_/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png

207.241.237.3

0 B

URL
web.archive.org/web/20180825181937im_/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png
IP
207.241.237.3:0
ASN
#7941 INTERNET-ARCHIVE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /web/20180825181937im_/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png HTTP/1.1
Host: web.archive.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.25.1
date: Mon, 16 Oct 2023 23:17:25 GMT
content-type: text/plain; charset=utf-8
content-length: 0
x-archive-redirect-reason: found capture at 20180825150024
location: https://web.archive.org/web/20180825150024im_/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png
server-timing: captures_list;dur=71.029020, exclusion.robots;dur=0.142706, exclusion.robots.policy;dur=0.130026, cdx.remote;dur=0.066488, esindex;dur=0.010416, LoadShardBlock;dur=39.645516, PetaboxLoader3.datanode;dur=37.713957
x-app-server: wwwb-app219
x-ts: 302
x-tr: 76
x-location: All
x-rl: 0
x-na: 0
x-page-cache: MISS
x-nid: -
referrer-policy: no-referrer-when-downgrade
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js

104.17.25.14

200 OK

5.1 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (17660)
Size
5.1 kB (5115 bytes)
Hash
12dd498bf90c536803c2aad708b66c2b
5f9363d39a405d1c94328cf2303ff4a05c0ad163
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

HTTP Headers

GET /ajax/libs/postscribe/2.0.8/postscribe.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 16 Oct 2023 23:17:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 5115
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64942d85-13fb"
last-modified: Thu, 22 Jun 2023 11:16:21 GMT
cf-cdnjs-via: cfworker/r2
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3390169
expires: Sat, 05 Oct 2024 23:17:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7WqirgiUYkl9FrxPWYhoBQSeC2%2BIPErN7x%2FKT0Oc2wCTCKqVRycJ3oRF0Zl6dwZ%2BLbc6AWf%2FRJh5z1NeSqd0dDvf2YIz6pYsUErUEIz%2FY2SAAMPxu0688U4h7LHzZsyy%2B4U4nrx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 817403e26c155691-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

web.archive.org/web/20180825150024im_/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png

207.241.237.3

2.1 kB

URL
web.archive.org/web/20180825150024im_/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png
IP
207.241.237.3:0
ASN
#7941 INTERNET-ARCHIVE

File type
PNG image data, 109 x 53, 8-bit colormap, non-interlaced\012- data
Size
2.1 kB (2060 bytes)
Hash
06a0476f2883cf50270c956bcab51795
30fd6d56191061bfc670de676345cd4dfafa237d
7795c83736c6b44914b7d9b0c4594366589a600e6cdf20efddf5aa6db08b2a1b

HTTP Headers

GET /web/20180825150024im_/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png HTTP/1.1
Host: web.archive.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.1
date: Mon, 16 Oct 2023 23:17:26 GMT
content-type: image/png
content-length: 2060
x-archive-orig-server: nginx/1.6.2
x-archive-orig-date: Sat, 25 Aug 2018 15:00:24 GMT
x-archive-orig-content-length: 2060
x-archive-orig-connection: close
x-archive-orig-last-modified: Tue, 03 Oct 2017 13:40:58 GMT
x-archive-orig-accept-ranges: bytes
cache-control: max-age=1800
x-archive-guessed-content-type: image/png
memento-datetime: Sat, 25 Aug 2018 15:00:24 GMT
link: <http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png>; rel="original", <https://web.archive.org/web/timemap/link/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png>; rel="timemap"; type="application/link-format", <https://web.archive.org/web/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png>; rel="timegate", <https://web.archive.org/web/20160402001854/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png>; rel="first memento"; datetime="Sat, 02 Apr 2016 00:18:54 GMT", <https://web.archive.org/web/20180519205815/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png>; rel="prev memento"; datetime="Sat, 19 May 2018 20:58:15 GMT", <https://web.archive.org/web/20180825150024/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png>; rel="memento"; datetime="Sat, 25 Aug 2018 15:00:24 GMT", <https://web.archive.org/web/20190125192309/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png>; rel="next memento"; datetime="Fri, 25 Jan 2019 19:23:09 GMT", <https://web.archive.org/web/20211210064823/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png>; rel="last memento"; datetime="Fri, 10 Dec 2021 06:48:23 GMT"
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org web-static.archive.org wayback-api.archive.org analytics.archive.org pragma.archivelab.org
x-archive-src: WIDE-20180825123640-crawl813/WIDE-20180825141848-00446.warc.gz
server-timing: captures_list;dur=100.305515, exclusion.robots;dur=0.124080, exclusion.robots.policy;dur=0.115595, cdx.remote;dur=0.059736, esindex;dur=0.010767, LoadShardBlock;dur=61.390508, PetaboxLoader3.datanode;dur=74.016699, load_resource;dur=241.924903, PetaboxLoader3.resolve;dur=210.546431
x-app-server: wwwb-app220
x-ts: 200
x-tr: 369
x-location: All
x-rl: 0
x-na: 0
x-page-cache: MISS
x-nid: -
referrer-policy: no-referrer-when-downgrade
permissions-policy: interest-cohort=()
accept-ranges: bytes
X-Firefox-Spdy: h2

blog.anywho-com.com/anywho-com/canadian-anywho-com/

104.21.72.194

200 OK

98 kB

URL User Request GET HTTP/2
blog.anywho-com.com/anywho-com/canadian-anywho-com/
IP
104.21.72.194:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectanywho-com.com
FingerprintB1:07:56:3D:3F:8B:02:C6:01:21:42:7A:9C:37:0E:1F:0F:4D:1C:56
ValidityMon, 28 Aug 2023 08:52:40 GMT - Sun, 26 Nov 2023 08:52:39 GMT

File type

Size
98 kB (97960 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /anywho-com/canadian-anywho-com/ HTTP/1.1
Host: blog.anywho-com.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 16 Oct 2023 23:17:24 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
link: <https://blog.anywho-com.com/wp-json/>; rel="https://api.w.org/", <https://blog.anywho-com.com/wp-json/wp/v2/pages/235>; rel="alternate"; type="application/json", <https://blog.anywho-com.com/?p=235>; rel=shortlink
x-litespeed-cache: hit
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnH3TEIrdtrsXfpk17yva4k0SWJcZtBVFGEXM95Luxqq6tAV5UDSmzFjXHD%2BoMbhdwKpHcFv8lYTLipq6MMjM%2Fq0hl9R0bYYy103zleSranTuXK9fHnfO%2FYyHsSC4vwZdHNlb9Co"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 817403db7a54b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

blog.anywho-com.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2

104.21.72.194

200 OK

104 kB

URL GET HTTP/3
blog.anywho-com.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
IP
104.21.72.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerLet's Encrypt
Subjectanywho-com.com
FingerprintB1:07:56:3D:3F:8B:02:C6:01:21:42:7A:9C:37:0E:1F:0F:4D:1C:56
ValidityMon, 28 Aug 2023 08:52:40 GMT - Sun, 26 Nov 2023 08:52:39 GMT

File type

Size
104 kB (104484 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.3.2 HTTP/1.1
Host: blog.anywho-com.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 16 Oct 2023 23:17:24 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 19 Oct 2023 22:57:28 GMT
last-modified: Tue, 08 Aug 2023 22:58:02 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 285824
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xH2rbloMZPKRROoNmGGQMCfOh7rQN2%2BSCaUw4QgVPz49i55vzdAqAgV61A5Yfd9CTYwGifXPt9kffFPyHYTbJylHYfIUs1Exhjp9%2B5DEAWBlW%2Bq%2BebRjOiwIAiYCaYEKV2zOeVC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 817403dddaa856c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

d3u598arehftfk.cloudfront.net/prebid_hb_3189_5673.js

143.204.42.42

200 OK

165 kB

URL GET HTTP/2
d3u598arehftfk.cloudfront.net/prebid_hb_3189_5673.js
IP
143.204.42.42:443
ASN
#16509 AMAZON-02

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (20659)
Size
165 kB (164854 bytes)
Hash
9632f855cbbada44aa1b31478a108aa5
9b4c5a433ae2e1f779534007bdfe59d9a03c176c
cb2fdc02432755b17386800e571e2a39797df1245827605b43f436732b397e29

HTTP Headers

GET /prebid_hb_3189_5673.js HTTP/1.1
Host: d3u598arehftfk.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 16 Oct 2023 23:17:26 GMT
last-modified: Wed, 23 Aug 2023 09:45:43 GMT
etag: W/"9632f855cbbada44aa1b31478a108aa5"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=864000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UZ1CDr0kRKSLuR7h7Ho3ZXghrlylhWgKXY75HkBUWmptKF5Shy5juw==
X-Firefox-Spdy: h2

blog.anywho-com.com/wp-content/themes/catch-box/js/catchbox-scrollup.min.js?ver=20072014

104.21.72.194

200 OK

327 B

URL GET HTTP/3
blog.anywho-com.com/wp-content/themes/catch-box/js/catchbox-scrollup.min.js?ver=20072014
IP
104.21.72.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerLet's Encrypt
Subjectanywho-com.com
FingerprintB1:07:56:3D:3F:8B:02:C6:01:21:42:7A:9C:37:0E:1F:0F:4D:1C:56
ValidityMon, 28 Aug 2023 08:52:40 GMT - Sun, 26 Nov 2023 08:52:39 GMT

File type
ASCII text, with very long lines (338), with no line terminators
Size
327 B (327 bytes)
Hash
b0f187e41282898a2680024353f76af8
6cc9ebb7ae4491efa6207f47cff2ceb3a2fd9879
dd9696bec1fcc1441d52a33079e9a0d6b200ff009226d68d4a006a02c7ef6b5a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/catch-box/js/catchbox-scrollup.min.js?ver=20072014 HTTP/1.1
Host: blog.anywho-com.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 16 Oct 2023 23:17:24 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Wed, 18 Oct 2023 01:31:46 GMT
last-modified: Sun, 10 Jul 2022 22:58:21 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 118348
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4s7UbrZj3ThcOUXFMOTuqb9OhsOCkeGJJaI7Wb7FXlFnWS8o5L65KoIOR0bz6K9r0HWNyNVklwhl%2By4axxtb9QmddHth2ZH6g5apDQosblq8EZC303T%2BlkbrAMKCdsdvzmNyc%2Fb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 817403ddfacf56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

blog.anywho-com.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/wpautoterms.css?ver=6.3.2

104.21.72.194

200 OK

547 B

URL GET HTTP/3
blog.anywho-com.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/wpautoterms.css?ver=6.3.2
IP
104.21.72.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerLet's Encrypt
Subjectanywho-com.com
FingerprintB1:07:56:3D:3F:8B:02:C6:01:21:42:7A:9C:37:0E:1F:0F:4D:1C:56
ValidityMon, 28 Aug 2023 08:52:40 GMT - Sun, 26 Nov 2023 08:52:39 GMT

File type
ASCII text, with very long lines (580), with no line terminators
Size
547 B (547 bytes)
Hash
b0903bca91dc63d6374e9059d8f6f1b9
ea2013d2f18776187635f90fd8bedf1be51f1443
d1f011b3175b9a03cbc62d6300bb1f56dfb9ae89e2972bcb2541e1e94b3be403

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/wpautoterms.css?ver=6.3.2 HTTP/1.1
Host: blog.anywho-com.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 16 Oct 2023 23:17:24 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 19 Oct 2023 22:57:27 GMT
last-modified: Wed, 14 Sep 2022 10:25:41 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 285824
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fsf7tjFH5GqdxJL9m1x8w3pUIFPFaKrRQLxOqQe0DUg4fLNFcKI1lUivDhQDk2rHhJEjIkwaF9Jm0yQ3v2xBeL0hUBU1AMzhy6lBRcZKEfjb65wJm9QD2ZlUyVKp2bk%2FcmuPdskP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 817403dddaa956c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

blog.anywho-com.com/wp-content/themes/catch-box/css/blocks.css?ver=1.0

104.21.72.194

200 OK

10 kB

URL GET HTTP/3
blog.anywho-com.com/wp-content/themes/catch-box/css/blocks.css?ver=1.0
IP
104.21.72.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerLet's Encrypt
Subjectanywho-com.com
FingerprintB1:07:56:3D:3F:8B:02:C6:01:21:42:7A:9C:37:0E:1F:0F:4D:1C:56
ValidityMon, 28 Aug 2023 08:52:40 GMT - Sun, 26 Nov 2023 08:52:39 GMT

File type
ASCII text
Size
10 kB (10245 bytes)
Hash
5b81275cac05b8da29f677e2bb8572c9
88f7953a229798c23c37039146386a044ab7f33a
95963adb7571430676dc2c03206c0d61abc639cf0d1365d4fddf72318e763ee2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/catch-box/css/blocks.css?ver=1.0 HTTP/1.1
Host: blog.anywho-com.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 16 Oct 2023 23:17:24 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Wed, 18 Oct 2023 01:31:46 GMT
last-modified: Sun, 10 Jul 2022 22:58:21 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 118348
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4d3zqIMFS6c103sY6ay0fGL1pWzfaxpktxhtDfgAbr1SrMj5wmtrBtkaPVx8Ctq9RE%2Fno%2FOozO8dIglbyKJAhZdiqDqet6f2O4AqaL4Sn5BTwhdRKHNGGI9r%2FOQDjqM%2FicW6xIFO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 817403ddeab056c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

blog.anywho-com.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.20.1

104.21.72.194

200 OK

12 kB

URL GET HTTP/3
blog.anywho-com.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.20.1
IP
104.21.72.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerLet's Encrypt
Subjectanywho-com.com
FingerprintB1:07:56:3D:3F:8B:02:C6:01:21:42:7A:9C:37:0E:1F:0F:4D:1C:56
ValidityMon, 28 Aug 2023 08:52:40 GMT - Sun, 26 Nov 2023 08:52:39 GMT

File type
ASCII text, with very long lines (1392)
Size
12 kB (11613 bytes)
Hash
6339ec10a9afe65744730af482be76ac
e1a99d02176008b569e15619442d1279a455265e
bc7269d642327a2174736fc2b0231d1626e6fff1ca2f57e19c59835e73febe85

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.20.1 HTTP/1.1
Host: blog.anywho-com.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 16 Oct 2023 23:17:24 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 16 Oct 2023 22:58:40 GMT
last-modified: Mon, 09 Oct 2023 22:56:59 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 579513
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTyimP3vuwbP1MvwyM%2B945SE8Rb2MZ3i4bppj0KBqRmgA60TeUev1r7jEWzn0c8eEHuwZH0BI0NkNey%2FjUjxiz5%2FJ3GVxOFyb%2BUME4zObLdy6R2LqKYDa1IMzfljIoFwu5XXzkRT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 817403ddeac356c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

web.archive.org/web/20180825181937im_/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png

207.241.237.3

302 Found

2.1 kB

URL GET HTTP/2
web.archive.org/web/20180825181937im_/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png
IP
207.241.237.3:443
ASN
#7941 INTERNET-ARCHIVE

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerGoDaddy.com, Inc.
Subject*.archive.org
FingerprintB8:AE:C6:B4:93:7D:61:C3:EC:83:3D:EA:8C:B9:55:13:0F:41:C8:96
ValidityThu, 19 Jan 2023 18:59:49 GMT - Tue, 20 Feb 2024 18:59:49 GMT

File type

Size
2.1 kB (2060 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /web/20180825181937im_/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png HTTP/1.1
Host: web.archive.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.25.1
date: Mon, 16 Oct 2023 23:17:25 GMT
content-type: text/plain; charset=utf-8
content-length: 0
x-archive-redirect-reason: found capture at 20180825150024
location: https://web.archive.org/web/20180825150024im_/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png
server-timing: captures_list;dur=71.029020, exclusion.robots;dur=0.142706, exclusion.robots.policy;dur=0.130026, cdx.remote;dur=0.066488, esindex;dur=0.010416, LoadShardBlock;dur=39.645516, PetaboxLoader3.datanode;dur=37.713957
x-app-server: wwwb-app219
x-ts: 302
x-tr: 76
x-location: All
x-rl: 0
x-na: 0
x-page-cache: MISS
x-nid: -
referrer-policy: no-referrer-when-downgrade
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2

blog.anywho-com.com/wp-content/themes/catch-box/js/menu.min.js?ver=2.1.1.1

104.21.72.194

200 OK

4.2 kB

URL GET HTTP/3
blog.anywho-com.com/wp-content/themes/catch-box/js/menu.min.js?ver=2.1.1.1
IP
104.21.72.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerLet's Encrypt
Subjectanywho-com.com
FingerprintB1:07:56:3D:3F:8B:02:C6:01:21:42:7A:9C:37:0E:1F:0F:4D:1C:56
ValidityMon, 28 Aug 2023 08:52:40 GMT - Sun, 26 Nov 2023 08:52:39 GMT

File type
ASCII text, with very long lines (4466), with no line terminators
Size
4.2 kB (4219 bytes)
Hash
8b3880ee79f841f1b200356c24f6db42
1209ef1cf0fb9827c9ef424e3495bc19420b8b94
01094ca925501553a50901f2bb7ae279ead55ff0fd9da9e34971d9a3062a0f4f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/catch-box/js/menu.min.js?ver=2.1.1.1 HTTP/1.1
Host: blog.anywho-com.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 16 Oct 2023 23:17:24 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Wed, 18 Oct 2023 07:26:24 GMT
last-modified: Sun, 10 Jul 2022 22:58:21 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 118348
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGDK2MJe0u7ezrSBWc%2BpdFQiZPz7JFq3y3uriGib%2FQS9dA%2BHVpQFpeEWooLiLETmx5Z8nxnJYPmqZsmdcmCozDSj82QSpihuOK9cfurJ5DTLINNxcr8IWQhWerODRweoL8mWF8%2Fa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 817403ddeac456c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hbagency.it/cdn/prebid_7_44_ng.js

172.64.143.36

200 OK

481 kB

URL GET HTTP/2
hbagency.it/cdn/prebid_7_44_ng.js
IP
172.64.143.36:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerCloudflare, Inc.
Subjecthbagency.it
Fingerprint46:EF:42:2C:CB:E3:E8:04:80:AD:10:EC:64:ED:10:9A:FA:72:0A:97
ValidityWed, 20 Sep 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
481 kB (480851 bytes)
Hash
5896fc05eff031688a3032862f09a580
2e83c9083dedc3c557f61eb074f8017afdea8275
62abb2acb82a1832beb6f7f01a455cc6101d6593963c744771434fc23cac2266

HTTP Headers

GET /cdn/prebid_7_44_ng.js HTTP/1.1
Host: hbagency.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 16 Oct 2023 23:17:25 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=481793
etag: W/"75a01-5f90dcab31228"
last-modified: Tue, 11 Apr 2023 11:28:34 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 267
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6x3zVbxRr0rfPRffxWFyOJK8z6Eb7sv%2Feb9ea%2F7ySOmy20PiCdi7E4n2cRvERrQ57WYddFg0JWxF0uoQdrT3b4fmRBRHKMs09nQ%2BfvLmAno%2FZy%2BUK5Um5tSRHg3KA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 817403e2ed9e8891-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

web.archive.org/web/20180825150024im_/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png

207.241.237.3

200 OK

2.1 kB

URL GET HTTP/2
web.archive.org/web/20180825150024im_/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png
IP
207.241.237.3:443
ASN
#7941 INTERNET-ARCHIVE

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerGoDaddy.com, Inc.
Subject*.archive.org
FingerprintB8:AE:C6:B4:93:7D:61:C3:EC:83:3D:EA:8C:B9:55:13:0F:41:C8:96
ValidityThu, 19 Jan 2023 18:59:49 GMT - Tue, 20 Feb 2024 18:59:49 GMT

File type
PNG image data, 109 x 53, 8-bit colormap, non-interlaced\012- data
Size
2.1 kB (2060 bytes)
Hash
06a0476f2883cf50270c956bcab51795
30fd6d56191061bfc670de676345cd4dfafa237d
7795c83736c6b44914b7d9b0c4594366589a600e6cdf20efddf5aa6db08b2a1b

HTTP Headers

GET /web/20180825150024im_/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png HTTP/1.1
Host: web.archive.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.25.1
date: Mon, 16 Oct 2023 23:17:26 GMT
content-type: image/png
content-length: 2060
x-archive-orig-server: nginx/1.6.2
x-archive-orig-date: Sat, 25 Aug 2018 15:00:24 GMT
x-archive-orig-content-length: 2060
x-archive-orig-connection: close
x-archive-orig-last-modified: Tue, 03 Oct 2017 13:40:58 GMT
x-archive-orig-accept-ranges: bytes
cache-control: max-age=1800
x-archive-guessed-content-type: image/png
memento-datetime: Sat, 25 Aug 2018 15:00:24 GMT
link: <http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png>; rel="original", <https://web.archive.org/web/timemap/link/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png>; rel="timemap"; type="application/link-format", <https://web.archive.org/web/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png>; rel="timegate", <https://web.archive.org/web/20160402001854/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png>; rel="first memento"; datetime="Sat, 02 Apr 2016 00:18:54 GMT", <https://web.archive.org/web/20180519205815/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png>; rel="prev memento"; datetime="Sat, 19 May 2018 20:58:15 GMT", <https://web.archive.org/web/20180825150024/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png>; rel="memento"; datetime="Sat, 25 Aug 2018 15:00:24 GMT", <https://web.archive.org/web/20190125192309/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png>; rel="next memento"; datetime="Fri, 25 Jan 2019 19:23:09 GMT", <https://web.archive.org/web/20211210064823/http://anywho-com.com/wp-content/uploads/2016/03/anywho-1.png>; rel="last memento"; datetime="Fri, 10 Dec 2021 06:48:23 GMT"
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org web-static.archive.org wayback-api.archive.org analytics.archive.org pragma.archivelab.org
x-archive-src: WIDE-20180825123640-crawl813/WIDE-20180825141848-00446.warc.gz
server-timing: captures_list;dur=100.305515, exclusion.robots;dur=0.124080, exclusion.robots.policy;dur=0.115595, cdx.remote;dur=0.059736, esindex;dur=0.010767, LoadShardBlock;dur=61.390508, PetaboxLoader3.datanode;dur=74.016699, load_resource;dur=241.924903, PetaboxLoader3.resolve;dur=210.546431
x-app-server: wwwb-app220
x-ts: 200
x-tr: 369
x-location: All
x-rl: 0
x-na: 0
x-page-cache: MISS
x-nid: -
referrer-policy: no-referrer-when-downgrade
permissions-policy: interest-cohort=()
accept-ranges: bytes
X-Firefox-Spdy: h2

blog.anywho-com.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

104.21.72.194

200 OK

88 kB

URL GET HTTP/3
blog.anywho-com.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
IP
104.21.72.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerLet's Encrypt
Subjectanywho-com.com
FingerprintB1:07:56:3D:3F:8B:02:C6:01:21:42:7A:9C:37:0E:1F:0F:4D:1C:56
ValidityMon, 28 Aug 2023 08:52:40 GMT - Sun, 26 Nov 2023 08:52:39 GMT

File type
ASCII text, with very long lines (65447)
Size
88 kB (87482 bytes)
Hash
ff04dd1ef5c67998d8652330c0441689
5e6ff5bd5240181a8bdea983837f39ac231dac4d
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.0 HTTP/1.1
Host: blog.anywho-com.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 16 Oct 2023 23:17:24 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 19 Oct 2023 23:47:52 GMT
last-modified: Tue, 08 Aug 2023 22:58:02 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 199869
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZc0f8oGFxQflsNdooN%2FUMgmKb0bMFW0ND1%2BGv9zPnnghZkLbZy%2BsNdoqq4vNASNKJz5DAicuulFoNZTA4K7Xb7%2BPTqy2224OJJNDfmPri8KIUhV72WS34s5id3oFFl8ThEZS6JZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 817403ddeab356c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

blog.anywho-com.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

104.21.72.194

200 OK

14 kB

URL GET HTTP/3
blog.anywho-com.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
104.21.72.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerLet's Encrypt
Subjectanywho-com.com
FingerprintB1:07:56:3D:3F:8B:02:C6:01:21:42:7A:9C:37:0E:1F:0F:4D:1C:56
ValidityMon, 28 Aug 2023 08:52:40 GMT - Sun, 26 Nov 2023 08:52:39 GMT

File type
ASCII text, with very long lines (13479)
Size
14 kB (13577 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: blog.anywho-com.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 16 Oct 2023 23:17:24 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Wed, 18 Oct 2023 03:51:23 GMT
last-modified: Tue, 08 Aug 2023 22:58:02 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 118348
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MAXT2se5bwEdd2guutTymx5AK%2BXaF6Qn5nkgx%2BCsRAV5E8gNfXhL5XeXyGevLXYk52N1Ujw92UqeAA1hMhBx8NO%2FDi86iN90XZajeM4QBsDzdb%2FLzuVkAAZC%2Fmz2D0YilTwgd%2Bg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 817403ddeab956c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

blog.anywho-com.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

104.21.72.194

200 OK

8.2 kB

URL GET HTTP/3
blog.anywho-com.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
IP
104.21.72.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerLet's Encrypt
Subjectanywho-com.com
FingerprintB1:07:56:3D:3F:8B:02:C6:01:21:42:7A:9C:37:0E:1F:0F:4D:1C:56
ValidityMon, 28 Aug 2023 08:52:40 GMT - Sun, 26 Nov 2023 08:52:39 GMT

File type
ASCII text, with very long lines (8365), with no line terminators
Size
8.2 kB (8171 bytes)
Hash
08e6714eaf3cfe8f3c7839f22d90ba4e
94fdad68854d0d3482b877aef7ba7c2eb265c621
e424039d5a737a1bda8a5ded60919e5067085729310762eebb09c20e07d249c8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 HTTP/1.1
Host: blog.anywho-com.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 16 Oct 2023 23:17:24 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 20 Oct 2023 01:04:07 GMT
last-modified: Wed, 29 Mar 2023 22:58:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 118348
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcL2ttcESp4l8WJudfvPkRVnfzoPM4o7ct4OzLu9b8CWq5Yjd6C1RFLRSEn%2BuI%2FoU%2BFFveccfVicvuCHpZFRadhgaYICeUaXdarb3supG4jkF98r67lEMWkuqNZ4YvIYsFbNsdZr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 817403ddeaba56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

blog.anywho-com.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11

104.21.72.194

200 OK

6.6 kB

URL GET HTTP/3
blog.anywho-com.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
IP
104.21.72.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerLet's Encrypt
Subjectanywho-com.com
FingerprintB1:07:56:3D:3F:8B:02:C6:01:21:42:7A:9C:37:0E:1F:0F:4D:1C:56
ValidityMon, 28 Aug 2023 08:52:40 GMT - Sun, 26 Nov 2023 08:52:39 GMT

File type
ASCII text, with very long lines (6777), with no line terminators
Size
6.6 kB (6607 bytes)
Hash
4b5583c1e3d9c4f85089eebae5b0ea63
8f1a4ba1dabf9fb35cfc2a2ebd08b93a91c0923b
4c4ee791f1baebfe9e127c3341a2eda8e6e8a5debf27d91fae8c04cd2adb1527

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11 HTTP/1.1
Host: blog.anywho-com.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 16 Oct 2023 23:17:24 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 19 Oct 2023 19:12:14 GMT
last-modified: Wed, 29 Mar 2023 22:58:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 118348
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02rQqvxGKvrEpoKywzjn%2B%2Frf5Y1C%2Fq3yuOnuaopNWjdmPrC02DJ0K7CZ%2FqwWnnmi4P90EWMn4HhB%2Ft6qr10OkFfH%2FNM1e4Y0zeCKZx1Qei8CeRAvs%2Fx%2FFZfAL%2FiScM6nfkyrn9b%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 817403ddeabd56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hbagency.it/cdn/tcf2_cmp_hbagency.js

172.64.143.36

200 OK

1.7 kB

URL GET HTTP/2
hbagency.it/cdn/tcf2_cmp_hbagency.js
IP
172.64.143.36:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerCloudflare, Inc.
Subjecthbagency.it
Fingerprint46:EF:42:2C:CB:E3:E8:04:80:AD:10:EC:64:ED:10:9A:FA:72:0A:97
ValidityWed, 20 Sep 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1748), with no line terminators
Size
1.7 kB (1696 bytes)
Hash
981f1678677b0ef4ea6a7a3bce8fa8fc
c68da8c7cede7ef8aafd58c50f19877a2d1055da
f49bd43b0a5ee2f66f779430b447b2929a48f82c5e49c0e7e0a4e977175a1cae

HTTP Headers

GET /cdn/tcf2_cmp_hbagency.js HTTP/1.1
Host: hbagency.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 16 Oct 2023 23:17:25 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=1697
etag: W/"6a1-5ffd0b2babd24"
last-modified: Thu, 06 Jul 2023 12:31:40 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5326
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKQkfqXOAkPkRwK5U2n4%2BlfB2%2BP4QSIpkQEulkzCXtb10offGJhmER6z4FaHHy623hho61%2BRAcPRQFnp6q8ly4STV%2FVrHm5hhKf%2BJQw7vPF%2BDUubXOlwco57zErU7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 817403e2eda58891-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

blog.anywho-com.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

104.21.72.194

200 OK

16 kB

URL GET HTTP/3
blog.anywho-com.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
104.21.72.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerLet's Encrypt
Subjectanywho-com.com
FingerprintB1:07:56:3D:3F:8B:02:C6:01:21:42:7A:9C:37:0E:1F:0F:4D:1C:56
ValidityMon, 28 Aug 2023 08:52:40 GMT - Sun, 26 Nov 2023 08:52:39 GMT

File type

Size
16 kB (16146 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: blog.anywho-com.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 16 Oct 2023 23:17:24 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Wed, 18 Oct 2023 02:34:12 GMT
last-modified: Tue, 08 Aug 2023 22:58:00 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 278448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wRqZhpANosHHnkDuh9Jf%2BhKJdpQ5hjuayK2RZQgGZiBwp7yqWeDPS0t76tpLj%2BNGr2RDNWpeA6Bs19NWy0xEKYh3r3ckss6Pp%2FYJqc793diGtNzTUJxo91Y0JjuvsxnID3ejF36m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 817403ddeabf56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

d3u598arehftfk.cloudfront.net/prebid_hb_3189_5673.js

143.204.42.42

200 OK

165 kB

URL GET HTTP/2
d3u598arehftfk.cloudfront.net/prebid_hb_3189_5673.js
IP
143.204.42.42:443
ASN
#16509 AMAZON-02

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (20659)
Size
165 kB (164854 bytes)
Hash
9632f855cbbada44aa1b31478a108aa5
9b4c5a433ae2e1f779534007bdfe59d9a03c176c
cb2fdc02432755b17386800e571e2a39797df1245827605b43f436732b397e29

HTTP Headers

GET /prebid_hb_3189_5673.js HTTP/1.1
Host: d3u598arehftfk.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 16 Oct 2023 23:17:26 GMT
last-modified: Wed, 23 Aug 2023 09:45:43 GMT
etag: W/"9632f855cbbada44aa1b31478a108aa5"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=864000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: f6GUetznHTGsAtdGr1vc2lGUejbGlHRfwpPc48irb55pUEAn3274yQ==
X-Firefox-Spdy: h2

blog.anywho-com.com/wp-content/themes/catch-box/style.css?ver=20220710-225821

104.21.72.194

200 OK

90 kB

URL GET HTTP/3
blog.anywho-com.com/wp-content/themes/catch-box/style.css?ver=20220710-225821
IP
104.21.72.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerLet's Encrypt
Subjectanywho-com.com
FingerprintB1:07:56:3D:3F:8B:02:C6:01:21:42:7A:9C:37:0E:1F:0F:4D:1C:56
ValidityMon, 28 Aug 2023 08:52:40 GMT - Sun, 26 Nov 2023 08:52:39 GMT

File type
ASCII text, with very long lines (1261)
Size
90 kB (89474 bytes)
Hash
1760761723626350b3528cdc5d3fa1f6
60f204dcc4c29dc6b263eaebdacfc636a0e38656
8e4c9716b25cf832b1d2ce7e4fea29b42980469edc763f31e79eac27bd0a429d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/catch-box/style.css?ver=20220710-225821 HTTP/1.1
Host: blog.anywho-com.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 16 Oct 2023 23:17:24 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Wed, 18 Oct 2023 01:23:29 GMT
last-modified: Sun, 10 Jul 2022 22:58:21 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 118348
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tM1Ai%2BsWkOCRgofQoqcMFNi3R%2BOlGPUZ00wEDaM4FWZaEYCQgrjHz1BdW46skEo0W97zI%2BPRY6OhbWhZa%2BVm9UzMNvOcSWROQ%2B3fav7y7Bkt30z2Hv28ezTbEJvJlDt4fwwM6vnJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 817403ddeaae56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

blog.anywho-com.com/wp-content/themes/catch-box/js/html5.min.js?ver=3.7.3

104.21.72.194

200 OK

2.6 kB

URL GET HTTP/3
blog.anywho-com.com/wp-content/themes/catch-box/js/html5.min.js?ver=3.7.3
IP
104.21.72.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerLet's Encrypt
Subjectanywho-com.com
FingerprintB1:07:56:3D:3F:8B:02:C6:01:21:42:7A:9C:37:0E:1F:0F:4D:1C:56
ValidityMon, 28 Aug 2023 08:52:40 GMT - Sun, 26 Nov 2023 08:52:39 GMT

File type
HTML document, ASCII text, with very long lines (2699), with no line terminators
Size
2.6 kB (2639 bytes)
Hash
c256de12273fed28c00f4509350dce3d
94acc960effd713572d808756fe1b43e7a21f9f6
590ee6c957faf3c38f6c301843099848a653fc0260c78365ece81db66339543f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/catch-box/js/html5.min.js?ver=3.7.3 HTTP/1.1
Host: blog.anywho-com.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 16 Oct 2023 23:17:24 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Wed, 18 Oct 2023 02:06:10 GMT
last-modified: Sun, 10 Jul 2022 22:58:21 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 118348
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YznIRa%2FJhg2G4uFWhou6vZ4fqP4UvVq%2FsbH7rHsb5go%2BuexTS6rMZxGRTZiK6aca8jqJl08RWKnZOYAczno8%2Bn2ylE77%2FYS8ICQGO9cXzwDoSygTcxXBoy0bCnusI9bvuNhVcuux"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 817403ddfacc56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

blog.anywho-com.com/wp-content/themes/catch-box/js/skip-link-focus-fix.js?ver=20151112

104.21.72.194

200 OK

1.1 kB

URL GET HTTP/3
blog.anywho-com.com/wp-content/themes/catch-box/js/skip-link-focus-fix.js?ver=20151112
IP
104.21.72.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerLet's Encrypt
Subjectanywho-com.com
FingerprintB1:07:56:3D:3F:8B:02:C6:01:21:42:7A:9C:37:0E:1F:0F:4D:1C:56
ValidityMon, 28 Aug 2023 08:52:40 GMT - Sun, 26 Nov 2023 08:52:39 GMT

File type
ASCII text, with very long lines (1157), with no line terminators
Size
1.1 kB (1058 bytes)
Hash
c58f9b7d63bddfe8c56cd7943d7872f4
2692a266b929fd2676bed7316be803367b47433d
376e6d52e04cb75970669996e83f5ff49cbfb125964bb9e75a78e716c0bb8369

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/catch-box/js/skip-link-focus-fix.js?ver=20151112 HTTP/1.1
Host: blog.anywho-com.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 16 Oct 2023 23:17:24 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Wed, 18 Oct 2023 01:31:46 GMT
last-modified: Sun, 10 Jul 2022 22:58:21 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 199869
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6RVVMZf9yv2%2F%2BE9dhp5wh2DIdWXbfyEXHwkapIkckWPAR5f4CvjKZjYhr1I9AIzY8m4IC1inttFpVgbGHjx6cO0fJEQutIUBEG65n8dTBioUuePTXw%2BxBnx%2BAtEhLQcOKvvRy1m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 817403ddface56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

blog.anywho-com.com/wp-content/themes/catch-box/genericons/genericons.css?ver=3.4.1

104.21.72.194

200 OK

28 kB

URL GET HTTP/3
blog.anywho-com.com/wp-content/themes/catch-box/genericons/genericons.css?ver=3.4.1
IP
104.21.72.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerLet's Encrypt
Subjectanywho-com.com
FingerprintB1:07:56:3D:3F:8B:02:C6:01:21:42:7A:9C:37:0E:1F:0F:4D:1C:56
ValidityMon, 28 Aug 2023 08:52:40 GMT - Sun, 26 Nov 2023 08:52:39 GMT

File type
ASCII text, with very long lines (18732)
Size
28 kB (28266 bytes)
Hash
13a6500ddf36c6dd581877aefc78d34d
3ab844aaad6045edbe2da9e78c3c9f41599b67d6
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/catch-box/genericons/genericons.css?ver=3.4.1 HTTP/1.1
Host: blog.anywho-com.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 16 Oct 2023 23:17:24 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Wed, 18 Oct 2023 01:31:47 GMT
last-modified: Sun, 10 Jul 2022 22:58:21 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 199869
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKtwCDy6Mpo0IfLy3N4uezenfy7ggs2VJbMSWKyIOiHrqhk39GbfqoEJEJvn7IrolE5ppDzPY8%2FczaWgSTjMs3CyF1J8sn9MkNKJrfHqcZ62SPHUdc7Uzk5PqMlB%2F9R4L6FYawtu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 817403dddaab56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

d3u598arehftfk.cloudfront.net/prebid_hb_3189_5673.js

143.204.42.42

200 OK

165 kB

URL GET HTTP/2
d3u598arehftfk.cloudfront.net/prebid_hb_3189_5673.js
IP
143.204.42.42:443
ASN
#16509 AMAZON-02

Requested by
https://blog.anywho-com.com/anywho-com/canadian-anywho-com/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (20659)
Size
165 kB (164854 bytes)
Hash
9632f855cbbada44aa1b31478a108aa5
9b4c5a433ae2e1f779534007bdfe59d9a03c176c
cb2fdc02432755b17386800e571e2a39797df1245827605b43f436732b397e29

HTTP Headers

GET /prebid_hb_3189_5673.js HTTP/1.1
Host: d3u598arehftfk.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.anywho-com.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 16 Oct 2023 23:17:26 GMT
last-modified: Wed, 23 Aug 2023 09:45:43 GMT
etag: W/"9632f855cbbada44aa1b31478a108aa5"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=864000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5z2oDxoNOp8Mg6vkvOzaUCsIE3_T2LSrUzxFlAf9OjHIjKpgXBJJag==
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by