| www.googleoptimize.com/optimize.js?id=OPT-K66VC78 |  142.250.74.78 | 200 OK | 48 kB |
URL GET HTTP/2www.googleoptimize.com/optimize.js?id=OPT-K66VC78 IP142.250.74.78:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (2642) Hash678758215e2f48151fb102b8681b9937 7b16db4c934c023c7702de17d562bb92f3752e8e 4f1a56e3585c2b296d93329feca17284b82f61838ad7056abc7278ef4e8939c0
GET /optimize.js?id=OPT-K66VC78 HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 20:52:23 GMT
expires: Fri, 26 Apr 2024 20:52:23 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 Apr 2024 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 48110
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-194954742-5 | 142.250.74.168 | 200 OK | 70 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=UA-194954742-5 IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (1763) Hashaaba8210a2e4159e048d354425ade6ed 4f9b176e30317405039f7f4f520be7a3aa4e3855 cbfd6b66a7474dbca7e32bc014599f3f08cf15cd35bc5140dc627ec87b287b9e
GET /gtag/js?id=UA-194954742-5 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 20:52:23 GMT
expires: Fri, 26 Apr 2024 20:52:23 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70119
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-4KK0KHLLBN | 142.250.74.168 | 200 OK | 92 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-4KK0KHLLBN IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (7711) Hash563a5f74bbaff731981330089ddbd9b4 8e7ffdc478c76a828a3d239340d18471805a5f0c d383e06401794c87c460bcf1925923213191e0bf1e6b64c87407615952b1e5b8
GET /gtag/js?id=G-4KK0KHLLBN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 20:52:23 GMT
expires: Fri, 26 Apr 2024 20:52:23 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 91566
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| sifucanva.com/wp-content/uploads/2021/09/cropped-Gradient-Background-142x21.png |  188.114.96.1 | 200 OK | 3.6 kB |
URL GET HTTP/3sifucanva.com/wp-content/uploads/2021/09/cropped-Gradient-Background-142x21.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typePNG image data, 142 x 21, 8-bit/color RGBA, non-interlaced Hash58a52a7ef5515edb858dde3c10f7f42e 8f58387f32cb487cc64c44c282ad2fe89e3446fd 619fe70c6f73a2d0d2bb5e3a23765910a3af596f39e1c72170894b0917c7d7f9
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2021/09/cropped-Gradient-Background-142x21.png HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: image/png
content-length: 3583
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Thu, 27 Oct 2022 10:09:38 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TSd2BwZEeTkmvTPB9E7W6JaJbZ338GSy88VPxmk6jmmW1EEwqvRSRde49YtqTPbXlV3AhiOE8EaXBWl2qH1zYEcGXTChrkcZNdg61f9kySbQ6VqPuM4o711hruXP5XYH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a974cbcc30b50b-OSL
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-jquery-form.min.js?ver=2.6.7 | 188.114.96.1 | 200 OK | 5.6 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-jquery-form.min.js?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (14452), with no line terminators Hash632962f383a66fd3d22f3e8f34bced13 09f1fa3fadfb7960994ecb183ee1b1c8f679dc7b 0bf4b3f691ac2a3f4ffdb1ee657cc5991eea1bf796361c2c9b8069648a704ff9
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/js/um-jquery-form.min.js?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:36 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zVxxSWuA%2BKbu1AIZNH6U3ktztwLyRO6Sle2tDDHlucBRmZvdeMd1iIBZhsDNRfuf4oNt%2FB9wkpzqBqIwZRMhjh1PXNhIuievF2jc%2FtIq2c5KMJ9X6%2BqxuLgXG4On5BQ%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbec61b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-includes/js/masonry.min.js?ver=4.2.2 | 188.114.96.1 | 200 OK | 78 kB |
URL GET HTTP/3sifucanva.com/wp-includes/js/masonry.min.js?ver=4.2.2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (23966) Hash3b3fc826e58fc554108e4a651c9c7848 76778fd446e2ff2377588a7b4ac4d79f258427c9 e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oWNcKOn0Q0LY%2F6pqyKQcVH8Bo8xf3h4k0RLaNIEvFW%2FnoQvTT1RCJd0KzMZ9oP6VkQeAi6sxsk2HYf%2FlT%2FUNjUm%2BDFpkz9u6Zw4Z6zLmdno383KuILDc4OC8eH4OI8zb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cc0c82b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/uploads/2022/02/canva-templates-1024x683.webp | 188.114.96.1 | 200 OK | 66 kB |
URL GET HTTP/3sifucanva.com/wp-content/uploads/2022/02/canva-templates-1024x683.webp IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeRIFF (little-endian) data, Web/P image Hashf17c7fb1bead256c9ae07d99b54b3de3 c767f03cc503c22b69ced5e9184d39dba0719e99 8d9cd310fd08753858f169e356a0ee273bfa899f0fffe42a4613f184d7d8007c
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2022/02/canva-templates-1024x683.webp HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:24 GMT
content-type: image/webp
content-length: 66204
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Thu, 24 Feb 2022 09:05:43 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yuHjpS6tzXr5Mzv8kvdfqMtgzMgx6ZYLmTTXIJU89DYYimVo%2BKozKCA58aOR57H%2FDJGhBPovcR5AZqw2MErXYuW%2FbHAewXzOdO7JB%2FEKQ%2BqR%2Bm1kmPRF6vGh3%2B55VL%2BH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a974cbcc36b50b-OSL
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/js/pickadate/picker.time.js?ver=2.6.7 | 188.114.96.1 | 200 OK | 88 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/js/pickadate/picker.time.js?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash60670d05e3fb8ce86d8320d91e90d51a 0baccdb5050429dd4f41b9da64c8c5754007e85f 40056d362065e0d24fff7a1e5c2d07d807aaa4a3f04305b3f416d4c11607745b
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/js/pickadate/picker.time.js?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:36 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XHXiVHHVaMuwU5nuosDHQXDDyQ81Jd1o%2F%2FjyfalOGKN1lZQrm6aXS4xStvKk83m2DiHYexNJ5BRmDv4pTZJyLza5VjgrdfdJjH0iS2%2BD95oy6TJBxVx3bi9et4BnOXY1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbfc6eb50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.15.2 | 188.114.96.1 | 200 OK | 71 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.15.2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (4918) Hash88970708a7ed5eb95e635f3eae026b51 0a7bff09257e9c7e072c59d3dd5cd6b7af6e6e6b 1a11d4c8a6d406d2b3d222fea59f8ec58c8846662393bcb2ac17760c9545270e
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.15.2 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Wed, 16 Aug 2023 03:15:23 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AzsHNKbeJCo%2FR9kBwlcPv%2Fjui1%2B8ANXEVC%2FGQTM4f4uESzSu9dL9MoJcF%2BFOsauo%2BaTu9DZb6B3rsj0nweUDDUAtdHKwfHf7Y3DQ5AtOL3qZYBmvQ2ftt%2BO1sDVgCsbH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cc1ca7b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/funnel-builder/woofunnels/assets/js/utm-tracker.min.js?ver=1.10.11.5 | 188.114.96.1 | 200 OK | 94 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/funnel-builder/woofunnels/assets/js/utm-tracker.min.js?ver=1.10.11.5 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (4660), with no line terminators Hash3429b3024c75999ab35a47d5816fc320 91c577f7212955e45b57fb1eb86767231dbe4606 426e7483284ab81aedbfc216943dd7c73e5992125388ea706e5d04804b2d75e6
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/funnel-builder/woofunnels/assets/js/utm-tracker.min.js?ver=1.10.11.5 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Fri, 23 Jun 2023 03:44:32 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=83nlNuybiupqr1RAW%2FIBkzfzPSgfAAqYVCI9C3%2F9SQKyrndBfESIL5JduWQ3Ojfv%2FQG2WI7QcmjoWgNt2QvHfvYKH95Vyq9pWZLxHyHvGSS2%2BO7y4DiRCPfIdSGPq1zT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cc1ca4b50b-OSL
content-encoding: br
|
|
| ga.getresponse.com/script/ga.js?v=2&grid=sBDcBX0JadH4IA3I%3D |  178.16.117.14 | 200 OK | 660 B |
URL GET HTTP/2ga.getresponse.com/script/ga.js?v=2&grid=sBDcBX0JadH4IA3I%3D IP178.16.117.14:443 ASN#198881 GETRESPONSE Sp.z o.o.
CertificateIssuerGoDaddy.com, Inc. Subject*.getresponse.com Fingerprint2A:0A:21:D8:7E:64:C2:B5:D3:56:E7:66:29:ED:48:E5:FF:3B:E1:50 ValidityThu, 28 Mar 2024 16:12:52 GMT - Fri, 11 Apr 2025 10:53:03 GMT
File typeASCII text, with very long lines (660), with no line terminators Hashf612263cd215d9dbc95f26607aae1167 babbb880a9c7f9fbc7e6b93a7fb1e3184bba89f8 311b1d68ac4dfa57b5c20435d065cc7ab2c1590ec77a47c7d20e342ead59df3a
GET /script/ga.js?v=2&grid=sBDcBX0JadH4IA3I%3D HTTP/1.1
Host: ga.getresponse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://sifucanva.com/
content-length: 660
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type: text/javascript; charset=utf-8
date: Fri, 26 Apr 2024 20:52:24 GMT
etag: W/"294-uru4gKnH+fvH5rk6f7HjGEu6ifg"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-response-id: 2ff0ff02-709a-407e-a954-76217656ed47
x-xss-protection: 0
X-Firefox-Spdy: h2
|
|
| sifucanva.com/wp-content/uploads/2022/02/ebook-1024x667.webp | 188.114.96.1 | 200 OK | 58 kB |
URL GET HTTP/3sifucanva.com/wp-content/uploads/2022/02/ebook-1024x667.webp IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeRIFF (little-endian) data, Web/P image Hashc0dd94e510df07e60d1f384401ae6e8f cf0880a24ed8750aaa55da1cd3e8d8833975f7e4 f90a89ad13edb6c742f53283591255724a830cb170b36bed97c627b6f607919d
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2022/02/ebook-1024x667.webp HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:24 GMT
content-type: image/webp
content-length: 57604
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Thu, 24 Feb 2022 09:07:38 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cKT9Sn4oyiYJ6wP2%2FV%2FcEKJgTMTCJlfJyOoQ9KLl%2BrEc2%2Fsrfl1%2FNSq0K1lOWVrEBdbNfrf4FyjljyOpxnt6FzyYaK4RYNs3dV4KigCLUO6jUuYVILDXs2XNayG0wvZT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a974cbcc37b50b-OSL
|
|
| sifucanva.com/wp-content/uploads/2022/02/ezgif.com-gif-maker-1024x502.webp | 188.114.96.1 | 200 OK | 59 kB |
URL GET HTTP/3sifucanva.com/wp-content/uploads/2022/02/ezgif.com-gif-maker-1024x502.webp IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeRIFF (little-endian) data, Web/P image Hashc0b72490e648792b7d6d2f5176370afc 5474147f452b030305ed6a86e97d7b390af34ab9 7369223fe8ead6ba597b08fa5e7c7a7e654a22879f526a8cdfd24635fd1ffe88
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2022/02/ezgif.com-gif-maker-1024x502.webp HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:24 GMT
content-type: image/webp
content-length: 58698
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Thu, 24 Feb 2022 08:46:33 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nWo4ZYuAbud9bK0j7gNTCDp2baZbFIT%2B6PgVOvWLP38xREdo%2FsNfXmWu6953bLBfBEhuy6Wz1sZgE9hIu9tvT%2BQVbnWOmN1pJ995GVVNsr%2BkMYJNfABJJjjxIRaTSU8y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a974cbcc31b50b-OSL
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sifucanva.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:55:49 GMT
expires: Sat, 26 Apr 2025 05:55:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 53795
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sifucanva.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:02:10 GMT
expires: Sat, 26 Apr 2025 06:02:10 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 53414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 | 216.58.207.227 | 200 OK | 39 kB |
URL GET HTTP/2fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 39124, version 1.0 Hash86b73ab5f530be7984b704414f2a711d 8e297794ed7b6f5ea476d14b5270df12e8f3e42a 1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
GET /s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sifucanva.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 39124
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:54:16 GMT
expires: Fri, 25 Apr 2025 02:54:16 GMT
cache-control: public, max-age=31536000
age: 151088
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 | 216.58.207.227 | 200 OK | 39 kB |
URL GET HTTP/2fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 39124, version 1.0 Hash86b73ab5f530be7984b704414f2a711d 8e297794ed7b6f5ea476d14b5270df12e8f3e42a 1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
GET /s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sifucanva.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 39124
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:54:16 GMT
expires: Fri, 25 Apr 2025 02:54:16 GMT
cache-control: public, max-age=31536000
age: 151088
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/nunito/v26/XRXX3I6Li01BKofIMNaDRs4.woff2 | 216.58.207.227 | 200 OK | 42 kB |
URL GET HTTP/2fonts.gstatic.com/s/nunito/v26/XRXX3I6Li01BKofIMNaDRs4.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 41800, version 1.0 Hash3ea99ad21ca9121d85ab7e668fe557e4 a3c34cafeee04cc309f965899b0b879793e59795 2a4ba0bfd05a144b759af1564fae807d80463489344ed2cf2d0f7fb5635e967a
GET /s/nunito/v26/XRXX3I6Li01BKofIMNaDRs4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sifucanva.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 41800
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:40:24 GMT
expires: Fri, 25 Apr 2025 02:40:24 GMT
cache-control: public, max-age=31536000
age: 151920
last-modified: Thu, 14 Sep 2023 00:02:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| sifucanva.com/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.5.2 | 188.114.96.1 | 200 OK | 40 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.5.2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (1146) Hashff9016c99f73c592c2648319ea6d2074 f2918fb5f72121b67f74c5f5ccbb47a2eb1317b0 37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.5.2 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Wed, 16 Aug 2023 01:55:03 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kV4XkcFlbxpvXSwmsGMrVnSnBjcutb4MXIVXngibtNvOfgx5UexO0B79Z3RRFaH1UVMCsfDTP5LXIk2aenrE1mwu4aaQDud1r8ghTdsgDe5SJBeklLpxTLRvsr7e2eqO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbac16b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b | 188.114.96.1 | 200 OK | 40 kB |
URL GET HTTP/3sifucanva.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (1626) Hashcd0eb3406096ff80266e7c9d7d419186 0e3709691bf96233766de30e2fd473b84166c5b6 c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Thu, 18 Aug 2016 18:55:30 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hmOZ8LyHrBvZnbgs4Q9h%2FOVszAgalTjeoSGwQrGQibwk1tdximac%2FSzeJOVDnDLRupgPQKaC00zlqgNpdqPZsZM41kENDLkKHep2EQP1MgdKAmkzK5KbmReeyjTYZhP0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cc0c83b50b-OSL
content-encoding: br
|
|
| pixel.wp.com/g.gif?v=ext&blog=198044887&post=1959&tz=8&srv=sifucanva.com&j=1%3A12.3&host=sifucanva.com&ref=&rand=0.601414142827815 | 192.0.76.3 | 200 OK | 50 B |
URL GET HTTP/3pixel.wp.com/g.gif?v=ext&blog=198044887&post=1959&tz=8&srv=sifucanva.com&j=1%3A12.3&host=sifucanva.com&ref=&rand=0.601414142827815 IP192.0.76.3:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2 ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
File typeGIF image data, version 89a, 6 x 5 Hashe4d673a55c5656f19ef81563fb10884c 1f2d8ed221d39329251ad3a6ff1edb20b7219443 f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=198044887&post=1959&tz=8&srv=sifucanva.com&j=1%3A12.3&host=sifucanva.com&ref=&rand=0.601414142827815 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
server: nginx
date: Fri, 26 Apr 2024 20:52:24 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-raty.min.js?ver=2.6.7 | 188.114.96.1 | 200 OK | 3.2 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-raty.min.js?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (9116), with no line terminators Hash6ba1750436e9c8389bc0a5d80ce34317 31c2609f9e63352da4144b7275b687f34fe2b7c8 078ba02b0d0e4ec91fe9f578866820579774a0a9215fcaa6ca3597338918b883
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/js/um-raty.min.js?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:36 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fi0rUY0Avz4RnJCcWQEz9izf9us1n6PhDfLs%2F4l%2F4xCFai5MJOFiaBBvUKz9C3OAEyxGOunZmUV658M0INDOZ%2FE1XY%2FMgPaJCbW%2Fa6MgN60PHZ%2B5Acszib3fS51PuYMC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbfc70b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/js/select2/select2.full.min.js?ver=4.0.13 | 188.114.96.1 | 200 OK | 114 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/js/select2/select2.full.min.js?ver=4.0.13 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64131) Size114 kB (113751 bytes) Hashfcd7500d8e13d2b2aae5d3956dc3e21d aa40e683c82dd844db73fde37048cf7fc145135e 5c6fdab80cb86a279695dccc226a1fac50e2c922bea70242edaa28f52b7bad2d
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/js/select2/select2.full.min.js?ver=4.0.13 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:36 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z5kS%2BoH4OV7r7BjS1bBWZF9F73HyOEVdJcCG94g%2Bh99Adf8xwVWmONKDLmbmf%2BHTu05At80auDCdBU25OHewzCqCJ8MhTBT0lWISrM5LIbWlYx1n0ciSl%2BNlVAKRHUvF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbec51b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/woocommerce/assets/js/sourcebuster/sourcebuster.min.js?ver=8.8.2 | 188.114.96.1 | 200 OK | 75 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/woocommerce/assets/js/sourcebuster/sourcebuster.min.js?ver=8.8.2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (14500), with no line terminators Hashaf44f82a13e50f4ab09a194247ac71bc e1c921fa718e918e70a25cd278a9ff5b8be9c2bf 881f4e9fde0d4d4bdcf1eae9fd2d68378c5203969e6ceedf59b4e29567f238a9
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/woocommerce/assets/js/sourcebuster/sourcebuster.min.js?ver=8.8.2 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Thu, 18 Apr 2024 03:38:23 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VOQqhOxtLelKr7VbpefhcL0TbwJaXC5M3a7YUMX2FFz25t2t1hcyFYAoWmrdvFqajIj8Legxq43jImnXwGHmGGCLFTQF9NS7mcprS10UPhytwFE6rwIRakMDGp474%2BoL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbdc47b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/js/pickadate/picker.date.js?ver=2.6.7 | 188.114.96.1 | 200 OK | 14 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/js/pickadate/picker.date.js?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash03b88229f56a7d4ba729c943466113c2 d61de3d9bfcf75e867e17b35c37eb333a09eebc4 fb5bdc3841946772bb0fc371f130485db6249a4d35ae28c7dafcc7c39b00c900
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/js/pickadate/picker.date.js?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:36 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VCesoBj0h7D6GSckmUJbLOWj%2FsTr19OIGfLWn%2Bt1NYZA3X3gtfKv1Ua3ZhJxpnyyW5v%2BIRg7uGIwEdX4%2FTud1%2FwJCNoa2cZLioLGKuFaATfm3yg8DqElrV1DDyX6T%2Fy0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbec67b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.15.2 | 188.114.96.1 | 200 OK | 91 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.15.2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (40706) Hash6b62b8eae228a44aa1f48ea73fde62fe b46989a3a139de7f4b92bd5173978220962fd242 202aa6d8ac6559305e6d1b273941796e5fab95dc0a08f9a9f0e4955afa0b4668
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.15.2 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Wed, 16 Aug 2023 03:15:22 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c%2FbVkw%2FHyYdR9Ttz5XrlvWBcrJofH7CLKDgwqXJw5y%2BW7lBQBllTvWRl73PARUnsBN4%2F2G0jKOhNldln8b2M45DR6aTsb6iwMGfPBA0O%2F5SwKL73blZtsM1YFui4PQYs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cc2cb8b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 | 188.114.96.1 | 200 OK | 4.9 kB |
URL GET HTTP/3sifucanva.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (15752) Hashb976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Cookie: pys_session_limit=true; pys_start_session=true; sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2024-04-26%2020%3A52%3A24%7C%7C%7Cep%3Dhttps%3A%2F%2Fsifucanva.com%2F%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2024-04-26%2020%3A52%3A24%7C%7C%7Cep%3Dhttps%3A%2F%2Fsifucanva.com%2F%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fsifucanva.com%2F; wffn_flt=2024-4-27 4:52:24; wffn_timezone=UTC; wffn_is_mobile=false; wffn_browser=Firefox; wffn_referrer=; _gcl_au=1.1.454998238.1714164744; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; conv_person={"$visitNum":1,"$fvDate":1714164744}; conv_session={"start":1714164744,"shown":[],"startUrl":"https://sifucanva.com/","referrer":"","expires":1714166544,"isNew":true,"pageViews":1}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:25 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:25 GMT
last-modified: Wed, 03 Apr 2024 05:47:07 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4I5eQb4XFBGjXIrdifZ9dwhUa1c%2Br%2BD4M1Q4OSY6D19Ej%2FpC0dAiajQbQiUia950IPs4qXRgjtTXHkmDTOlC%2FiltOa6rj0zXQzXDltkWeIxZ1AdQ7CizMjd57CjkXUQs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974d55df2b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-functions.min.js?ver=2.6.7 | 188.114.96.1 | 200 OK | 9.5 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-functions.min.js?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (14600), with no line terminators Hash9499875ee5abfb8657bd82932096ad35 44bff54c033cb9a41c2782ef40232f9d07c82518 46ae5ddd4fb5bb86673d709aa97e47db48c0def2c324b2867cc6d32d071d80ae
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/js/um-functions.min.js?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:36 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gpuXvsufxN%2B17IAXT1GzHF0RAy3xaMCVsIbjU0fMXwdgWnJCLS00wBK9QJ1jhI30ROOd%2FlTbd0%2BobrPtmOaS0ebhP9YFhz%2BOMs98PRiwz0W9H5dlWuFwB0XwHpE1Hda0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cc0c85b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-includes/js/underscore.min.js?ver=1.13.4 | 188.114.96.1 | 200 OK | 7.6 kB |
URL GET HTTP/3sifucanva.com/wp-includes/js/underscore.min.js?ver=1.13.4 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (18798) Hashf88d5720bb454ed5d204cbdb56901f6b f1952292fde4b15936e9aac16b2b9896684db95b 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Wed, 02 Nov 2022 08:08:22 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kv%2BcT3S3pl42UsF7lYNZRAqMs49RC30fbYg9hHMqxJ2dPwVnTXWa2Hl%2BLpkWot8X3Qkm%2F0uJ5igcXUSRL2kmAJ2lyWY8hhnn%2FT2ZeHdxmE5ttIjoWWagn73YcKHAYaKj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbec54b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/elementor/assets/js/toggle.31881477c45ff5cf9d4d.bundle.min.js | 188.114.96.1 | 200 OK | 21 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/elementor/assets/js/toggle.31881477c45ff5cf9d4d.bundle.min.js IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (3730) Hashe1c57520a7a09a32a13f865151e2a062 46fc448c2119276654991c7031dc796c3193d6f3 f4e1f0512d8f96c21f806d1bceb118ae7a821eacf68d19016df4546c3406542e
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/js/toggle.31881477c45ff5cf9d4d.bundle.min.js HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Cookie: pys_session_limit=true; pys_start_session=true; sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2024-04-26%2020%3A52%3A24%7C%7C%7Cep%3Dhttps%3A%2F%2Fsifucanva.com%2F%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2024-04-26%2020%3A52%3A24%7C%7C%7Cep%3Dhttps%3A%2F%2Fsifucanva.com%2F%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fsifucanva.com%2F; wffn_flt=2024-4-27 4:52:24; wffn_timezone=UTC; wffn_is_mobile=false; wffn_browser=Firefox; wffn_referrer=; _gcl_au=1.1.454998238.1714164744; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; conv_person={"$visitNum":1,"$fvDate":1714164744}; conv_session={"start":1714164744,"shown":[],"startUrl":"https://sifucanva.com/","referrer":"","expires":1714166544,"isNew":true,"pageViews":1}; _ga_4KK0KHLLBN=GS1.1.1714164744.1.0.1714164744.0.0.0; _ga=GA1.1.1735857933.1714164745; gaVisitorUuid=aa507c2e-ada0-4409-b387-1f4b79f2c6fe; _ga_3BQJ6PZR3V=GS1.1.1714164744.1.0.1714164744.0.0.0; pys_first_visit=true; pysTrafficSource=direct; pys_landing_page=https://sifucanva.com/; last_pysTrafficSource=direct; last_pys_landing_page=https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:25 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:25 GMT
last-modified: Wed, 16 Aug 2023 03:15:23 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jICkRLKa7eugdGbPdLeLjY%2FQaZqvNm1xbP3J%2Fpkkgv3SiuXunQMGww36EBpYQ84a6oXIS8gDa6vZ9qt3lG06cezy%2FikkCRuAB09Xt63DuxYw8xcfRXT1bKbJYOP64BXh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974d8d958b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/uploads/2021/08/cropped-Purple-Geometric-Letter-S-Design-Logo-32x32.png | 188.114.96.1 | 200 OK | 1.2 kB |
URL GET HTTP/3sifucanva.com/wp-content/uploads/2021/08/cropped-Purple-Geometric-Letter-S-Design-Logo-32x32.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typePNG image data, 32 x 32, 8-bit/color RGB, non-interlaced Hashb7d938428a92be4c1ce553add2e2ccd6 5bc9b26941a0fe569bc02dc0300ba25e079a6e99 762b125daf0e23410ffb39be8eed3569143b7c3b01de22923fce38b56a93cbc0
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2021/08/cropped-Purple-Geometric-Letter-S-Design-Logo-32x32.png HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Cookie: pys_session_limit=true; pys_start_session=true; sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2024-04-26%2020%3A52%3A24%7C%7C%7Cep%3Dhttps%3A%2F%2Fsifucanva.com%2F%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2024-04-26%2020%3A52%3A24%7C%7C%7Cep%3Dhttps%3A%2F%2Fsifucanva.com%2F%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fsifucanva.com%2F; wffn_flt=2024-4-27 4:52:24; wffn_timezone=UTC; wffn_is_mobile=false; wffn_browser=Firefox; wffn_referrer=; _gcl_au=1.1.454998238.1714164744; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; conv_person={"$visitNum":1,"$fvDate":1714164744}; conv_session={"start":1714164744,"shown":[],"startUrl":"https://sifucanva.com/","referrer":"","expires":1714166545,"isNew":true,"pageViews":1}; _ga_4KK0KHLLBN=GS1.1.1714164744.1.0.1714164744.0.0.0; _ga=GA1.1.1735857933.1714164745; gaVisitorUuid=aa507c2e-ada0-4409-b387-1f4b79f2c6fe; _ga_3BQJ6PZR3V=GS1.1.1714164744.1.0.1714164744.0.0.0; pys_first_visit=true; pysTrafficSource=direct; pys_landing_page=https://sifucanva.com/; last_pysTrafficSource=direct; last_pys_landing_page=https://sifucanva.com/; _fbp=fb.1.1714164744790.8877283379; prism_27353810=fd6956cf-9ad9-4d4f-b043-f88195f4f25f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:25 GMT
content-type: image/png
content-length: 1233
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 19:45:54 GMT
last-modified: Thu, 23 Sep 2021 04:36:28 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 176791
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YUfl%2FmRVszD9Amsay3Jr41hzGLHvbgqjINa%2B1eh9xSBLJuX2YvKgLREvqPwr218yZ1EBu%2B7tQz3S1zf%2FXGPS1Ta0e6v15xmN%2B490BYlQnUvmE%2FgckmUlOcY3cK0L3pU9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a974de4f68b50b-OSL
|
|
| sifucanva.com/wp-admin/admin-ajax.php | 188.114.96.1 | 200 OK | 3.0 kB |
URL POST HTTP/3sifucanva.com/wp-admin/admin-ajax.php IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
Hashb06b55616cafd224cc7783a21b00d996 567bd3367b947e3ad5a2bbfd31e6eda1b16f17da 29405322c829b74a3f89700f8768904d4b34527d5d3dda9f779757e7ad364441
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cache-Control: no-cache
X-Requested-With: XMLHttpRequest
Content-Length: 368
Origin: https://sifucanva.com
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Cookie: pys_session_limit=true; pys_start_session=true; sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2024-04-26%2020%3A52%3A24%7C%7C%7Cep%3Dhttps%3A%2F%2Fsifucanva.com%2F%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2024-04-26%2020%3A52%3A24%7C%7C%7Cep%3Dhttps%3A%2F%2Fsifucanva.com%2F%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fsifucanva.com%2F; wffn_flt=2024-4-27 4:52:24; wffn_timezone=UTC; wffn_is_mobile=false; wffn_browser=Firefox; wffn_referrer=; _gcl_au=1.1.454998238.1714164744; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; conv_person={"$visitNum":1,"$fvDate":1714164744}; conv_session={"start":1714164744,"shown":[],"startUrl":"https://sifucanva.com/","referrer":"","expires":1714166544,"isNew":true,"pageViews":1}; _ga_4KK0KHLLBN=GS1.1.1714164744.1.0.1714164744.0.0.0; _ga=GA1.1.1735857933.1714164745; gaVisitorUuid=aa507c2e-ada0-4409-b387-1f4b79f2c6fe; _ga_3BQJ6PZR3V=GS1.1.1714164744.1.0.1714164744.0.0.0; pys_first_visit=true; pysTrafficSource=direct; pys_landing_page=https://sifucanva.com/; last_pysTrafficSource=direct; last_pys_landing_page=https://sifucanva.com/; _fbp=fb.1.1714164744790.8877283379
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:28 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
access-control-allow-origin: https://sifucanva.com
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-litespeed-tag: a66_HTTP.200
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-cache-control: no-cache
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x5z22zP%2BJMzfOlXDmVAhSVtZ9WA2d6iuoF7JtvtsCcbH3nU19rA%2F%2F6GjxsHxt3UEyDcszAQ7raaHjMpHd9dWyrAeHtStwbclXp4LrBJnsp4DMSpvlBEUT7P0mX0xzuPA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974d8d95db50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0 | 188.114.96.1 | 200 OK | 6.6 kB |
URL GET HTTP/3sifucanva.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (4358) Hash6823120876c9afc8929418c9a6f8e343 90b0adb37d70ffec5f9189c36bb0027c310c9502 b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/imagesloaded.min.js?ver=5.0.0 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Wed, 08 Nov 2023 08:45:32 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bnoAYUxNgTnwu1ixPiseF9pr3AZ%2FfyBIua2l5yYUgLka8lZwLmtXgaFS0G8kadGbRwa7D48Gf0Vpd3V4WZOqF2518IEz4ZGjr7bk91%2F8kWMELfAUHz1MQbq2iwGXqSlS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cc0c81b50b-OSL
content-encoding: br
|
|
| visit.startfinishthis.com/2L1mRj?q=sifucanva.com |  104.21.64.161 | 200 OK | 7.4 kB |
URL GET HTTP/2visit.startfinishthis.com/2L1mRj?q=sifucanva.com IP104.21.64.161:443
CertificateIssuerGoogle Trust Services LLC Subjectstartfinishthis.com FingerprintD5:E5:97:E4:E8:D4:53:86:B2:E1:D7:EF:F4:69:83:94:C6:46:E9:8C ValidityMon, 04 Mar 2024 14:59:39 GMT - Sun, 02 Jun 2024 14:59:38 GMT
File typeJavaScript source, ASCII text, with very long lines (7750) Hash02b232562fac1f903859abaf066919c5 eb98b38e5e5af2127e333c0d91efd5f5d2299e0b 5268cd6ccfe14126dda3076f3b128ec20995afdb4875e0494880e71f1cb741d2
GET /2L1mRj?q=sifucanva.com HTTP/1.1
Host: visit.startfinishthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:52:25 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 26 Apr 2024 20:52:25 GMT
set-cookie: _subid=376l60jgav75d; expires=Mon, 27 May 2024 20:52:25 GMT; path=/
a4fba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQxXCI6MTcxNDE2NDc0NX0sXCJjYW1wYWlnbnNcIjp7XCIxM1wiOjE3MTQxNjQ3NDV9LFwidGltZVwiOjE3MTQxNjQ3NDV9In0.mjPbsIZRhPuhE-YZYxkvegDxkL4t68zOlq_hlN8GElc; expires=Mon, 22 Aug 2078 17:44:50 GMT; path=/
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RrKUXa3YpMSAZhikBmVApWdXD6dfbdPE9rEEwoCkuMLUJLLYS7pErkdRyYlzDvc%2FWm4NVT1UOdhzBz5U9YD2dj60us5t32tPQ1s7KoWTwTQovG2UgmHg80cEIsiNt95LVv1DWfpHAIrQv2uS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974db89deb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-modal.min.js?ver=2.6.7 | 188.114.96.1 | 200 OK | 10 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-modal.min.js?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (5277), with no line terminators Hash6d971dd996d32341e30b678d0d4852bb 53c7d9f0a3f094b7cc6dbdf878ab6fd2ba512ff5 de5f6687c2afbbb02a950bc167c62142aa7da7ecaef5a941c545a3baaa4dee0e
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/js/um-modal.min.js?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:36 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8gWDX9HFquw3E3AZMYRg6UNp4wv0MnNm6TqfblWB3TCsjr46qJ7dezx4V6KEvqFvFAKnqCJiTnujhS4xpM%2BYzCQKKDpyhkOS9aXrSTA9bnMtKErLqdwA22Dk7KqtOeHR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbec58b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/uploads/elementor/css/post-1959.css?ver=1683508065 | 188.114.96.1 | 200 OK | 31 kB |
URL GET HTTP/3sifucanva.com/wp-content/uploads/elementor/css/post-1959.css?ver=1683508065 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/elementor/css/post-1959.css?ver=1683508065 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Mon, 08 May 2023 01:07:45 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DmG5QS9IkNAgU6%2FFKbcQjENcaqrLlGrAc1ykH118ycH1OpWzOVufYqKlgpdnAPOjVH8OhRJlnwZc0hcu%2BYOV32TA3jqqJ1IbWeJLgFP7PhEWK8YUmGEBFVJWYgRZMIGs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb6bcfb50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.28 | 188.114.96.1 | 200 OK | 76 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.28 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.28 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 16 Apr 2024 12:25:00 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TAIozyA7G22%2BmDJpHTB5%2B2iCpkCTQGDvy6Wz3IgMRWaUK%2BvMNc2BjcKXB2%2F8ERr8W8QrMoOgmUckwYS10i41nri8HTkOHm2PaMtcBYllJdmIwBjpatk6MQ7MXZg2v%2BwK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb6bd0b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-profile.min.js?ver=2.6.7 | 188.114.96.1 | 200 OK | 2.8 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-profile.min.js?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (2913), with no line terminators Hash6ff723fe1f917bdb59c39734b7ce5052 8a37f7660196945c1a606ea82dfd65721bcf15a5 d65fe4508f4ed6f9faed0a08d29fc5b757c3a14c7dd6500b694ece9071cfcea9
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/js/um-profile.min.js?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:36 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TNRYu38eB9gPZeIeeuKo6ITFLYTUjINMHtol3EN1fmL0d%2BGQjxiksbXBvYu3bkg6Wdm0i%2B9NNG5UaLWK5Z%2BUYH7dAiH%2Fyf%2F3%2BUl2n9Z1fMDBDxqkgP%2B3JDRoWIwe4a6V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cc1c9eb50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.15.2 | 188.114.96.1 | 200 OK | 56 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.15.2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.15.2 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Wed, 16 Aug 2023 03:15:22 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qn0SLnL7gdoVH06hhNWM%2B%2BTfyu6Gd8hpzs0AHVn321H%2B2yOWDo%2FUq%2BTcahEBCZQAaV4lVT0VfLcrMRAJbuRCRdGFYx1PILb0KBulxzYYuvbjvvJDNHKZO7cUv%2BV0d%2BBd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cc2cb4b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/blog-designer-pack/assets/css/bdp-public.css?ver=3.4.1 | 188.114.96.1 | 200 OK | 26 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/blog-designer-pack/assets/css/bdp-public.css?ver=3.4.1 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (381), with CRLF line terminators Hashac387e3f27ee036c21c1c8b9d23af425 d49a4b04e7af51ed057220e5c0078d4af09facbf a8e5d44420ec9ccce13d894b454f3e1a26431c778cff7d1955ada0ae47b53275
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/blog-designer-pack/assets/css/bdp-public.css?ver=3.4.1 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 18 Jul 2023 01:29:30 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6F23jzBqDAqLT%2BLqxMgoUd1n8fstiGYb0r2o0RtH0YY%2Bfm0mjhoGKcgAgM8c9q1ssYd1XpTr%2BtSeQ4xHcxOJ6MLvL38JFB2VjAon9j4KOIZfZZ7Q4frJL%2Bd6WIhTSYEk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb5bafb50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/uploads/elementor/css/post-5.css?ver=1683506988 | 188.114.96.1 | 200 OK | 1.2 kB |
URL GET HTTP/3sifucanva.com/wp-content/uploads/elementor/css/post-5.css?ver=1683506988 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (1177), with no line terminators Hashd013aca50060c6040bae903d9366c5ae cf7de9b0941624fa0e631bdf2c0e3e3b34dc1978 3657063ace9a0ac2e09efa720e6b0fb3d0eb961f41c8db669fc6ca32280d6dc9
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/elementor/css/post-5.css?ver=1683506988 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Mon, 08 May 2023 00:49:48 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RyZRXzjnsDlV39jAw2tw5mO%2FKAYvE6EOrPx8HYNVkErpPs6BCk%2BtEGDOxErX1EsiCp3AjqZNZHnov7%2BGvhEclXULmzP4NKh9nt%2Fclmv7upQblSoAn%2BhRXRSuSsCzyj4I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb6bcab50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/blog-designer-pack/assets/css/slick.css?ver=3.4.1 | 188.114.96.1 | 200 OK | 1.6 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/blog-designer-pack/assets/css/slick.css?ver=3.4.1 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (1618), with no line terminators Hash46d97e783ba48b919f4be1bad3d46fdc b80e51332d6874f75786c4d658c366a64c928189 d9f3a9605c3c3d79d9ef50af832f2fc3dc44fe9f26b4a470af318d20396eb016
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/blog-designer-pack/assets/css/slick.css?ver=3.4.1 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 18 Jul 2023 01:29:30 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PZd%2BbxKmyW7mYRaS1UaIWlEhur%2Fen9Ol%2FTm4EIbiYJ7nU0sJgMeSsDc2Euz80gTzUQQFu8ISb%2FObzLtbUw9DQ96RFN0bhXxkrgB1MEAQVZTynQHJpnd1CujwGj2d7Luq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb5ba9b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.21.0 | 188.114.96.1 | 200 OK | 20 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.21.0 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (19442) Hash56435e46abd5f7a20dd5b8590fbdc083 fab2a319dc679ed90d62af44f9e37625a0562958 8631189ca38e73206e52ed06e8f0f3b2e839b9facc236b9519b9fd8d7f8d63e2
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.21.0 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Wed, 16 Aug 2023 03:15:24 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CqYTiGWQaNXolpAnllQphqVHkg97s8ICiFleyoM%2B0FwqymxWsfr%2FFRJ767yZ4kK%2BGaXSW%2FGX7AFme3G7RlItdW0%2B5uxm3z9M4qH9ResfOMyFgRwOQ%2BZr1Of1nMV03Msz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb6bc4b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6 | 188.114.96.1 | 200 OK | 13 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (12876), with no line terminators Hashbcad7781b3e74db2565b8424c45232cd 41b0d94434ef667897c06e1184b703064ffceda1 d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Wed, 16 Aug 2023 03:15:25 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CttsgxdGgZ%2F%2BKX72Nvoou7i6FUpXHGJ6eC%2BNX5EX32y8cfwgtXNQy6c268mx1BYBBbijfYTvwxbNWrFG0b6Jq%2FhVgaYJ65oVa9iSgiHm9Scy726v3VhoTCphnLwXEJB9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb6bc8b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-crop.css?ver=2.6.7 | 188.114.96.1 | 200 OK | 4.1 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-crop.css?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (4348), with no line terminators Hash8a352c99985d503d074d64e77e6272e7 9b965f1cd8a75806458948bcac537df0de5dfe37 fa61f2e475d6131160cb5515d1c98e164d2dc198094b803b2f118023e1f75416
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/css/um-crop.css?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:35 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kMR0K9Tso1XaqpVHBC6w0lt67j6nXixUqhICFPn0o3IuumyURblshfWRc2G7D8BHr63XOY7yf5P0nboUIXsx7iikD022NKO38rD5OO0lgAj1XSTUT%2B9YDQDsGqVdPghH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb6bd9b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-gdpr.min.js?ver=2.6.7 | 188.114.96.1 | 200 OK | 416 B |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-gdpr.min.js?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (438), with no line terminators Hashd0b2eedf0025f4a44e99a923441c1e17 a83209439252d3a96fbe82ee1fe3b888a4e6ca9d db97ad9c8866f0850aaf17fe6a96cb33f86c8c9a5bf5a16c5362fcc153d56c03
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/js/um-gdpr.min.js?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:36 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LabweG1Ve0mWPXDEBQS%2BhwX%2FA9Y5VxlausjOVFJSqOF90cT1%2Bl5J2bo5a5%2BnQi3knhFsumJLedR6KxNrHu7RfmdDdSgLnnsKa2o1RWN%2BOHNhmPbENgW6MfIDWyRvOL7q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbbc26b50b-OSL
content-encoding: br
|
|
| ga.getresponse.com/script/ga.js | 178.16.117.14 | 400 Bad Request | 0 B |
URL GET HTTP/2ga.getresponse.com/script/ga.js IP178.16.117.14:443 ASN#198881 GETRESPONSE Sp.z o.o.
CertificateIssuerGoDaddy.com, Inc. Subject*.getresponse.com Fingerprint2A:0A:21:D8:7E:64:C2:B5:D3:56:E7:66:29:ED:48:E5:FF:3B:E1:50 ValidityThu, 28 Mar 2024 16:12:52 GMT - Fri, 11 Apr 2025 10:53:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/ga.js HTTP/1.1
Host: ga.getresponse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sifucanva.com
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 400 Bad Request
content-length: 79
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type: application/json; charset=utf-8
date: Fri, 26 Apr 2024 20:52:24 GMT
etag: W/"4f-0ScfQIECaJrkkYp9zWG6kCY6A7U"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-response-id: dfbe0e2f-5c1e-4893-8bb3-3135898c336c
x-xss-protection: 0
X-Firefox-Spdy: h2
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-profile.css?ver=2.6.7 | 188.114.96.1 | 200 OK | 9.4 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-profile.css?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeUnicode text, UTF-8 text, with very long lines (10246), with no line terminators Hashc3900281feed189726e55c90b29d76d5 29d9c8cd848006adbcbaf00a0d870339902aa246 f319a55c21b7a9697032515212f4a7e895195f3670337a40f7b280585389e8e8
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/css/um-profile.css?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:35 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gczI%2Bgd%2BebqgAuaLaTJJfL1O3nJP4tfVFvjWrnQT2CSHSgZANXe%2Fb9Ih470RhgGo%2FzJxO%2FRQSoJGn3MXag8XOAizJ%2FSXkdGrdjoojStXpAbryFjBC8X43RVgz83SUO8c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb7be0b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/woocommerce/assets/client/blocks/wc-blocks.css?ver=wc-8.8.2 | 188.114.96.1 | 200 OK | 13 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/woocommerce/assets/client/blocks/wc-blocks.css?ver=wc-8.8.2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/woocommerce/assets/client/blocks/wc-blocks.css?ver=wc-8.8.2 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Thu, 18 Apr 2024 03:38:18 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wvrf5nWHej5kTcBb%2FwWo8RmixPSrjPOFf7ZgdhV7JZ%2F7ncfP0ypROCkeOwcGOZtOrQwcGFOKQkDMk9ThDQNxvWZcnEvR8cXRD25NW6s1uCAYBFxVgiRYRX8KZBaXK2FK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbcc39b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-tipsy.min.js?ver=2.6.7 | 188.114.96.1 | 200 OK | 4.4 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-tipsy.min.js?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (4514), with no line terminators Hash4a478beed23264a3c2dbc84710634036 6f3f65bb9efa269e0639f9bcbafc309e9bac3446 4d3e52ee9dac3ab92edee7b9dbfc02e26f4fc7c24c08535360666d3ca2d6c14d
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/js/um-tipsy.min.js?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:36 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EflzLpbCgOV3GyJH8jO37uGZkckTQAD7AI8k9d9c6Hn%2BkxHKEuT%2FFso9p4KUxEsGvkJSW7pjtmcpbquCtj5jBP2%2Fva96KBfQBQUC%2B4KfJLTbNLc6oU4fgGazpGnRcT5V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbfc73b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/uploads/2021/08/cropped-Purple-Geometric-Letter-S-Design-Logo-192x192.png | 188.114.96.1 | 200 OK | 20 kB |
URL GET HTTP/3sifucanva.com/wp-content/uploads/2021/08/cropped-Purple-Geometric-Letter-S-Design-Logo-192x192.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash708b0cd13e105ece54ff4f2bf23863ae 6439800c86a7c1e348aafe3582836d342e6dff7a 46ee312100516f538151415de8bc97824ef6f1ab8f7b4dd7f58b6c1a69b8eae0
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2021/08/cropped-Purple-Geometric-Letter-S-Design-Logo-192x192.png HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Cookie: pys_session_limit=true; pys_start_session=true; sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2024-04-26%2020%3A52%3A24%7C%7C%7Cep%3Dhttps%3A%2F%2Fsifucanva.com%2F%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2024-04-26%2020%3A52%3A24%7C%7C%7Cep%3Dhttps%3A%2F%2Fsifucanva.com%2F%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fsifucanva.com%2F; wffn_flt=2024-4-27 4:52:24; wffn_timezone=UTC; wffn_is_mobile=false; wffn_browser=Firefox; wffn_referrer=; _gcl_au=1.1.454998238.1714164744; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; conv_person={"$visitNum":1,"$fvDate":1714164744}; conv_session={"start":1714164744,"shown":[],"startUrl":"https://sifucanva.com/","referrer":"","expires":1714166545,"isNew":true,"pageViews":1}; _ga_4KK0KHLLBN=GS1.1.1714164744.1.0.1714164744.0.0.0; _ga=GA1.1.1735857933.1714164745; gaVisitorUuid=aa507c2e-ada0-4409-b387-1f4b79f2c6fe; _ga_3BQJ6PZR3V=GS1.1.1714164744.1.0.1714164744.0.0.0; pys_first_visit=true; pysTrafficSource=direct; pys_landing_page=https://sifucanva.com/; last_pysTrafficSource=direct; last_pys_landing_page=https://sifucanva.com/; _fbp=fb.1.1714164744790.8877283379; prism_27353810=fd6956cf-9ad9-4d4f-b043-f88195f4f25f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:25 GMT
content-type: image/png
content-length: 19588
cache-control: public, max-age=604800
expires: Tue, 30 Apr 2024 13:56:24 GMT
last-modified: Thu, 23 Sep 2021 04:36:26 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 284161
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2fZ88WFA9%2FKYv2dv1fhqq1pXfZ35xQ8cvAvSxOgfZKS6QOL2Sqa9yhwfpNrs3GYvf4N0ItHjS5iaI%2BwDKC1ksQyvszmSDHLJ2IOJAsZaanikve5AxRiQvmwm1Fasduug"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a974de4f67b50b-OSL
|
|
| fonts.googleapis.com/css?family=Source+Sans+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CNunito%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.5.2 | 142.250.74.106 | 200 OK | 169 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Source+Sans+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CNunito%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.5.2 IP142.250.74.106:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (1572) Size169 kB (169420 bytes) Hash531bed9987303e75882757693ef97d0e 46172824b1f004dc951b676777478297656d2950 3cbdf6268783d2c885246878c139cabedf55c6a80bd15af3c3eee2b0b99f5f5f
GET /css?family=Source+Sans+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CNunito%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.5.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 20:52:23 GMT
date: Fri, 26 Apr 2024 20:52:23 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-scripts.min.js?ver=2.6.7 | 188.114.96.1 | 200 OK | 12 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-scripts.min.js?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (12399), with no line terminators Hash6b8be09411acb8f10231ce19089b4187 cb420348852591f935845a220ac97c9ef25fbc9f 00bafa13f99054b2d7462b0794c12ff3654b8d346e7dbf14d5d755fb36dbc596
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/js/um-scripts.min.js?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:36 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lWCHHd6tv1bQhHkm7%2FyAy8qPeQs%2BQoFDS41ZXaGF3%2B9dMbUNOiN3YhFYV3wpCvE8nf3L8a3tJnpLkXgiW%2Fxt6ATSVDxkEOG%2FNXJlSC3Jh0TwhhaEAD7QzY78nELlweVY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cc0c89b50b-OSL
content-encoding: br
|
|
| trackcmp.net/t_prism_sitemessages.php?trackid=27353810&prismid=fd6956cf-9ad9-4d4f-b043-f88195f4f25f&url=https%3A%2F%2Fsifucanva.com%2F | 104.18.34.214 | 200 OK | 0 B |
URL GET HTTP/2trackcmp.net/t_prism_sitemessages.php?trackid=27353810&prismid=fd6956cf-9ad9-4d4f-b043-f88195f4f25f&url=https%3A%2F%2Fsifucanva.com%2F IP104.18.34.214:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintC6:67:87:AC:AE:87:1B:49:31:70:41:B8:13:74:0F:DB:01:4F:F2:C7 ValiditySat, 26 Aug 2023 00:00:00 GMT - Sun, 25 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t_prism_sitemessages.php?trackid=27353810&prismid=fd6956cf-9ad9-4d4f-b043-f88195f4f25f&url=https%3A%2F%2Fsifucanva.com%2F HTTP/1.1
Host: trackcmp.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:52:25 GMT
content-type: text/javascript;charset=UTF-8
content-length: 0
cache-control: no-cache, private
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
x-envoy-upstream-service-time: 14
x-powered-by: PHP/8.1.27
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87a974da2ab0b50b-OSL
X-Firefox-Spdy: h2
|
|
| sifucanva.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.8.5 | 188.114.96.1 | 200 OK | 17 kB |
URL GET HTTP/3sifucanva.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.8.5 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (16732), with no line terminators Hashc06aa0860ae9906fa16ae7a63c2d0ca7 ac4c9265f99f16f163e9a91f3a93acb7f17873f6 07b22178596c5c5ac3c9d568c7c86ab07960f1fb5ac0be88761eb3802df8905b
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.8.5 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Thu, 30 Jun 2022 09:06:09 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1E2i%2BkHtM3TM8%2F2ZnC43ne1znYUo%2F5fT67T51xBEKBbR0ELzxBk%2BXyi7GgI3T7%2FqHPH%2BxjmD7233uSi47WBWZCy%2BviOYIr6iA150MPliAUEwS%2FcuJsy%2BXmrAHxcpamcB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbdc44b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-crop.min.js?ver=2.6.7 | 188.114.96.1 | 200 OK | 17 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-crop.min.js?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (16999), with no line terminators Hash3a99e200a7e592a59ceb6d4311bc21ee c8b894d26101c5171cff9ec7ffd671ee748bcdce 6d6d40d822874833ce43f13762a66f99d0a5201f05795859408430af01c2d571
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/js/um-crop.min.js?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:36 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pEh915sq1Cd4MbsrHPkqSkt6qYjkNtcGTiowjxLMaOmc1is9N4DYjOU0twd56VEfvB3qR2g6GvaRv%2FCMi3kYc6pmZs%2BczSwK2HTQu%2F1ZPNE2KQfnbjfZ11%2FZ8VrrLvAh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbec57b50b-OSL
content-encoding: br
|
|
| find.bestresulttostart.com/scripts/config.js?ver=2.56.3 | 193.163.7.113 | 200 OK | 7.8 kB |
URL GET HTTP/2find.bestresulttostart.com/scripts/config.js?ver=2.56.3 IP193.163.7.113:443
CertificateIssuerLet's Encrypt Subjectbestresulttostart.com FingerprintF4:4C:F5:1D:A8:B6:9F:52:11:56:EC:A1:D7:C6:98:DF:2E:96:E0:4C ValidityMon, 08 Apr 2024 08:36:22 GMT - Sun, 07 Jul 2024 08:36:21 GMT
File typeJavaScript source, ASCII text, with very long lines (7778), with no line terminators Hash1e4e5741c78676c52420cddd7864dba5 10c43392f24890dffaad0b33b850e67a9ace0bc2 854ca4102c845a10dbb33ca49e08bc428e865eaeed015bd002ee5620ec3711ad
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /scripts/config.js?ver=2.56.3 HTTP/1.1
Host: find.bestresulttostart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 20:52:25 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 08 Apr 2024 10:13:07 GMT
vary: Accept-Encoding
etag: W/"6613c333-1e62"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| sifucanva.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 | 188.114.96.1 | 200 OK | 669 B |
URL GET HTTP/3sifucanva.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (687), with no line terminators Hash7b6de0152e866e20213005b2d986b926 53d62aca116b3ff873b8944006bcf2d6935cae37 0d3ec4596015b4357080d0329d24f27f750669639c3773d6ec94b431cc4f3884
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Wed, 16 Aug 2023 03:15:24 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=clOGiq0aJBPpguUa9lKUKGOHG1Gn1NdF%2BivHA0ujLljKm%2Fx5UmWC63ncNJ%2BpailTtQqYa%2B7Y9782lAk0BOf%2F8Hg8H5ip3pKAg%2FYRO%2BWa2NV6E%2B%2BjOZ2jQYrkQXMhARQh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb8bffb50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18 | 188.114.96.1 | 200 OK | 4.3 kB |
URL GET HTTP/3sifucanva.com/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (4384), with no line terminators Hashaa8f3f84d97173f2992a853bc480684a 8992288ba0c9c7bb022aa7fee46860b7c7656b0c eff68529d9e5c436a9914a5518913bf61f598912d77953465ef8d8675f76f6d0
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Wed, 03 Apr 2024 05:47:09 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z8krJYyGHkzsuPJlz6WuAaaDcG7Bm0uCXgIsEml08L3Z9mV8LjOW0DnZuM5Mb5u02iiwkUOG1G2qUk3CFZIPXq9TfI%2FGUjQ6JEsknxd34M%2B7TARylRfFttGeb8Hsq19H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb9c0ab50b-OSL
content-encoding: br
|
|
| www.googletagmanager.com/gtag/js?id=G-3BQJ6PZR3V&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 262 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-3BQJ6PZR3V&l=dataLayer&cx=c IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (7711) Size262 kB (262337 bytes) Hash671e771a097ed427aa23ce6ab445b9e8 4193f83b7f1a7686be55d3b2cdfec6f666cabec1 501e2a5be07b6a46696621648dcd9d2c47eff717609374658fa253a8a98ac3b1
GET /gtag/js?id=G-3BQJ6PZR3V&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 20:52:24 GMT
expires: Fri, 26 Apr 2024 20:52:24 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 91672
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-misc.css?ver=2.6.7 | 188.114.96.1 | 200 OK | 2.0 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-misc.css?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (2206), with no line terminators Hash7f40af6e5aea354db97034b59a3d9212 f70958780fbfbbdac45ff36d829449cfcc04fec8 a757c22ba1e57935c60a3f9b8bf8d14fbf42709166ae3e8ef9fc409acd22e92d
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/css/um-misc.css?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:35 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=db43o1HkmYN%2BSio57JRyb3N58%2B3N0sG%2FVIT1e09Mm7jJ8Zg0XCHt86KqNXRDVawYypIrG3Sj2IiECfRu7uO8n5JV0bAdfe%2F0dWRXy%2BRs1tGDIT3unjVygSW7dYH27YRH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb7be4b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-old-default.css?ver=2.6.7 | 188.114.96.1 | 200 OK | 6.0 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-old-default.css?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (6254), with no line terminators Hash7f462ded299921fb99754c542fda8512 7541bd235a9eaf13a026d4e9512b0f2e512ff1d9 1fb2335a8fd4a64795021017bb4bfeca71f7b268ac93914f600ce51ea4bd7cec
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/css/um-old-default.css?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:35 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=27p2KNnzG%2BnxMlxZmo1vdNxTbeSqNBiZ6M4thSVtDkFLxQinhpL8U3tJoTlqI%2FydxgFKG7W1xo09%2B9JrHERefk5iQqY6UDTHrWaCw%2BHx3tr%2FPc%2Fe2muyn5%2Fqz5XSzX2K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb8bf3b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=8.8.2 | 188.114.96.1 | 200 OK | 2.1 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=8.8.2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (2257), with no line terminators Hash846a24981bff9217c95389e6dc346313 e03631b8e1438e09c8d7876ab20b0d69d0c4d819 29327d5b926dcc7de82c087f261b00355dce3492f0b9721887819b5f54cf8486
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=8.8.2 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Thu, 18 Apr 2024 03:38:22 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2F8xItvMhctlRqCp31yYWI7F8ZJKXNM6v23BQu%2FuG6%2BM%2B5p3iQLMzrwKgricotV69CQiqjiFbhF4yZRJIyLLJAYf7tisV%2B97IalbDpLris%2BLM5k%2FluEHy8L%2BfkQKsMvn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbac15b50b-OSL
content-encoding: br
|
|
| app.convertful.com/Convertful.js?owner=45621 | 104.26.0.112 | 200 OK | 57 kB |
URL GET HTTP/2app.convertful.com/Convertful.js?owner=45621 IP104.26.0.112:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint0A:6A:0D:EA:03:22:CF:46:F4:6F:76:74:66:57:42:55:52:C9:DC:77 ValidityWed, 28 Jun 2023 00:00:00 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (57364), with no line terminators Hash9a4039df091788e3310fea2b6939f6ee e82abb4e9062c3aca99ce6599fc28d71f858a75f de8f830abed231072b7a748232a5b58b93d25c997c5b9a26d9620b2985b43fc8
GET /Convertful.js?owner=45621 HTTP/1.1
Host: app.convertful.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=57403
etag: W/"6617a382-e03b"
last-modified: Thu, 11 Apr 2024 08:46:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1339465
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DbEMOIhbyVycoN4%2F6vqpylvC%2FPLqnwZWmXFcvwGHRuw3yrJbZP9s8okHAVEYSCBHueZZdKmft9iBaxUku9Pxi54nbvSpMiORucEolvmZdq3EkewOcLfP0eCB0Q7PqR1PU2ew7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains; preload
server: cloudflare
cf-ray: 87a974cc3d9256b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/css/select2/select2.min.css?ver=4.0.13 | 188.114.96.1 | 200 OK | 15 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/css/select2/select2.min.css?ver=4.0.13 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (14965) Hash9f54e6414f87e0d14b9e966f19a174f9 ae5735562faabd1a2d9803bbd7bf4c502b5e4f51 15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/css/select2/select2.min.css?ver=4.0.13 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:35 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cUAbvDRyf48hbR1KIj759hS%2FwjO5%2FnI3ahUWKFKB2foV86gKruwWXerJ49MLl9VxxWibNzuB0XRxMTIyc4kQ6u62eNgsIGA0IdYHrkGAmoB%2F%2BKYCIvLhpfDUKrVA9UCq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb6bd8b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-includes/js/wp-util.min.js?ver=6.5.2 | 188.114.96.1 | 200 OK | 1.4 kB |
URL GET HTTP/3sifucanva.com/wp-includes/js/wp-util.min.js?ver=6.5.2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (1469), with no line terminators Hash4cfa97208f3196db8343dab3061e3599 538b31a3ee7b795af2a2687e1558d0bcf579e949 ce1c908010099b7d7d15bfab3630252fd30d6aa29951121f98eaa46ead8cd1a8
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/wp-util.min.js?ver=6.5.2 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Wed, 02 Nov 2022 08:08:18 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sRoGbimu0y%2BDeTrS01f5OdkffVaTC3YOReHl6JHe%2Fl8BpJKRcHtLBrnJP1UYlH7vyAyQgTWn%2Bbvmd7CU3C%2BayhsgH%2BsnlAxfyxcWbX3BphUNs4hWw24sDhHGa%2F4wWauW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbec55b50b-OSL
content-encoding: br
|
|
| stats.wp.com/e-202417.js | 192.0.76.3 | 200 OK | 7.3 kB |
IP192.0.76.3:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2 ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (7504), with no line terminators Hash43bf680c0caba9b62f1c46e128d40360 e8950271ef6af3759a7429b45a7e583e6e24e305 21ef883e41d9b0fc02bd11801d9823daf93a2b294a6f05b6080bad1b689facab
GET /e-202417.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
vary: Accept-Encoding
x-minify: t
x-minify-cache: hit
etag: W/14377-1704402356565.5398
content-encoding: br
expires: Mon, 21 Apr 2025 16:24:18 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| diffuser-cdn.app-us1.com/diffuser/diffuser.js | 104.17.31.174 | 200 OK | 32 kB |
URL GET HTTP/2diffuser-cdn.app-us1.com/diffuser/diffuser.js IP104.17.31.174:443
CertificateIssuerLet's Encrypt Subjectdiffuser-cdn.app-us1.com FingerprintA0:F2:1D:D3:67:AA:C6:98:43:3F:2B:06:07:44:54:96:AB:20:23:71 ValiditySat, 30 Mar 2024 13:15:54 GMT - Fri, 28 Jun 2024 13:15:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /diffuser/diffuser.js HTTP/1.1
Host: diffuser-cdn.app-us1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:52:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 18:58:37 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
cache-control: public, max-age=300
etag: W/"613257bb316d347d9417023321c6d62f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4838101f07e2dfcd1db4abc88031f082.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: kQw4QP-KWdER6WB-hAh-nCG3HwdYuBC5oHmadZw49JajPEZl6PstTw==
cf-cache-status: HIT
age: 281
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a974d3de7156b1-OSL
X-Firefox-Spdy: h2
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-responsive.min.js?ver=2.6.7 | 188.114.96.1 | 200 OK | 221 B |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-responsive.min.js?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with no line terminators Hash620c57ef62a8f58d2099ab021371dddc c0212adee1d3579dff25a4c6414b6a67ec3c5109 6fa5d6f43b923b54f568aef66798c052547024b4df02346fdf7ea6479eb18d71
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/js/um-responsive.min.js?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:36 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y48l%2FHRWd6iQ8IKYi2yzau9ot%2FRQ1OzvNBUwWi%2FFwXHTLzBkyTxQK2U%2FykthphEBfHmttqx%2BZ1UDv%2F8TsSwa1nwPjDAQ8SK3ph%2FoWekQT8LZMyCrrKLB2IaCR9byRuT4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cc0c86b50b-OSL
content-encoding: br
|
|
| pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.13402420721461816 | 192.0.76.3 | 200 OK | 50 B |
URL GET HTTP/3pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.13402420721461816 IP192.0.76.3:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2 ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
File typeGIF image data, version 89a, 6 x 5 Hashe4d673a55c5656f19ef81563fb10884c 1f2d8ed221d39329251ad3a6ff1edb20b7219443 f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.13402420721461816 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
server: nginx
date: Fri, 26 Apr 2024 20:52:24 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
|
|
| visit.startfinishthis.com/fGGy8K | 104.21.64.161 | 200 OK | 0 B |
URL GET HTTP/3visit.startfinishthis.com/fGGy8K IP104.21.64.161:443
CertificateIssuerGoogle Trust Services LLC Subjectstartfinishthis.com FingerprintD5:E5:97:E4:E8:D4:53:86:B2:E1:D7:EF:F4:69:83:94:C6:46:E9:8C ValidityMon, 04 Mar 2024 14:59:39 GMT - Sun, 02 Jun 2024 14:59:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| ThreatFox | malicious | Unknown malware |
GET /fGGy8K HTTP/1.1
Host: visit.startfinishthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:25 GMT
content-type: application/javascript
content-length: 0
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 26 Apr 2024 20:52:25 GMT
set-cookie: _subid=376l60jgav75v; expires=Mon, 27 May 2024 20:52:25 GMT; path=/
a4fba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQ1XCI6MTcxNDE2NDc0NX0sXCJjYW1wYWlnbnNcIjp7XCIxNVwiOjE3MTQxNjQ3NDV9LFwidGltZVwiOjE3MTQxNjQ3NDV9In0.OsfSwAGKcsbR1__3SAXKrb63dnbiVSytQX2-mdwOqbI; expires=Mon, 22 Aug 2078 05:44:50 GMT; path=/
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XBarRxWs6RFY0uAkJHHk1PAI5IVZPls6Djkk%2F13TmmZh1RDzUmK6DW7E%2FwOt6YDOP6DWpqSgW%2FdlQT1QszixRGeq2OaCHbQHjx4o71UxRs%2FJNkQDZsEngDssj%2FNZ4xwszLX19NtKuPcm%2FERh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974dd1d30569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-tipsy.css?ver=2.6.7 | 188.114.96.1 | 200 OK | 2.2 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-tipsy.css?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (2281), with no line terminators Hash9a7de3a1cb10882d0224ea52928f3a92 928f88c871e919e47ac4b06bb77ea5dad403b914 079b82cd3d1c5ebab8324d7ccdcd4b9caede7fcd0749ca8feb21239cf3a3b172
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/css/um-tipsy.css?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:35 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0xQJoAa81vM3YY98S%2BDGZEqlsQIm3UqbyVgmbEeS36OsLgPaK%2BKdsWwmA%2Bm9coxMypRskik3VNUkiilcveCY%2Bm0Gr3tPxJAkiBFgbiGaoxzPSGS6wTj7hV%2Bs2cmNrTNr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb8bf0b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-grid.min.css?ver=3.8.5 | 188.114.96.1 | 200 OK | 104 kB |
URL GET HTTP/3sifucanva.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-grid.min.css?ver=3.8.5 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
Size104 kB (103944 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-grid.min.css?ver=3.8.5 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Thu, 30 Jun 2022 09:06:10 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VCf4Wk98fa40p9VImicTGptji3%2FUQQJGA8rJLg86OKXx5Jer9WbDiQxx1ga72wX000CLIhIgXNmS%2BshvCVurPqpGFADone0Gt%2FLC5pSxA%2BqpUaVV%2FpwvWCkr5z1VXs6u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb5bbcb50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-responsive.css?ver=2.6.7 | 188.114.96.1 | 200 OK | 12 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-responsive.css?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
Hash79b9a2cd0a416daea04cfdf94caa23dc 811e2f6828ca307672860bf38e677e15949b50eb 33f63307c8086f8712dcd6559d92beb77afad47bc2937d8728f2f0d83572c322
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/css/um-responsive.css?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:35 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BGwaJ4ImLoEwmfIjS5zb1HP3AHYsQDjNQywyrzor4n5J7SiNhQ8jiPu4xc1UjgdhfgH5Xlp9cKuMzLGoIK5739iEIi7csLC8OSYS7t9T7J1rqV3CgSvJd9IlIpBsXvgC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb8bf2b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/micro-themes/active-styles.css?mts=125&ver=6.5.2 | 188.114.96.1 | 200 OK | 4.4 kB |
URL GET HTTP/3sifucanva.com/wp-content/micro-themes/active-styles.css?mts=125&ver=6.5.2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (4602), with no line terminators Hash4e62ce940110c0f825ee6a273cc941a0 9fc9a28e2e2d299d56053b81777f8d0b2a98e341 f757df737c4c2463dc7b9d6ec8aafc2fd412451962fbf36f640f00f4e50af5dc
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/micro-themes/active-styles.css?mts=125&ver=6.5.2 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Sun, 10 Apr 2022 23:44:56 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nC8XPlZ3XWIjyqSIS3uC8Z3nx%2B7pg0C3V4N3ZXHDVD1cBpWGuoL%2FwVVvd%2F3sJd6rh3I36SqTl1CeFD0460p0ziyYUTVC9eLjreaIqhpR4GVHI2LFTQSQTypu6GUP4tya"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb8bf8b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/jetpack/css/jetpack.css?ver=12.3 | 188.114.96.1 | 200 OK | 100 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/jetpack/css/jetpack.css?ver=12.3 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=12.3 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 18 Jul 2023 01:38:27 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yap3NOlUlSfm7kwViCEcbHiH6yvG6AjuExkr5QLRm2Yze%2F0n3rUONOb8hJ2T37Ouiy7STi1LCqHx3Eit%2F4iiQMLGTCg91Hwj0G8NbC%2FE%2FT16Usi2iYe32ZYUchAbiYX%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb8c01b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 | 188.114.96.1 | 200 OK | 14 kB |
URL GET HTTP/3sifucanva.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (13479) Hash9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Wed, 09 Aug 2023 09:07:51 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WHWswI8yc%2BExhYyBr5uUOvd9W1A03aT3iI%2F6V6cRyIgcpCWBd4Gcqwp%2BcmfmPDz3Mz5xhYALpP8clXEh6u7XSpaez5PKGSZ8aeS1g%2Fh06MWdMircs8Ms0cm%2Ft4C4GnuX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb9c0db50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/themes/astra/assets/css/minified/galleries.min.css?ver=3.8.5 | 188.114.96.1 | 200 OK | 993 B |
URL GET HTTP/3sifucanva.com/wp-content/themes/astra/assets/css/minified/galleries.min.css?ver=3.8.5 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (993), with no line terminators Hashe338e8f0c56ba7f15897fef309d60dec d3a3f31445d170f26941dee10aedf8826c877081 a2ea724b7ec93c2b7227bcf6600412b51e3536f08e8ad3793a535089f104ceaa
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/astra/assets/css/minified/galleries.min.css?ver=3.8.5 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Thu, 30 Jun 2022 09:06:10 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2BzhADiU2IuuqN0RhZXtgByYdldYWOwWEVncV5izi%2FH6O0%2Fa%2F1qikcxVKLluIgBti1B%2FPPe%2BbtUc60w4LPLWCmtFyrVu55bmPAumjZwsPmE4fiMSAE0YiZhuUkACB9Qe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbcc3ab50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 | 188.114.96.1 | 200 OK | 12 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (12198), with no line terminators Hash3819c3569da71daec283a75483735f7e ecd40a5cc6f0b76200c454ca880210dc301cfab8 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Wed, 16 Aug 2023 03:15:26 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fw4p8CFomj5vkjsFxX133xN6n4DX9jdlhceQ03IeDW3680jeHMHP977NSmjS0y3%2FblhKfgVOwn0kh0y1yAItxGT%2B5LKx9g2pY0exqq9yno3vQSL9KM7adC2jCwt45Yh3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cc2cb5b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen-grid.min.css?ver=3.8.5 | 188.114.96.1 | 200 OK | 5.7 kB |
URL GET HTTP/3sifucanva.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen-grid.min.css?ver=3.8.5 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (5730), with no line terminators Hash3382f45a1d8ef991bb3841487f0cd4da da3b65d6070eb20c380f9338f23d9c653bbb926c e93c3d70c97cd15a607ae6c8646a222814a68db75b9b90836dedb399074635b3
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen-grid.min.css?ver=3.8.5 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:24 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:24 GMT
last-modified: Thu, 30 Jun 2022 09:06:10 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZN6SSGGBmfvrRncH4grk5MuBwKbK5wPnlheohvpSkhM%2FKBE0u%2FMWMFb5rq1%2Fa5pUqM%2FrxaM2w2hYJZ3CflbNQCu98cLipIztF1QKy628VGpLvQzIqPyypqZb4Ox8mo7B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974d20a5bb50b-OSL
content-encoding: br
|
|
| api.startservicefounds.com/service/sort.js |  45.150.67.235 | 200 OK | 7.7 kB |
URL GET HTTP/2api.startservicefounds.com/service/sort.js IP45.150.67.235:443 ASN#44477 Stark Industries Solutions Ltd
CertificateIssuerLet's Encrypt Subjectapi.startservicefounds.com Fingerprint1D:32:DA:3C:D3:BE:68:81:45:97:BB:14:D2:E3:64:49:C3:5D:68:1A ValidityTue, 27 Feb 2024 18:47:25 GMT - Mon, 27 May 2024 18:47:24 GMT
File typeJavaScript source, ASCII text, with very long lines (7713), with no line terminators Hash9e95c06225b1aad0df17cc4b8ec6db7b c8a352d57915b519049ea797857feb8927ac9994 7b0c1d3adb252e17f512262044a2d78e6a3a30080343f2481a36fb6de6656f71
GET /service/sort.js HTTP/1.1
Host: api.startservicefounds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 20:52:24 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 04 Apr 2024 09:45:04 GMT
etag: W/"660e76a0-1e21"
expires: Mon, 06 May 2024 20:52:24 GMT
cache-control: max-age=864000
access-control-allow-origin: *
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| sifucanva.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 | 188.114.96.1 | 200 OK | 21 kB |
URL GET HTTP/3sifucanva.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Thu, 30 Mar 2023 10:38:46 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Srj82UFiQHJwv8IIx26Aw6cLNq%2FaZVLUR0DpmFYNUtKIrqg3pSAvuL13iifBB0K5C%2F%2BKC4WYKEtnPqFojnKVzqIvyVkj1QQQ5NJEzb%2F5MYJnjT%2BrYn4hC7%2F%2FShOa7E2s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cc2cb7b50b-OSL
content-encoding: br
|
|
| app.convertful.com/api/widget/export?owner=45621&domain=sifucanva.com&subscriber_uid=null | 104.26.0.112 | 200 OK | 142 B |
URL GET HTTP/3app.convertful.com/api/widget/export?owner=45621&domain=sifucanva.com&subscriber_uid=null IP104.26.0.112:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint0A:6A:0D:EA:03:22:CF:46:F4:6F:76:74:66:57:42:55:52:C9:DC:77 ValidityWed, 28 Jun 2023 00:00:00 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash3f18216a2f3bad2569be9849350a41ac b074acac112721412263eb11c6a48d296f76453f 74b09352ceeb500ddeef8397a7885c300622749c46297dee24be8a1b1a8c0524
GET /api/widget/export?owner=45621&domain=sifucanva.com&subscriber_uid=null HTTP/1.1
Host: app.convertful.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sifucanva.com
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:24 GMT
content-type: application/json
x-powered-by: PHP/8.0.28
set-cookie: session=csj3q9s7in68lsorisc34i3du7; path=/; secure; SameSite=None
site_43666_session_id=cf73b60a7a84693c19da1406e9739279f114c975~43666; expires=Fri, 26-Apr-2024 21:22:24 GMT; Max-Age=1800; path=/; secure; SameSite=None
access-control-allow-origin: https://sifucanva.com
access-control-allow-methods: GET, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, ETag, If-None-Match, Cache-Control
access-control-expose-headers: ETag
cache-control: private, must-revalidate
etag: W/"f39c63a2bf323ba686421b508699af2daf328c46"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3mIqCgvn6oSPUyLz6P9JlxQFOp6TFhmg5GZMA4DDglp6TMVjKcv44CyxHgx2CfUE9AD0CtI5MBO8syYw4D%2B1kMUriYewGvyuT4qMdCN8T9G8q%2FajmHdJN8T7BLRQI24JBt0NQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains; preload
server: cloudflare
cf-ray: 87a974d55beb56ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| sifucanva.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.15.2 | 188.114.96.1 | 200 OK | 112 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.15.2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (65496) Size112 kB (111754 bytes) Hasha4a6f9f0ced97d9c13f6f9e851df5fb2 3ead7a5fd92e8d5cbd006093d0c6a59bccd89df3 bd423b3955f70e61a4f20197e9b0e0c931421461d0eaaadb6f1f3e448ce2edb4
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.15.2 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Wed, 16 Aug 2023 03:15:18 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ERR8%2Bh1AZqMzaWwpBafOb93LptWvg5HJ4rUDrZlKBJkbfBmsIRhopfFxOJCckoYWcxYYHnVHHu7yXn%2BZcFNBA6oY6e2nRWzNRo6s4hAq3sjpkkZ61%2BizzLixyJsC11D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb6bc7b50b-OSL
content-encoding: br
|
|
| | 188.114.96.1 | 200 OK | 202 kB |
URL User Request GET HTTP/2IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
Size202 kB (201707 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:52:22 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
link: <https://sifucanva.com/wp-json/>; rel="https://api.w.org/", <https://sifucanva.com/wp-json/wp/v2/pages/1959>; rel="alternate"; type="application/json", <https://sifucanva.com/>; rel=shortlink
x-litespeed-cache: hit
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tr5QIadladt3y1umuJ4aO5EJC2%2FpmShqAr4egtGbfXb1YYX3N4%2FMZctnslZXwiIs7qPeC1EP3x9WGzidDzOA3RjggLy%2FgKaOFeCJe0xvkcp6Gi4v4Z6aBQwuFlP%2FKJPb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974c30848569f-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sifucanva.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 | 188.114.96.1 | 200 OK | 58 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (57726) Hasheeb705d0bdccfd645d3bbd46dd1fbab3 066def290f42ed8c00860e573cc880bd46e9ced4 d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Wed, 16 Aug 2023 03:15:24 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1UcWkZ9lm8ZIP1zMo%2Bh7LaAtTtj6ZzgD4z1I%2BFVXc5DtvOmwAXKFZP9bT5uF6umnsrHY286UR9mcresVMwbJjzHJQ2cqYb4yOGtsZpiyTBlQQPsx4IRWN8QjxpPaEtXE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb8bfcb50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-conditional.min.js?ver=2.6.7 | 188.114.96.1 | 200 OK | 9.7 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-conditional.min.js?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (10107), with no line terminators Hash060f4ab0397578ba1905cc0ea2e13542 68b035e402b53912721a68112017a1ea7e766639 ff9a858b26cceba558456d01c936c590cdf916292cacbbd3958f64aa2fd65205
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/js/um-conditional.min.js?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:36 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YOxFPJVuSqenChsjL2XvD8XxNhu%2BuHju60h1EKXYtKNRWBO7V3V7TNuBnR2sJdwAsRESUuCUiVIoCrx%2FLPZBhajEK7v%2BLYV3E3dEL%2FVzraf5bnyrUZYBbBC0Zn11wLlO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cc0c87b50b-OSL
content-encoding: br
|
|
| www.googletagmanager.com/gtag/js?id=AW-360737431&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 223 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=AW-360737431&l=dataLayer&cx=c IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Size223 kB (222639 bytes) Hash8c11c7dc5dee7f1c80c9c545c7626ee0 5204c2172413394185f60f5ab0ef29c199b2615b 3cf46a783981bfabd5865673c63b3208fc2786447b57db37349d4eea9402889e
GET /gtag/js?id=AW-360737431&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 20:52:24 GMT
expires: Fri, 26 Apr 2024 20:52:24 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 Apr 2024 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80013
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| us-an.gr-cdn.com/v2.1.46.0.umd.js |  92.223.84.84 | 200 OK | 53 kB |
URL GET HTTP/2us-an.gr-cdn.com/v2.1.46.0.umd.js IP92.223.84.84:443 ASN#199524 G-Core Labs S.A.
CertificateIssuerGoDaddy.com, Inc. Subject*.gr-cdn.com FingerprintCE:2B:81:8C:64:9E:B0:B2:E5:F4:19:AA:CA:92:A0:95:E0:C6:A2:C7 ValidityThu, 28 Mar 2024 13:55:22 GMT - Thu, 10 Apr 2025 16:21:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2.1.46.0.umd.js HTTP/1.1
Host: us-an.gr-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 20:52:24 GMT
content-type: application/javascript
x-amz-id-2: wawMj06BypUJWoM+D0oeNigOMOIq1zehvY7CMgNv1Zsvu86rtuB/5HtUOAdyyhBCqMw0oGEdEi/gRPzw8bNFRw==
x-amz-request-id: FXMT6MRMYTMBQVGG
last-modified: Tue, 23 Apr 2024 06:30:15 GMT
etag: W/"ac058e4bd52272e9aea617da991b6e9a"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
traceparent: 00-2693a584d8617b32878701c31caef052-e6e997a3db6dfb78-01
x-id: digi-hw-edge-gc7
expires: Sat, 26 Apr 2025 20:52:24 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2024-04-23T06:33:45+00:00
content-encoding: gzip
x-id-fe: digi-hw-edge-gc5
X-Firefox-Spdy: h2
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-fileupload.css?ver=2.6.7 | 188.114.96.1 | 200 OK | 3.5 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-fileupload.css?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (3856), with no line terminators Hasheb44bb0dafaaba239195daf87381b0e8 095370968e54064581eda8cdaa39fb0e78451d8d 53c4d939fad2f0930a2117c3eee8a830f515b863a8abcd60c91e7e0b4ac7566b
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/css/um-fileupload.css?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:35 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8xWE%2Bxo90lf4dggqMabccX%2BAnxCl%2BacjsH2bktkICnbZpioe4FRRgp7yxCU2%2F8aSp0utJl57g0xMjw7xRjAXLmUq8NcIM797%2B0bwQWTAmaq1QEbsuxkbyo3YXcV8RClw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb7be5b50b-OSL
content-encoding: br
|
|
| stats.wp.com/s-202417.js | 192.0.76.3 | 200 OK | 9.7 kB |
IP192.0.76.3:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2 ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (9943), with no line terminators Hash326e1aa712319222488f8a1938bd970f 66b672b483593240d1f38a6d8f1724ecf981ffd0 8778351e0c022673b3b659df31814ca209fcc5e44041beb2adb77b7bcd763f9a
GET /s-202417.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
last-modified: Thu, 07 Dec 2023 08:03:56 GMT
vary: Accept-Encoding
etag: W/"65717c6c-25ea"
content-encoding: br
expires: Tue, 22 Apr 2025 00:00:01 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Poppins%3A700%7CRaleway%3A600&ver=6.5.2 | 142.250.74.106 | 200 OK | 2.5 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Poppins%3A700%7CRaleway%3A600&ver=6.5.2 IP142.250.74.106:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (2560), with no line terminators Hash71de069289f2646f8b84fa4ce2852b9f a63bf89c552986e706a332b49cec694c69d0f875 85cee92b28d94fa3950b12695ada1e22d0ae50a4d49f1c45599fdc0422dcb6ba
GET /css?family=Poppins%3A700%7CRaleway%3A600&ver=6.5.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 20:52:23 GMT
date: Fri, 26 Apr 2024 20:52:23 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| sifucanva.com/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6 | 188.114.96.1 | 200 OK | 9.1 kB |
URL GET HTTP/3sifucanva.com/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (9425), with no line terminators Hash1fb2af886396b544159f85c0c83bd895 e95db4a68dcaf71d20f92f4626ad7818496b3c35 0b05f9ebb0e1023e006019337a5642980ac33491097276b0851b9e8e42ae5daf
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Wed, 03 Apr 2024 05:47:09 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zq1em%2BRMMW1hMdWnY0uk%2BaKbsW%2BIHZmjlghecWcMG6xTdqjAEZ5zmcAKNaZHUkVMOo4L%2FEqbdhcuWiSPjbeipoL2uD5HW7n0Wzx96ETWSzrHNjnUjunaGY4h6cc5TOPe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbfc6fb50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/view.css?minify=false&ver=34ae973733627b74a14e | 188.114.96.1 | 200 OK | 602 B |
URL GET HTTP/3sifucanva.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/view.css?minify=false&ver=34ae973733627b74a14e IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (602), with no line terminators Hashd55f4b939d68ed652b0d9f2b5717ea21 8dafbbea2d6246bb2112ef6eaccfe9bb62ab4d85 d749579e51cf490ba27a6782bcfe07c52e44ffa8e3fbb4db7a4dded9d0d9ef29
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/view.css?minify=false&ver=34ae973733627b74a14e HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 18 Jul 2023 01:38:37 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hZS01RUf%2F0%2BGz9xcN539CLovjZkIE8DONHRrgxCg9nNID85IRY2%2BZ%2Fqwi9ixKUhdaHwiXgriAZ9TZa%2FH6k0vmk%2FEm7IZdBBcxIsNJDKrfNfgeA%2Fwx9DYX8G%2B5ofcnvQl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb4b9eb50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/css/pickadate/default.date.css?ver=2.6.7 | 188.114.96.1 | 200 OK | 5.7 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/css/pickadate/default.date.css?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (6019), with no line terminators Hash120befd265d4e18da65569ab6aecda6a dc063711c05ac0086f980b712f46c37fdbca0c4e 8a7b881ccd7961c46f25e4c53c82abc712a5fe3d37e92aff09748b09f6a020d9
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/css/pickadate/default.date.css?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:35 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XbJXSikUnpaRv7OoDQF5B5Rm6v%2FqjDKhtN%2FAHtjSpZZQV3nWlQnfJAvtXk1N3qhhAUgmK%2B%2BoFSXqXudUgM0nSpOJEesV3qgPNjhMAOT0ifwAoiae9WtMnVWpsbxfMEH3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb7be8b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.8.8.2 | 188.114.96.1 | 200 OK | 1.7 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.8.8.2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (1759), with no line terminators Hash40fb244b78cdf7946fec16564a2bdc9a e80ebc14cdb2cf0a3625116ddb770da57bbbd506 76c56d908e9de1877fbe3f7bc1c90656c07bc7b9a69b2bde9f950456d37cbb9d
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.8.8.2 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Thu, 18 Apr 2024 03:38:22 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YABYpGXbq1u0I3gi8W9D6E5LXQxONqljIardOXpJbErXWIgCjPZfrnZiL%2BLJzrGQqJeiYIimzld3XmqPYLDZsLQ6%2Fh2LG6pSeT3ukdcg%2Fj1z7kUl%2BemeYTAiX7k1Y6we"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbac14b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-styles.css?ver=2.6.7 | 188.114.96.1 | 200 OK | 24 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-styles.css?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typetroff or preprocessor input, ASCII text Hash86426b680d731b7932ff50165ac94447 5e119e7f212d48d196bb1a0e7209dc9e910e3500 0099e785ac4fbeda5b91d79f59fdfd42203a394301b0694f72b424fc85b708bd
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/css/um-styles.css?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:35 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ME80RodeDavdFzY6mmOZaX53AiUVi29yBN7LbaFLGSOTC81jGajAqbmgzgpQteK5znWPDYLO9GmH4Ksqoomgk0O4QSknvXHQO4HPmnqVFHxj6CqHkL61Ej6Wb69NXjJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb7bdfb50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-fileupload.js?ver=2.6.7 | 188.114.96.1 | 200 OK | 9.8 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-fileupload.js?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (10105), with no line terminators Hash157b012bd01d1693d2907d6b664f2db0 6fce2b0d37b8c3f7e8c55b78a8fcf2e8acbc54ec 44cf4106c5eec724e1571300ea5aed3c1ee389f02c8f019c1a0d25d9833f7f11
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/js/um-fileupload.js?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:36 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fNZscwrcJ%2F6ZDp2li45KoTKYoonKB%2F2yixP1Xy3MzOaFz4lLxzvZQxg%2By%2BgxojZxRmYqd2BzxcBjCMkMWqmPLYTeVIMnhd%2Fg51tOFduH7q25xxkdpgLnP%2F7QZAKdlq7L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbec63b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 | 188.114.96.1 | 200 OK | 113 kB |
URL GET HTTP/3sifucanva.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
Size113 kB (113381 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Wed, 03 Apr 2024 05:47:13 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RDKsBaSpoaxRCDABGC3yTy8duC6oQWq4cir2toT25nyNSFsXHynuX0bG8Ph0W1CmAaVCJztbcaH7hUQkL3KPMLS8d2uklfoanvJyVorj34%2FQgFZq%2FHCzr%2Fpo3pmBRPn4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb4b9bb50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/export-woocommerce-customer-list/public/css/pisol-ewcl-public.css?ver=2.1.6 | 188.114.96.1 | 200 OK | 98 B |
URL GET HTTP/3sifucanva.com/wp-content/plugins/export-woocommerce-customer-list/public/css/pisol-ewcl-public.css?ver=2.1.6 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with no line terminators Hash24c4b6db393b6cc1211eb2ddcc03de39 37d2659972d29e14c9d978d92fe384fec5591c65 13cbd0ed90c5dc8d96a52d2e40da4f77ac7aae629770b173c551da057a914fa3
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/export-woocommerce-customer-list/public/css/pisol-ewcl-public.css?ver=2.1.6 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Wed, 16 Aug 2023 03:14:57 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RYXYyn8UKTS%2BfgRvP8EVU%2Bryy2Ii0ZgcljqtNuLJDY6dolIIAHgwypK2GlwpseyxXYZjTgQjubbSvAWUOhv71Nkv5TUH0HWrB40nFUrHHvdjgD15u2jLGOFBcX8ps4Ly"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a974cb5bb6b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.28 | 188.114.96.1 | 200 OK | 776 B |
URL GET HTTP/3sifucanva.com/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.28 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (810), with no line terminators Hash479b7f439a424eb1b37f3192f689461f 8880a0a1a0b2d93bcf440b2ce6835b852096c98e 20932dc390603798bde6fd10f3997e113725265a1c908faf5d3ec00fcdc0eef2
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.28 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 16 Apr 2024 12:25:00 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OttKYq70MwqLXWcJYicgvQtaj7MrM3rJy99gWdzPRqBjS%2Bo6jAK2mScLP3z5y7N0wPyP2mzrDw8ed5%2FYM8IClh71lQzLYON1Eay0TT9aWH42RTO4Et0QCWfi2%2B2MLtOy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb5bc3b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-account.min.js?ver=2.6.7 | 188.114.96.1 | 200 OK | 2.8 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/js/um-account.min.js?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (2978), with no line terminators Hashba79cec9caee8ed76c396f25da596735 7dca1544e959532680147902f19afa0d1bfb9649 1531e055e14456dcc7cac7c5bd9de440fe9a067fc467bf701602a8f165e7a4df
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/js/um-account.min.js?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:36 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OdiBR%2FmkrhMlrP71EFmSrE0hTnQj83xnXOUqOpd1wnCPpf4wjrkzLkhHl7aHnDaOX0uhuVu%2F9P35PUPp5NBYP%2BP9LL8O8ghemMHH8lGEcZ5TwDV7ktoZf1T1Ac2MOWGe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cc1ca2b50b-OSL
content-encoding: br
|
|
| scripts.bestresulttostart.com/tDTDBJ | 193.163.7.113 | 200 OK | 14 kB |
URL GET HTTP/2scripts.bestresulttostart.com/tDTDBJ IP193.163.7.113:443
CertificateIssuerLet's Encrypt Subjectbestresulttostart.com FingerprintF4:4C:F5:1D:A8:B6:9F:52:11:56:EC:A1:D7:C6:98:DF:2E:96:E0:4C ValidityMon, 08 Apr 2024 08:36:22 GMT - Sun, 07 Jul 2024 08:36:21 GMT
File typeJavaScript source, ASCII text, with very long lines (13785) Hash58d15c8061659ef77d42e8c5d3ff4984 4fefb78331ee102e720c03a36265f3b286df3457 709f60c4e7be64193c1eff6aca024338e157da87200e114e84b061bfed693f98
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /tDTDBJ HTTP/1.1
Host: scripts.bestresulttostart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 20:52:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 5919
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000;
X-Firefox-Spdy: h2
|
|
| sifucanva.com/wp-content/uploads/elementor/css/global.css?ver=1683506989 | 188.114.96.1 | 200 OK | 67 kB |
URL GET HTTP/3sifucanva.com/wp-content/uploads/elementor/css/global.css?ver=1683506989 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (24735), with CRLF, LF line terminators Hashcfe7581c08a689fc55636b0693b22037 e9ea5bca64690a5bf7b650fa87b9bed380a1827d 846eb03dc10475a915ce05079c3c507b98bcfc7f4b8e93af3fdb15b89f5b136b
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/elementor/css/global.css?ver=1683506989 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Mon, 08 May 2023 00:49:49 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jGDiHhkj1OaoswzUZM5lXL2Tdk7AjDhqwiXrc0B3RaDuLfJihyOS1ZPUc4CF4vBrFaE%2BRpLAbjqpMf8FRqEzuqKX76p44a9lC9YXDd326v2r9wRgQKzutbb4SjPagnV%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb6bcbb50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-account.css?ver=2.6.7 | 188.114.96.1 | 200 OK | 4.2 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-account.css?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (4619), with no line terminators Hash1c4dc69eca70038013af454d5f185675 f09c895eec5c93c09414355272c647ddc29d7b73 bf758f4b06841b1c826c728f2a09bd0fd2bd8b54c3d49be7b29eeba3231130b4
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/css/um-account.css?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:35 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h3F8wfjzm%2Barua7Ln3vs12dm7BFkFtT%2B%2BP6LtxyakUH7W4mceog3NN%2FYvquVjlQ9%2BNXSkVDRLEWbla1YiceqpydGF7aXQKe0ovxv2PvoVYOtDMBQ3VwSTO5k7Kiud4nd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb7be3b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=9.4.2 | 188.114.96.1 | 200 OK | 110 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=9.4.2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
Size110 kB (110380 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=9.4.2 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Wed, 16 Aug 2023 01:55:03 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OcsNldERK7zujfLaDgUfI1avJUf5TKebbv4wbNoTMnjZ4%2FUsGMlRX8nxL2m23fRuSnHdNvcmLWnbfQPDiLYPO%2FST57tpJujt5jiHnehSqacj4%2F2i%2B7TZFxtzTHcX%2BDux"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbac18b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/funnel-builder/assets/live/js/tracks.min.js?ver=2.12.0 | 188.114.96.1 | 200 OK | 14 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/funnel-builder/assets/live/js/tracks.min.js?ver=2.12.0 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (13719), with no line terminators Hash266ea38e62f6a970b7905724108e0bb4 5e66c54031135396ac4572a7d4aa83c7a030b5e7 84feabba2f65431a73f1a532bf3938ffd1ff0dafc2f46f3dde748387a29c84fa
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/funnel-builder/assets/live/js/tracks.min.js?ver=2.12.0 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Fri, 23 Jun 2023 03:44:29 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Eoq0QbYD1E8ZlGyAh1N%2BG%2FJkNZG4VpkgzQ6H4k6%2BNjKL%2BwCYj2IeZGDclDJbyQes1IC0rxASB5jYUcGkkrPyh6Jql8Z0L3AAboBBCA2Bv7F3PMQHDGMXcXjVUyWIqVtp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbac1bb50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/js/pickadate/picker.js?ver=2.6.7 | 188.114.96.1 | 200 OK | 38 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/js/pickadate/picker.js?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/js/pickadate/picker.js?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:36 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AKaV%2B2j2orr9jecKGzNfYwAOueEggQY9xROPwW98iCHM29cpyRUFAGxmkfWyIYBiw16fE6icwKh9KqUNP5vZpnT%2FQ0x08Cdk9bRTC%2BtHHQyJnDLYNwvmGTGUv4enowgp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbec65b50b-OSL
content-encoding: br
|
|
| ga2.getresponse.com/index.php?ver=3&url=https%3A%2F%2Fsifucanva.com%2F&uid=%7B%22uuid%22%3A%22aa507c2e-ada0-4409-b387-1f4b79f2c6fe%22%2C%22email%22%3A%22%22%2C%22xsid%22%3A%22%22%2C%22list_token%22%3A%22%22%2C%22gr_x%22%3A%22%22%2C%22gr_s%22%3A%22%22%2C%22gr_m%22%3A%22%22%2C%22valuable%22%3A0%2C%22domain%22%3A%22sifucanva.com%22%7D&_cvar=%7B%221%22%3A%5B%22grid%22%2C%22sBDcBX0JadH4IA3I%3D%22%5D%2C%222%22%3A%5B%22aid%22%2C%2248c171d9-cd5b-4e74-b811-5feff0a4b2ab%22%5D%7D&h=20&m=52&s=24&res=1280x1024>_ms=1127 | 178.16.117.14 | 204 No Content | 0 B |
URL GET HTTP/2ga2.getresponse.com/index.php?ver=3&url=https%3A%2F%2Fsifucanva.com%2F&uid=%7B%22uuid%22%3A%22aa507c2e-ada0-4409-b387-1f4b79f2c6fe%22%2C%22email%22%3A%22%22%2C%22xsid%22%3A%22%22%2C%22list_token%22%3A%22%22%2C%22gr_x%22%3A%22%22%2C%22gr_s%22%3A%22%22%2C%22gr_m%22%3A%22%22%2C%22valuable%22%3A0%2C%22domain%22%3A%22sifucanva.com%22%7D&_cvar=%7B%221%22%3A%5B%22grid%22%2C%22sBDcBX0JadH4IA3I%3D%22%5D%2C%222%22%3A%5B%22aid%22%2C%2248c171d9-cd5b-4e74-b811-5feff0a4b2ab%22%5D%7D&h=20&m=52&s=24&res=1280x1024>_ms=1127 IP178.16.117.14:443 ASN#198881 GETRESPONSE Sp.z o.o.
CertificateIssuerGoDaddy.com, Inc. Subject*.getresponse.com Fingerprint2A:0A:21:D8:7E:64:C2:B5:D3:56:E7:66:29:ED:48:E5:FF:3B:E1:50 ValidityThu, 28 Mar 2024 16:12:52 GMT - Fri, 11 Apr 2025 10:53:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /index.php?ver=3&url=https%3A%2F%2Fsifucanva.com%2F&uid=%7B%22uuid%22%3A%22aa507c2e-ada0-4409-b387-1f4b79f2c6fe%22%2C%22email%22%3A%22%22%2C%22xsid%22%3A%22%22%2C%22list_token%22%3A%22%22%2C%22gr_x%22%3A%22%22%2C%22gr_s%22%3A%22%22%2C%22gr_m%22%3A%22%22%2C%22valuable%22%3A0%2C%22domain%22%3A%22sifucanva.com%22%7D&_cvar=%7B%221%22%3A%5B%22grid%22%2C%22sBDcBX0JadH4IA3I%3D%22%5D%2C%222%22%3A%5B%22aid%22%2C%2248c171d9-cd5b-4e74-b811-5feff0a4b2ab%22%5D%7D&h=20&m=52&s=24&res=1280x1024>_ms=1127 HTTP/1.1
Host: ga2.getresponse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sifucanva.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 26 Apr 2024 20:52:24 GMT
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-response-id: 00f83555-a0a5-47e1-a1c3-a65965abfbd0
x-xss-protection: 0
X-Firefox-Spdy: h2
|
|
| sifucanva.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 | 188.114.96.1 | 200 OK | 6.6 kB |
URL GET HTTP/3sifucanva.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (6799), with no line terminators Hashccaa7ba23a1f74bc12d091b65b515c4f 26b795b942f321ee8237178a1fcc16f1cee5a99e daceae61a869247d42436998814874e2698dc5f4789c65cd9bad98da52276db1
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Wed, 08 Nov 2023 08:45:35 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q5k8YRkajNh2maijTI4%2F%2BmfGQvA9SGKdUJ5717yWRh%2BmVvCmSycWMJqGfKQGreHG3pPB3Aq5WWWXRZ2Anz2l0U5jiVpXoXXImazA9%2FzLqIP9Em8WxCu3pSLkJL0XIRtE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb9c07b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 | 188.114.96.1 | 200 OK | 11 kB |
URL GET HTTP/3sifucanva.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (11256), with no line terminators Hash2b0dd7eecea03b4bdedb94ba622fdb03 703becba85161118dd6fc66af465428ef43f561c b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mfY5kp0VB1gcKXkTUOIljowsgD3cz8%2F3zA2W2vfoacUZfzirtqGzriwVqHle%2BQJSRaik2O3Lp7RpAuhXvVhM4xL6buOX0C8oI3W1%2BVAhfBGniUCvITa4b39ttS%2F7%2Bcmk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb5ba1b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-fonticons-ii.css?ver=2.6.7 | 188.114.96.1 | 200 OK | 40 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-fonticons-ii.css?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
Hash966154d08c4d94a4ba4017ed4066a336 3d0066ea5d188e306510cabb812645aa773fc8dd 3d90bb7713bb3917196767d75c90bfa2614466a6d043c571e55376fe7286e249
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/css/um-fonticons-ii.css?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:35 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cNQX%2BNFSJKefZBxcDQnmXir4nwMlKJs9hGUpEzoJ8rI4GwTkGIXPpl47N7JonbTeMa83vLXfXlT2nKhy1Gb5VVST%2FqPAgHXBHOh%2F4OXu6NWlxbNY93B348Yj%2BY8PcacQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb6bd4b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=8.8.2 | 188.114.96.1 | 200 OK | 3.1 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=8.8.2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (3148), with no line terminators Hashd17c62bad956b4371f4d678f026c31b9 85b7da96dbdb12f047cc91dfe66d38bb431ef148 e795a33b7abd1b98fbc77e1932ca8bc8ce87ad44628d5f9255cd739e1992673e
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=8.8.2 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Thu, 18 Apr 2024 03:38:22 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=etm6S0MIYY%2BGkZ46siuWw%2BEyK2X%2B1ayozh1kdLPK4OoBpMfJyq2%2BnkHQUqaLte5L%2FgCmHRXmVqBrumuGIqzLUG2ovo4jNL7%2BGhYYJvwfAmy%2FxA3%2BnUQEJN7i0iJ%2B6O32"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbac13b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/css/pickadate/default.css?ver=2.6.7 | 188.114.96.1 | 200 OK | 3.8 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/css/pickadate/default.css?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeUnicode text, UTF-8 text, with very long lines (3922), with no line terminators Hash37c69bd29a9cb00edce826576153d18b 424d7749603c3e927ec37b97c83365763486f692 bcf486c9ed4f3c7dfc860f5b47060c285e3089b80361709e678765c7c20dde01
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/css/pickadate/default.css?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:35 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BN7F4PUsjdHRHF64E5N%2FxiuAh2lpqoZu5fE96MishvCI1JiMzCbStun%2FZbP5N6CIOjoOWqWVHYCVkDhOKzvsdGvSW7apX%2F%2FjCCNk5zdYogND5ZTOPLv9dGj4ftjAG6O%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb7be6b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 | 188.114.96.1 | 200 OK | 88 kB |
URL GET HTTP/3sifucanva.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Wed, 08 Nov 2023 08:45:37 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NEHuH%2BjigGV9EjfP1B6PcdTcsMieKIYzjU3YRiXp0%2B2L6g6Fmwo78K7ObBu5ES5av5tLKLh1%2FPmjwZw1LjVVP7CHlub1kktHLz9cU%2FM%2BVUDBPY4l0x3uYJYzVjANC%2BaV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb9c0bb50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/js/simplebar.min.js?ver=2.6.7 | 188.114.96.1 | 200 OK | 44 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/js/simplebar.min.js?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/js/simplebar.min.js?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:36 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TwCaQq5dw%2FzzOs%2FLXE%2FBCywQLQeN5elpedwQGY4UgIHJlMUQjMhgvKvbEWCaGdy%2BR3l4e05RHMsJ9kFIidtHzRNVC6Nn0WKacK4g03sXjNndsOiGl54Q6z70rpc%2FB%2BAe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cc0c84b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 | 188.114.96.1 | 200 OK | 39 kB |
URL GET HTTP/3sifucanva.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Wed, 03 Apr 2024 05:47:09 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=63Jc6GaMc1vsymc50H7UM0Lfu96ZZF9csH0er5rleK8eGc6Z4vqIToJe3RzmTlLqe0GznZfZKWNnoSbR%2BjM52H3PMM3a7fDlEYJFgtWZk6rJHIoqLigQRokYY7j7x1aN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb9c09b50b-OSL
content-encoding: br
|
|
| stats.wp.com/w.js?ver=202417 | 192.0.76.3 | 200 OK | 13 kB |
URL GET HTTP/2stats.wp.com/w.js?ver=202417 IP192.0.76.3:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2 ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (12788), with no line terminators Hashef880be61458e4e89c9cb9d99d2d300e c7740f6524cfab6084682b1ce320b2e5e9c4d4cc 79674b01741c3978417b6b9b4b98d125755e7bb468979d5cd593eac4b94cdb91
GET /w.js?ver=202417 HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
vary: Accept-Encoding
x-minify: t
x-minify-cache: hit
etag: W/12827-1705538370375.7896
content-encoding: br
expires: Wed, 16 Apr 2025 14:48:08 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sifucanva.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.15.2 | 188.114.96.1 | 200 OK | 18 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.15.2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (10019) Hash4601ba55044413706c2022cb6c1c3d05 5103ec2fbb389568ebf5cfe4fd721f3df2ff7aec fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.15.2 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Wed, 16 Aug 2023 03:15:23 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W71V3lzx3e%2BHsO6k1%2F%2BapL7MrvyQ3I8hDeEGYhz8EOSuP6OqxN3U4nmp5dVfSrgL%2FTOF5B0J2mgh0KrsS46Z%2BdymTB%2BhA8XMkDErd6E1FvPtKbU69WpszlcsWnnuuwR0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbcc3eb50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/css/pickadate/default.time.css?ver=2.6.7 | 188.114.96.1 | 200 OK | 2.4 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/css/pickadate/default.time.css?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (2550), with no line terminators Hashd6af9a338c199de6e09ebf96d7bfb8d5 d9892cb8bc6d681d253c26b056db3f7e05b27c41 252a580876c8b37c9df86b284c85c0b28db8bf2c8865287f80933f7a73d20900
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/css/pickadate/default.time.css?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:35 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1I0o%2FUH5UQZA6LrnsKhj8t8tsVml2v02TEO1AkOFssQHs9ib3qKyNoVg91frhEZfZNFgVPpQEBtJ0uRwXGmwee640lMT%2FTB0i8a%2FPo8mlVjDOwmYQW3SLBoJhYGQkQcu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb7beab50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.8.5 | 188.114.96.1 | 200 OK | 40 kB |
URL GET HTTP/3sifucanva.com/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.8.5 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (37905) Hash3c49f04d6630f869bb7f091578508352 381dd23553c493e407c986c30f1620a2c0916000 2661bf7b0200e2fb896e87f63eb9b3ad0deb75e9e6b41d6daee5f05c1288a427
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.8.5 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Thu, 30 Jun 2022 09:06:10 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pKYHXNCmmTHq%2FXOmAKDvrxrdWl6xG9V2%2FRIZ%2BP1eKhBa6tbBMcrh1Cng33tSi%2B85JUVugoHozRpDTvq4KvBOvS4JifGrzKYLPQNRvRpSj%2Fquk%2FDu9E12VM7HvJggaS2d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb4b9ab50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/css/simplebar.css?ver=2.6.7 | 188.114.96.1 | 200 OK | 3.8 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/css/simplebar.css?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (4016), with no line terminators Hashedeea5b5a099a11037a5e50c5ccccdf4 de021a821153c37ebc31cc852c2fcf925bf1157a 100b780312732543ab04b0fdf1faf615b72f8ed99b901fb56c45a251f17c2c47
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/css/simplebar.css?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:35 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xOlJ%2F8uaNMtBtPAS36ObLt5MQsEvMVuhfYMMCcJW1UxG4sxyYm%2BiGpF6XSIVoaONXRTz3JTCYekcEcweSNJoy3i0Ai%2FNtXCczXJ25OKBg24UHxjhynhwbbUQee%2BKwigB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb8beeb50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3 | 188.114.96.1 | 200 OK | 1.7 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (1752), with no line terminators Hash98a4f5cef8d0ebd0b37e1b1005eb1c88 670df4c93b628da4672b5c98ae92589992564d38 4137179c6483b9a98b246e3d4001d40e41e73f46c6b2da351209eb05c5e3fb18
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Wed, 16 Aug 2023 01:55:03 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xZXC3AUN6LqRc46j87R0WJeu1JDjV9wdekKzkYl81epEYbDa5qfnTzRt3yjzOnCx638HiQ%2Bg3gwUtXUSg9ec%2FuNKg4Ne4cCb9Ua5F86kLy4TFVHu5IKLb88nbcs18ipg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbac17b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/woocommerce/assets/js/frontend/order-attribution.min.js?ver=8.8.2 | 188.114.96.1 | 200 OK | 2.1 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/woocommerce/assets/js/frontend/order-attribution.min.js?ver=8.8.2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (2146), with no line terminators Hash16ccca963e4462b91276f6f2f08ccb3c 40234a8bc37da03398c93d2555ff758f070912b2 741d98c4a9131cf03ecb580c5e6b65cf2d53271e3ca3fba60d965976e39ad94e
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/woocommerce/assets/js/frontend/order-attribution.min.js?ver=8.8.2 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Thu, 18 Apr 2024 03:38:22 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sULjHtRrwtxV50X5FssSGeZUyZzsHmtQF7LnO1gMzsIDqCvpMNnPugdauJXF4PQDcrWJzHD3TqNQuFoHcY%2BHEdw3de7QF2AGAfGJOy2Bayg4LvtcK5FQbse6Gf99qRsV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbdc49b50b-OSL
content-encoding: br
|
|
| www.googletagmanager.com/gtag/js?id=UA-194954742-5&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 189 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=UA-194954742-5&l=dataLayer&cx=c IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (1763) Size189 kB (189229 bytes) Hashfebaa8920cc88fb81dcd9e5c1aae3bee 5d6acb3774a09ffcf7c71c3cd4c841d18c4e9301 baec2cea2106f14c8a69b4b0cd6cc02b25c20c463eca87e79263213754436440
GET /gtag/js?id=UA-194954742-5&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 20:52:24 GMT
expires: Fri, 26 Apr 2024 20:52:24 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68994
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| prism.app-us1.com/?a=27353810&u=https%3A%2F%2Fsifucanva.com%2F | 104.18.128.216 | 200 OK | 246 B |
URL GET HTTP/2prism.app-us1.com/?a=27353810&u=https%3A%2F%2Fsifucanva.com%2F IP104.18.128.216:443
CertificateIssuerLet's Encrypt Subjectprism.app-us1.com Fingerprint5C:0F:F6:B8:10:EE:90:AE:92:42:7D:A6:30:DB:04:B8:DF:87:12:3A ValidityTue, 19 Mar 2024 18:29:37 GMT - Mon, 17 Jun 2024 18:29:36 GMT
File typeASCII text, with no line terminators Hash5119d6c34612ecda58094c1a8804b49b af51cc86ebb7bc6d609c0ac9ed1522742aeb5775 608f5bca07697f0aa9fe2aadfd35c497de028e34b6bf379f22d432e8a5ce8603
GET /?a=27353810&u=https%3A%2F%2Fsifucanva.com%2F HTTP/1.1
Host: prism.app-us1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:52:25 GMT
content-type: application/javascript
cache-control: no-cache, private
set-cookie: prism_27353810=fd6956cf-9ad9-4d4f-b043-f88195f4f25f; expires=Sun, 26 May 2024 20:52:25 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
x-envoy-upstream-service-time: 121
x-powered-by: PHP/8.1.27
cf-cache-status: DYNAMIC
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a974d81c11b515-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-modal.css?ver=2.6.7 | 188.114.96.1 | 200 OK | 3.5 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-modal.css?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (3847), with no line terminators Hasha623dec4619fbfd3af2a24c802d148e5 aa072c81ceb3433dc4cf7ae433493115ef633895 21fa808b5e9bcdb64f6046f4a6fc3e3b2830a169d34ea8dbcb1e735166c246e0
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/css/um-modal.css?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:35 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SAGaSl1yWNv5nE17xe4%2FAuMDeqVfJUmG7LNwbfd5VWMNCFSWE5R6WnVDm1IUBJyYaSmf5%2Bt5Fv%2BGSXNPqHy7%2Bojvkj3kKjIpMMCN7kV6FzXRsNBzO2DVPQi3dxN30Pz4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb7bddb50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 | 188.114.96.1 | 200 OK | 8.2 kB |
URL GET HTTP/3sifucanva.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (8365), with no line terminators Hash08e6714eaf3cfe8f3c7839f22d90ba4e 94fdad68854d0d3482b877aef7ba7c2eb265c621 e424039d5a737a1bda8a5ded60919e5067085729310762eebb09c20e07d249c8
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Thu, 30 Mar 2023 10:38:44 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q000BH7Gukav1iDj%2BOmg2wVFBoLUflbpyNUSdzWrV%2FWvNcHsK1YV26d1OBwq94uTEYd0Nanki9bxJ8%2BXrkDsuRwg4JTs%2BQ1ka0H5Pn9ETa69WpAXWvJ36ShK3GWPviVH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb9c02b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/export-woocommerce-customer-list/public/js/pisol-ewcl-public.js?ver=2.1.6 | 188.114.96.1 | 200 OK | 838 B |
URL GET HTTP/3sifucanva.com/wp-content/plugins/export-woocommerce-customer-list/public/js/pisol-ewcl-public.js?ver=2.1.6 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (898), with no line terminators Hashe54984c1349a2e08fc2fb047ef82ed5d 7953e56df0a1f5330cbbf865b13ae63c48b3289f 1eea5dc94ae2aacafcedf09f7e54d77d3ed9a60c21035551386a98b24955e6a2
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/export-woocommerce-customer-list/public/js/pisol-ewcl-public.js?ver=2.1.6 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Wed, 16 Aug 2023 03:14:57 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O7J%2BnAtwpTxfTkKeZs5PbKLJiZXTIsTs%2BiqLkRhVmvSPSQpkIdora4pWyseMrjFy5oIawXyLf%2F%2FEJ9IDTjYC7xUDw0J34WDjfWzO8m8wQSd1WTQkFyJmUP33OM4lBNCD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbac11b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.8.8.2 | 188.114.96.1 | 200 OK | 9.6 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.8.8.2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeJavaScript source, ASCII text, with very long lines (9963), with no line terminators Hash7ed2c573e85b2b4e5fb8b4131e95e469 140691f29cb181849892640d1b237fa6a4e5beae a637f7d3e1ca8aeb1d7d4499419916cca6c18a2b625a616f6950f2b978a91ba6
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.8.8.2 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Thu, 18 Apr 2024 03:38:22 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t0C92RVIVtXrK6z%2BecwDPTGRPQbVki9e%2BNgmcXsukKGsqSeJYnh5flls%2FAsQtZvf6FCp%2F4vfvaAFSpQf4evf7Wn7fPTsCqbhGCGQ7IxjcM9QIb8jeAaUKQTbEbGuk2B9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cbac12b50b-OSL
content-encoding: br
|
|
| www.googletagmanager.com/gtag/js?id=G-4KK0KHLLBN&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 262 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-4KK0KHLLBN&l=dataLayer&cx=c IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (7711) Size262 kB (262337 bytes) Hashc6fe69f5a6667cd5bc2fc8b51c66d3fd 5491b39375a36c46eff0abc2093fefd1c65f8a83 ae14b98dc47f2cb6c9210858cd10125995a4f629568f2845df1bc18ae67753fd
GET /gtag/js?id=G-4KK0KHLLBN&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 20:52:24 GMT
expires: Fri, 26 Apr 2024 20:52:24 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 91595
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-fonticons-fa.css?ver=2.6.7 | 188.114.96.1 | 200 OK | 28 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-fonticons-fa.css?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
Hashfb34b54dfdeb07180a266c7ea35a78b6 4a1e87b771a00ff75bd7f1b5aa7b25b2c3609847 f58c4ef12632a8dd6290ad052bf4f4bd4133bf8598bbfcff9f568871fae5be8a
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/css/um-fonticons-fa.css?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:35 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vZ4S8bAMNNe15DNZ4eyVSz2vUujz4W5x0%2B%2Ffr5tTOSWq6AoRkNtyO8BnpgSkubPXf3lhuPSDA8UirL350Pbh2%2FCFA2LcxTwC3qAK4eikUHV%2F8R1lz36IhFTiaQ5DSIKz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb6bd6b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-raty.css?ver=2.6.7 | 188.114.96.1 | 200 OK | 1.1 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/ultimate-member/assets/css/um-raty.css?ver=2.6.7 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (1137), with no line terminators Hash0b1c81d053f45d4e2b512b6d99c6b79f a9a7136742ec80c26096469686273193497784f1 478c661c7ab8b3374149ee7a64048c0957ec1896e1e722728d6ec1b557941218
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ultimate-member/assets/css/um-raty.css?ver=2.6.7 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Tue, 04 Jul 2023 05:33:35 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iIlt9ZioGJ2GB%2FYTRs%2B%2FarMP%2FJjL7N%2B1EMToVPEvMSZi4hpj9ex6S2KKOIBi5JOjE8IbOoM9%2BDK51jWVVf8HsMQAXbGN6Q57XrpA6eP%2BplKedt4Hd1pxbbLP1jZAKpVH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb7becb50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.5.2 | 188.114.96.1 | 200 OK | 4.2 kB |
URL GET HTTP/3sifucanva.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.5.2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (4186), with no line terminators Hashea958276b7de454bd3c2873f0dc47e5f b143f6e8e8f79d8f104c26b0057ef5514d763219 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.5.2 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Moqacziqu2DAplF6kbsU7eqRQvsdnHEetjB%2Bx27fwLBV8cgusz%2Bhw2EUfMp9nB%2BLIhkTIBA6xa12VR%2F5TTuuBsPQTmHv051ZekKYBFcYOwscPOi%2BGwNgbggwjNCQk0t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb5ba4b50b-OSL
content-encoding: br
|
|
| sifucanva.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout-grid.min.css?ver=3.8.5 | 188.114.96.1 | 200 OK | 15 kB |
URL GET HTTP/3sifucanva.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout-grid.min.css?ver=3.8.5 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeASCII text, with very long lines (15332), with no line terminators Hashccb9c2391aae7440e1a31c1caf978d64 1744832f242c7e0bd7119c68fb373cb1bab7dc5d d793e69602984adf326540c237e7dec869359e7edc275861eb62c87381864b06
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout-grid.min.css?ver=3.8.5 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:23 GMT
last-modified: Thu, 30 Jun 2022 09:06:09 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SkQH6U8%2B5OaIBkwFbh%2Bel7hqVZo3RVoQu%2Bi8fM22fWHZthqNX341sZHEc0HfMF1B31N8jWthvSsP3fO1GEOFFSHON48tdPniBjOdpjGa7THn6OjkZ0xUc1syRGQrToxS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a974cb5bbbb50b-OSL
content-encoding: br
|
|
| s.w.org/images/core/emoji/14.0.0/svg/2b50.svg | 192.0.77.48 | 200 OK | 554 B |
URL GET HTTP/2s.w.org/images/core/emoji/14.0.0/svg/2b50.svg IP192.0.77.48:443
CertificateIssuerSectigo Limited Subject*.w.org Fingerprint99:54:77:36:9F:B5:98:C4:69:0F:EA:ED:FC:98:46:12:1D:E7:89:B3 ValidityMon, 18 Dec 2023 00:00:00 GMT - Fri, 17 Jan 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashe8c0dc4c4b44dd21e4ac6b5c50df093f 3fd58a8bb229f7c931849698312be7c0609f3186 6f0a47d4822e4a77880e55278ad800de8dd1f0ffbe9ca326e32a14db50f5a857
GET /images/core/emoji/14.0.0/svg/2b50.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 20:52:23 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-nc: HIT arn 1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| sifucanva.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 | 188.114.96.1 | 200 OK | 78 kB |
URL GET HTTP/3sifucanva.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectsifucanva.com FingerprintB3:BF:1A:6D:10:81:78:F6:3A:AC:3A:95:5C:B3:AB:37:F0:FD:5F:66 ValiditySun, 14 Apr 2024 01:22:10 GMT - Sat, 13 Jul 2024 01:22:09 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 78196, version 331.-31261 Hashe8a427e15cc502bef99cfd722b37ea98 a9922842a120a7f1eaced667480c5e185a106d69 d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: sifucanva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://sifucanva.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Cookie: pys_session_limit=true; pys_start_session=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:52:25 GMT
content-type: font/woff2
content-length: 78196
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 20:52:24 GMT
last-modified: Wed, 16 Aug 2023 03:15:25 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GChpqkN6DAextP6A%2FpfpGNYukaqUmOuWtV3os%2BM06KE04YTcHXwxkkxM8L9BaW2yhbfNpc63fTFWQg5hZRu8piQNYVz%2F8UwI3BjANF%2BmU6t29J8BaQZSSwkEkvwkCpnV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a974d35bd7b50b-OSL
|
|
0.0.0.0