beautifullyprofitable.com/
104.21.46.213301 Moved Permanently 665 B URL User Request GET HTTP/2 beautifullyprofitable.com/
IP 104.21.46.213:443
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
Hash 964426b04626b0f5efa442665755c3bd
70b0b6cc685d549a6f5da6d4e9ad91c303fa6f9b
7a309d8d9bb333f39fddc02b4ce627d506eaadc66dcb6c2b557d4c20cabc0219
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 25 Apr 2024 17:44:49 GMT
content-type: text/html
location: https://www.beautifullyprofitable.com/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qsRZLsK0YrByigafbEA6yINLv9UKnQQR6C01ZY9gbxn%2BP3SbSV%2BdM%2BbtJYQY7ZPU1HhsVUIyWuBALQo1ubP5ao7vhvgbsem6cw08ZvEP0DHQFsSxfEVhayepzaPXrDwiLl4We8sqhVPeA52p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024a81c7f568a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/assets/images/logo_03.jpg
104.21.46.213200 OK 13 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/assets/images/logo_03.jpg
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 294x58, components 3
Hash c195d9e8e4fd6e7cf7f68b99284ad074
75a5d0190a5eb51418f626f01fce8d7d36d7315f
d86cdfcf51434a72fa58ccb7bb9f3135f82041c2e73414224b063237d00ad2aa
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/themes/beautifully-profitable/assets/images/logo_03.jpg HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: image/jpeg
content-length: 13132
last-modified: Wed, 14 Dec 2016 03:21:16 GMT
etag: "5850baac-334c"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BKGhnClkUU7rMWeFqh4PACRr2pBAh01iLdB4Dc5EoFWwg8d%2F%2FXi4srmqNqC4K92VaNCEyN5Ho4mEGh%2BgLMHDSHJZ7puDt5wScci%2B7h5u2X4I80jnPcCJlhlVcE9j%2BPbfx5jIEDieZPq0t2%2FiJHMvBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b53c46b505-OSL
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/assets/images/cheryl_11.jpg
104.21.46.213200 OK 23 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/assets/images/cheryl_11.jpg
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 182x259, components 3
Hash 922642df906b9edb7360dcc4abfd5012
6f7362f027370acbf3f0c08234d0ff988ecb942f
a955e036597b95079bb3644f87456091646cc2fb88ac6315bcaf8becba972fdb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/themes/beautifully-profitable/assets/images/cheryl_11.jpg HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: image/jpeg
content-length: 22624
last-modified: Wed, 14 Dec 2016 03:21:16 GMT
etag: "5850baac-5860"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RS8%2F9VdnPaW834FFf44VqbINvZkC%2BLyr06vca2MqXRqxd7bMTKJ5%2FjJwaF1ZUL%2F3GYrmrMNS3XOCnDQ%2FmlsfM3T0Q1v%2FC32DFaW%2BcpWFlX5dqc017BkgnWXfcrZqBye42NY7E38R5oA1Vnq6IRITOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b54c4eb505-OSL
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-orbital-theme.min.css?ver=2.7.12
104.21.46.213200 OK 0 B URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-orbital-theme.min.css?ver=2.7.12
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-orbital-theme.min.css?ver=2.7.12 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
content-length: 0
last-modified: Wed, 09 Aug 2023 05:22:52 GMT
etag: "64d322ac-0"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wFIU4gkwzAOMDayrluNPUMfeMK2qVxmhyVLGP4JOlv4Fo43l%2FYGru3gevUjAzUWpw%2BxnfO3P1UGyi%2BsQUIWcXOg2No%2BqjB5goMOYR322QdRmrbFhaus796%2BQkV9st2pxbem8kJmr1cDnYFduzNzVeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b55c68b505-OSL
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/assets/images/woman-img_11.png
104.21.46.213200 OK 96 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/assets/images/woman-img_11.png
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type PNG image data, 180 x 275, 8-bit/color RGBA, non-interlaced
Hash 8260062ae2b32542f455d9f1ef02d69c
402477e23c0c568b46776f1599e5386ac0bd18ff
e34b0cbd1102aa236b4e171734cfdff1036ffcaa3febedbe07059dbd33d6bf12
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/themes/beautifully-profitable/assets/images/woman-img_11.png HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: image/png
content-length: 96308
last-modified: Wed, 14 Dec 2016 03:21:16 GMT
etag: "5850baac-17834"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rvlwrv2qR5Cq8I%2BUZLIiCJ%2FlviLodXZTLcLAgneU3NhnC0OWrcvpvyglEzla4AbhjfeJLs6gBGhLh3kyx29q8QImDPDw4JD2W2G4nXn36WpFQhpnfjCX8EIejnl0MNIb80rh8xnR8KqTaFlv1RwFxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b53c48b505-OSL
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks.css?ver=10.6.5
104.21.46.213200 OK 2.9 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type Unicode text, UTF-8 text, with very long lines (12644), with no line terminators
Hash 782337b5cc454507e2733ed7525877af
085a577ca68ebd0b289d48db0ec0bd9cbd664174
73381afad362f2ab17f94b9081b18e025535f2234877559e24ca86fa8ba5b20b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:11 GMT
etag: W/"64d48cdb-3168"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=grb2vqKbqwnWxCAnhNTIzr4%2B4mdgu1hlQuusrD6AMDmOnK4gGjb6O0nIXDl%2FtOgm%2F9Mm8UUIuvTtIuuG%2BUGog3YoG9DWQ0xKQYuJvovyWNg8MwM9DVVb%2BbQ5yGjh6e1HCVdNoF6rOKtSii3UtW%2B6KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b45b25b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/sharebox/js/wdsb.js?ver=1.7.3
104.21.46.213200 OK 3.0 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/sharebox/js/wdsb.js?ver=1.7.3
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type JavaScript source, ASCII text, with very long lines (2169), with CRLF line terminators
Hash 78f85cee2bdae55854dd3e65192df334
88c3f2ba2238dd49eb7bc479afd84903f4b17376
06aa1ad3c37a00c95caefb4e440a5f5e97acb5239737e2897977080d216bf20a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/sharebox/js/wdsb.js?ver=1.7.3 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 14 Dec 2016 03:21:17 GMT
etag: W/"5850baad-2040"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0vgTfiUv7guALNn82%2By3yWDXBb47%2BOnb5OO5PIMgk2NHkoivia2kvXRHi1B5%2FccFKoIKycujHNOeY3zRdtXlRQ06q1bK%2FaETlaIlTfbsSIWE75kca2KhGpHCBRF%2FcQUgoxsvdocT9ifHOskC1%2F1UKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b53c42b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/active-filters.css?ver=10.6.5
104.21.46.213200 OK 2.5 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/active-filters.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (13525), with no line terminators
Hash d70de01326194d3f2c3a12ca63c29af3
bc0e52eba523cd069897f3872a27acbf01299b00
dab1664b5f8fac3d8f3711a12c2c8ab6a91abd2843ca68236ba8b6b972671f30
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/active-filters.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:07 GMT
etag: W/"64d48cd7-34d5"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eUux9H6gTaIbcoRjshad%2Fg0YDf9B1QnPrHoX6%2F0FbqPg1b3L2vtLoR0X40Le0FSm%2F83G%2BrjVgExHMmwm1lftJ9nMfNcpzV%2BNQShgjnuqDhhMzXY0qDRQhmfRQC0Bsifnz8CpDOAZqjb9DTNbpbl7rA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b45b26b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
216.58.207.227200 OK 47 kB URL GET HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
IP 216.58.207.227:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type Web Open Font Format (Version 2), TrueType, length 47048, version 1.0
Hash 87a1556b696ae2cb1a726bd8c4584a2f
1be0f6f39e0cf316f9827f945eeeaef8294cc37b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.beautifullyprofitable.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:48:56 GMT
expires: Fri, 25 Apr 2025 02:48:56 GMT
cache-control: public, max-age=31536000
age: 53755
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
216.58.207.227200 OK 45 kB URL GET HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP 216.58.207.227:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type Web Open Font Format (Version 2), TrueType, length 45300, version 1.0
Hash 5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.beautifullyprofitable.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:52:27 GMT
expires: Fri, 25 Apr 2025 02:52:27 GMT
cache-control: public, max-age=31536000
age: 53544
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/652ba3a2/www-player.css
142.250.74.14200 OK 48 kB URL GET HTTP/3 www.youtube.com/s/player/652ba3a2/www-player.css
IP 142.250.74.14:443
Requested by https://www.youtube.com/embed/aTFVqF1Ox5M
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash c0aca454c0a9b539d3af1213a20c6625
9893a760290f6d8a9fed3a9f3129e7285b702430
13a3fa279a6816ddd952f42fd82f5bc170ac2ff89410d14d43954b342ad40040
GET /s/player/652ba3a2/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/aTFVqF1Ox5M
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 48109
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 07:31:32 GMT
expires: Thu, 24 Apr 2025 07:31:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 24 Apr 2024 04:20:05 GMT
content-type: text/css
vary: Accept-Encoding, Origin
age: 123200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/652ba3a2/player_ias.vflset/en_US/embed.js
142.250.74.14200 OK 18 kB URL GET HTTP/3 www.youtube.com/s/player/652ba3a2/player_ias.vflset/en_US/embed.js
IP 142.250.74.14:443
Requested by https://www.youtube.com/embed/aTFVqF1Ox5M
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File type JavaScript source, ASCII text, with very long lines (3391)
Hash b8a3c4fd7c1fb6f69956d1bea9121dd2
57de75008387d06257afd0f49dd6be0604d86152
e37861096c74b59c925c2effffcda0d899e4ec45dbee22b9546e9f511a7dcede
GET /s/player/652ba3a2/player_ias.vflset/en_US/embed.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/aTFVqF1Ox5M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 18315
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 07:31:32 GMT
expires: Thu, 24 Apr 2025 07:31:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 24 Apr 2024 04:20:05 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 123200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/652ba3a2/www-embed-player.vflset/www-embed-player.js
142.250.74.14200 OK 97 kB URL GET HTTP/3 www.youtube.com/s/player/652ba3a2/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.14:443
Requested by https://www.youtube.com/embed/aTFVqF1Ox5M
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File type JavaScript source, ASCII text, with very long lines (829)
Hash 41348652979d359653fe6322a97908b4
8d8ff77af710d82f82b98bc4502f2ffc3f370f08
948bc1d531b416dc2a97f59988fcd3e17dd0d65822d742f4cec0708611efc443
GET /s/player/652ba3a2/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/aTFVqF1Ox5M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 07:31:32 GMT
expires: Thu, 24 Apr 2025 07:31:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 24 Apr 2024 04:20:05 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 123200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://www.youtube.com/embed/aTFVqF1Ox5M
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:43:03 GMT
expires: Fri, 25 Apr 2025 02:43:03 GMT
cache-control: public, max-age=31536000
age: 54109
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:443
Requested by https://www.youtube.com/embed/aTFVqF1Ox5M
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:25:07 GMT
expires: Fri, 25 Apr 2025 17:25:07 GMT
cache-control: public, max-age=31536000
age: 1185
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/652ba3a2/player_ias.vflset/en_US/base.js
142.250.74.14200 OK 810 kB URL GET HTTP/3 www.youtube.com/s/player/652ba3a2/player_ias.vflset/en_US/base.js
IP 142.250.74.14:443
Requested by https://www.youtube.com/embed/aTFVqF1Ox5M
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File type JavaScript source, ASCII text, with very long lines (555)
Size 810 kB (809632 bytes)
Hash 99d94118b126f0e6fa930656e9aeec5f
fde794b877a215638b07225c393d23d93d090169
d23c0ec3c06e663c17df265a07da5a6a5d0ced529cbf10c842df6cc9934867d7
GET /s/player/652ba3a2/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/aTFVqF1Ox5M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-encoding: gzip
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 809632
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 07:31:32 GMT
expires: Thu, 24 Apr 2025 07:31:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 24 Apr 2024 04:20:05 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 123200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/assets/fonts/fontawesome-webfont.woff?v=4.0.3
104.21.46.213200 OK 44 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/assets/fonts/fontawesome-webfont.woff?v=4.0.3
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type Web Open Font Format, TrueType, length 44432, version 1.0
Hash 3293616ec0c605c7c2db25829a0a509e
04c3bf56d87a0828935bd6b4aee859995f321693
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/themes/beautifully-profitable/assets/fonts/fontawesome-webfont.woff?v=4.0.3 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/assets/css/bootstrap.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:52 GMT
content-type: font/woff
content-length: 44432
last-modified: Wed, 14 Dec 2016 03:21:16 GMT
etag: "5850baac-ad90"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VpDSai4KPwLjuMESYfl9ssdFq6E%2Fd7yvDucMFrGyERZlwSI93WRYB1f5p9THpfIsIr2YfjQRClHcxOU7nAHR7HDoo3nlIOpZIvgQ8ec5X0FPSRGS0QyYlDU9VP0wRm%2BjY1uYKqtm4JwY1H5ZfyhEbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024bacabdb505-OSL
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/assets/ico/apple-touch-icon-144-precomposed.png
104.21.46.213200 OK 17 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/assets/ico/apple-touch-icon-144-precomposed.png
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced
Hash e0359104c17d82f80853ad885bb4b639
a460240b0ebfd72766d7de3846d7cff2a2408444
0e3f232ede9c428f807c0085afad5190babfe2ca41bb7d59979bae12ecc05cbb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/themes/beautifully-profitable/assets/ico/apple-touch-icon-144-precomposed.png HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:52 GMT
content-type: image/png
content-length: 16780
last-modified: Wed, 14 Dec 2016 03:21:16 GMT
etag: "5850baac-418c"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A8AiHQZkMX9D7%2BeoT11ba3BWDaFfTIhB5yk4dp0R3gfoWBRKWmNmz7AMfmBSnUYj60KFc6CA6qhBqPI0QHgCKAbGIa9lkGC1gWCL%2BOcB9olURtIpckREml8XveWsmf1HNPX3yGMm0Xv3krZRrLpWuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024bf3fd1b505-OSL
alt-svc: h3=":443"; ma=86400
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.74200 OK 0 B URL OPTIONS HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.74:443
Requested by https://www.youtube.com/embed/aTFVqF1Ox5M
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 25 Apr 2024 17:44:53 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi/aTFVqF1Ox5M/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AHUBoACxgOKAgwIABABGFkgZShKMA8=&rs=AOn4CLBFd20pNKmkgHYCuUGyc9ngwMBpNg
142.250.74.182200 OK 26 kB URL GET HTTP/2 i.ytimg.com/vi/aTFVqF1Ox5M/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AHUBoACxgOKAgwIABABGFkgZShKMA8=&rs=AOn4CLBFd20pNKmkgHYCuUGyc9ngwMBpNg
IP 142.250.74.182:443
Requested by https://www.youtube.com/embed/aTFVqF1Ox5M
Certificate IssuerGoogle Trust Services LLC
Subjectedgestatic.com
FingerprintF5:71:D6:56:B9:45:4B:F5:FD:12:4B:A7:FF:5F:1D:C9:74:FE:B0:C8
ValidityMon, 18 Mar 2024 19:37:13 GMT - Mon, 10 Jun 2024 19:37:12 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3
Hash c9aadc4f8ce580bbefe34cb3add20200
66ca9e093b30052d24fc69b78ba7ffc4249bee27
25f2de1d7ab1079dd598543b0c5e954ec45103488e00bb1b2245d5a2cff5cfe4
GET /vi/aTFVqF1Ox5M/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AHUBoACxgOKAgwIABABGFkgZShKMA8=&rs=AOn4CLBFd20pNKmkgHYCuUGyc9ngwMBpNg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 26172
date: Thu, 25 Apr 2024 17:44:53 GMT
expires: Thu, 25 Apr 2024 19:44:53 GMT
cache-control: public, max-age=7200
etag: "1462902779"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/652ba3a2/player_ias.vflset/en_US/remote.js
142.250.74.14200 OK 34 kB URL GET HTTP/3 www.youtube.com/s/player/652ba3a2/player_ias.vflset/en_US/remote.js
IP 142.250.74.14:443
Requested by https://www.youtube.com/embed/aTFVqF1Ox5M
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File type JavaScript source, ASCII text, with very long lines (543)
Hash 9d668a132668a3b12a1f63de79652558
62d5348005c50483fd8ae0ff7d27d4a0f52782d3
44c5b908d7442943299bb35bc2710932ccd07263d0b96226c6c9d02958387a5f
GET /s/player/652ba3a2/player_ias.vflset/en_US/remote.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/aTFVqF1Ox5M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 33657
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 07:33:05 GMT
expires: Thu, 24 Apr 2025 07:33:05 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 24 Apr 2024 04:20:05 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 123108
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.74200 OK 41 kB URL OPTIONS HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.74:443
Requested by https://www.youtube.com/embed/aTFVqF1Ox5M
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
Hash 19f0f9bd653cc61a1b5b8491965e7e51
dda83fe89bf9dd6f166c83057eed442819173837
77ec1b87d74bad04336c038dc54c9c9c9e0932b09956edcda18997a516d979fb
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 25 Apr 2024 17:44:53 GMT
server: ESF
cache-control: private
content-length: 41310
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/js/th/8MCXU0AIro2_0_rmGrwQkiCikxcMmBfRkjB6mvS6TbY.js
142.250.74.164200 OK 20 kB URL GET HTTP/2 www.google.com/js/th/8MCXU0AIro2_0_rmGrwQkiCikxcMmBfRkjB6mvS6TbY.js
IP 142.250.74.164:443
Requested by https://www.youtube.com/embed/aTFVqF1Ox5M
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintCD:48:2A:0C:60:1D:37:5A:D4:D5:A9:F7:DE:A0:2B:5E:2F:29:76:73
ValidityMon, 18 Mar 2024 20:38:49 GMT - Mon, 10 Jun 2024 20:38:48 GMT
File type JavaScript source, ASCII text, with very long lines (51575)
Hash 75aaf723d5862a8eb3eb263cef614157
c62cf17173a0c4155902b80f13f360936de119f9
f0c097534008ae8dbfd3fae61abc109220a293170c9817d192307a9af4ba4db6
GET /js/th/8MCXU0AIro2_0_rmGrwQkiCikxcMmBfRkjB6mvS6TbY.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 20286
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Apr 2024 11:06:15 GMT
expires: Sat, 19 Apr 2025 11:06:15 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 16 Apr 2024 13:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 542318
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.74200 OK 0 B URL OPTIONS HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.74:443
Requested by https://www.youtube.com/embed/aTFVqF1Ox5M
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 25 Apr 2024 17:44:53 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.74200 OK 114 B URL OPTIONS HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.74:443
Requested by https://www.youtube.com/embed/aTFVqF1Ox5M
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
Hash 0b2ca3b267a26d1af07874cab239f331
0455a1ed494f2317be5ca4185a77139dc074dabe
ac22f0300067b801116b7e857178c64156bf6c8cf302cb4397c5d6092d05c3bb
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 828
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 25 Apr 2024 17:44:53 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/generate_204?jpsofQ
142.250.74.14204 No Content 0 B URL GET HTTP/3 www.youtube.com/generate_204?jpsofQ
IP 142.250.74.14:443
Requested by https://www.youtube.com/embed/aTFVqF1Ox5M
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?jpsofQ HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/aTFVqF1Ox5M
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Thu, 25 Apr 2024 17:44:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
yt3.ggpht.com/ytc/AIdro_n9Jql4--_5xfcFdbZpp9CwjLzfG3mw0Mch_TMytaHNSg=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 3.0 kB URL GET HTTP/2 yt3.ggpht.com/ytc/AIdro_n9Jql4--_5xfcFdbZpp9CwjLzfG3mw0Mch_TMytaHNSg=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:443
Requested by https://www.youtube.com/embed/aTFVqF1Ox5M
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint6E:66:E1:45:85:5C:3A:EB:60:4A:8E:EF:62:B8:7C:E3:C7:1B:FA:47
ValidityMon, 18 Mar 2024 20:34:07 GMT - Mon, 10 Jun 2024 20:34:06 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3
Hash 8e172793a0d26ebbe6fd574578b4cee8
953eb5169a3844dff1c20cac08834c541a780eda
492c95ab8363bbf1d3c6c9fba1baa34e865367dad25032ba5ce868d723cc23f7
GET /ytc/AIdro_n9Jql4--_5xfcFdbZpp9CwjLzfG3mw0Mch_TMytaHNSg=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v2c"
expires: Fri, 26 Apr 2024 17:44:53 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Thu, 25 Apr 2024 17:44:53 GMT
server: fife
content-length: 2970
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
142.250.74.14200 OK 31 B URL POST HTTP/3 www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP 142.250.74.14:443
Requested by https://www.youtube.com/embed/aTFVqF1Ox5M
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1714067095168
Content-Type: application/json
X-Goog-Visitor-Id: CgtxUko3VWpCMjhvMCiTraqxBjIOCgJOTxIIEgQSAgsMIFQ%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240423.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1714067092363&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C555%2C375&vis=1&wgl=true&ca_type=image
Content-Length: 11429
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/aTFVqF1Ox5M
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Thu, 25 Apr 2024 17:44:55 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
142.250.74.14200 OK 31 B URL POST HTTP/3 www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP 142.250.74.14:443
Requested by https://www.youtube.com/embed/aTFVqF1Ox5M
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1714067116953
Content-Type: application/json
X-Goog-Visitor-Id: CgtxUko3VWpCMjhvMCiTraqxBjIOCgJOTxIIEgQSAgsMIFQ%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240423.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1714067092363&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C555%2C375&vis=1&wgl=true&ca_type=image
Content-Length: 940
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/aTFVqF1Ox5M
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Thu, 25 Apr 2024 17:45:17 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-image-gallery.css?ver=10.6.5
104.21.46.213200 OK 985 B URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-image-gallery.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (987), with no line terminators
Hash 571b8ef38af79ce0738f4b67af5ab572
c95989061a89f2318f32da5383fa32f6d700437f
9ee76ec68367a044e4d6f1f929f65cf1e98534372a95f6021f9c8ec51ba91c7a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-image-gallery.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:10 GMT
etag: W/"64d48cda-3d9"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2CwKtkF6Mq%2B0IUlrm9TYW9yyIxSQIzKaa6gSscFDAmz0b2THpzV8xFHlWxAww%2BQqoibNZR755a9QvdxbV%2FENeKHtfKN4OCittiW42H4hgcjA2u6ppiXcGvYaGWtgpZjE1RMs8JSenX4M2A42JGzJmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b48b62b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-title.css?ver=10.6.5
104.21.46.213200 OK 2.2 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-title.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (2201), with no line terminators
Hash 55c5750278b94db89baec2516ad6ed17
dd00f93756d8ddbc9e13652f4a2ebfcc449d79a4
4eef4519fe90ec3a468ff81a55288042c2c0030a82cad91d543f766b1d1a1ed7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-title.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:10 GMT
etag: W/"64d48cda-895"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3acl40e1WAnCq2JPl7zO%2Ftq0uBTAp1MqBwdU2koW36WJYwK%2B57W%2BAYLZoMT8nGXvrI3bMp%2BSgzbBg1GcOPj4jL3HdY1lLwwebJaGw%2FpZnJcypXK7oB3QI9k65byP0jDmNeGgdnErblGSTVfOaP1D5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b4bb97b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1
104.21.46.213200 OK 4.6 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type JavaScript source, ASCII text, with very long lines (4704), with no line terminators
Hash 414c8462f6209b4905f767c8ba5c787d
a80b8b79908e6cdf11648f810e707a75c859cda3
007c3734a3f7737d74061ab5b96905dcb14ba1f88e7a6df55364b9d9573e3ce1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 21 Sep 2023 13:26:32 GMT
etag: W/"650c4488-1213"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t%2FmAmZBJju0313G4NXs5EJci8TWedjgfIqTvA5aOv6l5V2T5DujLL50L2w%2BiSA319B98SOLKL9BNysy7dCHwqXVzcNMcD0%2BOXgv%2BoWp2ydhMmVKCN%2BvD%2FiEpdwGmQVLFvqEF1P7eOef%2FCPECQ6LOsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b59cb4b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/themes/images/block-left_15.jpg
104.21.46.213404 Not Found 146 B URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/themes/images/block-left_15.jpg
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type HTML document, ASCII text, with no line terminators
Hash 40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/themes/images/block-left_15.jpg HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/style.css?ver=6.4.3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 17:44:52 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p1vT%2By6KZw0jR5LbvyQEllzgbU1zZlC%2BAFu0gqog2kTAEQo3pDdN24u%2BpXH%2BvAbA6bjse%2BbvvrDZeYi2SSoLmBZLnZpm1DK8YEMsvSpY%2By6gKm8EeSFEl8icC1Ar4%2F6zznNXd6jp8NXLqWh4I7bJvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024badad5b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/assets/js/bootstrap.min.js
104.21.46.213200 OK 59 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/assets/js/bootstrap.min.js
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type JavaScript source, ASCII text, with very long lines (27631)
Hash 17427053e26c3866ab26be17fa80a9c5
983ec29bf26b4f277c7e82d1b1a9a04e96b3d5e1
d928d4c02581dba16f2c73fd841db981e562f3f3bf1f1e5f339fd4b0ba157402
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/themes/beautifully-profitable/assets/js/bootstrap.min.js HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 14 Dec 2016 03:21:16 GMT
etag: W/"5850baac-e5d9"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KXrXYPPG08z8Vkbjt8o7Y2q%2BsVQqnQJ%2FgsAh7TksWuXY6m2W38uzEs8Vsio8huB%2FYlvxt3z1%2BqtLpnENI0PsCcFL4hnVaOsXrg98e2AtL6MCnQ80c7ZVp5FxOTkpfuLjwucgc%2BeGJQz7tWjhzFT9OA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b54c59b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-theme-framework.min.css?ver=2.7.12
104.21.46.213200 OK 367 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-theme-framework.min.css?ver=2.7.12
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (52785)
Size 367 kB (366797 bytes)
Hash fb958b843a283c2f586f51188d8ce2be
8fb5848847da86d5e1c84f69d61ddbd07a7f01f9
41f5ce7c9e034db247be1bec6151dd4f3a31e3caef59810206a3732795b8f73e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-theme-framework.min.css?ver=2.7.12 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 09 Aug 2023 05:22:52 GMT
etag: W/"64d322ac-598cd"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KbVAQTlPD1bZ9u6AzUaVQBPNOmsbcQZ9mhxl%2BgmmIoFXKj1ZegQJhx9p9NJGCdMCyFze3uCwXxfUC9foqSlug%2BiXEikKAK5Fe5FV9xIkw2kgyAhaeqv3mnoYQVA6cPEWZcsvnv4VpZ7GLOlF4zsBmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b55c63b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/themes/images/block-right_19.jpg
104.21.46.213404 Not Found 146 B URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/themes/images/block-right_19.jpg
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type HTML document, ASCII text, with no line terminators
Hash 40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/themes/images/block-right_19.jpg HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/style.css?ver=6.4.3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 17:44:52 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=25mwx6VwLEAna1r8TRhQXih19bilsKXHUBJX6YELqCcghLpp2TTaaOuYJ%2FnDSw39Jcgp2UoR8KHIF9ml2T7FDypUR%2FWcPBeENt4nEDhM7073%2B0zkpxPk8MfiFZwBWIjmZig1TwM3L7b4s7UWOtR17g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024badad6b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/ico/favicon.png
104.21.46.213404 Not Found 146 B URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/ico/favicon.png
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type HTML document, ASCII text, with no line terminators
Hash 40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/themes/beautifully-profitable/ico/favicon.png HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 17:44:52 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UTsgqpIWrwKLbRcNSE4gLZBBFKDwYRwzP017fiG%2F2ft0M8fownHqqC41hvsDAwsougCCIoYAihqezubI5yGPynVQ7rjr2%2F624JIQCeMcMoJjG0ZSOhjOidJv6KONx5ftNPKS3H9CmpU9S5VwqcoHRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024bf3fd5b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/customer-account.css?ver=10.6.5
104.21.46.213200 OK 1.4 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/customer-account.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (1367), with no line terminators
Hash 1cb944f814f2bf91ade50ad680bbb3f0
ebe89c214ed1515e776820a6786579b7a45cf8d3
9721cde9f96217fdfd1868926c60da410de4264f5a9f838d75e1af6969644c98
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/customer-account.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:08 GMT
etag: W/"64d48cd8-557"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MMYllThrKpQVwMJhWshsTJY41GA%2BF7%2FfosDwhTQsinZitXLWLq94bA8Qq8xjNQvf7wJtvBKTBdoTSdoXMGFm%2BNZN6fPWQ2RW3IO1tNL6BaYrI4Nl79et9Ldp5SqbxxMcUr78Eib3AYWxs9agblTs5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b47b4bb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.7.12
104.21.46.213200 OK 29 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.7.12
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (29294), with no line terminators
Hash eb050164b3a4c731e4eaa8d4b78bc583
7de9a889af7aaec49b5b02565463062246614994
e6c948a73ea3f054f417a3a60d18db48711bb86a0e12cea24fc5f858d2a42c4e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.7.12 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 09 Aug 2023 05:22:58 GMT
etag: W/"64d322b2-726e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5zpU1hEVa4rt4ppFLPw%2F1fqNe1kGLdv7RIVQrkcAcMV9%2BHwDs7iNf1076pPXOlwER2LrO4qEr%2Bvxkin9vXL7QZthsAhaQ2QkQP34HR6Rop4tnYLpzVgC%2FVgdr5bJPlR3erEFzKRnbhcDFz3FtrEhOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b56c71b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
104.21.46.213200 OK 498 B URL GET HTTP/3 www.beautifullyprofitable.com/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type JavaScript source, ASCII text, with very long lines (509), with no line terminators
Hash 23cae743eebe2a9cdc9d63a3581b9b51
6ffef260b03a8bec75f72b3a44407e58aa962970
be7967d835b3f0734a3b2bbedfd75ae65d1a1c8be4ddb983d4c059a08150e362
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 21 Sep 2023 13:26:32 GMT
etag: W/"650c4488-1f2"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FcFu9OTeVlYZLW5RQ3dQv4lDl0x6IuQyTrThk%2Bsv0328iQ6E8vEowMqyzUPBrpfLLGQDmuBHqE8PlOC09kpOfH%2BBs%2FrQbPbg4PqnPpCp3UslYnc1Gpp8X96m6aOcl7P9XlVh17mkR0VDy1shvCGxTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b59cb3b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/packages-style.css?ver=10.6.5
104.21.46.213200 OK 25 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/packages-style.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (25008), with no line terminators
Hash 08c7f4ce6c7065b18936427b2d006e62
89c2c5e03b5975188dc7a69fbe9500678b67faa1
6ca26b5eadf129e031848a33663df9442ffbf488ea45a525b42d3928101358cb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/packages-style.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:09 GMT
etag: W/"64d48cd9-61b0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b128WQYcdgvTlYCEXL2peCBH%2BW46rc1a9OGMa3y72YDivWo41BpopEWsmDJjIIdVFSNLDju61Ws85hDOZ5EDRNK1qyZ6dp6murskXDdPbjr1FQeGUH0BbJcMpj%2B5W54Mxl3lgA4AfFtVSht7fOE%2BkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b45b29b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
104.21.46.213200 OK 14 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type JavaScript source, ASCII text, with very long lines (13479)
Hash 9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
etag: W/"6482bd64-3509"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lZ%2FWgmYZfyYUhKGhuilMccvejvxLUB4K7ruhgI1gcfkjlZfWbvmSXhAeUglepxIOcFJ0XdnfUFGIXcIIDyVGq68iMvqFxySLxfBzG94tod%2FL1FwLfqWy0f5zGNZsmwLmi9ZVaNjjpu%2F3IBhGoTa5sw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b53c3db505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=8.0.1
104.21.46.213200 OK 7.0 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=8.0.1
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (7047), with no line terminators
Hash 5851a569eaca89b37e06d3f575c0cfa3
c4fafa1fbccd8747efe432cafd33047baca4dc36
52008a4dde3584b3cacb8c26733c2a7a72274c53c2e24898716ed5f4762b31d3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=8.0.1 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:52 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:07:44 GMT
etag: W/"64d48cc0-1b83"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pesGWFdyvK9P5RsMF2bHnk4S%2BHN2FBDgW2YF3XQfelzoGoTNU8rnHHd7MFD%2FP3oV4dHmmR6O2auKMBZeedFirhSCpPElcHlYbEBPIkt9w8gfVqH%2BVsccWEeh40071aN99zwUSAzYkWjZ7DoF0zKNAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024bbfbf2b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-image.css?ver=10.6.5
104.21.46.213200 OK 4.0 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-image.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (3985), with no line terminators
Hash 90677819dab9f8f9b993571282b73285
4957c82869f31afed33fd22a97a4becc61874f04
c02a69e526ad508c88b220b0283acf4313190a7ae2f8b1796227446c26018fcb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-image.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:09 GMT
etag: W/"64d48cd9-f8b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ghr7t9kBRSCSjywfPgsGmwpY%2FLtdP1OR4bNFwj9b605c9gMSZpc5ykU6jgBrXSd2ljciC4KyElMdSW6Ji2IZsfv77C1rOQscr0zBl%2FXgTzj%2FGCUQNnQSYtUMA261yGghPWebv2F0%2BDr9uAIfdBb80Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b47b5ab505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/captcha/css/front_end_style.css?ver=4.3.0
104.21.46.213200 OK 1.8 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/captcha/css/front_end_style.css?ver=4.3.0
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type Palm OS operating system patch data "/**\n * BWS CAPTCHA general front-end styles\n * @package Captcha Pro by BestWebSoft\n * @since 4.2.3\n */\n\n/*\n * General st"
Hash b3d6b813d80eaa3e61b28b5580b995f6
f8457f6a016c6459b9c5b4b6e38e08a4f216b014
e7945cb4a3864642c971a4a314a295aeee26223bce26d4a194b4fa83c832a0e4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/captcha/css/front_end_style.css?ver=4.3.0 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 25 May 2017 19:50:08 GMT
etag: W/"59273570-725"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lm7Ly9hZJos826F%2FopMbCHd3zvJeUumzNEBX9Ln4HHj3L%2Bb0rbFiOGdPitLvdFVoJbEHn7m2OyVT2XZLgz8KuaalOzSL04unOqEvqT5V2Tga4p8%2FrLl0VyZjxFLD%2Fu9OywBgI95CRqZPb1OjC5sDJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b50c16b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/stock-filter.css?ver=10.6.5
104.21.46.213200 OK 31 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/stock-filter.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (31243), with no line terminators
Hash b9c352230a062aa68749768f18e5c7b2
3cd29ceb9a6ff5b6fd6687b08c527b7976308240
5df87b6f94e511197d18e791eb8284700e7776719b86604632157533019bf754
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/stock-filter.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:11 GMT
etag: W/"64d48cdb-7a0b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fdh328uknYo5D9gxK71Dt%2FgVXWxelzJixzwguDQ%2F3%2BhUmHO0uaF8OkLT0XDpB%2FEBhrCyFnZV482%2Ffl6nYvQ2UayPtQl%2Fjec%2FJxgGmUibY5JnwEi8QogGWEBAkmSZERmz%2F5dnzYK9kCn%2BsQjeTIMQfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b4ebd3b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-sale-badge.css?ver=10.6.5
104.21.46.213200 OK 970 B URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-sale-badge.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (970), with no line terminators
Hash 716bb54e067146487dee7eb192e2e5bd
562477d1e68ea94cd27415eb8a0e1ca73dbd9a9d
9715b3c3fcc481deb268845b160f088060830c59ac53fb13aadaaf0bbeee57b5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-sale-badge.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:10 GMT
etag: W/"64d48cda-3ca"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2wnMmnxgsA%2Bx3LYsbGUnivWG35C66IZTp%2BaMD%2BtUNrDvrSI1UL13wySLswaFsNyAokRh67J0usIAzMDHvZnw6GReky4urDs2X8QvM7aItsRQ9KiP%2BAjfXknt5GJHneHlB7UcOQ91EsdAQhdyi7T8Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b49b75b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
104.21.46.213200 OK 115 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
Size 115 kB (115127 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 26 Sep 2023 14:23:26 GMT
etag: W/"6512e95e-1c1b7"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q%2BpO2VdxVqvCv300jkILbr%2Fw%2BixV4QBAkWQMHkPqc5ewnZVSaHndbcFxWu7rTDzFYKlUOUJCEztUytgCVwFAOCdAYGPbPuMP%2BYcM%2FlCYGLtzDWErHbDhpNuzAh4mCXzuG2FahfXpnzL8CHnbjf1tnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b58cadb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fonts.googleapis.com/css?family=PT+Sans:400,700,400italic
142.250.74.106200 OK 3.9 kB URL GET HTTP/2 fonts.googleapis.com/css?family=PT+Sans:400,700,400italic
IP 142.250.74.106:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File type ASCII text, with very long lines (4008), with no line terminators
Hash 9dc772ac8871baf2c81d9e2b46e899ba
959433919634650b82c22f5675695d997d150185
76e358e2f184046265bdf6a1730eee99462373cf1aad35d9fc8147253713e331
GET /css?family=PT+Sans:400,700,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 17:44:50 GMT
date: Thu, 25 Apr 2024 17:44:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/attribute-filter.css?ver=10.6.5
104.21.46.213200 OK 32 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/attribute-filter.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (32447), with no line terminators
Hash b0308a7b20f61f94446bce268451defa
6720d122e9b4f3f3fc1caa2fb6af86b270032fa2
cf25e5b9925f7cb3648c716e4b91f506a3ce6cb186fa21c5e5fc46ec3968c7a4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/attribute-filter.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:07 GMT
etag: W/"64d48cd7-7ebf"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Tz5Yh7kCYSJ3jWcb4tieaH6NXfplLJK6sPmXhwl7W73ICb5OAwP6YfKlnjqlEbY%2BV%2Fm%2BulJKaQfITc6V3sRmz1KA8weBgQIyf9aABWoKAqFwC1pjI%2Bpkf8uVuunpy%2B1elt4PiV8KwdxgCDxnONOXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b46b31b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/price-filter.css?ver=10.6.5
104.21.46.213200 OK 24 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/price-filter.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (24249), with no line terminators
Hash 1ea467d62d47707f910009f2b6ce853f
0de53e2a9e96ea9d91afb8e548c996b677848ef9
99ba4ce5016efac43bdbd8e43731b88c402c2d1810c9b4182d94bf353bb61cc7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/price-filter.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:09 GMT
etag: W/"64d48cd9-5eb9"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2N%2FW6DabRM%2B2W4U%2BDPW%2FooEl57NmBtO9SPEwDHx7GMXM8CFR0VYS5OYrD6lpLAt3H%2F%2Ba1mcEAdOwg8qsHuoQGwEoJlGnQ2s594fHwSAn7Pk%2BFePa1H68FEY5hVWOmmJk9SlNI2Zvm9WitZiPa04xJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b47b4fb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-results-count.css?ver=10.6.5
104.21.46.213200 OK 689 B URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-results-count.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (689), with no line terminators
Hash 616d16213bec507f192d46e32254eb47
397fc9290c566bc967df09da5712cb9178ed79cc
1646fecd18dad7589f0006aeb17ff5eb0563d87fd12b1f626063ed2d7f39f01e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-results-count.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:10 GMT
etag: W/"64d48cda-2b1"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=avxAiBQ00G73FqkCWqOJ5fKhZa8iIzT9IstDRP2aKGbdpY%2FX69ptbuSxlp0kHfD5UdY858P2XJAvQbVCIaJHBAFZdxH5%2BGxzxMqtabdNQ88Va%2BsXXmeFWCyOJ6Z2IuSukyFRmCWRyQTteGSLfa6rMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b49b6ab505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-summary.css?ver=10.6.5
104.21.46.213200 OK 1.7 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-summary.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (1655), with no line terminators
Hash c8c0a937b63c75be13054447b5e65545
57e4c6254186ca76785b96f95bdeb2e93723fb19
532a541e7ebc7ac39c825e92d47091deaad1b7b1af68c3d9279b77144d0bd246
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-summary.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:10 GMT
etag: W/"64d48cda-673"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aniQcEsbdLHIgRwaZr4Q3QC2NUCasNo1Lt%2F1UvAksnoELEgGqchgBXJsJdypXOsF8vlNtIUuTXcnxPWv5LoGBRgHZ%2F%2BdntACm42Jg0S%2Fb%2BrTMViX6K86BiL1r6xzf4BcSRkRA9DwefXMGlHV6yDdIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b4ab8eb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/reviews-by-product.css?ver=10.6.5
104.21.46.213200 OK 11 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/reviews-by-product.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/reviews-by-product.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:10 GMT
etag: W/"64d48cda-2b5a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VZoRchFPfCZFM2l6hbtvtDgrGtZt3O9lSsO4J0qF93g040wA1zSf8DkI2auIyItyr8vNOgvBIOBVAEszuL0%2B2S2JqVOYef0XuInzaK0BamT8K%2F3tGd3eG2NGOt0UUY7KFK5WhmIMQmPpGjs96ufjIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b4dbb9b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/style.css?ver=6.4.3
104.21.46.213200 OK 8.8 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/style.css?ver=6.4.3
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (9309), with no line terminators
Hash fb1fbd99ab8e3d34e4ffd47ebaf4d039
c282c5dba44b3ccaf85593008ef535f5053c9f0e
17e5073e4ea7d56645f4fb2dfc5a138d9400a201e4b59acb698453da5c5f4645
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/themes/beautifully-profitable/style.css?ver=6.4.3 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 14 Dec 2016 03:21:16 GMT
etag: W/"5850baac-2245"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tqsjiutVaEeOcM5EHWzD8u8073qW9LeJXuLSu21RxK%2BHshcSUs1wEHxjRZTtdKUD0OX%2BHBUhnqpyRP4Ey9oz9V709Bk%2BuofSpU2FUaqzN6ed1CkvC5dWuAGphRYZFiJAO9j42GMxTPJWXhrQis7tdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b52c28b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.7.12
104.21.46.213200 OK 8.2 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.7.12
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (8213), with no line terminators
Hash f4495f922aad36929d9902bde594be1b
45da4c9d1c3b29f84a1c2b3208f25c3c42021383
00248c12820088fc97a123ac8bf5140334781d5af8addbd3a6f8fa4ae909efb4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.7.12 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 09 Aug 2023 05:22:58 GMT
etag: W/"64d322b2-2015"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cV9%2FjPe7uV9etgV84QunorpeFKomJW7mg4ifW2xhB2tleViaImEEI2c0rX9wTOFM3cr7OVPiwyTjrInjwRmTfIMw87AS16Nl%2BXM5i4yQnDZ2%2FMXAUjfXHmoJyrVdqh%2B5SCy1moH%2BUVNZ7vGW6zKXlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b56c73b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/gravityforms/assets/js/dist/scripts-theme.min.js?ver=f4d12a887a23a8c5755fd2b956bc8fcf
104.21.46.213200 OK 4.1 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/gravityforms/assets/js/dist/scripts-theme.min.js?ver=f4d12a887a23a8c5755fd2b956bc8fcf
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type JavaScript source, ASCII text, with very long lines (4181), with no line terminators
Hash 35e1e02f6b13277cdbb3a659e87b3446
f307dd3afba2eac5b78fefd5bc8bbb9c12d6ff95
e730b3712ab254b17fe5c8dacf68352cb4c4d6ab682e8dd887f74cafcb931a03
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/gravityforms/assets/js/dist/scripts-theme.min.js?ver=f4d12a887a23a8c5755fd2b956bc8fcf HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 09 Aug 2023 05:22:52 GMT
etag: W/"64d322ac-101c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rq6CXdlWIbqzTyszlvQkYCyO6vpUOMTEK94gXwZ9zZRIg8Mt5CH5hGok2KEFaTFZxlrIgxj4S7G1mYji9AK5MgBWEAsLAhbeTa91wogoeQudNf%2F4B7OQLvt3v4CNevVUBXoJu9a9ZPv81XWJsGxL3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b5acc3b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/easy-fancybox/fancybox/1.5.4/jquery.fancybox.min.js?ver=6.4.3
104.21.46.213200 OK 18 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/easy-fancybox/fancybox/1.5.4/jquery.fancybox.min.js?ver=6.4.3
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type JavaScript source, ASCII text, with very long lines (17738), with no line terminators
Hash b6b9fef2f7eb26c8b7553c5b0e46453b
77d77933496b2b389a8b1aca1989ab68498d8dc8
e0a709b63261993d42234f053ee43b75d43af3d7b0f147eced60c97c3e6c8f95
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/easy-fancybox/fancybox/1.5.4/jquery.fancybox.min.js?ver=6.4.3 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 12 Dec 2022 03:49:18 GMT
etag: W/"6396a4be-454a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WImMsmrRD9iwiFyM%2Foq%2FfYyn1PPAq3LG2Y11yfpAvTpB1VZp6hoSvgtwK9uGCIkjsN%2F5%2F0wplJkqRHWoTHyzgXL5hApFF7OyjpNLgahBOnkEQT4v86GxHpRYQ9rgJjktdFd%2BxyzNJeMmsXcUdO10bA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b57c87b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-categories.css?ver=10.6.5
104.21.46.213200 OK 2.3 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-categories.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (2338), with no line terminators
Hash 2b76adabf3f4c9a6ec5cc75e8819e3e3
6a0d4d96c946bf9eed77173270b0f15452613267
50e20220d600536f3a69f693f39de501409b830add0f1d66bac2a6f82969398b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-categories.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:09 GMT
etag: W/"64d48cd9-91e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=86IxIvOiZKnTyHnzJ6Z1GAMMTAFFRjjlCqSuDdnguQA75Frw5%2Bw9d2UDphwFuCY7eVI0ejhqg1fJgzrGZ2I%2B2f8eBT6H58Tywe9DR1FUh3U4pM7KfPvxF2qUCvucgWN9jZwAKyNz8f3VBzvUQ0yEvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b47b58b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-reviews.css?ver=10.6.5
104.21.46.213200 OK 1.5 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-reviews.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (1489), with no line terminators
Hash db3dd2dd29dc43cffa8631c2882119fd
20e289dd1eeadfd2a3f5206af56b01dd3c962963
3b5be52e764abefaf678f8dc7b84d9f49f56bb365d606c62fc6edacd42b4f7cb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-reviews.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:10 GMT
etag: W/"64d48cda-5cf"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QU6va2OfFWUAa8BNix1Zdzb%2BzzKZvRZnccF4vehUv2jLhELjTDPBSn8vnghcoD8p7NA5vKUeY6MYeh15FXaGUC4A8VVpks7Pi9H66v1FhBlTaudBoz0BVP2Uppm58ERV1MWNC8Lnw6Nqs04LV9dwxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b49b6db505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef
104.21.46.213200 OK 9.4 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type JavaScript source, ASCII text, with very long lines (9729), with no line terminators
Hash 3597d2da73a2e3de74981fcc5ecbfce4
94f7e899ca4635c129e8285579b3f0e38cf19730
080a50955b97dc50d39c296cc22e8d02f07a3cfcc58d3127d93466e281514637
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 21 Sep 2023 13:26:32 GMT
etag: W/"650c4488-24e5"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ueM2qoXF6ILM%2FY4G3kUUhYcRha5%2BNKKlDzhCSZA0N0Tho%2FPtZJdl5YMKxA%2BRZ8PE5lMjHNSULepgD5zHvkucmuXX%2BuOi%2FQswC2qnG9F1xYQX8z0LiYzzXSOp4MOxayujxcpyEuOvf6h%2FBS4f6iS%2Fgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b59cb6b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.7.12
104.21.46.213200 OK 47 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.7.12
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type JavaScript source, ASCII text, with very long lines (46757), with no line terminators
Hash 73a12b95250e69b135412f34793b6e1a
128110fc4a9edee00fd78e02e5ae2da1b310eee2
d6c6eae2059c0d8677d501c6ed9906a63f737f360bb7302c5544d5b6d886d6c6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.7.12 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 09 Aug 2023 05:22:57 GMT
etag: W/"64d322b1-b6a5"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SQQDZPLP0idMSqj42R5Q5Z6fxy8cKwekaQGeEwCmfHsuFPUf4cP72rNznPOfyLsBCLYL4BOW2QbqxUV%2FbwgOcqJJoYFg%2BxynaVynQAE5gMNV116fmYp6eLGaBb0pUsJcxuF3%2BsqZFs0ZjtBoe397Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b5acbeb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/assets/js/application.js
104.21.46.213200 OK 3.8 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/assets/js/application.js
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type JavaScript source, ASCII text, with very long lines (4040), with no line terminators
Hash 829a30f591e593739ad27ac19289b506
04a9056f7784d3c7ebba027fcafcfbc1fb130099
7845248fe16f0436407d494b78b2dfde8d55a2523e9cb5b3297dfc97f7661cf5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/themes/beautifully-profitable/assets/js/application.js HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 14 Dec 2016 03:21:16 GMT
etag: W/"5850baac-edb"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DQRKqhNparzdxZ876RiV6F2O1CCO%2F%2BzkIwVI%2BGC1FGqCnn3AcAl9syS3IlTSlyr%2BBRNJtkE0Pg4YP9huCf0uKYkMGlhEL26wxSxEhf%2F1qG%2Be5T%2BMiiMmQ1boRLZxorEAnWPAx9IXWuOJFSjRSpKv9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b55c5cb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-theme-foundation.min.css?ver=2.7.12
104.21.46.213200 OK 45 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-theme-foundation.min.css?ver=2.7.12
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (45131), with no line terminators
Hash e3a64d4a2f6fd6aaf5673c7f59c2b72c
f13d057bcc81d24c13aab941a2c0df1d3fb9f405
1dcfd098cc2462220c4a910b5d8ebb05e68451a78c01e81c1a0d2ab00e7b5663
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-theme-foundation.min.css?ver=2.7.12 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 09 Aug 2023 05:22:52 GMT
etag: W/"64d322ac-b04b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZSpCARyamTSZ%2Frg3jtAAT995jKzjfOGKOFU%2Fr6OxrQ1x81B93%2B89zJlj4dEY3tnk5GuiZhMEFatGm%2BXSwZptYm2fbb75D0opzrd7bleUIuPr5YhVQ9zUOYVxvXEjJYrs%2FJIZck%2Bpk4re%2FkhZ3ICqXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b55c60b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.8.0.1
104.21.46.213200 OK 9.6 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.8.0.1
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type JavaScript source, ASCII text, with very long lines (9963), with no line terminators
Hash 7ed2c573e85b2b4e5fb8b4131e95e469
140691f29cb181849892640d1b237fa6a4e5beae
a637f7d3e1ca8aeb1d7d4499419916cca6c18a2b625a616f6950f2b978a91ba6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.8.0.1 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:07:46 GMT
etag: W/"64d48cc2-25a4"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D9WXn2RO6CaFPh52%2Bhkycu%2BwudjJnUoFWtug9leXchPp7hax%2F7vt%2BVrhcPq4GrDVjDkijt5pzbtR2nS4vYe4F8rNzSBRTYNie95N7lCFL7D719f%2FC9ehnhK7deATZCKAqsQlhf8qJpgu9TQRRk30iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b56c76b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/easy-fancybox/vendor/jquery.mousewheel.min.js?ver=3.1.13
104.21.46.213200 OK 2.6 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/easy-fancybox/vendor/jquery.mousewheel.min.js?ver=3.1.13
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type JavaScript source, ASCII text, with very long lines (2696), with no line terminators
Hash d2c8f2ec155db31cedf5016adbf08fbd
ac0c269512306dc6ff09322d82134172ebeacc21
692a3efcf122e58b1ad5579170d37d79f83d44b24d89b8e54e8a5d5e8fc358ea
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/easy-fancybox/vendor/jquery.mousewheel.min.js?ver=3.1.13 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 12 Dec 2022 03:49:19 GMT
etag: W/"6396a4bf-a31"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5YP%2FRB%2BlmfrzUhBnQqKhNvhZiH7kclm4C%2BRLzwt4H2bSMePa3i5J0QSJ5h5tleqbmW9I42TCb65W3huLIako2obrV5fmcoFwckIq9oTgmYYjBJo7KrTvldol8CKT0Db0JSdPCb1dmRHF076dewqrNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b58ca3b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/assets/js/jquery.js
104.21.46.213200 OK 93 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/assets/js/jquery.js
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type JavaScript source, ASCII text, with very long lines (32089)
Hash 397754ba49e9e0cf4e7c190da78dda05
ae49e56999d82802727455f0ba83b63acd90a22b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/themes/beautifully-profitable/assets/js/jquery.js HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 14 Dec 2016 03:21:16 GMT
etag: W/"5850baac-169d5"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1gFFTqQcgxhS78kmt15fUGjoP9G73GaIAgTvm5R8ZW%2BxvoNYf%2FsU4Rb0J49BSeZvsC62UVpIEgLso6vJevG3n54pl4XRq%2Fmz221ADcvSIy%2FSy%2FX8PxNscn%2F4M1XeA9LFgWgXhKPceoplE7uEmLOOHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b54c52b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.8.0.1
104.21.46.213200 OK 1.8 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.8.0.1
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type JavaScript source, ASCII text, with very long lines (1885), with no line terminators
Hash 8013d1698d3ebd4d2e9cfc9f6893a0e7
a2ed64fa47db140c2c81ebeb74b4b3926ebf2ba6
75268c5a239447196edc6c3dce15149ab595dea7983a7b17da35d068dba29e2d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.8.0.1 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:07:46 GMT
etag: W/"64d48cc2-735"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=57tXEtFwR1Xp9NdoIR%2FlES7zWrKv%2Fq%2F7XzhR5BIrhvBZD%2FEJQmRGxydd7u5aHDywFvJVP%2FhA8pvBODPfkQom0q38Ds7CSkEbNsrTkMIc1u18kUVRo05PXkVTT2Gt9P0UbcQoCLIqzu8oS806TcWBRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b56c7fb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/featured-product.css?ver=10.6.5
104.21.46.213200 OK 5.9 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/featured-product.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (5916), with no line terminators
Hash 0d1c2a1fb1f385ffe53d6916e9a5d407
19580219db52de0d537ebda761c4254c52b86877
e9c4a7cf5059e0e1600095a45d627c62e7d018fb48d4c462ccb295b82a32a904
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/featured-product.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:08 GMT
etag: W/"64d48cd8-171a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fqVIAjaycDhQBQOYu5l5LHEJcxn1sUoIs99Hmz3CeRtp3HqsDW%2FlYErB0dk%2BckCXGq%2FO297Irv7w8eeKfb4APf0V9%2BT%2BM4dhXgodK2ESp%2BOmN4Hn2ydodUxqvXxv8srB6tL8e3sauAnhy%2BNgtmNNQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b47b4db505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/reviews-by-category.css?ver=10.6.5
104.21.46.213200 OK 11 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/reviews-by-category.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/reviews-by-category.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:10 GMT
etag: W/"64d48cda-2b5a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YZUN%2BGmT68Yd40xAuQUIPUKtF%2F9il3sBFGG8QMxu%2B%2F3TZtReJDNq2FqTKMUaTC0SoSPAEK8J9DA%2FtInhXf6yO2B9tanpCek1JdXLlsl%2FN6fRJ0Xi%2FyAL8Hr3jA6HLMlqgB6joMrikMft20DtCgD3rg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b4cbafb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/am-locations/public/css/am-locations-public.css?ver=2.4.6
104.21.46.213200 OK 2.5 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/am-locations/public/css/am-locations-public.css?ver=2.4.6
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (2575), with no line terminators
Hash 1b08cab016cdef6e88225a0cbe629e52
f0be199add9737e91ffb98a5114d6d7449bef617
9aa74b59a5268640b2cdeef145c0187cc63c6ef3c257805513a86036129a270d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/am-locations/public/css/am-locations-public.css?ver=2.4.6 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 25 Apr 2023 19:22:42 GMT
etag: W/"64482882-99d"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vvEOVtT9Aj9enrnY7pEaXCK3L2yp25pHeax8K%2FgiisvnKmTGh2Eyx8xSyzDijCklrMYMiwojbIDi%2BrSMu40BxxVeVIfNRuVrSdXWaHqaOxni%2Fzjry2vwfvU%2Fy8lNwfbFfWIr92ntu63VGzRgmmpScg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b50c15b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/assets/css/bootstrap.min.css
104.21.46.213200 OK 166 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/assets/css/bootstrap.min.css
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type assembler source, ASCII text, with very long lines (540)
Size 166 kB (165876 bytes)
Hash 29eb7b6a229186f77eefd74b0fe546b2
6f735fa3ad718ac95774508bbf2ce389ae25ed6e
529d2a11d8072962ae5596d3855ab0aea898e1233a3b9444f970010d8bb37520
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/themes/beautifully-profitable/assets/css/bootstrap.min.css HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 14 Dec 2016 03:21:17 GMT
etag: W/"5850baad-287f4"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7RP8dZrSihPbGgHeLnwC%2FFkFshBAhXN22gH3Htoaeg8BXvMhNrMoxBJJMDq2xEbmcnqqWbtK5aOj0ytU7NFvmA86TiZzuQ0jwerqPjPAwStIK1aNE8ClZELRJHodH%2BL5l63zuPhm3M9jwvp3Dz9vIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b44b18b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/easy-fancybox/vendor/jquery.easing.min.js?ver=1.4.1
104.21.46.213200 OK 2.3 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/easy-fancybox/vendor/jquery.easing.min.js?ver=1.4.1
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type JavaScript source, ASCII text, with very long lines (2315), with no line terminators
Hash 043a42dcbdc11c448a0f113313bd1227
e36a8458f2bb47037534c88c60715888f6fc33ff
5aec5c38d71bf8dc75f4a675f49d1711b0ff8bac9362b1984c726690bb07836a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/easy-fancybox/vendor/jquery.easing.min.js?ver=1.4.1 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 12 Dec 2022 03:49:19 GMT
etag: W/"6396a4bf-8fe"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z3inKARdd%2FTB1hKw4DD7gf0%2Fhj7CNv9GHeb0idqnQBFX8DsFVpu1t%2FNJGpO7F6OMaElXBh0cF1v0oGwz3TCyRSJzyuJkN7xiEEGdgom8BHoZWYu85sFK9vnsl4Mb3%2FwERaEMxKUpo0KBpZl%2FZW3h5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b57c89b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
104.21.46.213200 OK 6.6 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type JavaScript source, ASCII text, with very long lines (6799), with no line terminators
Hash ccaa7ba23a1f74bc12d091b65b515c4f
26b795b942f321ee8237178a1fcc16f1cee5a99e
daceae61a869247d42436998814874e2698dc5f4789c65cd9bad98da52276db1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 19 Sep 2023 19:30:24 GMT
etag: W/"6509f6d0-19e1"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z9JjeqUdxR5BWB6JltWzZZUDAAymixzK51PV8xpboJFRoYxLu%2BT0FwStyQCZcKKDzoed3Pn8tfJnTCrbzWXpr9e3xFpPJNNRV1akTgAnXE89ZWoM2I%2B1BFMI2cRrPs9tLQRH%2FEntaP6g5m2eKf3GLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b58cacb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/single-product.css?ver=10.6.5
104.21.46.213200 OK 1.1 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/single-product.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (1110), with no line terminators
Hash e92d08358fab389fa0d28d404f4fa88e
531be8c12c320b2c94dc1f13a621e4c809564294
9408b883c3de03f670df60c6201dcc8adbb991aab481a9b72351846e42d2ccdd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/single-product.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:10 GMT
etag: W/"64d48cda-456"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rkt6Pt0Zq%2FaXOkBixWUzqXwflL3x6G5UXbVW3aZA6011aIbM3%2FUT%2FbcrQeWjTZ%2Fp35dzwRxU8%2FVWg4GyDDf08Nu1xuuqvwm%2BXWA9umnL%2BV2h22rBl86NP4R%2FopXC97QXCYk9uvE8DSAIR2mO1LW83Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b4dbc9b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/cart.css?ver=10.6.5
104.21.46.213200 OK 83 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/cart.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/cart.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:07 GMT
etag: W/"64d48cd7-14435"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o3iCG73JUm%2BiY2yb0idBpIn7q7avQzfpwVmJsAcDipJhOvKH9UozcZKlsAEbGwMW%2FZBH4vtKsTzmJDSKZrDa64C6bHELV3MIVUh8cF2Bq7jZsPsqOnCkU9SS4j2T96aFmviBx3docD5MssBKziEYnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b4fbe1b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/gravityforms/assets/js/dist/vendor-theme.min.js?ver=4ef53fe41c14a48b294541d9fc37387e
104.21.46.213200 OK 17 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/gravityforms/assets/js/dist/vendor-theme.min.js?ver=4ef53fe41c14a48b294541d9fc37387e
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/gravityforms/assets/js/dist/vendor-theme.min.js?ver=4ef53fe41c14a48b294541d9fc37387e HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 09 Aug 2023 05:22:52 GMT
etag: W/"64d322ac-430c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1WaAdZQV9%2BGMYcpLfbElzHRQHYgD%2BPJaEXLLQ4bq5t0DRBG34XRfE%2FxJcPkjbDeR3lZS8LDU8%2FKXE0MA2cCdbBMEYo5U5%2FgCNlb6%2BFrGR4cbG%2B%2FnHWarOH6dH3TbLwD4pRBdQX6C72sgFxTK7B5MEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b5acc1b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/mini-cart-contents.css?ver=10.6.5
104.21.46.213200 OK 17 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/mini-cart-contents.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (17267), with no line terminators
Hash f4d89b84baae1acc13afc5bca7d2d37c
6b0c0ca997f4105dfcea973854bc318dc53b3781
e7107d3a71f000762a1f4482be2504bc200411be11071a027bb45a5a08d63068
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/mini-cart-contents.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:09 GMT
etag: W/"64d48cd9-4373"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NcutdnUB0lZht%2FVQY049CkcBF2s%2BEIJzfZf3tpnrLl5nzKx52pSkUBOJ1h3h0VNuahSnYn2lde%2BYKGaQxF1K7lqkDtj9lbo1w5gu4vbzqUd4NzOFDUl40xmxf%2BmixhWIImCz4w1PufIfPn%2BxF4G%2FWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b50c01b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-theme-reset.min.css?ver=2.7.12
104.21.46.213200 OK 2.2 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-theme-reset.min.css?ver=2.7.12
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (2168), with no line terminators
Hash b525ca4f82f6743fc1e9fa2d4d1eb911
00074b4daba38ab0c343ce94957c4babe28cf7c1
483b25e3837f072303e5a34d44d9f1958f6f6c60a26fdc7c0df71c267f53a90c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-theme-reset.min.css?ver=2.7.12 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 09 Aug 2023 05:22:52 GMT
etag: W/"64d322ac-872"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=af5x%2BUWFsmka7YXJsF3NRNtvOjpQMAiuYsEciFau9iFz%2FzLg2B%2BAixiNwPD97GLDh4XaIyH09Oxsej7Y%2BHXiRC%2BOfwUfJGVw3SHLpbD2vD%2B2pW7r3zyKO9XfqT2QiiUjuvv0t7MjzDiiYvKACaaMnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b55c5db505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.youtube.com/embed/aTFVqF1Ox5M
142.250.74.14200 OK 93 kB URL GET HTTP/2 www.youtube.com/embed/aTFVqF1Ox5M
IP 142.250.74.14:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/aTFVqF1Ox5M HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 25 Apr 2024 17:44:51 GMT
strict-transport-security: max-age=31536000
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=HS9sAOH36xM; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=qRJ7UjB28o0; Domain=.youtube.com; Expires=Tue, 22-Oct-2024 17:44:51 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_PRIVACY_METADATA=CgJOTxIIEgQSAgsMIFQ%3D; Domain=.youtube.com; Expires=Tue, 22-Oct-2024 17:44:51 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/catalog-sorting.css?ver=10.6.5
104.21.46.213200 OK 857 B URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/catalog-sorting.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (857), with no line terminators
Hash 849a5f4f10951b298d89ce110f8627a6
5b60a9014170aeb5ee7fe7853aaa194f14228db1
90567cf35cac85490a9997392214aea234454af5142a5a06475e8bb9d931d463
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/catalog-sorting.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:07 GMT
etag: W/"64d48cd7-359"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AsVhE588FVZtnZBLn6UNUd9JbG0omYp18p6Xx7%2FDzAqkm8XMCKQ%2FA%2Bo89nUwoOuW%2FFEu70cMilXg9rz7YKHBhwwMXOJfYVGoc%2BIn3LKGlnnC%2FDP4kZYgRbYqH5z4DFisIks4f5Yhiv7M8VKQxP8e6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b47b4ab505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-button.css?ver=10.6.5
104.21.46.213200 OK 4.3 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-button.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (4294), with no line terminators
Hash c885974f01de83d0ad9a0384c8a05dee
5e94997bd4f4250d8c38571388ae5376b1b34b1b
c500566472ebf2467ae5e8073be616c271c13e0e667125349804a8c43ce858e8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-button.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:09 GMT
etag: W/"64d48cd9-10c2"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=licif8deSI24oj9I9ihyPGVwMjOlkWIMwKQoiR5ekuflDTGFxXjJFcMV0EpCZeG0%2BHQ2aSOF%2BQ7psOMk5fBDSPUPTVKkCMfkZq5p8f2bpbl0lamukvxejBa9yXbJl7GnB5y80yqBpIpeVkIHNtZDYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b47b53b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1687408549
104.21.46.213200 OK 11 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1687408549
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
Hash 94bc4228bb5941670e191e40a6bc44bd
ad06418894462185e7eecc1421310f552e1e5e36
5734f1b66dcb622529d435aba20990813d43553f949bc0813719b4e7d1252527
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1687408549 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 22 Jun 2023 04:35:49 GMT
etag: W/"6493cfa5-29ed"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L1aQ%2B0iQv26o4dXqtNyW%2FwqtlEaqvjSu527WMlJ4U1vRvElwEioq%2Bbd%2BHc%2BzCK0PiNInKHzZBb6YZzDB%2BBH19Cf2hGNQvey2df0e9BH2EQNQRnupH5Pa8%2BozYnq19R3e5hmEHtg9TsKjuJ2HHgCAlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b5acc4b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
104.21.46.213200 OK 8.9 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type JavaScript source, ASCII text, with very long lines (9056), with no line terminators
Hash 797c2156a7211100e9aceff7365be7a4
b70b89caf8cc05c7cbef1077e06994085331c5cc
812cdb2da5fee86d2f5a423fb5010af68f20c594f081b40f3b7f0050736e9ea8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 03 Aug 2023 04:41:27 GMT
etag: W/"64cb2ff7-22bc"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bNc6nQvP%2Fz%2Buoc%2BYQNQHC7VckJQEaGwwUa%2BqaWR6o7t1AH3tit1sEEbTWNyqbu5fpbDLc2kYEhBE2qTZ12dpqfNjdGRG5w9xQJvsCwhdLMWAt1teAGoIkjOBwE50xnF%2FJWzRbWyprgQWVIl6jA0gcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b5bccbb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-includes/js/dist/a11y.min.js?ver=7032343a947cfccf5608
104.21.46.213200 OK 2.4 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-includes/js/dist/a11y.min.js?ver=7032343a947cfccf5608
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (2528), with no line terminators
Hash 68bc8238a54bb8c0c5150dc95f72102d
a2fdc6d71605f2ee2f8eaf19278062ff99bfac57
04d307f0c9c637f231ea00f28431e6ea8e3958bf91b7d83dd0a5e7fe9cb940da
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/js/dist/a11y.min.js?ver=7032343a947cfccf5608 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:50 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 21 Sep 2023 13:26:32 GMT
etag: W/"650c4488-990"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jaJvT49bQVTxtlG9J%2B%2Be0oNeQS%2BYzjVGLn0ZaZ9%2FbIc9oBIM3q5m6BhoDjxmv104b7TFgwMBRsf2SOWHqAI0Ma5wQg%2FVhWRfNe7i4%2BgFFAK3jjSjKrO5fJaGdJU8oEvJFItkTpwA44ywkp8GSFNltA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b59cb8b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/all-reviews.css?ver=10.6.5
104.21.46.213200 OK 11 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/all-reviews.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/all-reviews.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:07 GMT
etag: W/"64d48cd7-2b5a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yKa8nMM3KMHKCGxE8ACpu3R6Uz%2BPKBaVyWeU%2FCvMBRwHHjZETrK3MRvSXFL9hUkJ0SL930y1mTm5l3au9HB%2FK7ktEXt1xrBMaQQqH1lXQfDD%2FvB6kiF9Ycwj94H%2BOjzk276VIeSBNs3K4yLtB8Z%2Fnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b46b2db505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/breadcrumbs.css?ver=10.6.5
104.21.46.213200 OK 732 B URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/breadcrumbs.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (732), with no line terminators
Hash 24b5c505d892352e33142b4a6f59e0d6
29ca7e25dcc2e1527e617c61da70dbc73ebc098f
e5c8b054d31035304ab12a174c2f2fb71a64e9cf308f4977f53adb906ced2319
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/breadcrumbs.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:07 GMT
etag: W/"64d48cd7-2dc"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oNS7Ex2rJnQ74fiJpbSC7cqgnguBj55B22WHez31nH205qJ0ZzEjjI%2F3sLIKm3xG1yPIp60jDMtD4GPBXZTUGLV2FOMFb%2Fz%2BnQEOuVMbrEgp2%2BJWl4Cbq1GbJTDlLlho41VscWG8j%2B48lOF1L0sCKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b47b47b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/captcha/css/desktop_style.css?ver=4.3.0
104.21.46.213200 OK 1.7 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/captcha/css/desktop_style.css?ver=4.3.0
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (1846), with no line terminators
Hash b5ebfeed816e6e20dcbb6e72094f2c95
af2489ab3e1e8e4832b92307f84c5333643326b6
123c7972e9e28c978cbaae2e8adb730d1f00600acfa42e1f508f94729c46bca2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/captcha/css/desktop_style.css?ver=4.3.0 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 25 May 2017 19:50:08 GMT
etag: W/"59273570-6d3"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EeduigWceyc40yKOL%2FCQ%2Fqd60edFDYz9gj30Jbknd6Npb5Ob%2BC%2BoiJPeb6qbqrm01QzX4D5E1wgs%2B6Mf3zdxYPRadh%2Fh2ZeIhWv75xSvhwPqsvEOaLh5vWSlU%2BzbI6GZTpmwceS2wrloX0g5agIuSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b51c18b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.7.12
104.21.46.213200 OK 3.9 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.7.12
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (3860), with no line terminators
Hash 8e96ac33d13cfe932ea3c539e438b105
b4981821e2e6045b3011fe1c5a7991bbc2a7c4fc
678dcb871057c9c23fbf3657ffa7ce50368492e621034fa0a8d701e7d78ee9e6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.7.12 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 09 Aug 2023 05:22:58 GMT
etag: W/"64d322b2-f14"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PRF2Kkcn559mSYh2RzG8%2BcoLk9jpT0VnJv2sdxyb9QjL0SmGDG41TUawDCj69fj6HcjtbMqooRWrp84wor6qWzqYTAYH%2BRpZZIO7udqGQOZLqCkH5pnAM5HAQJwox6y5pc%2FqwFaIock2MwVZfiCn8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b55c6db505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
104.21.46.213200 OK 8.2 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type JavaScript source, ASCII text, with very long lines (8365), with no line terminators
Hash 08e6714eaf3cfe8f3c7839f22d90ba4e
94fdad68854d0d3482b877aef7ba7c2eb265c621
e424039d5a737a1bda8a5ded60919e5067085729310762eebb09c20e07d249c8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 18 Jan 2023 11:16:33 GMT
etag: W/"63c7d511-1feb"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Btr4PLbIKtY%2FG4I7jjMGMHqbIFiDmVYkgb1TYbeIYAkLXtZO00ouXT9iGa0NAjGk1N7lXkgaLYADzWiSa4tAmhG4a6xYSt7uP9Gjz3TjXTYqlnq3wQKxy%2BBr2oMRRAHYSD6c9PUnL%2B5hMQsw7Y3V4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b58caab505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-details.css?ver=10.6.5
104.21.46.213200 OK 1.3 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-details.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (1267), with no line terminators
Hash bfe6352bb0646d89d5485e33384a3619
c54397c89f97b0e816c1b0caa8b080a594974f1c
43f17cc13969b87d6f9109ee6d21c047d3f21413733f22f9dfc1b064ad87d991
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-details.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:09 GMT
etag: W/"64d48cd9-4f3"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Afu9Do8Wi3jFkSnp9ZsVGP3AW53whiI%2BsOBQEmW1YFVg703RA9m4EnNymsXWjTH71ylNo6dHTKsLOPw9ZDnCojnZsL1VO2mS%2BVmOa2Ouvu%2BLUd15KoOLGx%2BRmJIHIyQRLJfw3ZT0EganRHDlMUC%2F1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b4dbc0b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/easy-fancybox/fancybox/1.5.4/jquery.fancybox.min.css?ver=6.4.3
104.21.46.213200 OK 5.4 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/easy-fancybox/fancybox/1.5.4/jquery.fancybox.min.css?ver=6.4.3
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (5396), with no line terminators
Hash c596306c731dbe2b608c21be3d8f5920
426ddef38ff6e399fa0b056510833977c8636644
4bce18de486fea257a1a5c9d5477070cec0ca1dff3438e5784161e8a8756da44
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/easy-fancybox/fancybox/1.5.4/jquery.fancybox.min.css?ver=6.4.3 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 12 Dec 2022 03:49:18 GMT
etag: W/"6396a4be-1514"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=omEExz%2FSDPaBRusFfOoOtzCo5heH5bFsVUkTVLrbZZkFQIcfH6g7qoy5M0uyECMoQwLXxcaj0IS8JOsJbq7xJkyJt2cppwQmLn9zU8DXBs5lo45B7LoyVUNrwE0pgG2qNxUrOfvLw1y2SUi1vHRw7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b52c2db505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.7.12
104.21.46.213200 OK 80 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.7.12
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9fd7fee7a142fe791be88fafdaecb9e2
0425c235a09b2836c896b44310f025a74a1a0fcf
c0d7697b93bb46aaa27569e89afa772f42f9e10099b6304fa3ca3b79f065f356
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.7.12 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 09 Aug 2023 05:22:58 GMT
etag: W/"64d322b2-139cf"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ARfbtP%2BBHf0bkqfR0lYvOz3J6bikkQ1Mc4LXY3A6tH%2FWfMEHLHtejsreM2kQKDFx4j3uATB7edqzr6C8vlxale09Uuk1Av2RPMZ%2BQGLnoslvpBqH7lH2uaTp0xjxALp36IN7iJfWDt5i3lNpqD6dw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b56c70b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=8.0.1
104.21.46.213200 OK 3.0 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=8.0.1
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type JavaScript source, ASCII text, with very long lines (3127), with no line terminators
Hash 2218d50daed7e8a43a86a7c097bf12a2
99ca9bd95d64ddbd72e6c3fe0d5b6c9267f9a5a0
7e2f9e076be985c3bfc027eceb2e90e239fb6ce3627c3840844ab0f2ebad2fd3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=8.0.1 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:07:46 GMT
etag: W/"64d48cc2-bdd"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0aY%2FIAuZrVJL2q%2FUfaZaj4B3iFAOxQUvHI8GEB4bPHj5f3ZDmRCKclyLTn6eRNgbSTd%2Fo4cTQN5jz5GvWAlktcO5nnmbGZTq9l5UawP9w8ZM0krN3SdVejFDEzu%2FtJZ2CJlgKOOo6w%2Bcul2GLmTSVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b56c7cb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-search.css?ver=10.6.5
104.21.46.213200 OK 1.5 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-search.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (1534), with no line terminators
Hash c62e880e30d4e87ee2cac602a0afc38f
a900f280a808b00b0569bebcb7379584b8b8fda5
be83b2e784a028cd281ceca255ed7b5327e901a8d95246cee78170fc9b1a7505
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-search.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:10 GMT
etag: W/"64d48cda-5fe"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3fgD%2BiTc2WFZjSlx7m30jfpE34%2FGGe5QL%2FI0ZkLnYcEttKW8EjSKB7vMNDqNbO9TN%2FbW0IXb6wfsTL9yLwES%2BvoPrZCY82axa38pjtNL69jK6sbOyyHU4f5EK0lkGhWxgK%2Fa4w%2BMJhK7pZ0ZryxwmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b49b78b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-query.css?ver=10.6.5
104.21.46.213200 OK 1.0 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-query.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (1020), with no line terminators
Hash fc137f2c78b71f6bfce94efac88add0d
61dc9b858ae352d3eba8284a792e1e8f34cee774
e9d8eaaa3c53c27264a9a0fc3d833e9336d49de2252b08f720a6e9ef8831e1c8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-query.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:10 GMT
etag: W/"64d48cda-3fc"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f1V1Xjr3VI7lNpcCn26N7kfhRWFvk64jezTG4k%2Bj8CjYp1TVH8UyykyLa%2BjnAp5KX%2Bgap059sWkwkbSuiiKmLnda%2Fy%2FYmya1lG5D04PRFUtNGzWiYutGexARViKHWDJOryJuz8%2BG%2BDGFm9stiRECYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b48b63b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-sku.css?ver=10.6.5
104.21.46.213200 OK 692 B URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-sku.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (692), with no line terminators
Hash 2b3f38a69a162f2116fd1fdba4d34115
eb8de0f95007493ffa518dadf9b94377ccf17a00
8acf5f8d0a5d24267e83e43faa1733bd728dd02e7993cdbfa06a7729cc94c782
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-sku.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:10 GMT
etag: W/"64d48cda-2b4"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fb7KVlBciVpwqkWNR%2BA%2BZcBcMOaQEyxBJzdnYRYn1mNpXGQQgFd4oh4RBT3GW7YjAldVQr8ldfYMwVeH%2BemUZjNhzkwuNp6W%2FdOKMTrXZw1h6G4lhuS3LhMtzLArj4M8qdBbqK3oCHx%2BQ5XCbGgUsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b49b7ab505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/
104.21.46.213200 OK 70 kB URL User Request GET HTTP/3 www.beautifullyprofitable.com/
IP 104.21.46.213:443
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:50 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-powered-by: WP Engine
x-pingback: https://www.beautifullyprofitable.com/xmlrpc.php
link: <https://www.beautifullyprofitable.com/wp-json/>; rel="https://api.w.org/", <https://www.beautifullyprofitable.com/wp-json/wp/v2/pages/179>; rel="alternate"; type="application/json", <https://www.beautifullyprofitable.com/>; rel=shortlink
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 8
x-cache-group: normal
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NipUbViZcBMp3v%2BtqgQ6eRAgD7nfHqOwwB5cxegnXSkIrvZ1aSHQT5jeROWEvhLb%2BqYs5cJBdEVsGzLCifucZdCJdHC6MhfggsasklsCHzxxuvdsb%2FJpBVf11uV4lL0cOHrgtkil1axiGn%2FJ%2BGQSSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024ad1b49b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/all-products.css?ver=10.6.5
104.21.46.213200 OK 33 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/all-products.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (33349), with no line terminators
Hash 5614262108f38228e37a860df6d9bf8c
d3c679afd5507d7e31510995bdc25ab78867748f
2439c98f3623d41ae047efff52d59cfd0112bc180d8de0562a9c6c86b20c6f5d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/all-products.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:07 GMT
etag: W/"64d48cd7-8245"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4LwZqaO1Mbsd7cZOv1LoKYr%2BeMSxSLxYwFqTXDd8F9kP2Xf9c3L1f5065BEJ3eTFAYeGNH3AJUOrXE1mcUOt%2BamGZzXdjgGtig2a%2FXaKHntP5qOsbk6KdUJbitHAyi6%2BmrEg7hNffP6A6IwDx4G4%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b46b2cb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-add-to-cart.css?ver=10.6.5
104.21.46.213200 OK 7.5 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-add-to-cart.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (7541), with no line terminators
Hash b415bc40841f782ad9700e89179e2dda
f40f3d40434a2079292ab8262482eef1eef38dcb
738ba916acb76c8a29fb2b5633f8a15473e0265ecaf14d85dfa3c51824276d00
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-add-to-cart.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:09 GMT
etag: W/"64d48cd9-1d71"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qcI7lYwdXpHYMXWxlaozwWy8uj2Ys1lXb8dNEilbd6iEeo44F9pZFhDQn0xi%2FJ8d97ZxRTKfUBZoDcOI0M1ZF4iMt2zG%2F3WzoPZWfOLo8bXDRNq8KbSmrtKXjEdgGNtZDfCTWYsgRUuMyAdsQoFEoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b47b51b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/assets/css/style.css
104.21.46.213200 OK 5.9 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/themes/beautifully-profitable/assets/css/style.css
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (6306), with no line terminators
Hash 8e98e82cc699cd7d8323853307671a00
4622e09249cc2f1a5dd1213da4ad6d8a95a45b4c
68b917a5443b0d0189f740a2c519e8f283460d89de7d102d222833b78aacd861
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/themes/beautifully-profitable/assets/css/style.css HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 14 Dec 2016 03:21:16 GMT
etag: W/"5850baac-1702"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ECjb6%2BJZrynkt9vYIVeLrmTlcuFTAQwd7zoD45%2FzbIIVhdfYYtA21DNAO6v2pYKARKUvZhaPLIRnog8BIp0CEr3c%2BOsIzwNXEkjk7UblCurYTuz13%2BnbR%2B%2F52iLapPK85VBJtVbhtJ4YyY5AUpZrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b44b1bb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
104.21.46.213200 OK 110 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
Size 110 kB (110147 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.4.3 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 24 Jan 2024 19:02:28 GMT
etag: W/"65b15ec4-1ae43"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xRrxeU8NLBGb7vla3E%2BGE%2FLTkaw2IdlPczpDO65SKcmces9lBGvVbrDFc13cQYYFUfOIta9E5tDa0qxqynr%2FTazMVMp3Iasx8hSaLDylMh6yruR3V1s1MI90Kc3WtlnKLTGGbET8CjB5wYmR49I%2FCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b44b1fb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/sharebox/css/wdsb.css?ver=6.4.3
104.21.46.213200 OK 1.8 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/sharebox/css/wdsb.css?ver=6.4.3
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (2032), with no line terminators
Hash 700c7b72ccd361fe4de67eab3187ce02
fdfbde53f2a2fabcc12bb8371aed393d4cf76044
8af0074b1fa2953eb821843a5dc3335bf2b3ea2d0acc695c8619bbae76bfc837
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/sharebox/css/wdsb.css?ver=6.4.3 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 14 Dec 2016 03:21:17 GMT
etag: W/"5850baad-725"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bZMsQBjbOmN63SD7E04ExiOsFwQLrh%2FyYtmqQ2kkXO6NkzM2JI8Ef5sFTEgxXitgN9uG8G2hGw1%2F0i0b4%2Bj40eyUXFCBZ61%2Bch9Ew6tf%2Fg0ASCRyMwULiPjs2xh1L82WEq1nb2Ls4MneQ1hn2Owclg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b52c35b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
104.21.46.213200 OK 88 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type JavaScript source, ASCII text, with very long lines (65447)
Hash 826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
etag: W/"64ecd5ef-15601"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3H%2BgZe%2B3NaC72upT8z1D2QYMw8w42I%2BATPyd6jJ76Jws7Mqar6PLSAUy%2F1yLrInDmenaVkinudWeFCps5lRJRV%2FJfMhM%2Fa8wNWFpLXtSsoZAtR0KyneKsBTk8P1dJYW5NFCR32boOtYNSy239nDfZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b52c39b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-includes/js/comment-reply.min.js?ver=6.4.3
104.21.46.213200 OK 3.0 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-includes/js/comment-reply.min.js?ver=6.4.3
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (3056), with no line terminators
Hash dc7f90d513295c29acc441fe114a2cab
ca9e5069d9afc4aa13ab2e152313dfb476e842ef
f87915c58d8c25473c726646b58d2fe0ba9a136987571e6c810aba3c67b4f74c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/js/comment-reply.min.js?ver=6.4.3 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: W/"625095f6-ba5"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lZ2MfDVsbU7yQBPDIyqb9kWNVzCsdtBju5cVcvwfQ7RG8ur%2FQiMribNXmHwZhFFpa%2FrzBWSjM5NpjGaHwf3GYy5pkqtopZiEKSMVOz1lARThqr0LgOIzPyfoEmJyZVt2LZ1GCYMGYVTMY51yol6imQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b56c84b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/checkout.css?ver=10.6.5
104.21.46.213200 OK 82 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/checkout.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/checkout.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:08 GMT
etag: W/"64d48cd8-13eba"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zrskN0I4PfYdBCLNjQGR34CY9ovFj5bAJnJA9wPFx3h1lECmTnktr59X%2BV%2FoKgyD8F33rTbCfBAYm1mhrs%2BWPxtyE8uy82RMdPKQPkuldKrVhU1pLDi2qfmsKiKQlJSQUKj3upfPFRnQqhtM9c0Y%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b4fbf6b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-includes/css/dashicons.min.css?ver=6.4.3
104.21.46.213200 OK 59 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-includes/css/dashicons.min.css?ver=6.4.3
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (58981)
Hash d68d6bf519169d86e155bad0bed833f8
27ba9c67d0e775fc4e6dd62011daf4c3902698fc
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/css/dashicons.min.css?ver=6.4.3 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
etag: W/"603ffca6-e688"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3jCaGoPlDo0szeLxOtxYNT5C0LuOwGQQ7KzHSEv7m98KZFPEC1qphJSeE7LtK%2FihIviqRM6iHRh6vAx9RML1mj4m78h%2FTV0rBS3kpCIZJaD1ucEPojIC85K4Sd%2BTFGaDuI0CEmaEQ4GtojkOZSBlpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b51c17b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=8.0.1
104.21.46.213200 OK 18 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=8.0.1
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (17572), with no line terminators
Hash b21773acf35229baacbdcd9dcae6fc8d
cee51d25ca4048595a645451b66c437a55aee3eb
29934ab52db572c893d40563016fedd46dc3da5bb231af5d5b187e7fe66be9d0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=8.0.1 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:07:44 GMT
etag: W/"64d48cc0-44a4"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=clQiYqpV4DWEHB1wvTNiI%2F59MwF2%2Fq3T05W5tMuWeSAbL%2FgiYbP4MGpxSu3YrEYfk7yuRnqZgqsx4IVxt%2FDE%2Fkhn2YMB2rUkWXeiAXnZWwTg5Vgj7idUYFxPFPAm8%2FSYUJBm7v0%2BR7PRstDKuwp40A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b51c1bb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=8.0.1
104.21.46.213200 OK 75 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=8.0.1
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=8.0.1 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:07:44 GMT
etag: W/"64d48cc0-123ad"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D3%2B6XTWoAnZtyGNPQTUrZ8tHOtPaqTWs7hi85vHzTuJ9nQotnrjuAGRTF10uYEG2hIHGdK3OrfnxAw6Cy59YisEDEGskQpuOMhqpd3CMlUEGUEXsY2zHTem9hqRMH1S%2FbsZJtJk%2FHbNFXNIBXGyvSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b51c20b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.7.12
104.21.46.213200 OK 1.8 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.7.12
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type JavaScript source, ASCII text, with very long lines (2018), with no line terminators
Hash 8c77966b8fdc7d89fa68fac9fdaeb736
0490f7c05b83f5afa28f8f6b8a2384ae603bbb87
e12b77ae7dd88f4cf7ed10862187a843c1327dba6f72a8c26bdd02ddb6a06ec7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.7.12 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 09 Aug 2023 05:22:57 GMT
etag: W/"64d322b1-72c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ejL42OTDCGEqxjaEWhDG0NGPa0M1uGbdweO6F2b7aq5UVlSyNV4qa7StlPoDJdxc5K8sZAiURnhqq%2BVXYswHq4FAGyNksXVhDM7%2BuVJbp%2BDRVuCyFaTW%2FrgdDQRvAbTMoekYh1amUNthiP7KbDCJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b5acbdb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/gravityforms/assets/js/dist/utils.min.js?ver=9cecf9943583937c8b36678fadcce50d
104.21.46.213200 OK 39 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/gravityforms/assets/js/dist/utils.min.js?ver=9cecf9943583937c8b36678fadcce50d
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/gravityforms/assets/js/dist/utils.min.js?ver=9cecf9943583937c8b36678fadcce50d HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 09 Aug 2023 05:22:52 GMT
etag: W/"64d322ac-96eb"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n3l4AzPpggXyFOtDkBpapCZgu631CMO9TBYFDDwQhNESnSpYbJIEhJM9cvfJJs8UEuFTwA8LeQIGbsvn3NnFNiZLf5QdMi9%2B7%2BCN1x6kJiXFB%2FdVlyrRM7Oo9ysmheADH5JmjWH8xXGhfNoyb6sjhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b5acc0b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-stock-indicator.css?ver=10.6.5
104.21.46.213200 OK 687 B URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-stock-indicator.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (687), with no line terminators
Hash 2c0d55790ddd58e0cf79b15c6e747cdb
ab5e4cd9461e65b3ac5fd0273d36bc3266488be4
135556c0fa763dab82dad46e83b9cce4067ab4726d940e7ee577ab63728051b2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-stock-indicator.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:10 GMT
etag: W/"64d48cda-2af"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=coXSB22QwC2jrBZCHkqeqBh5VsTWm%2F6XKu%2BmxVJ4hlcKXTpLNa8of6haK8wkTo5dv3ADMdoTqs1Tjaf5GPTO4C5f67hziB3zXuMJ%2FIwM%2BgjIa4ILAhn1IQfWTs69mZfUrkb4c7UhsxSddI4dJ9FuWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b4ab8bb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/rating-filter.css?ver=10.6.5
104.21.46.213200 OK 33 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/rating-filter.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (32969), with no line terminators
Hash 9afceeccc45be73dcb01568e5e568f7c
6e6a7af5b3dd38acea3946266b053b6613941242
12df06c27d1e786adaf0385e330404b66182bfa1ad4e269856324f0e91cfbaa2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/rating-filter.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:10 GMT
etag: W/"64d48cda-80c9"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LVi%2Fs43a4Ksi7vllSMxTgzA3n7Hi1CR%2Fs4DuMkC96JkAQSR6lLHNuaL3wBL7dve6GEgQSIRjA7ZpQnCyewf2NkBz7H9FGvjGk2dm4Ws1pOPCf26zWmsaRZuqwpKxrhhh2d1gpAx6tV1sP7bqKVfBhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b4cba1b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=8.0.1
104.21.46.213200 OK 2.1 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=8.0.1
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type JavaScript source, ASCII text, with very long lines (2257), with no line terminators
Hash 846a24981bff9217c95389e6dc346313
e03631b8e1438e09c8d7876ab20b0d69d0c4d819
29327d5b926dcc7de82c087f261b00355dce3492f0b9721887819b5f54cf8486
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=8.0.1 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:07:46 GMT
etag: W/"64d48cc2-85b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MuF3P6jLBbKbMzcEBGavwfl4GuxfGv0hq9YQzK6gjZWElzSOp2nvGpNZlYjvEevqC0uqqEYiNVRvqUP2RcKtyq6f7FvZwp9ej99aRm9tsPfz03Q%2FEj6jmIMLI3OSfONQ67lsB6KSVMcBV9atp6kcwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b56c81b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/add-to-cart-form.css?ver=10.6.5
104.21.46.213200 OK 987 B URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/add-to-cart-form.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (987), with no line terminators
Hash f1b5c7c07f410b9886217dd95f0a277f
58333b258e5875077c1564c2411655b80981215e
1efdf469d4f0daebb6355dfbadc7882e19acad98b61c8a4ae2c197645a615a36
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/add-to-cart-form.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:07 GMT
etag: W/"64d48cd7-3db"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ijq7P%2BMRb9ZtjFO5IWVz2Z%2BCwyxjHWYO7ovXuZ2CkIqV7IagTPzeznpfVdaNbkoi1CxC%2B34puSj2kcFFhfR%2Fnn6mU6X7OTzTKOOyV9b1l8Wo0C9wWp4Tc0hnTkOI3f2WPVsQLhr8YR%2F9hyThB3ebbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b45b28b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/featured-category.css?ver=10.6.5
104.21.46.213200 OK 5.5 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/featured-category.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (5500), with no line terminators
Hash dd2c6a956ac34db460ef2a9059a73be1
12259799deb12ec472315af20e8f0cd177dd780a
b4a0f776b726cdc881fd62950a723d33f894b9695adce62e45133f0ca86604b7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/featured-category.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:08 GMT
etag: W/"64d48cd8-157a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wJb3Gl8PD6Yyu3pgCyGIQr6cGfzY7wkxXptdkMt0y7MVpezKtWFpnHQ8UA0AdPHP0gG5AyJkWEXYl9O8IemXJ%2F2hihLqGvOitB0yl8MZY%2B%2BkQY6tNijZXP5SApoAMqd1JECJR2VUuLXnn49OrDrJYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b47b4cb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/mini-cart.css?ver=10.6.5
104.21.46.213200 OK 14 kB URL GET HTTP/3 www.beautifullyprofitable.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/mini-cart.css?ver=10.6.5
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type ASCII text, with very long lines (13600), with no line terminators
Hash bbf1f6fed98ae1521eb29508a74de963
bf93442d2273e056bd9cd8f0cfcf4ebab8a721f0
ee66489e899ef995307be951b64d1eb011d596d6118b97b9b76f8f9c25177f41
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/mini-cart.css?ver=10.6.5 HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 07:08:09 GMT
etag: W/"64d48cd9-3520"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QrEpJyjJ%2Fd92HKBIQDqrPKTnKiMYlAr9RgemocjiIUhW4KOL3XIrdOixTqrgxsl15QLBY03dFAReRgkmIL5imvjaUP6QZozLaWUHSmywUu%2B%2FSbEnBACjynEwhcRd5tnmQwcoh%2Bz%2FDGgm9a2g39rvfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024b47b4eb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.beautifullyprofitable.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.21.46.213200 OK 1.2 kB URL GET HTTP/3 www.beautifullyprofitable.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.21.46.213:443
Requested by https://www.beautifullyprofitable.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbeautifullyprofitable.com
Fingerprint10:71:D4:95:37:6B:27:FE:35:CE:3C:3B:CF:F8:FE:3E:E8:F1:1B:4E
ValiditySun, 03 Mar 2024 04:30:04 GMT - Sat, 01 Jun 2024 04:30:03 GMT
File type HTML document, ASCII text, with very long lines (1271), with no line terminators
Hash 40d981045a7516cdadd00e8dccc9c58d
8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3
71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: www.beautifullyprofitable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.beautifullyprofitable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:50 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
etag: W/"6622d9ef-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=54VZJawV1C%2FbL1PSeBkZnpEhl%2BKNFep0u1qslb82h2oY5pwxFkCQY%2BK31bJILxyaDo4S5cmQ7D3K4Q%2BNsfM23z4fx1EWUXooXeJNKdZdtPpaHbXrpd13V7y7jtjTaMmqhKratECPJe1EwfuGwflsrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a024b53c44b505-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 27 Apr 2024 17:44:50 GMT
cache-control: max-age=172800, public
content-encoding: gzip