| sheaglobal.com/wp-includes/css/buttons.min.css?ver=6.4.3 | 104.196.103.209 | 200 OK | 1.9 kB |
URL GET HTTP/2sheaglobal.com/wp-includes/css/buttons.min.css?ver=6.4.3 IP104.196.103.209:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://sheaglobal.com/wp-login.php CertificateIssuerLet's Encrypt Subjectsheaglobal.com Fingerprint52:8D:CC:7A:B8:5A:96:04:1C:43:AB:0F:38:96:33:E7:1C:95:D7:33 ValiditySat, 24 Feb 2024 00:24:25 GMT - Fri, 24 May 2024 00:24:24 GMT
File typeASCII text, with very long lines (5890) Hashc4b8785adf7a6ff49403ca561e8e93d9 a2b37487164918e9961ac04fb8ae087efca84905 be47f84097fc1dcfe4a183ec10218db49578053af37a7d4bcf83d946fdeabc82
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/css/buttons.min.css?ver=6.4.3 HTTP/1.1
Host: sheaglobal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sheaglobal.com/wp-login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=68d2fa562bf225812bda52babd98b633; wordpress_test_cookie=WP%20Cookie%20check
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:07:31 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 20 Sep 2023 21:03:20 GMT
etag: W/"650b5e18-1725"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sheaglobal.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef | 104.196.103.209 | 200 OK | 6.0 kB |
URL GET HTTP/2sheaglobal.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef IP104.196.103.209:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://sheaglobal.com/wp-login.php CertificateIssuerLet's Encrypt Subjectsheaglobal.com Fingerprint52:8D:CC:7A:B8:5A:96:04:1C:43:AB:0F:38:96:33:E7:1C:95:D7:33 ValiditySat, 24 Feb 2024 00:24:25 GMT - Fri, 24 May 2024 00:24:24 GMT
Hasha4d4a38e7965a4e7e676f3d91c3326bd d68accc39d408f3be146537c89886f54dbaa00fe ff47ba0661692f827c10efda02a5d75577f56baf26fed9511b99d8fe455c761f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef HTTP/1.1
Host: sheaglobal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sheaglobal.com/wp-login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=68d2fa562bf225812bda52babd98b633; wordpress_test_cookie=WP%20Cookie%20check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:07:31 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 21 Sep 2023 13:26:32 GMT
etag: W/"650c4488-3102"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sheaglobal.com/wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-before.js | 104.196.103.209 | 200 OK | 5.5 kB |
URL GET HTTP/2sheaglobal.com/wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-before.js IP104.196.103.209:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://sheaglobal.com/wp-login.php CertificateIssuerLet's Encrypt Subjectsheaglobal.com Fingerprint52:8D:CC:7A:B8:5A:96:04:1C:43:AB:0F:38:96:33:E7:1C:95:D7:33 ValiditySat, 24 Feb 2024 00:24:25 GMT - Fri, 24 May 2024 00:24:24 GMT
File typeJavaScript source, ASCII text, with very long lines (9112) Hashe66a52a92b9a5945b9fbc8d5dd9bdc62 63014826552e395f6144801f8594728bf6af2e8e 086431180df115161e897b363a79fadddd5d2f925649efe115a67c86cdde9320
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-before.js HTTP/1.1
Host: sheaglobal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sheaglobal.com/wp-login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=68d2fa562bf225812bda52babd98b633; wordpress_test_cookie=WP%20Cookie%20check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:07:31 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 23 May 2019 19:50:10 GMT
etag: W/"5ce6f972-2896"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sheaglobal.com/wp-admin/js/password-strength-meter.min.js?ver=6.4.3 | 104.196.103.209 | 200 OK | 11 kB |
URL GET HTTP/2sheaglobal.com/wp-admin/js/password-strength-meter.min.js?ver=6.4.3 IP104.196.103.209:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://sheaglobal.com/wp-login.php CertificateIssuerLet's Encrypt Subjectsheaglobal.com Fingerprint52:8D:CC:7A:B8:5A:96:04:1C:43:AB:0F:38:96:33:E7:1C:95:D7:33 ValiditySat, 24 Feb 2024 00:24:25 GMT - Fri, 24 May 2024 00:24:24 GMT
File typeJavaScript source, ASCII text, with very long lines (4189) Hash0f3cbe45e81d2c0817cfc0f7b86128fa 8afd1caa34e869a9389535b40057fe10f1f23b6c 45f00633e146e47a6c22ac8620951175cf00bc883de7ae334c93d32358acd95e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-admin/js/password-strength-meter.min.js?ver=6.4.3 HTTP/1.1
Host: sheaglobal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sheaglobal.com/wp-login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=68d2fa562bf225812bda52babd98b633; wordpress_test_cookie=WP%20Cookie%20check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:07:31 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 22 Jan 2021 12:32:03 GMT
etag: W/"600ac5c3-1080"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sheaglobal.com/wp-content/mu-plugins/force-strong-passwords/js-admin.min.js?ver=1.8.0 | 104.196.103.209 | 200 OK | 6.8 kB |
URL GET HTTP/2sheaglobal.com/wp-content/mu-plugins/force-strong-passwords/js-admin.min.js?ver=1.8.0 IP104.196.103.209:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://sheaglobal.com/wp-login.php CertificateIssuerLet's Encrypt Subjectsheaglobal.com Fingerprint52:8D:CC:7A:B8:5A:96:04:1C:43:AB:0F:38:96:33:E7:1C:95:D7:33 ValiditySat, 24 Feb 2024 00:24:25 GMT - Fri, 24 May 2024 00:24:24 GMT
File typeJavaScript source, ASCII text, with very long lines (431) Hash436e11e3c3630abec4b4d94cf7a048ec afd6578fdc92d11cfdfc303f2dd1d400a6b9fa31 c7591bf7ecde06f7a8336e46c650119f9d53a7f2b151de409ff1cc7a3666f4c2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/mu-plugins/force-strong-passwords/js-admin.min.js?ver=1.8.0 HTTP/1.1
Host: sheaglobal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sheaglobal.com/wp-login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=68d2fa562bf225812bda52babd98b633; wordpress_test_cookie=WP%20Cookie%20check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:07:31 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 08 Apr 2024 14:44:05 GMT
etag: W/"661402b5-1b0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sheaglobal.com/favicon.ico | 104.196.103.209 | 200 OK | 0 B |
URL GET HTTP/2sheaglobal.com/favicon.ico IP104.196.103.209:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://sheaglobal.com/wp-login.php CertificateIssuerLet's Encrypt Subjectsheaglobal.com Fingerprint52:8D:CC:7A:B8:5A:96:04:1C:43:AB:0F:38:96:33:E7:1C:95:D7:33 ValiditySat, 24 Feb 2024 00:24:25 GMT - Fri, 24 May 2024 00:24:24 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: sheaglobal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sheaglobal.com/wp-login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=68d2fa562bf225812bda52babd98b633; wordpress_test_cookie=WP%20Cookie%20check
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:07:32 GMT
content-type: image/x-icon
content-length: 0
last-modified: Mon, 08 Apr 2024 18:13:00 GMT
etag: "661433ac-0"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| sheaglobal.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 | 104.196.103.209 | 200 OK | 45 kB |
URL GET HTTP/2sheaglobal.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 IP104.196.103.209:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://sheaglobal.com/wp-login.php CertificateIssuerLet's Encrypt Subjectsheaglobal.com Fingerprint52:8D:CC:7A:B8:5A:96:04:1C:43:AB:0F:38:96:33:E7:1C:95:D7:33 ValiditySat, 24 Feb 2024 00:24:25 GMT - Fri, 24 May 2024 00:24:24 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators Hash90af46ea882da96be9520c902046ec9c 0e5662cb2e4852b7b3ba1de914f7f6f9a7ce0bbf 3e1854c3435b98a780425a4e0f17d43571bfbffb0cf8481a4f44a25adaeba49c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: sheaglobal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sheaglobal.com/wp-login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=68d2fa562bf225812bda52babd98b633; wordpress_test_cookie=WP%20Cookie%20check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:07:31 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 26 Sep 2023 14:23:26 GMT
etag: W/"6512e95e-1cdd4"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sheaglobal.com/wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-after.js | 104.196.103.209 | 200 OK | 13 kB |
URL GET HTTP/2sheaglobal.com/wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-after.js IP104.196.103.209:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://sheaglobal.com/wp-login.php CertificateIssuerLet's Encrypt Subjectsheaglobal.com Fingerprint52:8D:CC:7A:B8:5A:96:04:1C:43:AB:0F:38:96:33:E7:1C:95:D7:33 ValiditySat, 24 Feb 2024 00:24:25 GMT - Fri, 24 May 2024 00:24:24 GMT
File typeJavaScript source, ASCII text, with very long lines (9112) Hashdc833f86e72769c45f38d3b25494e694 a960a281e74cc1c28d676fa49d049a5c5158a26c 95c0078dec31a09dd33b1d50892c5f701092fbd5c2a67b721e0fba4a04edf1f8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-after.js HTTP/1.1
Host: sheaglobal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sheaglobal.com/wp-login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=68d2fa562bf225812bda52babd98b633; wordpress_test_cookie=WP%20Cookie%20check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:07:31 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 23 May 2019 19:50:10 GMT
etag: W/"5ce6f972-2730"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sheaglobal.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 | 104.196.103.209 | 200 OK | 17 kB |
URL GET HTTP/2sheaglobal.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP104.196.103.209:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://sheaglobal.com/wp-login.php CertificateIssuerLet's Encrypt Subjectsheaglobal.com Fingerprint52:8D:CC:7A:B8:5A:96:04:1C:43:AB:0F:38:96:33:E7:1C:95:D7:33 ValiditySat, 24 Feb 2024 00:24:25 GMT - Fri, 24 May 2024 00:24:24 GMT
File typeJavaScript source, ASCII text, with very long lines (13479) Hash52381bae25252aa9355f204b1667d3ab f7d43f37d24a095e21da9c405cb2b8fe2a6907a7 33e30f2f4df622626c4a940d7ec2f6c14a05f607a9d1cced2a1b149375d07730
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: sheaglobal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sheaglobal.com/wp-login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=68d2fa562bf225812bda52babd98b633; wordpress_test_cookie=WP%20Cookie%20check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:07:31 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
etag: W/"6482bd64-4126"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sheaglobal.com/wp-admin/css/login.min.css?ver=6.4.3 | 104.196.103.209 | 200 OK | 6.5 kB |
URL GET HTTP/2sheaglobal.com/wp-admin/css/login.min.css?ver=6.4.3 IP104.196.103.209:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://sheaglobal.com/wp-login.php CertificateIssuerLet's Encrypt Subjectsheaglobal.com Fingerprint52:8D:CC:7A:B8:5A:96:04:1C:43:AB:0F:38:96:33:E7:1C:95:D7:33 ValiditySat, 24 Feb 2024 00:24:25 GMT - Fri, 24 May 2024 00:24:24 GMT
File typeASCII text, with very long lines (6467), with no line terminators Hashe3371307a04a1d5afcb3393fa75d2050 cfb2512d6e763c370b69be9262246784cf529f6c 44a46bc1edffa1de9634dda2741e537bebc4c7814ac4bb66cf2c6e0c44129150
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-admin/css/login.min.css?ver=6.4.3 HTTP/1.1
Host: sheaglobal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sheaglobal.com/wp-login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=68d2fa562bf225812bda52babd98b633; wordpress_test_cookie=WP%20Cookie%20check
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:07:31 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 17 Oct 2023 13:20:23 GMT
etag: W/"652e8a17-193e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sheaglobal.com/wp-admin/js/user-profile.min.js?ver=6.4.3 | 104.196.103.209 | 200 OK | 9.4 kB |
URL GET HTTP/2sheaglobal.com/wp-admin/js/user-profile.min.js?ver=6.4.3 IP104.196.103.209:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://sheaglobal.com/wp-login.php CertificateIssuerLet's Encrypt Subjectsheaglobal.com Fingerprint52:8D:CC:7A:B8:5A:96:04:1C:43:AB:0F:38:96:33:E7:1C:95:D7:33 ValiditySat, 24 Feb 2024 00:24:25 GMT - Fri, 24 May 2024 00:24:24 GMT
File typeJavaScript source, ASCII text, with very long lines (9751), with no line terminators Hash8cfaf92832abbe5bcdf870e0aedf3764 334f854846ca382cdee2233dec420248b7a526e9 25ad935961b01330efd552423077ac7531f56a63344d10743c63e222e483c4eb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-admin/js/user-profile.min.js?ver=6.4.3 HTTP/1.1
Host: sheaglobal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sheaglobal.com/wp-login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=68d2fa562bf225812bda52babd98b633; wordpress_test_cookie=WP%20Cookie%20check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:07:31 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 22 Jun 2023 00:32:21 GMT
etag: W/"64939695-24a1"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sheaglobal.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 | 104.196.103.209 | 200 OK | 91 kB |
URL GET HTTP/2sheaglobal.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP104.196.103.209:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://sheaglobal.com/wp-login.php CertificateIssuerLet's Encrypt Subjectsheaglobal.com Fingerprint52:8D:CC:7A:B8:5A:96:04:1C:43:AB:0F:38:96:33:E7:1C:95:D7:33 ValiditySat, 24 Feb 2024 00:24:25 GMT - Fri, 24 May 2024 00:24:24 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash989df2782e814ccdca467b8d9a668975 416843e8806ea5b43eadee38a7739b5fab84a475 fb4089d879d7ae08ee1e2c7defa2e3c726dd9c26ee1df5bfff9a0436d2b451e3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: sheaglobal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sheaglobal.com/wp-login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=68d2fa562bf225812bda52babd98b633; wordpress_test_cookie=WP%20Cookie%20check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:07:31 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
etag: W/"64ecd5ef-1621e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sheaglobal.com/wp-includes/js/zxcvbn-async.min.js?ver=1.0 | 104.196.103.209 | 200 OK | 3.5 kB |
URL GET HTTP/2sheaglobal.com/wp-includes/js/zxcvbn-async.min.js?ver=1.0 IP104.196.103.209:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://sheaglobal.com/wp-login.php CertificateIssuerLet's Encrypt Subjectsheaglobal.com Fingerprint52:8D:CC:7A:B8:5A:96:04:1C:43:AB:0F:38:96:33:E7:1C:95:D7:33 ValiditySat, 24 Feb 2024 00:24:25 GMT - Fri, 24 May 2024 00:24:24 GMT
File typeJavaScript source, ASCII text, with very long lines (3465), with no line terminators Hash02911699b688a871f5c722f0eb804f0a b3ab4549a8f8f18cb8681fbc9d1ea948c1149caf 5cfcbb7cd783a706175336115f15e488a5e509d00dc0da439c2901c1143a3087
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/zxcvbn-async.min.js?ver=1.0 HTTP/1.1
Host: sheaglobal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sheaglobal.com/wp-login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=68d2fa562bf225812bda52babd98b633; wordpress_test_cookie=WP%20Cookie%20check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:07:31 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 23 Feb 2021 16:45:19 GMT
etag: W/"6035311f-d7c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sheaglobal.com/wp-includes/js/underscore.min.js?ver=1.13.4 | 104.196.103.209 | 200 OK | 22 kB |
URL GET HTTP/2sheaglobal.com/wp-includes/js/underscore.min.js?ver=1.13.4 IP104.196.103.209:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://sheaglobal.com/wp-login.php CertificateIssuerLet's Encrypt Subjectsheaglobal.com Fingerprint52:8D:CC:7A:B8:5A:96:04:1C:43:AB:0F:38:96:33:E7:1C:95:D7:33 ValiditySat, 24 Feb 2024 00:24:25 GMT - Fri, 24 May 2024 00:24:24 GMT
File typeJavaScript source, ASCII text, with very long lines (21899) Hashcf5e5f22feb07d5a89466ae50f536b7d 9d0f410139c74b18a62fce9e228e27313103c959 652a18dd7a2c92a61c656c2fd2e5d3a88db926767e36a2e2ee0402860c9b3a4c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: sheaglobal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sheaglobal.com/wp-login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=68d2fa562bf225812bda52babd98b633; wordpress_test_cookie=WP%20Cookie%20check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:07:31 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 27 Sep 2022 15:18:25 GMT
etag: W/"63331441-55ae"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sheaglobal.com/wp-includes/js/zxcvbn.min.js | 104.196.103.209 | 200 OK | 825 kB |
URL GET HTTP/2sheaglobal.com/wp-includes/js/zxcvbn.min.js IP104.196.103.209:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://sheaglobal.com/wp-login.php CertificateIssuerLet's Encrypt Subjectsheaglobal.com Fingerprint52:8D:CC:7A:B8:5A:96:04:1C:43:AB:0F:38:96:33:E7:1C:95:D7:33 ValiditySat, 24 Feb 2024 00:24:25 GMT - Fri, 24 May 2024 00:24:24 GMT
File typeJavaScript source, ASCII text, with very long lines (53869) Size825 kB (825338 bytes) Hashc207eb2e44b0bcc6b26cdd5f235b823b e9ce15b47892e2862425d9e656aa8545742280d4 2fae43e197f05cefd1a44a0c78f9a028e802dc500378d9c96de10c81e4fef399
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/zxcvbn.min.js HTTP/1.1
Host: sheaglobal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sheaglobal.com/wp-login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=68d2fa562bf225812bda52babd98b633; wordpress_test_cookie=WP%20Cookie%20check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:07:32 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sat, 26 Oct 2019 00:17:07 GMT
etag: W/"5db39083-c97fa"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sheaglobal.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 | 104.196.103.209 | 200 OK | 11 kB |
URL GET HTTP/2sheaglobal.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 IP104.196.103.209:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://sheaglobal.com/wp-login.php CertificateIssuerLet's Encrypt Subjectsheaglobal.com Fingerprint52:8D:CC:7A:B8:5A:96:04:1C:43:AB:0F:38:96:33:E7:1C:95:D7:33 ValiditySat, 24 Feb 2024 00:24:25 GMT - Fri, 24 May 2024 00:24:24 GMT
File typeJavaScript source, ASCII text, with very long lines (11272), with no line terminators Hash1d5f8ec0d30d42eaaf14a415b9645d62 50611897b602cfef24a410fe41e545109eb75ad5 19dc7e97eef7fc6109b69783d1fe68cd781ca40bdbd45bcf13021ed16fb91676
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 HTTP/1.1
Host: sheaglobal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sheaglobal.com/wp-login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=68d2fa562bf225812bda52babd98b633; wordpress_test_cookie=WP%20Cookie%20check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:07:31 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 18 Jan 2023 11:16:33 GMT
etag: W/"63c7d511-2c08"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sheaglobal.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 | 104.196.103.209 | 200 OK | 9.7 kB |
URL GET HTTP/2sheaglobal.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 IP104.196.103.209:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://sheaglobal.com/wp-login.php CertificateIssuerLet's Encrypt Subjectsheaglobal.com Fingerprint52:8D:CC:7A:B8:5A:96:04:1C:43:AB:0F:38:96:33:E7:1C:95:D7:33 ValiditySat, 24 Feb 2024 00:24:25 GMT - Fri, 24 May 2024 00:24:24 GMT
File typeJavaScript source, ASCII text, with very long lines (9902), with no line terminators Hashf9eab8181352ffd8f40c97d9d2adaa23 f15f411682e8c446885f58d326e454b865f14368 7c4fd1bb52b2dffc1984ca0f37fbbaa7520d9b523f47bc46dbd5982f332bfb93
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 HTTP/1.1
Host: sheaglobal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sheaglobal.com/wp-login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=68d2fa562bf225812bda52babd98b633; wordpress_test_cookie=WP%20Cookie%20check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:07:31 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 19 Sep 2023 19:30:24 GMT
etag: W/"6509f6d0-25fe"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sheaglobal.com/wp-content/mu-plugins/force-strong-passwords/force-zxcvbn.min.js?ver=1.8.0 | 104.196.103.209 | 200 OK | 227 B |
URL GET HTTP/2sheaglobal.com/wp-content/mu-plugins/force-strong-passwords/force-zxcvbn.min.js?ver=1.8.0 IP104.196.103.209:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://sheaglobal.com/wp-login.php CertificateIssuerLet's Encrypt Subjectsheaglobal.com Fingerprint52:8D:CC:7A:B8:5A:96:04:1C:43:AB:0F:38:96:33:E7:1C:95:D7:33 ValiditySat, 24 Feb 2024 00:24:25 GMT - Fri, 24 May 2024 00:24:24 GMT
File typeJavaScript source, ASCII text, with no line terminators Hash1b9fcdbd24e5087948297185940a7514 d3314b0148527f6ab535677737c9f35fca5404a5 64338d83f786f0e6b8f5fd9a4bee9737ab5e0191dc9c1eb04c2a03a6f9c028d7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/mu-plugins/force-strong-passwords/force-zxcvbn.min.js?ver=1.8.0 HTTP/1.1
Host: sheaglobal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sheaglobal.com/wp-login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=68d2fa562bf225812bda52babd98b633; wordpress_test_cookie=WP%20Cookie%20check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:07:31 GMT
content-type: application/javascript
last-modified: Mon, 08 Apr 2024 14:44:05 GMT
etag: W/"661402b5-e3"
cache-control: public, max-age=31536000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sheaglobal.com/wp-admin/css/forms.min.css?ver=6.4.3 | 104.196.103.209 | 200 OK | 28 kB |
URL GET HTTP/2sheaglobal.com/wp-admin/css/forms.min.css?ver=6.4.3 IP104.196.103.209:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://sheaglobal.com/wp-login.php CertificateIssuerLet's Encrypt Subjectsheaglobal.com Fingerprint52:8D:CC:7A:B8:5A:96:04:1C:43:AB:0F:38:96:33:E7:1C:95:D7:33 ValiditySat, 24 Feb 2024 00:24:25 GMT - Fri, 24 May 2024 00:24:24 GMT
File typeASCII text, with very long lines (27464) Hash5a15886252dbb4c70263284934863e9e 02d5696870805e4f39fb4b56133b314ce5736192 540227b6f2bbcb5104d00901a354cab618644e6fd3dcd1a42a193426bf9ae486
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-admin/css/forms.min.css?ver=6.4.3 HTTP/1.1
Host: sheaglobal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sheaglobal.com/wp-login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=68d2fa562bf225812bda52babd98b633; wordpress_test_cookie=WP%20Cookie%20check
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:07:31 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 20 Sep 2023 17:55:17 GMT
etag: W/"650b3205-6b6b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sheaglobal.com/wp-admin/css/l10n.min.css?ver=6.4.3 | 104.196.103.209 | 200 OK | 2.5 kB |
URL GET HTTP/2sheaglobal.com/wp-admin/css/l10n.min.css?ver=6.4.3 IP104.196.103.209:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://sheaglobal.com/wp-login.php CertificateIssuerLet's Encrypt Subjectsheaglobal.com Fingerprint52:8D:CC:7A:B8:5A:96:04:1C:43:AB:0F:38:96:33:E7:1C:95:D7:33 ValiditySat, 24 Feb 2024 00:24:25 GMT - Fri, 24 May 2024 00:24:24 GMT
File typeASCII text, with very long lines (2478), with no line terminators Hash83b9d96a3486ba7e68530653baf20340 564787bf07903ef637f8de6803ccda39abd2b419 ea4c50037812e4c4a828ecea4c49f6df7e56a9ca04faeae32fe093e58f04b105
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-admin/css/l10n.min.css?ver=6.4.3 HTTP/1.1
Host: sheaglobal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sheaglobal.com/wp-login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=68d2fa562bf225812bda52babd98b633; wordpress_test_cookie=WP%20Cookie%20check
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:07:31 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 11 Dec 2018 16:13:26 GMT
etag: W/"5c0fe226-9ad"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sheaglobal.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1 | 104.196.103.209 | 200 OK | 7.7 kB |
URL GET HTTP/2sheaglobal.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1 IP104.196.103.209:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://sheaglobal.com/wp-login.php CertificateIssuerLet's Encrypt Subjectsheaglobal.com Fingerprint52:8D:CC:7A:B8:5A:96:04:1C:43:AB:0F:38:96:33:E7:1C:95:D7:33 ValiditySat, 24 Feb 2024 00:24:25 GMT - Fri, 24 May 2024 00:24:24 GMT
File typeJavaScript source, ASCII text, with very long lines (7807), with no line terminators Hash05ff6603d8dcaa3a3df60c9a37578414 73dbba71b73a67acc58a0ca3c017da446fb4359c 3150731c1b52f3744514826017f12b5df56b3e3cba03099ce403c327c1b307fc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1 HTTP/1.1
Host: sheaglobal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sheaglobal.com/wp-login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=68d2fa562bf225812bda52babd98b633; wordpress_test_cookie=WP%20Cookie%20check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:07:31 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 21 Sep 2023 13:26:32 GMT
etag: W/"650c4488-1e30"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sheaglobal.com/wp-includes/js/wp-util.min.js?ver=6.4.3 | 104.196.103.209 | 200 OK | 4.5 kB |
URL GET HTTP/2sheaglobal.com/wp-includes/js/wp-util.min.js?ver=6.4.3 IP104.196.103.209:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://sheaglobal.com/wp-login.php CertificateIssuerLet's Encrypt Subjectsheaglobal.com Fingerprint52:8D:CC:7A:B8:5A:96:04:1C:43:AB:0F:38:96:33:E7:1C:95:D7:33 ValiditySat, 24 Feb 2024 00:24:25 GMT - Fri, 24 May 2024 00:24:24 GMT
File typeJavaScript source, ASCII text, with very long lines (4572), with no line terminators Hash68a7583d5418e44c70be7f063ecd0f47 78d93f9a6dcee7eb8cc1fd363d2ec195f21677f0 a1b9f424811231a1231a97ad4c41136874f39d4c75c4ad7834a6a693e56caed9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/wp-util.min.js?ver=6.4.3 HTTP/1.1
Host: sheaglobal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sheaglobal.com/wp-login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=68d2fa562bf225812bda52babd98b633; wordpress_test_cookie=WP%20Cookie%20check
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:07:31 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 20 Sep 2022 03:52:10 GMT
etag: W/"632938ea-11af"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sheaglobal.com/wp-login.php | 104.196.103.209 | 200 OK | 7.3 kB |
URL User Request GET HTTP/2sheaglobal.com/wp-login.php IP104.196.103.209:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerLet's Encrypt Subjectsheaglobal.com Fingerprint52:8D:CC:7A:B8:5A:96:04:1C:43:AB:0F:38:96:33:E7:1C:95:D7:33 ValiditySat, 24 Feb 2024 00:24:25 GMT - Fri, 24 May 2024 00:24:24 GMT
File typeHTML document, ASCII text, with very long lines (7981), with no line terminators Hashd4f85047e25de0fb5f149172bfbe442e 568b4dc52c8c4b577b9c4b8304f680c5bd34d3f6 aa75430ac8a1dbe19ee23494e4bc447078efcfbd62c7b84a2485dda5e54b81c5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-login.php HTTP/1.1
Host: sheaglobal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:07:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
pragma: no-cache
set-cookie: PHPSESSID=68d2fa562bf225812bda52babd98b633; path=/
wordpress_test_cookie=WP%20Cookie%20check; path=/; secure
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-powered-by: WP Engine
x-cacheable: NO:Passed
cache-control: max-age=0, must-revalidate, private
x-cache: MISS
x-pass-why: wp-admin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sheaglobal.com/wp-includes/css/dashicons.min.css?ver=6.4.3 | 104.196.103.209 | 200 OK | 59 kB |
URL GET HTTP/2sheaglobal.com/wp-includes/css/dashicons.min.css?ver=6.4.3 IP104.196.103.209:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://sheaglobal.com/wp-login.php CertificateIssuerLet's Encrypt Subjectsheaglobal.com Fingerprint52:8D:CC:7A:B8:5A:96:04:1C:43:AB:0F:38:96:33:E7:1C:95:D7:33 ValiditySat, 24 Feb 2024 00:24:25 GMT - Fri, 24 May 2024 00:24:24 GMT
File typeASCII text, with very long lines (58981) Hashd68d6bf519169d86e155bad0bed833f8 27ba9c67d0e775fc4e6dd62011daf4c3902698fc c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/css/dashicons.min.css?ver=6.4.3 HTTP/1.1
Host: sheaglobal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sheaglobal.com/wp-login.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=68d2fa562bf225812bda52babd98b633; wordpress_test_cookie=WP%20Cookie%20check
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:07:31 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
etag: W/"603ffca6-e688"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sheaglobal.com/wp-admin/images/wordpress-logo.svg?ver=20131107 | 104.196.103.209 | 200 OK | 1.5 kB |
URL GET HTTP/2sheaglobal.com/wp-admin/images/wordpress-logo.svg?ver=20131107 IP104.196.103.209:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://sheaglobal.com/wp-login.php CertificateIssuerLet's Encrypt Subjectsheaglobal.com Fingerprint52:8D:CC:7A:B8:5A:96:04:1C:43:AB:0F:38:96:33:E7:1C:95:D7:33 ValiditySat, 24 Feb 2024 00:24:25 GMT - Fri, 24 May 2024 00:24:24 GMT
File typeSVG Scalable Vector Graphics image Hash081b483f7d84aa4844e5067c31caaeae 399dbb1b2bf9a8b8a6c33c3d5792a607aeefb0e4 32db6804c1f555ea35f14a71a68ae8a2df719d63d5362431a6438d0891a8ebba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-admin/images/wordpress-logo.svg?ver=20131107 HTTP/1.1
Host: sheaglobal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sheaglobal.com/wp-admin/css/login.min.css?ver=6.4.3
Cookie: PHPSESSID=68d2fa562bf225812bda52babd98b633; wordpress_test_cookie=WP%20Cookie%20check
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 14:07:32 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 05 Apr 2015 21:20:27 GMT
etag: W/"5521a71b-5f1"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
|
|