r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8264
Expires: Thu, 24 Nov 2022 14:47:14 GMT
Date: Thu, 24 Nov 2022 12:29:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7728
Expires: Thu, 24 Nov 2022 14:38:18 GMT
Date: Thu, 24 Nov 2022 12:29:30 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1527
Cache-Control: max-age=167228
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 12:29:30 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 10:56:38 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: CCeK0Sfm0JQmHI6ux9Nt1W8P6YT48pVd8L0ULjN3v5U/8opSRlrAOHoSVZZP4k3yiQ3cVnozyJ0=
x-amz-request-id: DEYHGYGMJC0SMMZ3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 11:40:23 GMT
age: 2947
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 12:18:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 632
alt-svc: clear
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/
198.54.120.50301 Moved Permanently 707 B URL HTTP/1.1 zanzyentertainmentgroup.com/
IP 198.54.120.50:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 24 Nov 2022 12:29:30 GMT
server: LiteSpeed
location: https://zanzyentertainmentgroup.com/
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 12:29:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 12:08:53 GMT
cache-control: public,max-age=3600
age: 1237
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6270
Cache-Control: max-age=166909
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 12:29:30 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:51:19 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d0a6f40b9cb192ed7eaea9d77eb33212
9ecb90369a3c4e72604fcdbe97fff3f6708df165
8e1500be44d134e560e90c1ea3eca1abc51516d208b84b2a4d49970bcb8af574
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 12:29:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 02:01:09 GMT
Expires: Thu, 01 Dec 2022 02:01:08 GMT
Etag: "9ecb90369a3c4e72604fcdbe97fff3f6708df165"
Cache-Control: max-age=566497,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f2268abea9b50b-OSL
push.services.mozilla.com/
52.41.253.170101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.253.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: A2luRsm6O78v7xuxRoCGpA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TplzP2eSzum6p9xD7BLNop4R+C4=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3620
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 12:29:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3620
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 12:29:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3620
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 12:29:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:06 GMT
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
age: 52946
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9ad1430-c833-4f58-99a3-6a959cced2fe.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9ad1430-c833-4f58-99a3-6a959cced2fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 891d19eb042be6fd5d021ff08db2dfcc
c35c0a9bf6ad7f53e3aadaffb8f3a03c4f9457e3
3efff3d6a8bfa358652bf73ae26ab233ed8c2ca37dab1ff2f2298cd805b88bc1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9ad1430-c833-4f58-99a3-6a959cced2fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9099
x-amzn-requestid: d828c8f5-3ff1-4e20-822f-32d9ad7a0d7a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cExDeGjKIAMFQHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9549-71d957297c3ec4b01633b1ce;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:48:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZXi-qHYx7QoMQZAsZzEW099laTRSyxjhe8stloZ5ZhlRfw4W8sebjw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:23 GMT
etag: "c35c0a9bf6ad7f53e3aadaffb8f3a03c4f9457e3"
content-type: image/jpeg
age: 52329
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:03:54 GMT
age: 51938
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:15:22 GMT
age: 18850
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08efdc1b-e7ef-4a2f-b199-9a633b00cef5.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08efdc1b-e7ef-4a2f-b199-9a633b00cef5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 28381329eca6c426a8b05fcdef4aafcc
a1fbb6da386cf2eef8b76a65438cf9c6bd741f7a
4fc8414d39bbaacb1e6575924bd0bbb9373d78b177022f7d3c6457829abffd06
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08efdc1b-e7ef-4a2f-b199-9a633b00cef5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8748
x-amzn-requestid: 864da50a-44bb-4d20-b499-08c2a140871e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtENmoAMFqKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-2705cc956f2c2aa5535533b0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xT0IorkRpXysoYMnugcrV40YaAxoRPjLmkPcv1ElteP_-rNZ1c6fog==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:20 GMT
etag: "a1fbb6da386cf2eef8b76a65438cf9c6bd741f7a"
content-type: image/jpeg
age: 52332
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 18925
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/
198.54.120.50200 OK 19 kB URL HTTP/2 zanzyentertainmentgroup.com/
IP 198.54.120.50:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (9850), with CRLF, LF line terminators
Hash e947f928fcb999fb3934af3cbbc64b45
b17afce7907d5c6b9f735311e413bb323247fc75
684a614112285349eb650b249c3fc033f2a8d590bd3936d13b69eb5fe4cb5af4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
link: <https://zanzyentertainmentgroup.com/wp-json/>; rel="https://api.w.org/", <https://zanzyentertainmentgroup.com/wp-json/wp/v2/pages/162>; rel="alternate"; type="application/json", <https://zanzyentertainmentgroup.com/>; rel=shortlink
content-length: 18575
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 12:29:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 12:29:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zanzyentertainmentgroup.com/wp-content/plugins/load-more-products-for-woocommerce/berocket/assets/css/font-awesome.min.css?ver=6.1.1
198.54.120.50200 OK 6.6 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/load-more-products-for-woocommerce/berocket/assets/css/font-awesome.min.css?ver=6.1.1
IP 198.54.120.50:0
File type ASCII text, with very long lines (30621), with CRLF line terminators
Hash 7568ff21602ffaeb0c8e3274dbc78ad4
0ab1505c9f6d617a80f238892711d8ff3235321e
9eb782fb4ad82c2d3ca529fd4c1914160ce9b5817e7aeac36b14632584179bc7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/load-more-products-for-woocommerce/berocket/assets/css/font-awesome.min.css?ver=6.1.1 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 12:09:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6614
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 12:29:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zanzyentertainmentgroup.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
198.54.120.50200 OK 12 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 198.54.120.50:0
File type ASCII text, with very long lines (47826)
Hash c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Sat, 12 Nov 2022 01:26:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css?ver=4.4.3
198.54.120.50200 OK 911 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css?ver=4.4.3
IP 198.54.120.50:0
File type ASCII text, with very long lines (3276), with no line terminators
Hash 5d670b5def8387bbd5e614f9d309a592
586928ec81bdc4f13d851e7a5c7915ec9f343512
f45ed68d669ede39822d665dbfbe36381eb01bf9e3c38f1ac40e9fb50098973c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css?ver=4.4.3 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 22:41:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 911
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-includes/css/classic-themes.min.css?ver=1
198.54.120.50200 OK 217 B URL HTTP/2 zanzyentertainmentgroup.com/wp-includes/css/classic-themes.min.css?ver=1
IP 198.54.120.50:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Tue, 25 Oct 2022 23:15:16 GMT
accept-ranges: bytes
content-length: 217
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woolentor-addons/woolentor-blocks/src/assets/css/common-style.css?ver=2.4.9
198.54.120.50200 OK 591 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woolentor-addons/woolentor-blocks/src/assets/css/common-style.css?ver=2.4.9
IP 198.54.120.50:0
Hash 20914b6aa5f445d9d80d92c8f5740608
599894d0a67f1c4fa17244236b851c8c653e90f6
ad86887d0fbc5d94c0dd4caf522f021ef0b69fc7b125e131015bdb2d857b8a34
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woolentor-addons/woolentor-blocks/src/assets/css/common-style.css?ver=2.4.9 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 12:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 591
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woolentor-addons/woolentor-blocks/src/assets/css/style-index.css?ver=2.4.9
198.54.120.50200 OK 2.4 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woolentor-addons/woolentor-blocks/src/assets/css/style-index.css?ver=2.4.9
IP 198.54.120.50:0
Hash 7542e608fe4bdde60bc84d4f786efb1d
e6019ec3ec35e6a32dc5ed1d4abbd26740283420
9d42f36572de40a2ed7a2438707853028017c0b17ee5331668fe077df2f1d888
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woolentor-addons/woolentor-blocks/src/assets/css/style-index.css?ver=2.4.9 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 12:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2388
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/payment-forms-for-paystack/public/css/pff-paystack-style.css?ver=2.0.0
198.54.120.50200 OK 8.6 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/payment-forms-for-paystack/public/css/pff-paystack-style.css?ver=2.0.0
IP 198.54.120.50:0
File type ASCII text, with very long lines (343)
Hash afce89433ae7265faddb2b576c913eb1
88f7f1369e800b8e779de583f8b958b5cb840ab9
a535175803cead31e26d1bb42ff50d2d44c2f13133b1c25018807f8fcc2fae08
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/payment-forms-for-paystack/public/css/pff-paystack-style.css?ver=2.0.0 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 12:07:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8568
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/payment-forms-for-paystack/public/css/font-awesome.min.css?ver=2.0.0
198.54.120.50200 OK 4.7 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/payment-forms-for-paystack/public/css/font-awesome.min.css?ver=2.0.0
IP 198.54.120.50:0
File type ASCII text, with very long lines (21822)
Hash bd12975829305c79d22063f2ed78c4eb
8331eee889c0b79955e0d54d25b5042937db9c3c
d2ff9f4e8fca319cec02f3b91f83d87c1e48c088699389a483987ab9cb40b1a6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/payment-forms-for-paystack/public/css/font-awesome.min.css?ver=2.0.0 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 12:07:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4735
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/personalize-woocommerce-cart-page/css/inquiry-form.css?ver=6.1.1
198.54.120.50200 OK 697 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/personalize-woocommerce-cart-page/css/inquiry-form.css?ver=6.1.1
IP 198.54.120.50:0
File type ASCII text, with CRLF line terminators
Hash 634cb2c8b6ef264f0e93c4f98f5a452c
6855eee1627ea6a5d021bd72b8e9d6027c35fb78
185331110a9a3c66a7778ca9051d8f56ef8dda6bf06a6bcc05d389b663c94d8c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/personalize-woocommerce-cart-page/css/inquiry-form.css?ver=6.1.1 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 12:09:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 697
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=4.4.3
198.54.120.50200 OK 18 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=4.4.3
IP 198.54.120.50:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 64f293be0985484e1634368bc756ec56
55644171b2139baf5c48a53cfbe0e16f8dee1f22
c284816558860cf0b41df7cd0c9068c2235a1e82b8f037ca2090044285502681
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=4.4.3 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 22:41:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 17637
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
198.54.120.50200 OK 30 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 198.54.120.50:0
File type ASCII text, with very long lines (65447)
Hash 3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 23:46:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
198.54.120.50200 OK 4.0 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 198.54.120.50:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/change-wc-price-title//assets/js/cwpt-price-title.js?ver=1.5
198.54.120.50200 OK 411 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/change-wc-price-title//assets/js/cwpt-price-title.js?ver=1.5
IP 198.54.120.50:0
Hash cb53e47b691658ce7adcd52452ffc16e
13275b4558cda7cff6cd9964d5f3ad57370a047e
a0ea65510bb296e20c4eb52f3da93e2113f9fbafa40f81ae77e89d22d6ad51bf
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/change-wc-price-title//assets/js/cwpt-price-title.js?ver=1.5 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 12:06:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 411
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/personalize-woocommerce-cart-page/js/sweetalert.js?ver=6.1.1
198.54.120.50200 OK 3.5 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/personalize-woocommerce-cart-page/js/sweetalert.js?ver=6.1.1
IP 198.54.120.50:0
File type ASCII text, with very long lines (10423), with no line terminators
Hash a45b82ca46e3834c3f22c9dac99d8afd
d3a128b3f76f8200c93f519726bee5b153b31928
0ce3227924d5381cf1af1dd9eed8ae6866239811f26d38e163dba1e76c0bf641
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/personalize-woocommerce-cart-page/js/sweetalert.js?ver=6.1.1 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 12:09:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3474
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/personalize-woocommerce-cart-page/js/wooh-front-end.js?ver=6.1.1
198.54.120.50200 OK 487 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/personalize-woocommerce-cart-page/js/wooh-front-end.js?ver=6.1.1
IP 198.54.120.50:0
File type ASCII text, with CRLF line terminators
Hash 622a744af017733bdcc04d237ee4c822
3cd3372eed1e958e386d5cefe66f3077fe3a121b
9fe7085e8fc8ac74e9d399a187d94837847e088870d6b5aa189d2554f8e3ea4d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/personalize-woocommerce-cart-page/js/wooh-front-end.js?ver=6.1.1 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 12:09:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 487
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/sticky-side-buttons/assets/css/font-awesome.css?ver=6.1.1
198.54.120.50200 OK 11 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/sticky-side-buttons/assets/css/font-awesome.css?ver=6.1.1
IP 198.54.120.50:0
Hash 9ef6b67242328326ab17a2b0e13d273d
8977b4b2c041e58884fbc0a667c046db1db5cff6
958dbb4f47f6a04deaa9ad59238d0de1da00d33ee81523ce948bb8fbdea74113
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/sticky-side-buttons/assets/css/font-awesome.css?ver=6.1.1 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Thu, 14 May 2020 14:51:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11204
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.1.0
198.54.120.50200 OK 2.4 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.1.0
IP 198.54.120.50:0
File type Unicode text, UTF-8 text, with very long lines (17923), with no line terminators
Hash ec41958d4b8e3f562fd97efea3e9a63e
550251108c88e60743ce55b0938aaf41f62c29bd
54bcac6e842100dfe2b97bdbebd393f71d934adc136eba5ddcc8174804b4fc5a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.1.0 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 22:41:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2373
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/personalize-woocommerce-cart-page/css/sweetalert.css?ver=6.1.1
198.54.120.50200 OK 1.7 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/personalize-woocommerce-cart-page/css/sweetalert.css?ver=6.1.1
IP 198.54.120.50:0
File type ASCII text, with very long lines (8892), with no line terminators
Hash 9bffabb9e31b70a07d991f842acb29d2
058d68d21e45347b6cda20142de4700e9f1d5dcb
a1671a4e8c7cccee240cfbde29d7a815b64e26cf8b42799fe30b2722ffdbf65a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/personalize-woocommerce-cart-page/css/sweetalert.css?ver=6.1.1 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 12:09:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1701
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/sticky-side-buttons/assets/css/ssb-ui-style.css?ver=6.1.1
198.54.120.50200 OK 490 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/sticky-side-buttons/assets/css/ssb-ui-style.css?ver=6.1.1
IP 198.54.120.50:0
Hash 10d37d1b8f00411d578f1a98a3b199e2
df010a9b69c6b1ff23db66db3cfa921754d930c9
b31ff8095d566705410e95702332683a0f5f540fbd689fa2a3bc51d07d8ba142
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/sticky-side-buttons/assets/css/ssb-ui-style.css?ver=6.1.1 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Thu, 14 May 2020 14:51:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 490
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.1.0
198.54.120.50200 OK 8.4 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.1.0
IP 198.54.120.50:0
File type Unicode text, UTF-8 text, with very long lines (62789), with no line terminators
Hash 9834791a56176f4340f5a795e699c0f4
efd08256f0b0c0add6b6759f29b20087c47a7eb6
264b381ca91c85d7ce5b9863f439be26c19c2d6fa75a2c7a6b486cb3f24892d5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.1.0 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 22:41:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8444
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/payment-forms-for-paystack/public/js/jquery.blockUI.min.js?ver=2.0.0
198.54.120.50200 OK 3.3 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/payment-forms-for-paystack/public/js/jquery.blockUI.min.js?ver=2.0.0
IP 198.54.120.50:0
File type ASCII text, with very long lines (9172)
Hash ff25a29387baf37ad591f11e9254db41
f63909437a6b73ac8631a80155ab7bb28e53d887
da170e5440b8e09c0fa06614a352434a334b7fc62a8ddcc7e1d6c8793a04b2bf
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/payment-forms-for-paystack/public/js/jquery.blockUI.min.js?ver=2.0.0 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 12:07:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3315
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.6.2
198.54.120.50200 OK 3.1 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.6.2
IP 198.54.120.50:0
File type ASCII text, with very long lines (15953)
Hash 099a8a498cf62f2e9f25f26d544cb9bb
5cbd031ebad3a4ab6d0ab6d8d1ed058ec8faef3a
842c017b2be20a9215914c2aaf020ea03b7b7fe674bed227f887c6d36e5efd66
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.6.2 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Thu, 14 May 2020 10:04:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3072
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.9.8
198.54.120.50200 OK 14 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.9.8
IP 198.54.120.50:0
File type ASCII text, with very long lines (65497)
Hash 055bfba769ab8966a542125c56f8b3e3
7adcb5f451191378fc9a35b48dfff86a0a3805b1
3ea1e9ff62083939ef21d558d4ecd21110c8912e4fd3e57f93b004596ed3075b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.9.8 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Thu, 14 May 2020 10:04:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14444
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13
198.54.120.50200 OK 259 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13
IP 198.54.120.50:0
Hash 49736e2d926fb2846e2df8fc0a1b69f8
0c415addd3603df8843209de4fc448ef5c443761
be091ce2d9948f24a59c9d1578557cd92e8180e2318dc0a21308ca180071f8d0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 12:06:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 259
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/uploads/elementor/css/post-162.css?ver=1630859834
198.54.120.50200 OK 739 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/uploads/elementor/css/post-162.css?ver=1630859834
IP 198.54.120.50:0
File type ASCII text, with very long lines (4848), with no line terminators
Hash d73159e4eedcab6a1644cce95d496c76
c8c7bb95a304eee633e64267a684e027ea464a52
8e963b94b2b59a614b9d65cefd9f93212b118a164ac2663ea41aa1f9868faa4d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-162.css?ver=1630859834 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Sun, 05 Sep 2021 16:37:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 739
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/uploads/elementor/css/post-126.css?ver=1630846841
198.54.120.50200 OK 968 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/uploads/elementor/css/post-126.css?ver=1630846841
IP 198.54.120.50:0
File type ASCII text, with very long lines (4659)
Hash 5f37a191a1b5dd5689425d94ae4524f0
1b16ce00446987291dfceec495fab7ae1d4a08d8
778f0a3e081114f917a013c786f9833824b8dee6af3d6c715d83f9b0c2103be7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-126.css?ver=1630846841 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Sun, 05 Sep 2021 13:00:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 968
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woo-better-usability/assets/wbulite.css?ver=6.1.1
198.54.120.50200 OK 294 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woo-better-usability/assets/wbulite.css?ver=6.1.1
IP 198.54.120.50:0
Hash aea29d172a7396dd428b5261074c35d1
324a5084edc1099b2ea6d6912223fe76813febfd
c675c41a062ad1b3bfcc159c2960dddb56e5316ea290aa0f19c5decc41cff0cb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woo-better-usability/assets/wbulite.css?ver=6.1.1 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 12:08:55 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 294
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/jetsticky-for-elementor/assets/css/jet-sticky-frontend.css?ver=1.0.3
198.54.120.50200 OK 250 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/jetsticky-for-elementor/assets/css/jet-sticky-frontend.css?ver=1.0.3
IP 198.54.120.50:0
File type ASCII text, with CRLF line terminators
Hash c738e5282348a9e7633583fa31fb48cb
7d2a836921dcdefcf2be241e75472dfc59269221
f6c3f538bcff00da26281bd7da693e17e895f53c82428a6d766f7ebad26c500a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/jetsticky-for-elementor/assets/css/jet-sticky-frontend.css?ver=1.0.3 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 12:07:18 GMT
accept-ranges: bytes
content-length: 250
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woolentor-addons/assets/css/slick.css?ver=2.4.9
198.54.120.50200 OK 473 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woolentor-addons/assets/css/slick.css?ver=2.4.9
IP 198.54.120.50:0
Hash 17265c4988f4c1c4a9873fd06cf8687c
8eae27c19a7d9a1a763420e2312106d687f4a97c
e4fc89bbfbf516423de7ffa2cfb1127dd0ebea632596423ad43cff5873267545
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woolentor-addons/assets/css/slick.css?ver=2.4.9 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 12:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 473
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/uploads/elementor/css/global.css?ver=1589930793
198.54.120.50200 OK 2.4 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/uploads/elementor/css/global.css?ver=1589930793
IP 198.54.120.50:0
File type ASCII text, with very long lines (20763)
Hash df36d19e5cc1ac4525eebe85da05dcc6
fa180803bbad9f40f3ead47b38540c8698b470f4
6b9fa7f4676ae40d7e23c92967d11a5c8d2c95c70c3fee75a95a7fd52882eec0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/global.css?ver=1589930793 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Tue, 19 May 2020 23:26:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2373
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woocustomizer/assets/css/frontend.css?ver=2.4.5
198.54.120.50200 OK 2.8 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woocustomizer/assets/css/frontend.css?ver=2.4.5
IP 198.54.120.50:0
Hash c46d58dbda4b52a10d568953a25aefe3
5e4e9f8808aa45dff6a46abb7f4fa0530c58180e
6bec76c7f7d3ab4502b4bcb8f2e8cbb44a3e2986db1a3cdf5917ca8f7f342753
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocustomizer/assets/css/frontend.css?ver=2.4.5 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 12:09:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2764
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.9.8
198.54.120.50200 OK 2.4 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.9.8
IP 198.54.120.50:0
File type ASCII text, with very long lines (10019)
Hash d2db71c82a8f672aea59a3e050cd8cd7
af626566f94b3164e4310288cfb142431e8349a6
bcd2c9c2ba22a48a8fabf9fbe5e947deb6404367e4be24f48326e302aead1180
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.9.8 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Thu, 14 May 2020 10:04:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2442
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woolentor-addons/assets/css/htflexboxgrid.css?ver=2.4.9
198.54.120.50200 OK 1.6 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woolentor-addons/assets/css/htflexboxgrid.css?ver=2.4.9
IP 198.54.120.50:0
Hash e23d143f3c5063516c4c6960cc0c5459
81d472a7b524f4b3c6c1c945b55ad26e3afc4a04
88675745109b545aa0d3998489e3dbf389967b67dcdf5fec098f78eb353dda8a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woolentor-addons/assets/css/htflexboxgrid.css?ver=2.4.9 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 12:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1643
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/ht-mega-for-elementor/assets/css/htbbootstrap.css?ver=1.9.8
198.54.120.50200 OK 6.8 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/ht-mega-for-elementor/assets/css/htbbootstrap.css?ver=1.9.8
IP 198.54.120.50:0
File type ASCII text, with very long lines (1028), with CRLF line terminators
Hash 3e5dce3abb2a5c2dd7b2b4f30c69f193
36bba3aaae65ecfcbc502042c59c7a1cd4735dc9
803dd1008477282fc3bbc8a86b5beb4a2615fa9317e3433db40272fdf67b8373
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/ht-mega-for-elementor/assets/css/htbbootstrap.css?ver=1.9.8 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 12:07:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6768
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/ht-mega-for-elementor/assets/css/htmega-keyframes.css?ver=1.9.8
198.54.120.50200 OK 527 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/ht-mega-for-elementor/assets/css/htmega-keyframes.css?ver=1.9.8
IP 198.54.120.50:0
Hash b11d8a89bcea5e822096ef5a441b3b76
e0f524e55a4fbd3f93824d6f10c86ceab6e6ec0b
1fce1fd21b5305b3c88c9cd5bc46c0dfa52d7afd25741208464e2ffa231263c8
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/ht-mega-for-elementor/assets/css/htmega-keyframes.css?ver=1.9.8 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 12:07:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 527
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/themes/photoway/assets/css/blocks.min.css
198.54.120.50200 OK 1.7 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/themes/photoway/assets/css/blocks.min.css
IP 198.54.120.50:0
File type ASCII text, with very long lines (7571), with no line terminators
Hash 43376fa2d6d91349eab7a43f6f96f425
b36b1ad7881b12744efad9dc505349b784611463
95a08a626e9d0e995bdc6adfd9afe470be45db5a5f38dbfb9d912d0d25ff8427
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/photoway/assets/css/blocks.min.css HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Thu, 14 May 2020 09:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1690
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woolentor-addons/assets/css/simple-line-icons.css?ver=2.4.9
198.54.120.50200 OK 1.9 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woolentor-addons/assets/css/simple-line-icons.css?ver=2.4.9
IP 198.54.120.50:0
File type ASCII text, with very long lines (360)
Hash 281fe007e26b99f320ff583976146db9
0a456fd21e4542ed15fea9c65833e9bfb24bbd58
a5851c3fda89de9786c6c5c4a2e1ad62a4789d9d3f40119ed7ec5378b02ddb4d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woolentor-addons/assets/css/simple-line-icons.css?ver=2.4.9 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 12:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1856
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/pisol-mmq/public/css/pisol-mmq-public.css?ver=2.0.77
198.54.120.50200 OK 421 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/pisol-mmq/public/css/pisol-mmq-public.css?ver=2.0.77
IP 198.54.120.50:0
Hash ebffd7bec8b4b6ecffabf7237fe9dc06
5a34466bb16a62f5a87f588dd9386afb20e05d7b
7dd311ef49d3eb7a902d3f4076587d63be04924449ebb3997d9eccb2c6e2c86a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/pisol-mmq/public/css/pisol-mmq-public.css?ver=2.0.77 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 12:07:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 421
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/themes/photoway/assets/vendors/OwlCarousel2-2.2.1/assets/owl.theme.default.min.css?ver=2.2.1
198.54.120.50200 OK 336 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/themes/photoway/assets/vendors/OwlCarousel2-2.2.1/assets/owl.theme.default.min.css?ver=2.2.1
IP 198.54.120.50:0
File type ASCII text, with very long lines (846), with CRLF line terminators
Hash 589c8779b05e475ec342595ea1fef2c3
5beb287f858c8b7516cb838341fc1e8393d4d509
fbbfa2ec74fef5e7483c07d0a1a957115a14d727bf287c95209c72de103f3639
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/photoway/assets/vendors/OwlCarousel2-2.2.1/assets/owl.theme.default.min.css?ver=2.2.1 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Thu, 14 May 2020 09:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 336
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/ht-mega-for-elementor/assets/css/animation.css?ver=1.9.8
198.54.120.50200 OK 4.0 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/ht-mega-for-elementor/assets/css/animation.css?ver=1.9.8
IP 198.54.120.50:0
Hash 14289c506139373b05959f96157185ac
f140529a45d4ecbfcab8b870b5de5282af4e135a
899d64f231d5e5259be187b270f57b70ed33adfe992b8d57e4bf4eb12beb8624
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/ht-mega-for-elementor/assets/css/animation.css?ver=1.9.8 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 12:07:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3997
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/mailjet-for-wordpress/src/widget/css/front-widget.css?ver=5.2.4
198.54.120.50200 OK 211 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/mailjet-for-wordpress/src/widget/css/front-widget.css?ver=5.2.4
IP 198.54.120.50:0
Hash ad99666abe7f45cddae4dc59cc0dd4d0
e87d5ecf09f40ef9cf5bfc8ae208165e3e5d4120
0b17da242ba05b6b7fd93f9d7c9ab60dc0286ea4efbfb12a9bd77e25773f83e8
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/mailjet-for-wordpress/src/widget/css/front-widget.css?ver=5.2.4 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Sun, 16 Aug 2020 09:08:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 211
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/popup-anything-on-click/assets/css/popupaoc-public.css?ver=2.2
198.54.120.50200 OK 6.0 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/popup-anything-on-click/assets/css/popupaoc-public.css?ver=2.2
IP 198.54.120.50:0
File type ASCII text, with very long lines (41691), with CRLF line terminators
Hash 426c19be700716d7c5ffef8b42207a77
c975db3d2365c640ab4a23937fd14210ccab87d4
b1829cc67102d286aee671fcad262f8184ba9b525dd6af7f0e2f47b33bdbe493
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/popup-anything-on-click/assets/css/popupaoc-public.css?ver=2.2 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 12:07:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5971
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/wp-whatsapp-chat/build/frontend/css/style.css?ver=6.2.2
198.54.120.50200 OK 11 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/wp-whatsapp-chat/build/frontend/css/style.css?ver=6.2.2
IP 198.54.120.50:0
File type Unicode text, UTF-8 text, with very long lines (31020)
Hash 58e44a2679351c17a3fb2781eae612ee
e5339bdc6334942fe7606695402a87ba836b160c
e786b05fdbebbc797daece8c8c1a1658fce3c381530db660a865280740abff5a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wp-whatsapp-chat/build/frontend/css/style.css?ver=6.2.2 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 12:08:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10967
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/themes/photoway/assets/vendors/bootstrap/css/bootstrap.min.css?ver=4.1.3
198.54.120.50200 OK 19 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/themes/photoway/assets/vendors/bootstrap/css/bootstrap.min.css?ver=4.1.3
IP 198.54.120.50:0
File type ASCII text, with very long lines (65319), with CRLF line terminators
Hash d5279e11be80a9e96fd849f1fa9b29c2
b7658463b08bea9def67428d645565f5a14751f6
788304836b49d13e120281127b87d5b84c830812be56b31f43ced7de4b4acc22
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/photoway/assets/vendors/bootstrap/css/bootstrap.min.css?ver=4.1.3 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Thu, 14 May 2020 09:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 19095
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/themes/photoway/assets/vendors/kf-icons/css/style.css?ver=1.0.0
198.54.120.50200 OK 2.6 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/themes/photoway/assets/vendors/kf-icons/css/style.css?ver=1.0.0
IP 198.54.120.50:0
File type ASCII text, with CRLF line terminators
Hash 0f737cd11487f07f96a9171e1d15ebce
f1da96d5d4d36efd6c18b1176c77147e4df03af6
74ea9352be25b97ed15d737ead43a1fa4266945c1c05f17991928b1638bd0566
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/photoway/assets/vendors/kf-icons/css/style.css?ver=1.0.0 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Thu, 14 May 2020 09:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2603
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/themes/photoway/assets/vendors/OwlCarousel2-2.2.1/assets/owl.carousel.min.css?ver=2.2.1
198.54.120.50200 OK 791 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/themes/photoway/assets/vendors/OwlCarousel2-2.2.1/assets/owl.carousel.min.css?ver=2.2.1
IP 198.54.120.50:0
File type ASCII text, with very long lines (2846), with CRLF line terminators
Hash 95b4fe23b999f10faafa1216bf43be99
474c7d2a0306e84fd7dff79f07d01337d14c7873
0a7f3620e6041ae6479fb42f15b9e42cf7397ce9ed3fb315893b233a5dae1ece
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/photoway/assets/vendors/OwlCarousel2-2.2.1/assets/owl.carousel.min.css?ver=2.2.1 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Thu, 14 May 2020 09:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 791
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.4.2
198.54.120.50200 OK 708 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.4.2
IP 198.54.120.50:0
File type ASCII text, with very long lines (3432)
Hash f3ca6b9879df2ed966ae1150f3353baa
03c9aa5c941faad5f1efb4aa66ff623220f697ab
f33030c0a254c90f0fc701442b0468c882d105c44f20923696747cc09e7709cd
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.4.2 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 12:06:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 708
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/uploads/2020/05/logo-main-2-1.png
198.54.120.50200 OK 7.4 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/uploads/2020/05/logo-main-2-1.png
IP 198.54.120.50:0
File type PNG image data, 231 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash e5350ab9e47d7f4db51db4367c0fde94
7b5557f80da3c07581543dbd8a3dc10fc3ac1f46
0e517c1b985897895041855e1388440408e7bc3b1d1e66f44ec88c22747707a8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/05/logo-main-2-1.png HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: image/png
last-modified: Sat, 16 May 2020 21:43:30 GMT
accept-ranges: bytes
content-length: 7362
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/uploads/2020/05/Group-5-150x150.png
198.54.120.50200 OK 8.5 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/uploads/2020/05/Group-5-150x150.png
IP 198.54.120.50:0
File type PNG image data, 150 x 150, 8-bit gray+alpha, non-interlaced\012- data
Hash f4535fb9f0b1af4692b5c494bf09d2d5
2663507929c3dd64eb2f23ef701c5fb01bf031c3
99b6a9380f8b56bf1d91eafb1a939e468443460db85a58451fe045ed248f01f3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/05/Group-5-150x150.png HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: image/png
last-modified: Wed, 20 May 2020 22:50:32 GMT
accept-ranges: bytes
content-length: 8480
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/uploads/2020/05/Group-3-150x150.png
198.54.120.50200 OK 3.7 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/uploads/2020/05/Group-3-150x150.png
IP 198.54.120.50:0
File type PNG image data, 150 x 150, 8-bit gray+alpha, non-interlaced\012- data
Hash 73b19cce5a4cb30c13f727c23b493913
14b6648a4d3444793b433d72f3477ca94f73d090
c2055ba322e6616c5d506e101aabd2a13bb5a346f36dbdfe8d8bf931df414d23
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/05/Group-3-150x150.png HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: image/png
last-modified: Wed, 20 May 2020 22:50:29 GMT
accept-ranges: bytes
content-length: 3688
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/uploads/2020/05/Group-2-150x150.png
198.54.120.50200 OK 2.2 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/uploads/2020/05/Group-2-150x150.png
IP 198.54.120.50:0
File type PNG image data, 150 x 150, 8-bit gray+alpha, non-interlaced\012- data
Hash 89029cf2b4eb701c1221cadc689b4fde
d243076a56c606b96021eb766b6722b8be02cab5
c793c4a11e13a246404e7273f8aa3e278b5e1356d87d019d1fa6d2186f4524d8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/05/Group-2-150x150.png HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: image/png
last-modified: Wed, 20 May 2020 22:50:55 GMT
accept-ranges: bytes
content-length: 2222
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/uploads/2020/05/Group-1-150x150.png
198.54.120.50200 OK 6.0 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/uploads/2020/05/Group-1-150x150.png
IP 198.54.120.50:0
File type PNG image data, 150 x 150, 8-bit gray+alpha, non-interlaced\012- data
Hash 40800ab2840345a90107b4afb170393c
13711789d332866bcb5f89843302480bcd8e992a
a757aecad4ae5214357884316aed6f463fb614b65891159c97c43e8c80a6cef6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/05/Group-1-150x150.png HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: image/png
last-modified: Wed, 20 May 2020 22:50:33 GMT
accept-ranges: bytes
content-length: 6044
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/uploads/2020/11/Group-6-1-150x150.png
198.54.120.50200 OK 9.2 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/uploads/2020/11/Group-6-1-150x150.png
IP 198.54.120.50:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash c47e410da55693b63c9f1a3c925dcbe6
8d928ebe54175fb6390a729c9d9a7fe8708acd5f
83d779e38d4670c8bd296e0303c894b5ce72b94dafd86a46c976d4ed0a1c6709
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/11/Group-6-1-150x150.png HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: image/png
last-modified: Thu, 05 Nov 2020 20:58:24 GMT
accept-ranges: bytes
content-length: 9170
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/uploads/2020/05/Group-4-150x150.png
198.54.120.50200 OK 2.8 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/uploads/2020/05/Group-4-150x150.png
IP 198.54.120.50:0
File type PNG image data, 150 x 150, 8-bit gray+alpha, non-interlaced\012- data
Hash 0adcf92bfd40078651df5c692391d1f2
9c49ec642a58854ba243d94de28cf1735ec97d54
d37d5f1610cd32c8d347cf7262e0e07a82f1100cb89e9ebd08ced775a6ddf227
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/05/Group-4-150x150.png HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: image/png
last-modified: Wed, 20 May 2020 22:50:30 GMT
accept-ranges: bytes
content-length: 2778
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/uploads/2020/05/Group-1-copy-150x150.png
198.54.120.50200 OK 2.2 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/uploads/2020/05/Group-1-copy-150x150.png
IP 198.54.120.50:0
File type PNG image data, 150 x 150, 8-bit gray+alpha, non-interlaced\012- data
Hash 3d0cfa632aa8c0ee1a4250dae5925eea
15fac7ed93c75555fcc2bd487a9eb28987345077
8caa99707707fd7bf70ac2635294dfe184a21174f392305efc2a609a2b3f0d2d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/05/Group-1-copy-150x150.png HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: image/png
last-modified: Wed, 20 May 2020 22:52:35 GMT
accept-ranges: bytes
content-length: 2233
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/mailjet-for-wordpress/src/widget/js/front-widget.js?ver=6.1.1
198.54.120.50200 OK 265 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/mailjet-for-wordpress/src/widget/js/front-widget.js?ver=6.1.1
IP 198.54.120.50:0
Hash 153841c4d4c48f906489a3628cc55a12
f3f89201855db4a29101bf5af973ca6f27de8f07
d1f69ca425a9701e54dcc27988c37e8ba296a16de5f6a8500d18929475a4d3c6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/mailjet-for-wordpress/src/widget/js/front-widget.js?ver=6.1.1 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Sun, 16 Aug 2020 09:08:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 265
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woolentor-addons/woolentor-blocks/src/assets/js/script.js?ver=2.4.9
198.54.120.50200 OK 1.7 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woolentor-addons/woolentor-blocks/src/assets/js/script.js?ver=2.4.9
IP 198.54.120.50:0
File type ASCII text, with very long lines (476)
Hash 60029e87a57e1e1925603d32c90a77ec
b13753574cac2ff7cca35f062d2eedc377c90884
37d9c757477e148ff4936ca2174e5ef7ef50af7b96e099ccb3d463f78b723770
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woolentor-addons/woolentor-blocks/src/assets/js/script.js?ver=2.4.9 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 12:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1692
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/sticky-side-buttons/assets/js/ssb-ui-js.js?ver=6.1.1
198.54.120.50200 OK 437 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/sticky-side-buttons/assets/js/ssb-ui-js.js?ver=6.1.1
IP 198.54.120.50:0
Hash 9f17fbe40e3824b75985d5f177fa5bb6
61633829d2caacbe1be4254fbeb3c2e5b8968ba2
3825e9d5ac1bcf3fec2e18b6fd2a936d80c0fcc1b26a3c8d11b9135877654188
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/sticky-side-buttons/assets/js/ssb-ui-js.js?ver=6.1.1 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Thu, 14 May 2020 14:51:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 437
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=5.1.0
198.54.120.50200 OK 857 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=5.1.0
IP 198.54.120.50:0
File type ASCII text, with very long lines (3287), with no line terminators
Hash f91b0cde1c3ae9c4865dbe50b94b7e96
26c7baee70eca5d442f5f30a7c0ccd0a6187c105
224aecccc666e90a5607c1ee584952f275cae6c6f8cad50f9d9834d7499c4bd9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=5.1.0 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 22:41:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 857
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/load-more-products-for-woocommerce/css/load_products.css?ver=1.1.9.7
198.54.120.50200 OK 479 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/load-more-products-for-woocommerce/css/load_products.css?ver=1.1.9.7
IP 198.54.120.50:0
File type ASCII text, with CRLF line terminators
Hash 2c40c00292a9c3759d14c75401070064
fc7b16847c23b7bbfc48e539491fd1e70836a07d
0c5b133de8ce033537e9908f14ed2835712a55aa98535ba0b9d7675a7fc50162
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/load-more-products-for-woocommerce/css/load_products.css?ver=1.1.9.7 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 12:09:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 479
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=5.1.0
198.54.120.50200 OK 1.7 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=5.1.0
IP 198.54.120.50:0
File type ASCII text, with very long lines (7887), with no line terminators
Hash 494afef7fdbd631433fe8b40049c9733
e927f43e6ee2f70854247363612dab1107c514ad
54b56f475540254274fa193380ab680e39913768d9a227660bd571bba3456b7f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=5.1.0 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 22:41:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1728
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woo-better-usability/assets/wbulite.js?ver=6.1.1
198.54.120.50200 OK 4.3 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woo-better-usability/assets/wbulite.js?ver=6.1.1
IP 198.54.120.50:0
Hash fc8aa18c038921ef870aae29799be596
917cd4604e38866299b6bf765117f2a26db48cc5
7fafff8f5a21084db43fec350f48f8f0b0a441cddcd73623f82170c59d9f26cb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woo-better-usability/assets/wbulite.js?ver=6.1.1 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 12:08:55 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4314
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
198.54.120.50200 OK 6.8 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 198.54.120.50:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 3d0ff0f6731d9cef860af9a5a0e3ce62
13aed444304d782039e261475c8b4450b83e743e
e8d05db77732c71843ced6f386ea82eb32243ac36e7ca3e071cb7f53e2ffbce5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Sat, 24 Sep 2022 05:25:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6800
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/popup-anything-on-click/assets/js/popupaoc-public.js?ver=2.2
198.54.120.50200 OK 2.3 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/popup-anything-on-click/assets/js/popupaoc-public.js?ver=2.2
IP 198.54.120.50:0
File type ASCII text, with CRLF line terminators
Hash c6be4ac97f61a646697498e0cfa52f3c
da81034d91639073a70f911ce516f7dc1eadb802
111d0277c3b003d902865e75a116cc051b03c89b5c4d4a76998b345bd9e6f187
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/popup-anything-on-click/assets/js/popupaoc-public.js?ver=2.2 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 12:07:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2250
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.2
198.54.120.50200 OK 6.3 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.2
IP 198.54.120.50:0
File type ASCII text, with very long lines (15446)
Hash a0504724dbb256f37f15c469425c485f
76555844ad15af75402eb4ad920c22ba7a04d5a2
3e1676b98a3940b1f593b134a08979a125a4373f46484d5a743c3e1ced915a39
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/effect.min.js?ver=1.13.2 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Sat, 24 Sep 2022 05:25:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6309
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-includes/js/jquery/ui/effect-shake.min.js?ver=1.13.2
198.54.120.50200 OK 433 B URL HTTP/2 zanzyentertainmentgroup.com/wp-includes/js/jquery/ui/effect-shake.min.js?ver=1.13.2
IP 198.54.120.50:0
File type ASCII text, with very long lines (644)
Hash 8cea198a013688b9ba96c31efa9a908c
77cb96df3468d1cc29a286fde26a76d80c1323d0
fd986ff5f970b6d55b76d3c51d5635609346efe640ebeb2158ffffd867b9c94b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/effect-shake.min.js?ver=1.13.2 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 03:34:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 433
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
198.54.120.50200 OK 3.2 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
IP 198.54.120.50:0
File type ASCII text, with very long lines (9081)
Hash 700d3ca3b6f3e00a4c59f7ca3353e5ac
c4fb56a1dd52567489e3c35030fcbc430ec9d371
513764573155698d580bfcbb7c0d6f02cfef9326ae4b4809148b915103ffe895
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 22:41:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3232
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
198.54.120.50200 OK 899 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
IP 198.54.120.50:0
File type ASCII text, with very long lines (1668)
Hash 22d65ba38528349e705d912ce26bf8ac
c89ba006009043d93b88ff155b4fec8797330550
6253bcb85e4267ad3ba843145534e729ee2c1d7e85e5b4ab5b2e074ae636bca3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 22:41:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 899
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.1.0
198.54.120.50200 OK 837 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.1.0
IP 198.54.120.50:0
File type ASCII text, with very long lines (2066), with no line terminators
Hash 95a6d6c0dc11c57989858f0a69c78949
cf3f20d4272d59c9cef66fe4f87e2d7d646f92a7
97a2b84c29e1257e097fcc5a29c8ed63e74c6bc1bf222975c473be26fd225528
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.1.0 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 22:41:17 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 837
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.1.0
198.54.120.50200 OK 934 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.1.0
IP 198.54.120.50:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash ef8ddf2830341f13634a12266fa9813f
45c12d8b054261b0597ffdb97ff55f8ab7a913c4
698fbd0089cafb0659518bf2359ce5c990e71c9a543338fdc7b1595ee11ade22
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.1.0 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 22:41:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 934
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woolentor-addons/assets/js/accordion.min.js?ver=2.4.9
198.54.120.50200 OK 1.4 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woolentor-addons/assets/js/accordion.min.js?ver=2.4.9
IP 198.54.120.50:0
File type Unicode text, UTF-8 text, with very long lines (3889), with CRLF line terminators
Hash f3354bb8f79a50b4e4a7f4d2c7325a33
89db1a151fad50f12560db682a0d9efed5d4bd00
8fed91233e96b0dee6e07e150601e3894fe3d145805f44adeeee0483cf934ae0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woolentor-addons/assets/js/accordion.min.js?ver=2.4.9 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 12:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1393
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/ht-mega-for-elementor/assets/js/popper.min.js?ver=1.9.8
198.54.120.50200 OK 6.5 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/ht-mega-for-elementor/assets/js/popper.min.js?ver=1.9.8
IP 198.54.120.50:0
File type ASCII text, with very long lines (18860)
Hash c4af98e85be0cc5d2f190ab1a0152707
35067ca63aaa63b8f67ef7c95261c0d57bc61ae5
52e8943840c845f281a3462b79cdc90be3398c82bc2f7235fb80e0b79fcf712b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/ht-mega-for-elementor/assets/js/popper.min.js?ver=1.9.8 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 12:07:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6545
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/ht-mega-for-elementor/assets/js/htbbootstrap.js?ver=1.9.8
198.54.120.50200 OK 10 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/ht-mega-for-elementor/assets/js/htbbootstrap.js?ver=1.9.8
IP 198.54.120.50:0
File type ASCII text, with very long lines (483)
Hash 667464abec18364e41152d3654fb01fb
ae68470bb38791e52be7c85bd8f66aef9a08318d
738f546a2fe7b46ef19ffe3d4f8ae1eb101e8f413daa7a61326e32bbc8e8a5ac
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/ht-mega-for-elementor/assets/js/htbbootstrap.js?ver=1.9.8 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 12:07:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10275
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/ht-mega-for-elementor/assets/js/waypoints.js?ver=1.9.8
198.54.120.50200 OK 2.6 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/ht-mega-for-elementor/assets/js/waypoints.js?ver=1.9.8
IP 198.54.120.50:0
File type Unicode text, UTF-8 text, with very long lines (8864)
Hash bddf213b07aceb37ace5d0feb54e1da4
8a52591333dc649cce542c5bb0fb44608ac3e78e
45c9ba1fbb57ddbcd70fcd9a515fc2c9b674d69bf3fdebe4c79467992de9b033
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/ht-mega-for-elementor/assets/js/waypoints.js?ver=1.9.8 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 12:07:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2593
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/themes/photoway/assets/vendors/bootstrap/js/bootstrap.min.js?ver=4.1.3
198.54.120.50200 OK 13 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/themes/photoway/assets/vendors/bootstrap/js/bootstrap.min.js?ver=4.1.3
IP 198.54.120.50:0
File type ASCII text, with very long lines (50758), with CRLF line terminators
Hash 13ae415370e52437c66a5893853850ec
675b7470913e684e54b1367bc47a0cb7531cb046
a2a4c2c9bdb03fc3f43d2e858ebaba1dc04de7b1eed2af902c5fd3d98b1c25c3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/photoway/assets/vendors/bootstrap/js/bootstrap.min.js?ver=4.1.3 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Thu, 14 May 2020 09:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13436
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/themes/photoway/assets/vendors/OwlCarousel2-2.2.1/owl.carousel.min.js?ver=2.2.1
198.54.120.50200 OK 11 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/themes/photoway/assets/vendors/OwlCarousel2-2.2.1/owl.carousel.min.js?ver=2.2.1
IP 198.54.120.50:0
File type ASCII text, with very long lines (32000), with CRLF line terminators
Hash be26b2f07a169d833605ce6ed90b1844
e0b7ec790045bac6ac346d61cc5e2d0005a0ad62
2bce2ca4363721be8365f7375a4cde8f0a81fc47196bbb39c5f702ed2d84e103
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/photoway/assets/vendors/OwlCarousel2-2.2.1/owl.carousel.min.js?ver=2.2.1 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Thu, 14 May 2020 09:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10657
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/themes/photoway/assets/js/skip-link-focus-fix.min.js
198.54.120.50200 OK 201 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/themes/photoway/assets/js/skip-link-focus-fix.min.js
IP 198.54.120.50:0
File type ASCII text, with CRLF line terminators
Hash f51c9dfb432d947203ababf54bc84688
f14d7d07f9c57c48e2df2ac0399404fbbeac7f72
66b693afb3aada0c92a9f2ab6289bb2fc631fb651acee08aa2d486f9998af4e5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/photoway/assets/js/skip-link-focus-fix.min.js HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Thu, 14 May 2020 09:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 201
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/wp-whatsapp-chat/build/frontend/js/index.js?ver=5cf11c421167aee95e6c
198.54.120.50200 OK 2.2 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/wp-whatsapp-chat/build/frontend/js/index.js?ver=5cf11c421167aee95e6c
IP 198.54.120.50:0
File type ASCII text, with very long lines (6875), with no line terminators
Hash 7361eb05dbe005af0c3aa7fe7bb8b90a
5b3684baeeeb1ee115ba71b443afdff9e1ecf269
abcdd4fd38b6f3ee351a514cdb75215ba4a39c2994a084cda2779babe3c021b4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wp-whatsapp-chat/build/frontend/js/index.js?ver=5cf11c421167aee95e6c HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 12:08:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2214
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woolentor-addons/assets/js/slick.min.js?ver=2.4.9
198.54.120.50200 OK 10 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woolentor-addons/assets/js/slick.min.js?ver=2.4.9
IP 198.54.120.50:0
File type ASCII text, with very long lines (32077)
Hash 49f07520a7790887051c0a8bbc25b798
02e3dd5d6aa406879401312e0d344ea4fa4a8731
08f9acd00e57e5e9d1c7b668287bf74a8e010886c0f2a0b1e079fcbe071e17a3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woolentor-addons/assets/js/slick.min.js?ver=2.4.9 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 12:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10104
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.2
198.54.120.50200 OK 2.7 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.2
IP 198.54.120.50:0
File type ASCII text, with very long lines (8014), with no line terminators
Hash 4260ecd7b11c8b2261939504401ec355
f0e4955a2e1e589891a198d7e1508a96013ff9e1
c58c19b04900fc0cadf8f7f8ad6da45e381e7bd5872fb64e8ede1b316d77b58f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.2 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 12:06:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2660
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/load-more-products-for-woocommerce/js/load_products.js?ver=1.1.9.7
198.54.120.50200 OK 4.8 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/load-more-products-for-woocommerce/js/load_products.js?ver=1.1.9.7
IP 198.54.120.50:0
File type ASCII text, with CRLF line terminators
Hash 1406af7056b2dadc688131debf8b2670
16752584d9efc89b7dc43a52ce647faf6f542b07
81b250ba1fcba99fbd7328d208c8d9d72a2848f3dce579c56f15ecec16cad2e1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/load-more-products-for-woocommerce/js/load_products.js?ver=1.1.9.7 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 12:09:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4778
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/make-column-clickable-elementor/assets/js/make-column-clickable.js?ver=1.4.0
198.54.120.50200 OK 501 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/make-column-clickable-elementor/assets/js/make-column-clickable.js?ver=1.4.0
IP 198.54.120.50:0
Hash 82aaacfd8cfd5e2c4c3180f21539df54
a62336ddd4d34887675bdb2f012de3719467d89b
665fc28594be331230bc79aa729d1607226df3e2ca6ef31b0e2936f56e568ead
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/make-column-clickable-elementor/assets/js/make-column-clickable.js?ver=1.4.0 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 12:07:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 501
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/jetsticky-for-elementor/assets/js/lib/ResizeSensor.min.js?ver=1.7.0
198.54.120.50200 OK 853 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/jetsticky-for-elementor/assets/js/lib/ResizeSensor.min.js?ver=1.7.0
IP 198.54.120.50:0
File type ASCII text, with very long lines (2233), with CRLF line terminators
Hash e56e24ce8b6ab527f9c3705a22d65133
60c1f71a3c4b7fa53b64c896b8400aa8715e870a
c284b0098209acb0a4061b5a13c03e06c580964f37ad987a1dc07dd6cf6d9b3f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/jetsticky-for-elementor/assets/js/lib/ResizeSensor.min.js?ver=1.7.0 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 12:07:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 853
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/jetsticky-for-elementor/assets/js/lib/sticky-sidebar/sticky-sidebar.min.js?ver=3.3.1
198.54.120.50200 OK 3.3 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/jetsticky-for-elementor/assets/js/lib/sticky-sidebar/sticky-sidebar.min.js?ver=3.3.1
IP 198.54.120.50:0
File type ASCII text, with very long lines (11677), with CRLF line terminators
Hash 99c273567dda4a3aad5ad39472921d27
79e257648082c380896c38d1cc5e0deffb358636
5c208c8def2249887feb87739d50aaa07b3e5cb4402ccf6cabff49dd74a2f08e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/jetsticky-for-elementor/assets/js/lib/sticky-sidebar/sticky-sidebar.min.js?ver=3.3.1 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 12:07:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3275
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/jetsticky-for-elementor/assets/js/lib/jsticky/jquery.jsticky.js?ver=1.1.0
198.54.120.50200 OK 1.3 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/jetsticky-for-elementor/assets/js/lib/jsticky/jquery.jsticky.js?ver=1.1.0
IP 198.54.120.50:0
File type ASCII text, with CRLF line terminators
Hash 8e2466481b07964201cb72eadb25899f
a0fa49fd664fdffb7d131bae32a5ffb60945513f
1ac115c1f5ae350a641388070cbdac9eaa700c1143057dc586cc8931ee0b493b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/jetsticky-for-elementor/assets/js/lib/jsticky/jquery.jsticky.js?ver=1.1.0 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 12:07:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1266
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.7.6
198.54.120.50200 OK 3.3 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.7.6
IP 198.54.120.50:0
File type ASCII text, with very long lines (10557)
Hash 8c67cc5ad9435b65760a1d8ba0bff676
52d3b1e2c4f2e00111c51ff36dba42890a22e624
406b73ed4fd5d6fdc88862b01ca0d27aea737a3167a173ccc5b76633e9f6e2bd
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.7.6 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Thu, 14 May 2020 10:04:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3296
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/themes/photoway/assets/js/main.min.js
198.54.120.50200 OK 2.6 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/themes/photoway/assets/js/main.min.js
IP 198.54.120.50:0
File type ASCII text, with very long lines (8280), with no line terminators
Hash 106c341caaaac2640ef3c3cb7ca0e3a1
21120f23da5297b1d05dc6b26e9a1da3bdd78bfe
5b770a14b455731ad3cebeae7425384ed5b6dd91c695c614b612062923c1a8c8
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/photoway/assets/js/main.min.js HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Thu, 14 May 2020 09:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2632
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-includes/js/masonry.min.js?ver=4.2.2
198.54.120.50200 OK 7.1 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-includes/js/masonry.min.js?ver=4.2.2
IP 198.54.120.50:0
File type ASCII text, with very long lines (23966)
Hash acbcd70975a7cfaf92dc02b2ede1fd24
7a50461999972abb541d4baf1ccf23d8e435aad6
c1250ec4943afb181633078eb9d67c5944fc64b2bb219c98406c286e9449189e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Sun, 14 Jun 2020 04:23:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7117
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
198.54.120.50200 OK 1.7 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 198.54.120.50:0
File type ASCII text, with very long lines (5477)
Hash fa921f07ecc438baf227765de450e215
1fdd49d8bb681cb118ea8d67d4fc61b0ad46cc95
b2cc68637048b04952a2f33163f64571145dbe0817a14c68fe6f1661bd81091f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Sun, 14 Jun 2020 04:23:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1733
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=2.9.8
198.54.120.50200 OK 1.0 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=2.9.8
IP 198.54.120.50:0
File type ASCII text, with very long lines (2634)
Hash 9dca73c31a4d69d6485576e1d09f3bc2
daa743c4e77033c79f10c46cd0651392775da981
6d8707df30946b91caaf1460418e7e723ed636fab6aa535547b5bc543a258993
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=2.9.8 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Thu, 14 May 2020 10:04:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1039
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/jetsticky-for-elementor/assets/js/jet-sticky-frontend.js?ver=1.0.3
198.54.120.50200 OK 1.9 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/jetsticky-for-elementor/assets/js/jet-sticky-frontend.js?ver=1.0.3
IP 198.54.120.50:0
File type ASCII text, with CRLF line terminators
Hash 086f71147f0966a01e900d1003457284
d9fb3c0ef111bc943851718dcba53bf5f2b718f0
ee40f56a305522396ecb5133996601672f6a59805f1e5cfed606b0671a4c574f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/jetsticky-for-elementor/assets/js/jet-sticky-frontend.js?ver=1.0.3 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 12:07:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1926
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-includes/js/wp-util.min.js?ver=6.1.1
198.54.120.50200 OK 690 B URL HTTP/2 zanzyentertainmentgroup.com/wp-includes/js/wp-util.min.js?ver=6.1.1
IP 198.54.120.50:0
File type ASCII text, with very long lines (1391)
Hash ebe552e54e3815c6867913d252ff2a79
4982bd9ba944833e821be18419ad8408290f5d75
8b0aedc73b1d41ab59c0ad42553259c90458cfb72b149946a3bae3298c012e40
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-util.min.js?ver=6.1.1 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 13:22:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 690
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8
198.54.120.50200 OK 380 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8
IP 198.54.120.50:0
File type ASCII text, with very long lines (754), with no line terminators
Hash 3b6c4f265d66f0d4d9075dfcacae5be3
7447a09603361f34db9ac61bd0bd701492cefc53
505870d1a7bd8ca07bbd80c68290dd554f3b469fb3469e7ccc5481de6d3f5e94
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 12:09:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 380
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21
198.54.120.50200 OK 1.0 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21
IP 198.54.120.50:0
File type ASCII text, with very long lines (2589)
Hash f6f85c3768c575135d66756bf9d893ab
f40cb5eeb52a5f18f88c826463af693372fcbf8d
365e17da639a01583aa1351757db8b004053341e76ca01ffc56bba93b02a13fb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 22:41:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1042
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-includes/js/underscore.min.js?ver=1.13.4
198.54.120.50200 OK 7.2 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP 198.54.120.50:0
File type ASCII text, with very long lines (18798)
Hash f4bb18d2e152ba945cb63980362f40e9
925f93a6c4ee411e97d8dc3186f9d66c4b5169ab
16ab496a6c74f5f272f7a5c31e9cb69c753fea994396ef6deacf641180ad317b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Wed, 28 Sep 2022 00:48:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7179
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
198.54.120.50200 OK 2.9 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 198.54.120.50:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash 869caa171b68cbec9fee5abbfb944ee8
f237e485e41f88b77384cfdb880f9d5a8f46eac8
25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Thu, 14 May 2020 10:04:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2867
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woolentor-addons/assets/css/woolentor-widgets.css?ver=2.4.9
198.54.120.50200 OK 21 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woolentor-addons/assets/css/woolentor-widgets.css?ver=2.4.9
IP 198.54.120.50:0
File type Unicode text, UTF-8 text, with very long lines (347)
Hash 28b032fb6767d16632cc2bca1d86d264
4c4aa118abe3dd55bd4fea6d9d85cc680748b47a
ee2c407a5ad1a7cb283b119447592c4207c31a99dcb2c56d3919a1e2141ebf31
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woolentor-addons/assets/css/woolentor-widgets.css?ver=2.4.9 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 12:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 20652
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/themes/photoway/style.css
198.54.120.50200 OK 25 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/themes/photoway/style.css
IP 198.54.120.50:0
File type ASCII text, with very long lines (1380)
Hash 7e4fda1050fc729e1458568d77fe1521
ab545370609e35b314ee4f1789061a98ee68a6af
2e30b0af6d014b8fdf4dd6e623a9d0a65505e18daa23c3e541727c816302427c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/photoway/style.css HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: text/css
last-modified: Fri, 17 Jul 2020 12:05:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 25067
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=2.9.8
198.54.120.50200 OK 20 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=2.9.8
IP 198.54.120.50:0
File type Unicode text, UTF-8 text, with very long lines (38520), with LF, NEL line terminators
Hash 8ba8146e3097803cad73c6b7b5c9624e
238fb273f670a94b74d03f37574b49dbdaf8b746
4a013c15e87f674e4d6f5e03f4cdabc9cd75fa869ea0d11fe48288b2a9c039ed
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=2.9.8 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Thu, 14 May 2020 10:04:32 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 20202
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/ht-mega-for-elementor/assets/js/swiper.min.js?ver=1.9.8
198.54.120.50200 OK 31 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/ht-mega-for-elementor/assets/js/swiper.min.js?ver=1.9.8
IP 198.54.120.50:0
File type ASCII text, with very long lines (65258), with CRLF line terminators
Hash 90401e783f273c51342a27e34eca9873
3089b9aa9208868c1af5e83a639e13fbafe90aee
4e42aaa1093ff92c7bcdc85834ca7560064497e5d294a60f26bc499660a6c5c7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/ht-mega-for-elementor/assets/js/swiper.min.js?ver=1.9.8 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 12:07:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30914
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 12:29:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 12:29:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zanzyentertainmentgroup.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.9.8
198.54.120.50200 OK 30 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.9.8
IP 198.54.120.50:0
File type Unicode text, UTF-8 text, with very long lines (37808), with LF, NEL line terminators
Hash 59cea0a078ce2b9ee37c45b463203a89
0e6f58e6b725456d42e0bd13c054dddcd997b998
5279d2f7eaf6e3df25c0e44f64db024e84cbeb069ebca85fc29b069c17f1ed86
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.9.8 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Thu, 14 May 2020 10:04:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 29562
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 12:29:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 12:29:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 12:29:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/hind/v16/5aU69_a8oxmIdGl4BA.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/hind/v16/5aU69_a8oxmIdGl4BA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16216, version 1.0\012- data
Hash 4c5bc71b3cf6f2584725c0bb3e25d391
f051f482061dc48d09c328c45459dd04db5b5547
aca5dec430a7470ff1d8a16f9e7bb3ca30f2ff58f3bd60432cf1dddfa30c9d71
GET /s/hind/v16/5aU69_a8oxmIdGl4BA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zanzyentertainmentgroup.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16216
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 21:11:25 GMT
expires: Fri, 17 Nov 2023 21:11:25 GMT
cache-control: public, max-age=31536000
age: 573492
last-modified: Tue, 26 Apr 2022 15:45:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zanzyentertainmentgroup.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:21 GMT
expires: Thu, 23 Nov 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 60916
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/hind/v16/5aU19_a8oxmIfJpbERySjQ.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/hind/v16/5aU19_a8oxmIfJpbERySjQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16788, version 1.0\012- data
Hash fd24af413cb9cfdc66d2ff712bdfd614
978c3d524cc6a8114d11f78b6292b58c69cb8632
16ab274f0ede84be01a0361263faeb3ff18d2d95d155d6b9d654ef37f87db1f5
GET /s/hind/v16/5aU19_a8oxmIfJpbERySjQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zanzyentertainmentgroup.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16788
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 18:52:13 GMT
expires: Wed, 22 Nov 2023 18:52:13 GMT
cache-control: public, max-age=31536000
age: 149844
last-modified: Tue, 26 Apr 2022 16:08:13 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zanzyentertainmentgroup.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 60929
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/hind/v16/5aU19_a8oxmIfMJaERySjQ.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/hind/v16/5aU19_a8oxmIfMJaERySjQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash 56815b67806b56493202b27cfd9f42c0
977eae4a3b34d8e39a5cb6a58a10ab2deba30d61
5e347565595b94716cf6f9fa7adfed6a5646bae6a163d35a20f73c067f48ad93
GET /s/hind/v16/5aU19_a8oxmIfMJaERySjQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zanzyentertainmentgroup.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 21:50:51 GMT
expires: Thu, 23 Nov 2023 21:50:51 GMT
cache-control: public, max-age=31536000
age: 52726
last-modified: Tue, 26 Apr 2022 15:54:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 12:29:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1
198.54.120.50200 OK 3.4 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1
IP 198.54.120.50:0
File type HTML document, ASCII text, with very long lines (9560)
Hash 95b8b08b5e08da45b2d02b3cc3c3d4a4
7390fa4efec5b55768e4fc3efd2c0033026da8cc
a519c10cbd57359134552e28ce4fbfb7c15c643bb106483ea13ecf59162d87bf
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 22:41:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3428
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2
198.54.120.50200 OK 6.2 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2
IP 198.54.120.50:0
File type ASCII text, with very long lines (22735), with no line terminators
Hash 53724f40cacd0cbd97223cd3b75ab563
50075fc555845507868eacf8be45ac5bd8b92e72
91b479890275cd54e7104f7043d0f5896aea80411c9e3de6ae2c3c8973e42188
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 22:41:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6227
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1
198.54.120.50200 OK 12 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1
IP 198.54.120.50:0
File type ASCII text, with very long lines (31090)
Hash 17055e2becc9485df8cad41c3eb264a1
e9e44ef033c5a45dcb66dd930f7cb3c8d0be454c
81488e886a32e61126d387600eb168ff735edfbf23f5627a8251a6ee64d58670
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:32 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 22:41:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11551
date: Thu, 24 Nov 2022 12:29:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=5.1.0
198.54.120.50200 OK 3.4 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=5.1.0
IP 198.54.120.50:0
File type ASCII text, with very long lines (13581), with no line terminators
Hash b8b53f8604981c5fdef22e1d3a24292e
2a74d9f2c42cd57ad7c67aafcd89befbe98a161c
3b2cb989c595b41aec21f3ba2f30111214f538225537219cef84fb85a405df9e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=5.1.0 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:33 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 22:41:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3430
date: Thu, 24 Nov 2022 12:29:33 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=5.1.0
198.54.120.50200 OK 1.7 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=5.1.0
IP 198.54.120.50:0
File type Unicode text, UTF-8 text, with very long lines (6357), with no line terminators
Hash 70cc8e74d2d4626148acba55a4608dbd
d57045f3e31a245e6ebf818adf17886a83c1043c
764428782a932f7646daef46e5dbbb5062ba578de2bf7e2050ccaa12df789138
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=5.1.0 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:33 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 22:41:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1712
date: Thu, 24 Nov 2022 12:29:33 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
198.54.120.50200 OK 4.6 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 198.54.120.50:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:33 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Thu, 24 Nov 2022 12:29:33 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.1.0
198.54.120.50200 OK 1.1 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.1.0
IP 198.54.120.50:0
File type ASCII text, with very long lines (7043), with no line terminators
Hash 398489038b789364a5c83f044e11974d
d5caf5f64c45693de65b5c0a801bfbf83a325485
32365dde0c909abbb02d8b6a8d9938056ba47f325d51e75082e3d265ce5f76d5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.1.0 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:37 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 22:41:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1058
date: Thu, 24 Nov 2022 12:29:37 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/uploads/2020/05/banner-home-1.png
198.54.120.50200 OK 21 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/uploads/2020/05/banner-home-1.png
IP 198.54.120.50:0
File type PNG image data, 1366 x 768, 8-bit/color RGBA, non-interlaced\012- data
Hash 0f8668365d0f42663319ec7a23bc7a25
ad01f946cabfb3c57f59a5a88201320f4cd4fd41
7fdb435bc0341cde9aa7812ef4a50a0a1db31df290b085c63860d108ce6701e7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/05/banner-home-1.png HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/wp-content/uploads/elementor/css/post-162.css?ver=1630859834
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:37 GMT
content-type: image/png
last-modified: Sat, 16 May 2020 21:51:51 GMT
accept-ranges: bytes
content-length: 20832
date: Thu, 24 Nov 2022 12:29:37 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/uploads/2020/05/Zanzy-Entertainment-kk-3.jpg
198.54.120.50200 OK 53 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/uploads/2020/05/Zanzy-Entertainment-kk-3.jpg
IP 198.54.120.50:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=800, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], baseline, precision 8, 1280x800, components 3\012- data
Hash 497298931984c52e8ccbd98945e9b701
1f98d74db1981f63e4758a10aa9bc2084ce5af23
d3321733f9d50b8b17045667d53e510456053b4064adca1bdaf280eb761b590b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/05/Zanzy-Entertainment-kk-3.jpg HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/wp-content/uploads/elementor/css/post-126.css?ver=1630846841
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:37 GMT
content-type: image/jpeg
last-modified: Sat, 16 May 2020 22:45:13 GMT
accept-ranges: bytes
content-length: 52558
date: Thu, 24 Nov 2022 12:29:37 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/themes/photoway/assets/vendors/kf-icons/fonts/kf-icons.woff?w118d
198.54.120.50200 OK 64 kB URL HTTP/2 zanzyentertainmentgroup.com/wp-content/themes/photoway/assets/vendors/kf-icons/fonts/kf-icons.woff?w118d
IP 198.54.120.50:0
File type Web Open Font Format, CFF, length 63664, version 1.0\012- data
Hash fdd9e757bf61675343dcf55100422b84
f9be87fa2d1d4a95e8305afb51778db4bc759fbc
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/photoway/assets/vendors/kf-icons/fonts/kf-icons.woff?w118d HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://zanzyentertainmentgroup.com/wp-content/themes/photoway/assets/vendors/kf-icons/css/style.css?ver=1.0.0
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:37 GMT
content-type: font/woff
last-modified: Thu, 14 May 2020 09:50:14 GMT
accept-ranges: bytes
content-length: 63664
date: Thu, 24 Nov 2022 12:29:37 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/sticky-side-buttons/assets/fonts/fa-brands-400.woff2
198.54.120.50200 OK 0 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/sticky-side-buttons/assets/fonts/fa-brands-400.woff2
IP 198.54.120.50:0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/sticky-side-buttons/assets/fonts/fa-brands-400.woff2 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://zanzyentertainmentgroup.com/wp-content/plugins/sticky-side-buttons/assets/css/font-awesome.css?ver=6.1.1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:37 GMT
content-type: font/woff2
last-modified: Thu, 14 May 2020 14:51:08 GMT
accept-ranges: bytes
content-length: 69608
date: Thu, 24 Nov 2022 12:29:37 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/uploads/2020/05/banner-home-co.png
198.54.120.50200 OK 0 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/uploads/2020/05/banner-home-co.png
IP 198.54.120.50:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/05/banner-home-co.png HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zanzyentertainmentgroup.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:38 GMT
content-type: image/png
last-modified: Sat, 16 May 2020 21:51:48 GMT
accept-ranges: bytes
content-length: 164359
date: Thu, 24 Nov 2022 12:29:38 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Hind:300,400,400i,500,600,700,800,900|Playfair+Display:400,400italic,700,900
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Hind:300,400,400i,500,600,700,800,900|Playfair+Display:400,400italic,700,900
IP 142.250.74.10:0
GET /css?family=Hind:300,400,400i,500,600,700,800,900|Playfair+Display:400,400italic,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zanzyentertainmentgroup.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 12:29:32 GMT
date: Thu, 24 Nov 2022 12:29:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=6.1.1
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=6.1.1
IP 142.250.74.10:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zanzyentertainmentgroup.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 12:29:32 GMT
date: Thu, 24 Nov 2022 12:29:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
zanzyentertainmentgroup.com/wp-content/plugins/sticky-side-buttons/assets/fonts/fa-solid-900.woff2
198.54.120.50200 OK 0 B URL HTTP/2 zanzyentertainmentgroup.com/wp-content/plugins/sticky-side-buttons/assets/fonts/fa-solid-900.woff2
IP 198.54.120.50:0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/sticky-side-buttons/assets/fonts/fa-solid-900.woff2 HTTP/1.1
Host: zanzyentertainmentgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://zanzyentertainmentgroup.com/wp-content/plugins/sticky-side-buttons/assets/css/font-awesome.css?ver=6.1.1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:29:38 GMT
content-type: font/woff2
last-modified: Thu, 14 May 2020 14:51:08 GMT
accept-ranges: bytes
content-length: 73852
date: Thu, 24 Nov 2022 12:29:38 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f44b.svg
192.0.77.48200 OK 0 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f44b.svg
IP 192.0.77.48:0
GET /images/core/emoji/14.0.0/svg/1f44b.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zanzyentertainmentgroup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 12:29:38 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
X-Firefox-Spdy: h2