Overview

URLraynerise.com/qn/index.php?e=qbot.zip
IP 162.0.235.248 (United States)
ASN#22612 NAMECHEAP-NET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-19 19:14:43 UTC
StatusLoading report..
IDS alerts0
Blocklist alert116
urlquery alerts No alerts detected
Tags None

Domain Summary (12)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
r3.o.lencr.org (5) 344 No data No data 23.36.77.32
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-19 05:35:38 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-19 05:25:15 UTC 34.117.237.239
ocsp.sectigo.com (1) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 34.216.88.5
ocsp.pki.goog (7) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-19 08:30:47 UTC 142.250.74.10
raynerise.com (71) 0 2022-05-11 22:23:57 UTC 2022-11-08 21:54:30 UTC 162.0.235.248 Unknown ranking
fonts.gstatic.com (3) 0 2014-09-09 00:40:21 UTC 2022-11-19 11:58:25 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/css/magnific-popup.css?ver=1.1.9 Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/css/justifiedGallery.min.css?ve (...) Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/css/bootsnav.css?ver=1.1 Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/css/animate.min.css?ver=3.5.2 Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/css/select2.min.css?ver=4.0.4 Malware
2022-11-19 2 raynerise.com/wp-includes/css/classic-themes.min.css?ver=1 Malware
2022-11-19 2 raynerise.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout. (...) Malware
2022-11-19 2 raynerise.com/wp-content/plugins/revslider/public/assets/css/settings.css?v (...) Malware
2022-11-19 2 raynerise.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/bu (...) Malware
2022-11-19 2 raynerise.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquer (...) Malware
2022-11-19 2 raynerise.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/js/jquery.appear.js?ver=0.3.6 Malware
2022-11-19 2 raynerise.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart (...) Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/js/smooth-scroll.js?ver=2.2.0 Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/js/bootsnav.js?ver=1.2 Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/js/skrollr.min.js?ver=1.3 Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/js/bootstrap.min.js?ver=3.3.6 Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/js/jquery.magnific-popup.min.js (...) Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/js/page-scroll.js?ver=1.4.9 Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/js/wow.min.js?ver=1.0.3 Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/js/classie.js?ver=1.1.9 Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/js/jquery.easing.1.3.js?ver=1.3 Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/js/jquery.countdown.min.js?ver=2.2.0 Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/js/jquery.stellar.js?ver=1.1.9 Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/js/hamburger-menu.js?ver=1.1.9 Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/js/skill.bars.jquery.js?ver=1.1.9 Malware
2022-11-19 2 raynerise.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4 Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/js/jquery.easypiechart.min.js?v (...) Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/js/jquery.nav.js?ver=3.0.0 Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/js/jquery.fitvids.js?ver=1.1 Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/js/main.js?ver=1.1.9 Malware
2022-11-19 2 raynerise.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragme (...) Malware
2022-11-19 2 raynerise.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie. (...) Malware
2022-11-19 2 raynerise.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ve (...) Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/js/background-srcset.js?ver=2.1.0 Malware
2022-11-19 2 raynerise.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce (...) Malware
2022-11-19 2 raynerise.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 Malware
2022-11-19 2 raynerise.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/js/swiper.min.js?ver=3.4.2 Malware
2022-11-19 2 raynerise.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/ (...) Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/style.css?ver=1.1.9 Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/fonts/fa-brands-400.woff2 Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/fonts/themify.woff Malware
2022-11-19 2 raynerise.com/wp-content/themes/pofo/assets/fonts/fa-solid-900.woff2 Malware
2022-11-19 2 raynerise.com/wp-content/plugins/revslider/public/assets/js/jquery.themepun (...) Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed
2022-11-19 2 raynerise.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 162.0.235.248
Date UQ / IDS / BL URL IP
2022-11-19 19:14:43 +0000 0 - 0 - 116 raynerise.com/qn/index.php?e=qbot.zip 162.0.235.248
2022-11-08 21:54:29 +0000 0 - 0 - 6 raynerise.com/qn/index.php?e=qbot.zip 162.0.235.248
2022-11-06 18:42:43 +0000 0 - 0 - 4 raynerise.com/qn/index.php?e=qbot.zip 162.0.235.248
2022-11-06 16:51:42 +0000 0 - 0 - 6 raynerise.com/qn/index.php?e=qbot.zip 162.0.235.248
2022-11-05 00:55:26 +0000 0 - 0 - 6 raynerise.com/qn/index.php?e=qbot.zip 162.0.235.248


Last 5 reports on ASN: NAMECHEAP-NET
Date UQ / IDS / BL URL IP
2023-02-03 12:20:31 +0000 0 - 0 - 0 jisfh83jifs.xyz/ 192.64.119.106
2023-02-03 12:18:11 +0000 0 - 0 - 0 jisjihgy38adj8.xyz/ 162.255.119.113
2023-02-03 12:13:32 +0000 0 - 1 - 2 millonariodesdecasa.com/milljoas.html 162.0.235.3
2023-02-03 11:13:19 +0000 0 - 1 - 0 appliedsteroids.com/ 162.255.119.99
2023-02-03 10:36:14 +0000 0 - 6 - 30 printontyme.co.uk/delivery-times/ 185.61.155.45


Last 5 reports on domain: raynerise.com
Date UQ / IDS / BL URL IP
2022-11-19 19:14:43 +0000 0 - 0 - 116 raynerise.com/qn/index.php?e=qbot.zip 162.0.235.248
2022-11-08 21:54:29 +0000 0 - 0 - 6 raynerise.com/qn/index.php?e=qbot.zip 162.0.235.248
2022-11-06 18:42:43 +0000 0 - 0 - 4 raynerise.com/qn/index.php?e=qbot.zip 162.0.235.248
2022-11-06 16:51:42 +0000 0 - 0 - 6 raynerise.com/qn/index.php?e=qbot.zip 162.0.235.248
2022-11-05 00:55:26 +0000 0 - 0 - 6 raynerise.com/qn/index.php?e=qbot.zip 162.0.235.248


No other reports with similar screenshot

JavaScript

Executed Scripts (50)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (101)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6127
Cache-Control: max-age=147529
Date: Sat, 19 Nov 2022 19:14:31 GMT
Etag: "6378b071-1d7"
Expires: Mon, 21 Nov 2022 12:13:20 GMT
Last-Modified: Sat, 19 Nov 2022 10:31:13 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "01ED8C191C175471AEE23CBC196D558E5BF5209F166806FC97DB08EB06544BAB"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16637
Expires: Sat, 19 Nov 2022 23:51:48 GMT
Date: Sat, 19 Nov 2022 19:14:31 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 19 Nov 2022 18:45:10 GMT
cache-control: public,max-age=3600
age: 1761
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    4d7e4eed097b9c4e5d509419f1cfc85a
Sha1:   290bb3d428a7c6330e2e3d73a952b16f820896c8
Sha256: 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "79FF4A450C749D64E116C00CA3B00D40E968906C5C3881D6EEB2DC6374A4C858"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14180
Expires: Sat, 19 Nov 2022 23:10:52 GMT
Date: Sat, 19 Nov 2022 19:14:32 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 40d/195erG3wlG4PGt2dxad86JCKzCZujHhWpBz+0GmcyuP2NzzM90a4FWthaAQQPW5f0hEzq2c=
x-amz-request-id: ZQE9FR89D0WTH5BP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 19 Nov 2022 18:41:24 GMT
age: 1988
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 19 Nov 2022 19:14:32 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 19 Nov 2022 19:14:32 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 11:46:30 GMT
Expires: Thu, 24 Nov 2022 11:46:29 GMT
Etag: "552530cf71a147ae60bed6149bdeb581be9fd2d9"
Cache-Control: max-age=404516,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76cb44f67a1d0b3d-OSL

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 19 Nov 2022 18:25:01 GMT
cache-control: public,max-age=3600
age: 2971
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3623
Cache-Control: max-age=139963
Date: Sat, 19 Nov 2022 19:14:32 GMT
Etag: "63789cac-1d7"
Expires: Mon, 21 Nov 2022 10:07:15 GMT
Last-Modified: Sat, 19 Nov 2022 09:06:52 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2Lc8RhJG+ESxZRl319BjFw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.216.88.5
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mKheVELhyUP/ZR/ZNJVf91ZdYL8=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12386
Expires: Sat, 19 Nov 2022 22:41:00 GMT
Date: Sat, 19 Nov 2022 19:14:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12386
Expires: Sat, 19 Nov 2022 22:41:00 GMT
Date: Sat, 19 Nov 2022 19:14:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12386
Expires: Sat, 19 Nov 2022 22:41:00 GMT
Date: Sat, 19 Nov 2022 19:14:34 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb1ea6fe-f968-42eb-9bb6-5965ae4e6ce6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7045
x-amzn-requestid: e8dace8b-0cc8-4ea0-b47a-e42a66576f72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-K3EuCIAMFsmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa45-71c191e462be52006858817b;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: S0Sq8vuP-MbcuYVx_WFXTkmrY966mBTY1Qpowx_E_to1tDk1b8R-Bw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:49:21 GMT
age: 77113
etag: "ed93ac946111340a254b92f8ce27e8be93ae87e8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7045
Md5:    e5fb6d72b647aabea33ab4017f4a0847
Sha1:   ed93ac946111340a254b92f8ce27e8be93ae87e8
Sha256: 0782ed4ffaea8f9487461d5a9b0c241d30dfe057676753b24e180d0a94efad99
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F680965e1-a075-4bd9-8788-73e1a3c92de2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3842
x-amzn-requestid: 8effd7ec-299f-471f-8746-3cb81d94998b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: boYBREE6oAMFmfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63733a07-46160f6159dfb4a729e5d688;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 07:04:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 37fj6lqvqFTCEPkclxpI6OuYvlIB57GI2bS4wySNP3X4eQ3Lwy3WQA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 10:26:23 GMT
age: 31691
etag: "317ec439968641329b83210f7fcab59023310077"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3842
Md5:    2e9f6e24e829065d4f201b4c9d9c8fd1
Sha1:   317ec439968641329b83210f7fcab59023310077
Sha256: d1d304d12f3e1c2ad9cf9279bbb7cab4a954942ab86f41d5333e030cdc7a55c8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3035
x-amzn-requestid: 3e3f3a7f-9a1d-4b37-b932-22c6e3e638f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QRcFOuoAMF_fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6f-09dc20ea5620dd167e3f7265;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xvVfLfP2DUilu7GSJMGArO90Kdoq5cPBVtmtyVjZmX5ZKnvOjpR_UQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:36:25 GMT
age: 77889
etag: "72369ebeccf447fa91ef77711d6297063c99777e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3035
Md5:    d6b026c34985bbf2ebf89a62d0724c66
Sha1:   72369ebeccf447fa91ef77711d6297063c99777e
Sha256: e5598ada634274ab9995dedda8c1fd18344abcfdd49b3a1aaede0a86fafc0f40
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4851
x-amzn-requestid: 8c868655-d0eb-428d-9fc0-a7449f770bd4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brtDFF9HoAMFV9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748ee0-4f7daf8f7451dc5e0840f620;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:18:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xirMw5z5GPbmx9Sii_I4iNeh1GS5k9lGmaaJvUGAPWoVyP0Tldhf1w==
via: 1.1 e9ba0a9a729ff2960a04323bf1833df8.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 07:17:42 GMT
age: 43012
etag: "d7a5473d367e7965a4af55acbf4675ed7088fab2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4851
Md5:    459df915ce91b32b2dcc4850516d68a0
Sha1:   d7a5473d367e7965a4af55acbf4675ed7088fab2
Sha256: a03e26ebee79ad9b9dda1bf680e0d2467ae6d5e582589ada9fe6ddfa437c483c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7631
x-amzn-requestid: b47e545d-1fb6-4a62-ab45-28cdb9d3f0b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-vQE0XoAMFS3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab2e-56365eed3d4c082c53b172b3;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WpaBFpaCu0GBiHiiQzCCsyXrA7uzesHS92c_PsgxROxPkqjZ8RyI6Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:52:45 GMT
age: 76909
etag: "e88c5832ff0c49bab181d948c3a510d88343bb6f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7631
Md5:    b2b393e36ee2c9649d90db136aa49542
Sha1:   e88c5832ff0c49bab181d948c3a510d88343bb6f
Sha256: 8b524701df43bff56ac52a021ff0fbd964e06f00e84b4861aa557ec6ae6b4ffd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9FO1gkdftjvJFDvAlxwLD63BP-liwnS2MImVhVdjg83wi4xJdM73Kg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:36:25 GMT
age: 77889
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8089
Md5:    c8f6118fc03f31862ff68fef8a2b9a7f
Sha1:   318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
Sha256: cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
                                        
                                            GET /qn/index.php?e=qbot.zip HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         162.0.235.248
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://raynerise.com/qn/?e=qbot.zip
x-litespeed-cache: miss
content-length: 0
date: Sat, 19 Nov 2022 19:14:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 19 Nov 2022 19:14:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 19 Nov 2022 19:14:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/pofo/assets/css/bootstrap.min.css?ver=3.3.6 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:35 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18236
date: Sat, 19 Nov 2022 19:14:35 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65371)
Size:   18236
Md5:    205bd60fc5d8a46ec27075d321509edf
Sha1:   a8a94253a99fffa01f15c46424d174a83f2cde61
Sha256: 77931d726d9808a238ea1b3511e93c202e389470762158b2179f5364cc685a9a

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/css/magnific-popup.css?ver=1.1.9 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:35 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2546
date: Sat, 19 Nov 2022 19:14:35 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2546
Md5:    807d85571c14b37ecde4f70a70acdc2e
Sha1:   edf3b9782de211c745041ae8655bd129537e0be0
Sha256: 9b00981e6be6aaea2bb6f246c4100cb5dc6e72019c31d847f29173be8c74415a

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/css/font-awesome.min.css?ver=5.9.0 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:35 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11600
date: Sat, 19 Nov 2022 19:14:35 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (55728), with no line terminators
Size:   11600
Md5:    8d19902e4b05c7ba0d529255f20bad9b
Sha1:   4ee6f7dd571dfe421285035424189ec435e54d46
Sha256: 8df2c4c5199c533f9a9230a0852f4431ee4eff200da5430ac4dbda0e3dd104a7

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/css/et-line-icons.css?ver=1.1.9 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:35 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1539
date: Sat, 19 Nov 2022 19:14:35 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1512)
Size:   1539
Md5:    18c99060b7ccf77cddb332e44c777361
Sha1:   f08c2c44f7c9a436f39518c4fcb5a8835bb1b320
Sha256: 2f4a0a252bab0d4966d8430255d1354dffe0cfbe4ed7ebf0545b75c4f1d78ae9

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/css/justifiedGallery.min.css?ver=3.6.3 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:35 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 459
date: Sat, 19 Nov 2022 19:14:35 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1641)
Size:   459
Md5:    ce2fea93fe841b8b4146d730c9bb4a36
Sha1:   8bc8d6c82698081f15648f8fdc7edcc2e0924517
Sha256: 3f4acaab549551853303f4e4a365919809a22bb2d8dd477d40a9b675217b6b4b

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/css/bootsnav.css?ver=1.1 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:35 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3147
date: Sat, 19 Nov 2022 19:14:35 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (347), with CRLF line terminators
Size:   3147
Md5:    5d7be97a85f350ba51537daacb15c65d
Sha1:   d0572e13b99585773a4fd946b449d12f095a05c8
Sha256: 46789525286d3f76cc493a85ad675a5de000cdb203bc5e5052c706045c238fe4

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/css/themify-icons.css?ver=1.1.9 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:35 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2666
date: Sat, 19 Nov 2022 19:14:35 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2666
Md5:    1a76da58884194a5a931d816b6c7f081
Sha1:   1d9c003dc981ea63b955d3a4092db4f98224efd8
Sha256: 7c2157a770f11e7b41340cd7945b7d6266fc5b5636ba637c6072ab805f9d6dec

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/css/animate.min.css?ver=3.5.2 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:35 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2503
date: Sat, 19 Nov 2022 19:14:35 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (16755)
Size:   2503
Md5:    350147debd7fa57281a8deb73045511f
Sha1:   4e8dfaedfcad23b04032cbf25aae0ee251fe2aa0
Sha256: 7250087caf9e07be9e6edb79164416a5eace304065738aa8aeac01e4dd273099

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/css/select2.min.css?ver=4.0.4 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:35 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1790
date: Sat, 19 Nov 2022 19:14:35 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15195)
Size:   1790
Md5:    2464b99105e058cbce51d13cb7c24396
Sha1:   13bdd26f5358db81f8b9a2f40d6eef62dac2442e
Sha256: 48a84dd6853f957ff90134584622ad9c2777a26890ba7e98587baa2af5b88814

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/css/swiper.min.css?ver=3.4.2 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:35 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2637
date: Sat, 19 Nov 2022 19:14:35 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17459)
Size:   2637
Md5:    a9d3cd8956994e292fdce3acdf47e1d4
Sha1:   2a81d4bc84c14fdb16e2eb0afd39841f240323e1
Sha256: 5abcf977197e46b31fe90d421793d353ae83d5a3b4751dffebbfbf3e408d97b7

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (47826)
Size:   11616
Md5:    c4d7cc056b49b00e05cc29cc59aa3d5a
Sha1:   48c426bec60099d2a8628df430ed682c72aab42a
Sha256: 8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
accept-ranges: bytes
content-length: 217
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   217
Md5:    95e891f28e44a9b314c09545d86be2b7
Sha1:   f9b13a8bd47273b086a0a07df15f314e0af0bc3e
Sha256: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Fri, 11 Nov 2022 09:37:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 22871
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size:   22871
Md5:    0c6730c96c60030ddaf42fcf5daf3b17
Sha1:   feb4c0071f27718582e58d365022a1b559de5765
Sha256: d996bec53b493bc579754f29f7d6d0b5332f3354c860a3787e2365a79c44f995

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Mon, 31 Oct 2022 22:19:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 848
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   848
Md5:    c962ba8e7d42ff9da18392b41dad5151
Sha1:   7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
Sha256: 322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=7.1.0 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Fri, 11 Nov 2022 09:37:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2329
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17809), with no line terminators
Size:   2329
Md5:    09d93f4de720fc11a2944fea38fcafcd
Sha1:   e46cf6a8d3373c7fa5feba0b30cd9b9983f719b2
Sha256: cf900721be13309b96cf6c6f56b1c0a40194e8aea1b0a0361739219c9c0f9998

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.1.0 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Fri, 11 Nov 2022 09:37:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8434
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (62781), with no line terminators
Size:   8434
Md5:    6688cf6da7f8e77fce4b23ecd4fa64d4
Sha1:   b787949222758071c1a6221f698cad9bf9b1db2e
Sha256: 1b0db771c94b550d2e2eb123523a8357529aa8ec8869be9e8aabb2595055f438

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Thu, 12 May 2022 08:33:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9202
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Size:   9202
Md5:    91084012b4eafcd38f6cfc2875e82a53
Sha1:   64ba4bbdceb066ad26eb84f4db5ca9a10eed36f0
Sha256: 8b5d57fe4bfa9f73ac4f1c84d4ecf6b4770330898a12934799a4ccfcf9fea998

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Fri, 11 Nov 2022 09:37:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1754
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10435), with no line terminators
Size:   1754
Md5:    f7237084ac82ea6a4f5bf1448c3a2148
Sha1:   60457635a5e809ee1199c61090d8e33b91e8e1f2
Sha256: 18a1cb7f08c1ace52a79f46d73461ed03bf8cf5c9e8a3687eacc3e04f08e7a09

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Thu, 12 May 2022 08:33:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 17404
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64614), with CRLF line terminators
Size:   17404
Md5:    6a14a3cd55e65364d78e4d446374f9c9
Sha1:   c49d5dd44284393f46b8654f2b322cd8115c2975
Sha256: 8cc406a6925a4c5fd8328e053d09decedfa0abed1c5bb5e0f1e823722e013ab5

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Fri, 11 Nov 2022 09:37:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3247
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9111)
Size:   3247
Md5:    078e27719ab2b91e57a3d06d05bf24d8
Sha1:   ee2c8af72d9dbb148d4101a374f6026d0c9c3044
Sha256: 1c8b599f3f7bfa8d7950d95a171f2c873d051960a91c91e22304293596e5b890

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.10.0 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Fri, 18 Nov 2022 21:20:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 321
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   321
Md5:    159e4731a0ffba6862ee2a1bbcc8a805
Sha1:   7fb2a5ca7a80d96187fda406d0a1b7db23867fa7
Sha256: c6f102a76dc397d94cfbadcd292d64bb45acaa29b0391b41a9f1cc68c2274ae2

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   3995
Md5:    7e058b51f939eacfa31cdface14dded5
Sha1:   9d732e5afdeb42edef9e1b9631b7e95e054787cc
Sha256: 4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/js/modernizr.js?ver=2.8.3 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4340
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (11084), with CRLF line terminators
Size:   4340
Md5:    603c86624fa2f9ffda50155d8ab2258d
Sha1:   763a3e4e6ed1f12e661dd5c588d2a2cba5fef4a1
Sha256: 397d624ab19b6d23b93612db1afa6d2b4c8343e30d9400ebe450347016e4f930

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/js/jquery.appear.js?ver=0.3.6 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 855
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   855
Md5:    988fa163a373aade5c3161d82addb6a5
Sha1:   63a515d12a479902366cce04bf5ce8aad6af836c
Sha256: 95394db68c3f574e75cfbadf00043c1e6ec2bb36a8549af4b147120a4d9239ec

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Fri, 11 Nov 2022 09:37:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 972
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (3029), with no line terminators
Size:   972
Md5:    5ed77e0c59800f40061b5c322cff21fa
Sha1:   ced9d401d300dd1fc676a673bbf7e6360beb402d
Sha256: 3b284b8a096256e6cd0d9cbf2cb4b36505e71c0d7b2227fcd3132dddbeea18cc

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/js/smooth-scroll.js?ver=2.2.0 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1539
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3649)
Size:   1539
Md5:    5f5f8364009956d48cc6501eb0c3ec08
Sha1:   6008be3ceaa331be93774016da1750f29668a8b4
Sha256: 6ce6835d02c55e478737b3c0b0f34bf91c6064ebda3d37c8567cd77dd8b7cd86

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/js/bootsnav.js?ver=1.2 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4250
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   4250
Md5:    0cb1c28fc30cb982457b5eb266541249
Sha1:   579f10d7e46c503d014e202ba5c27e12dc27dec0
Sha256: 9eeeb462033439cebcddc3276b8938f9e1b3637608cd23dc98d6c605a90b5051

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/js/skrollr.min.js?ver=1.3 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5198
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13001), with no line terminators
Size:   5198
Md5:    b3f01b064a3364b7b8d77cecf95e4a81
Sha1:   785e8c722e374b0a719ef3d6495d6a9ad7f5ae68
Sha256: a4401db9e2e47e4d40145042a28028685fab6db1f60391c9ff42017de822953b

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/js/bootstrap.min.js?ver=3.3.6 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9449
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32003)
Size:   9449
Md5:    3e4e33daed0042acd19ecdb38acb6a16
Sha1:   871f31e91ceb294bf259e32dd50bd71864540623
Sha256: ab6d694af8c9fac8616ee1256b507daa4056114128cba3da3e88804581210a6c

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/js/jquery.magnific-popup.min.js?ver=1.1.0 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7043
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (20087)
Size:   7043
Md5:    f5e275bd34668dca4972a4cceccd7907
Sha1:   cba188e35681cd77cfcbd026aac16315747fab12
Sha256: 7874f3927ffd30d189723404d3fb9699e728955b083abeccc9a988890b4b2ede

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/js/page-scroll.js?ver=1.4.9 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6636
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   6636
Md5:    9944ad3d188a69f6278e15a3b02af21e
Sha1:   48ac393121023e53fefd424763ec2f2dfc100d1c
Sha256: 356c1f1daacf243b750f130c5b87d3a9b0408c1548024130f5822769496431b4

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/js/wow.min.js?ver=1.0.3 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2355
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8395), with no line terminators
Size:   2355
Md5:    af058550f132b3be4f0c67dbae3a45e9
Sha1:   ae1b871df53d58162a0a88018a56a455269f5cb3
Sha256: 0012a9f25a9e73ca57296e29246f1068ba471dcfa941a93410162e985745cb01

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/js/classie.js?ver=1.1.9 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 616
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   616
Md5:    befe370cc5166a275182ccd05fb80810
Sha1:   a3533f097c950cdf30063addc5195634c3ed230c
Sha256: 6a17561f7c3a43c46238f3c6d689425db126b53f6444a82775b870c77c47886c

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/js/jquery.easing.1.3.js?ver=1.3 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1879
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   1879
Md5:    a35b62d32ba0b287ea965779c2f6bac5
Sha1:   203fa9a867f11d1f15d50907e2bf34d26b2ed655
Sha256: 0923840f1a66d89bf1a3754537fe5a5f9957c62bba7e97f8b318b302bfb6fc28

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/js/jquery.count-to.js?ver=1.1.9 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 925
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   925
Md5:    6da2fca598e035c6066735a869929814
Sha1:   0b64ce18f7c7f02ef542df2bdd637243fab11969
Sha256: a10cfa1ec5ec8b3b51c8c6b0e73dbeaf7278758163490c9f4f41b462af5a842f

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/js/jquery.countdown.min.js?ver=2.2.0 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2238
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4136)
Size:   2238
Md5:    34ae27a14c6bd0b97adf30d7e95b58f1
Sha1:   4d749b45dd156a57bd1899816d4ae9c1912220c9
Sha256: 84f9cbde735393b7d9d808b41f0bf37d6dc2e91be301da73f91ab49dcf07a608

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/js/jquery.stellar.js?ver=1.1.9 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4446
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (310)
Size:   4446
Md5:    900733d23804a714a4a94feb815e745d
Sha1:   fcc08140ac36d30fbeb435a58bcd0e9f8231b57e
Sha256: 46a6fb50fce7fe00f062866eccb66055fcb6ed98610d27cf1d2e4640c471f7b2

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/js/hamburger-menu.js?ver=1.1.9 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 647
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   647
Md5:    ee9dc5606b880721c6900d5288b3154f
Sha1:   ae64345819ba08a6d887943d9530c0f9f2d98308
Sha256: 37bd33870336583f7cdc197fae556a3d7789ac85a1aa2cd89fb2c7223ed12410

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/js/skill.bars.jquery.js?ver=1.1.9 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Fri, 11 Nov 2022 14:55:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 738
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   738
Md5:    625b8ffed95154b6e7cdf3e375a9d409
Sha1:   5697c429a557f359a1ba5d58231510bdcd4fe9e6
Sha256: a0720099e42bf45bc0c7ad5035e7cc2706a2c82471012a7ce0c7d6e360c53fc8

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1733
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5477)
Size:   1733
Md5:    fa921f07ecc438baf227765de450e215
Sha1:   1fdd49d8bb681cb118ea8d67d4fc61b0ad46cc95
Sha256: b2cc68637048b04952a2f33163f64571145dbe0817a14c68fe6f1661bd81091f

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/js/jquery.easypiechart.min.js?ver=2.1.7 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1586
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3765)
Size:   1586
Md5:    ce7b4de2beddb0e4e5897241b864ed43
Sha1:   14eda9c9910295ced9b5b49acbb35df776949215
Sha256: fcb40d1668adfdbc84053762b1c0eb7429e71f35b660982b89bd840593d3598b

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/js/jquery.nav.js?ver=3.0.0 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1702
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1702
Md5:    cad86e9a5e8be4820c2680221c3d822f
Sha1:   cc7c804307ae8ebc8eeffc7f423ad78dec3adf9d
Sha256: 15c9c418449e78e26d9b07d624811ac4d840e7ad13fe3d96ce7c0c368c1d5aef

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/js/equalize.min.js?ver=1.1.9 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 323
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (385)
Size:   323
Md5:    d502c70ee0870ec575e364cb248b6b68
Sha1:   88406a59653a4271a853b12daea2a2ad0036a8fe
Sha256: 192549842f1162f4dbde096b300f6aa381d5ffb0fb3200370cf4ce984013f800

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/js/jquery.fitvids.js?ver=1.1 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1128
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   1128
Md5:    aae5903058a95ad463642a1ea4e44171
Sha1:   07b9390c7c0263c9429ba889ccf5c674c9e20249
Sha256: 406d4f7ebbd02e4d29997a5e983b658ae20f87890a1af71ea9dc33c154fd587a

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/js/infinite-scroll.js?ver=2.1.0 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11627
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21403), with CRLF line terminators
Size:   11627
Md5:    ee51395ad441afaded93cecb6d2a0aee
Sha1:   a556b52bfb6e7064a57a6800f6701de242082f3a
Sha256: e173eeecfb718268155513ef72500776e0f3bc70cff4a180b66a93c1ddc3f1bf

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/js/main.js?ver=1.1.9 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11519
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (442), with CRLF line terminators
Size:   11519
Md5:    056a5f33bb8187e97a9a18454e48c04f
Sha1:   bee7304fbe5c65e2b221b7cd3a39551bb56cbcff
Sha256: c96687958782bea7548890f8d467463a2d7e835cea3187a742daeab0d8fe7d36

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Mon, 31 Oct 2022 22:19:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3706
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (12310), with no line terminators
Size:   3706
Md5:    dc6411bfa6891b75944f0074c945752d
Sha1:   03c1a8b686c287068c61ab90f58d905496d65085
Sha256: 96abeabc9cc7b4c2b7d46579f2827c67ccd02fbaef0343ae052f71accd381b0d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/js/jquery.justifiedGallery.min.js?ver=3.6.3 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Fri, 11 Nov 2022 14:54:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4767
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17996)
Size:   4767
Md5:    0d7b0d8663ad11359cf9545ce7b7bc9e
Sha1:   77da76cf8b56963ec7e9679ba2051418016abbbd
Sha256: 4ff066efc9adef6b59430c08c5d7fe699d449fd59b7c345cf21b73d4d700ab47

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Fri, 11 Nov 2022 09:37:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 934
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2938), with no line terminators
Size:   934
Md5:    cf25dd071a208312bdc07f34d2cee027
Sha1:   76119563119eaae392ecc8903c989d98d0b93002
Sha256: 8635ba2cad8f887e72779bd526f8738ff6343c74cba715caf2eddea383ba7ce6

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Fri, 11 Nov 2022 09:37:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 899
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1668)
Size:   899
Md5:    22d65ba38528349e705d912ce26bf8ac
Sha1:   c89ba006009043d93b88ff155b4fec8797330550
Sha256: 6253bcb85e4267ad3ba843145534e729ee2c1d7e85e5b4ab5b2e074ae636bca3

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Mon, 31 Oct 2022 22:19:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2817
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9937), with no line terminators
Size:   2817
Md5:    4317b1c024df372435f6482deadddeb3
Sha1:   5c8824a17e40a44ea8fc51568b98bdb1e2e7fab5
Sha256: 3798fb16289ba55459fb6d3b2efa915e3c019c5942759abb7bd19a0ef622b85d

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/js/background-srcset.js?ver=2.1.0 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2292
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2292
Md5:    05aaa6dcfbb95f59929d61715257b9c7
Sha1:   ebeb51c7d87a4763d929c36bd57be3d1d0a89674
Sha256: f1cf5c23598c87047a719e01f6d6c95adb0c4418c1d50f53617d8b79732b2f7b

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Fri, 11 Nov 2022 09:37:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 677
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2139), with no line terminators
Size:   677
Md5:    a43fc0dde8fdd69656ad0957e62849c7
Sha1:   4b07cf702ac8a770c8cbffc22b9a788b6e5389ba
Sha256: 1ce3d0493424870c81deec0ec41de0592d2af9f91cd8081cd40a1d7ea89b614f

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   4619
Md5:    0232689bd203f330529b36a437f41a68
Sha1:   9046583f7469ad38297969f10a9513eb895d5316
Sha256: feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/css/responsive.css?ver=1.1.9 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 32651
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   32651
Md5:    dc3d25be7f7599afa5f2ef8cdd165f05
Sha1:   0e68b72d6b1038047ed2305a87392d6466e617ee
Sha256: 6b1662f30342ec31d3549e7ceaf4196e819cd6d2201da8a020ebbb47126ca8f5

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30324
Md5:    3a1740685bd5c0bbd5f2b812e1eb7fb4
Sha1:   488e07695da787fed18361c50292aef35abb5e81
Sha256: 4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/js/swiper.min.js?ver=3.4.2 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 22408
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (31999)
Size:   22408
Md5:    b9a7e90c728215445c785bc80f6bdf00
Sha1:   6099eae7f9ee61f8ece453083cd4056ae1e94420
Sha256: a61715faa1768a71e86eac7092f6f5dd6fec7bd19804c2b9964b5939bbd08b81

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.10.0 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Fri, 18 Nov 2022 21:20:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9727
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32004)
Size:   9727
Md5:    a59589dc39fc1194c21e30ba6dc9b38d
Sha1:   7572fdf7363426efc1eae71f22c9a39ce582e8a6
Sha256: d6854a032133a0b7056be48ce7840a1a650404a728affca98b5a2c76f4cd427a

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/style.css?ver=1.1.9 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 52801
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  assembler source, ASCII text, with very long lines (1094), with CRLF line terminators
Size:   52801
Md5:    3b8850a283dd174ac6e31b5f56a099ef
Sha1:   94a1588f2aa57a4ab4aecc3d51ed9dfdde65d302
Sha256: 145de8a556ea145bd2b9f1fe4104dcaeb78c74ab8f65866388257e3609a530bf

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/05/Rayne.png HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Wed, 11 May 2022 23:11:14 GMT
accept-ranges: bytes
content-length: 49702
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1570 x 447, 8-bit/color RGBA, non-interlaced\012- data
Size:   49702
Md5:    989c00360b6d1b15c961f92cb6361839
Sha1:   3a97002fb15dd42b61cb0ea81840bb1473a371bd
Sha256: 0338880701112706092a232c9f14c2d3df342c13c55db8a918dcacb6a0d77961

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/05/Rayne-2.png HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Wed, 11 May 2022 23:11:11 GMT
accept-ranges: bytes
content-length: 59671
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1570 x 447, 8-bit/color RGBA, non-interlaced\012- data
Size:   59671
Md5:    0d5a0089c618db9d22d0aff5b151a90f
Sha1:   c0d734734515cb30578be3a33cf757a561d45d8e
Sha256: 547cb2da69e705beb3b1f70862a979111d29af335226c43231fc6d5e32a59294

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 19 Nov 2022 19:14:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://raynerise.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:34:08 GMT
expires: Thu, 16 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 258029
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 19 Nov 2022 19:14:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 19 Nov 2022 19:14:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 19 Nov 2022 19:14:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://raynerise.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 18:53:49 GMT
expires: Thu, 16 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 260448
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.1.0 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:37 GMT
last-modified: Fri, 11 Nov 2022 09:37:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1058
date: Sat, 19 Nov 2022 19:14:37 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7043), with no line terminators
Size:   1058
Md5:    398489038b789364a5c83f044e11974d
Sha1:   d5caf5f64c45693de65b5c0a801bfbf83a325485
Sha256: 32365dde0c909abbb02d8b6a8d9938056ba47f325d51e75082e3d265ce5f76d5

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://raynerise.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 16:40:18 GMT
expires: Fri, 17 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 182059
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size:   30928
Md5:    ac0d2859ea5f8fd6bcb3c305c08ec184
Sha1:   7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 19 Nov 2022 19:14:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/pofo/assets/fonts/fa-brands-400.woff2 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://raynerise.com/wp-content/themes/pofo/assets/css/font-awesome.min.css?ver=5.9.0
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: font/woff2
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:37 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-length: 74508
date: Sat, 19 Nov 2022 19:14:37 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 74508, version 329.-1049\012- data
Size:   74508
Md5:    7559b3774a0625e8ca6c0160f8f6cfd8
Sha1:   a403af3337e6207d144b998b9c3bed439af562a9
Sha256: 1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/fonts/themify.woff HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://raynerise.com/wp-content/themes/pofo/assets/css/themify-icons.css?ver=1.1.9
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: font/woff
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:37 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-length: 56108
date: Sat, 19 Nov 2022 19:14:37 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, CFF, length 56108, version 1.0\012- data
Size:   56108
Md5:    a1ecc3b826d01251edddf29c3e4e1e97
Sha1:   9394f35bd2addd24666b79bfc36d4f9d247cb01d
Sha256: 0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/pofo/assets/fonts/fa-solid-900.woff2 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://raynerise.com/wp-content/themes/pofo/assets/css/font-awesome.min.css?ver=5.9.0
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: font/woff2
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:37 GMT
last-modified: Tue, 18 Jun 2019 14:50:14 GMT
accept-ranges: bytes
content-length: 75440
date: Sat, 19 Nov 2022 19:14:37 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 75440, version 329.-1049\012- data
Size:   75440
Md5:    b5cf8ae26748570d8fb95a47f46b69e1
Sha1:   07bed153d47f9129a944ee54dd72952deed074c8
Sha256: cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/05/cropped-EC19204A-F5FC-40E0-A49F-2CB9A6B76D7E-32x32.png HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:38 GMT
last-modified: Tue, 17 May 2022 10:45:36 GMT
accept-ranges: bytes
content-length: 520
date: Sat, 19 Nov 2022 19:14:38 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   520
Md5:    9926ea1bd07c701e92d9eadf4fd1241c
Sha1:   7b67af9e28c694890ac82256d9814ee70d6934b4
Sha256: 9b6ef32496590467e837e8ac1b8b37323e09adb8fb0c3ff6b232d342435b116c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/05/cropped-EC19204A-F5FC-40E0-A49F-2CB9A6B76D7E-192x192.png HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:38 GMT
last-modified: Tue, 17 May 2022 10:45:36 GMT
accept-ranges: bytes
content-length: 6221
date: Sat, 19 Nov 2022 19:14:38 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   6221
Md5:    582c86f54267b72b5fb4e7c79d580f06
Sha1:   90aee440b15cc0957a962abaa6b4df0981a8744b
Sha256: 05b7c9c3f361f7567a86d675d0b28cac826e6cda810ccc19c01ecbe3051c6fe8

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /?wc-ajax=get_refreshed_fragments HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://raynerise.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
x-powered-by: PHP/7.4.33
access-control-allow-origin: https://raynerise.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
x-litespeed-tag: 148_HTTP.200,148_HTTP.200
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-cache-control: no-cache
content-length: 210
date: Sat, 19 Nov 2022 19:14:38 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   210
Md5:    0c97a46508dc677362be2a79fd34feea
Sha1:   bce89aaf991907a16c951cc6a9a8121045374e22
Sha256: 3e799d21e1116a135fcd10c071506f34b99cf79d93b5548199e1376f88b62434

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3 HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://raynerise.com/qn/?e=qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.235.248
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 19:14:36 GMT
last-modified: Thu, 12 May 2022 08:33:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 37078
date: Sat, 19 Nov 2022 19:14:36 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%2Cvietnamese HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://raynerise.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 19 Nov 2022 19:14:35 GMT
date: Sat, 19 Nov 2022 19:14:35 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /qn/?e=qbot.zip HTTP/1.1 
Host: raynerise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

search
                                         162.0.235.248
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://raynerise.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 148_HTTP.404,148_404,148_URL.91839b7975e503615f315df34166f301,148_
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Sat, 19 Nov 2022 19:14:35 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed