r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10628
Expires: Fri, 25 Nov 2022 08:41:46 GMT
Date: Fri, 25 Nov 2022 05:44:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3995
Expires: Fri, 25 Nov 2022 06:51:13 GMT
Date: Fri, 25 Nov 2022 05:44:38 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2906
Cache-Control: max-age=106499
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 05:44:38 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:19:37 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: KPOrUYNjSznP5XH5Tqw0wcPkLKAz2xF5Mv+qbzqAbviO5jOt7Oo07cDtSdSZYnIgTwNgEqiwyKo=
x-amz-request-id: 7SQ3NMH7RG8MDYBB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 05:40:41 GMT
age: 237
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 05:19:03 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1535
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 05:44:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 05:11:11 GMT
cache-control: public,max-age=3600
age: 2007
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
fanic360.com/
198.38.91.55301 Moved Permanently 0 B IP 198.38.91.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 25 Nov 2022 05:44:38 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Redirect-By: WordPress
Set-Cookie: PHPSESSID=44b518f705b2d09661bd9115736d61fe; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://fanic360.com/
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4777
Cache-Control: max-age=103308
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 05:44:38 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:26:26 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.214.236.46101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.236.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BvNU8OpkpVXOmYeMGDgerQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: j3ouPnW8cIWfLIA42F5co7zG0MM=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13454
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 05:44:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13454
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 05:44:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 05:04:28 GMT
age: 2412
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e55f70-58c6-4585-a420-ac74e1b8c6dd.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e55f70-58c6-4585-a420-ac74e1b8c6dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e2580ebded0a32ceecc3083ae1db2b37
2ec124224738807229328a3ade6ca493ccf4b287
010eeda33c923e2166851da1e131dcc21419d1f4f28995617ca93332ce4be08c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e55f70-58c6-4585-a420-ac74e1b8c6dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10679
x-amzn-requestid: aec8d040-d4e6-4185-b71e-7c049617ebc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b4J3VEM5IAMFtcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637989c8-42b520ea3af2a2086ad416ad;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 01:58:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AqpyU32i39pVq4O_-tSo8Bup9eNgoPGBq_lKyeXYUsN1BapLq-xGGg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 06:12:03 GMT
age: 84757
etag: "2ec124224738807229328a3ade6ca493ccf4b287"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b4f6042-6f6f-4572-b535-71b1a4b587e8.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b4f6042-6f6f-4572-b535-71b1a4b587e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 73f65dfa986cf95e8fb459778b945c59
29edd439b6e7894bc4771fc655a50d926f349a08
c6182797d5fce1a086580a338929e851a73ccb75e6432b12969aae6f0952fa27
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b4f6042-6f6f-4572-b535-71b1a4b587e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6049
x-amzn-requestid: 96e5c00c-1565-4e9f-aa5b-6da99785a03b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brsokHSgoAMF_RQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748e36-547f241a67f3703958f2eade;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:16:06 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: ervQ6cnvMZQnKghtBl269cRlf2ypuwuI1VBAzsKov8sbpCQUfei4Gg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:09:15 GMT
age: 5725
etag: "29edd439b6e7894bc4771fc655a50d926f349a08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1abe4f62-70d8-471a-89fc-79dd854e637c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1abe4f62-70d8-471a-89fc-79dd854e637c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e97ba6c4c94a299553238e643a3acc7
9be5a5497a8566ea66e81765ef8566e6b716ab5b
bda1bb57f0198e711c3018417513237b9533cfe2e5856ada5383f7461090f40a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1abe4f62-70d8-471a-89fc-79dd854e637c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10955
x-amzn-requestid: 49acad5a-bb12-4da8-a303-ea2b76b53822
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cF8HPEIdoAMF3tQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f0d61-674576450ade0e1e4bd601fd;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 06:21:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rAHhaTW3Gn6HW5DWXuUMyR68h5DAgKK5qDBiAbhk4VVu4rbSebZEmg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 11:24:38 GMT
age: 66002
etag: "9be5a5497a8566ea66e81765ef8566e6b716ab5b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:23:00 GMT
age: 4900
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6e0ab1-c4cf-40e6-973b-bb3db1a860e8.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6e0ab1-c4cf-40e6-973b-bb3db1a860e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c6b9b5ebc32235ed8f3e15df013963f0
46ee95ebee3d60f64d2b7f568673b13ea27a42a3
4fdf6f239f6931442d93a00acd8af1f5192f77143885945c27e137ef3683338e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6e0ab1-c4cf-40e6-973b-bb3db1a860e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11586
x-amzn-requestid: 30d340e5-328d-4f00-8cd4-3cb6e2b50265
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8JtyEIHoAMFdnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2324-09bb4d434ff852b456537e15;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:05:08 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: TYDelnop2OJO_fQdmSzyZJLYx94FU1GxYpDjWCTp3moRS7qzibvTSA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 548adcda884eed02304ba5d6a1d7f514.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:56:21 GMT
age: 78499
etag: "46ee95ebee3d60f64d2b7f568673b13ea27a42a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fanic360.com/
198.38.91.55200 OK 28 kB IP 198.38.91.55:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047)
Hash 30fbc30b35bf170641794c0087782def
b39eb959d640146f10d5678872f6305ee31c2e00
6f2634154860825542295abaa7cb195b8a18158e1b2fc3833a2b9e99bd145c93
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.33
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://fanic360.com/wp-json/>; rel="https://api.w.org/", <https://fanic360.com/wp-json/wp/v2/pages/1878>; rel="alternate"; type="application/json", <https://fanic360.com/>; rel=shortlink
set-cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1; path=/
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 27863
content-type: text/html; charset=UTF-8
date: Fri, 25 Nov 2022 05:44:39 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 05:44:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 05:44:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fanic360.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
198.38.91.55200 OK 972 B URL HTTP/2 fanic360.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
IP 198.38.91.55:0
Hash 8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 15:59:13 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 972
content-type: text/css
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/accesspress-social-counter/css/fontawesome-all.css?ver=1.9.2
198.38.91.55200 OK 8.5 kB URL HTTP/2 fanic360.com/wp-content/plugins/accesspress-social-counter/css/fontawesome-all.css?ver=1.9.2
IP 198.38.91.55:0
File type ASCII text, with very long lines (317)
Hash 822997cf080d45e20a99bc1046e3e0dd
cdbfdddd5bd7acab8c848d13a8a96d5e149c11ef
0cc8db05b210210c3a2b5b4504bbb6ddbe856c08f8ad1a01c91becd4da4ae98d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/accesspress-social-counter/css/fontawesome-all.css?ver=1.9.2 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 15:59:07 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 8476
content-type: text/css
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
198.38.91.55200 OK 12 kB URL HTTP/2 fanic360.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 198.38.91.55:0
File type ASCII text, with very long lines (43771)
Hash e5548800176e913a9084f47a3e1e04f6
eff4604acc5c26ae82a19188de2f98bf5b79d80c
a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 04 Jul 2022 21:40:38 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 11681
content-type: text/css
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.5.6
198.38.91.55200 OK 856 B URL HTTP/2 fanic360.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.5.6
IP 198.38.91.55:0
File type ASCII text, with very long lines (13766)
Hash 35194664159734c8c702376994827039
26a985c792a50f824b65c9ca4711a9ae1f09d8b9
c9611ef314478b7a639724ca83fb525fe069ccb129106e44beb1fb40dbf3d9f7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.5.6 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 15:59:42 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 856
content-type: text/css
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/accesspress-social-counter/css/frontend.css?ver=1.9.2
198.38.91.55200 OK 2.5 kB URL HTTP/2 fanic360.com/wp-content/plugins/accesspress-social-counter/css/frontend.css?ver=1.9.2
IP 198.38.91.55:0
File type ASCII text, with CRLF line terminators
Hash 681e5d464e39d6614bda9615ee413dd0
0986048b64072ad7a3b22accb49f47777fcd80bb
1b11638edfbab30a4d5a9b5fa048668d26cfe70f0ca903611774ff55945129d3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/accesspress-social-counter/css/frontend.css?ver=1.9.2 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 15:59:07 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2494
content-type: text/css
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 05:44:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fanic360.com/wp-includes/css/dashicons.min.css?ver=6.0.3
198.38.91.55200 OK 36 kB URL HTTP/2 fanic360.com/wp-includes/css/dashicons.min.css?ver=6.0.3
IP 198.38.91.55:0
File type ASCII text, with very long lines (58981)
Hash 00492d322e5572c7abc3e8701b6c52c1
0802ac2c8280ce7c98af881b1d49ec682acbf314
8bc01632cbc3ab834e04141d444ff82b05a4691444d70a9860477710e330b824
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dashicons.min.css?ver=6.0.3 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Mar 2021 07:46:22 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 35730
content-type: text/css
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/elementor/css/post-3206.css?ver=1647879272
198.38.91.55200 OK 322 B URL HTTP/2 fanic360.com/wp-content/uploads/elementor/css/post-3206.css?ver=1647879272
IP 198.38.91.55:0
File type ASCII text, with very long lines (818), with no line terminators
Hash 3615929374d03b9dfb6faf89d8d78e6d
f04b850a2623542ae6b9229b72aee5dd16b67237
ed159b3e1d6973de17b6c92f8e3922899029dfb864cf2cb7979c6f5dbfe0839c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-3206.css?ver=1647879272 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:14:32 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 322
content-type: text/css
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.14.0
198.38.91.55200 OK 3.9 kB URL HTTP/2 fanic360.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.14.0
IP 198.38.91.55:0
File type ASCII text, with very long lines (19004)
Hash 5cfe64b61347ad8699dae0860d2ee68b
956f2647344b9338c71776c9e819595bc97324fb
770d5ab2de6db3cec78dad685927904a7fc84541d7b023717195c811ddb71cf3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.14.0 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:00:04 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3919
content-type: text/css
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.5.4
198.38.91.55200 OK 13 kB URL HTTP/2 fanic360.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.5.4
IP 198.38.91.55:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 74e8a68d1ea74a663933eb87e71c311e
4d855cb61949a6e2b4d4dba31953a470fad0e1a9
912edacbadd12f67da4f55fde2bb4ced705b3d971362f652db59d9f939a3f084
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.5.4 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:00:35 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 12657
content-type: text/css
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.5.6
198.38.91.55200 OK 18 kB URL HTTP/2 fanic360.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.5.6
IP 198.38.91.55:0
File type ASCII text, with very long lines (65497)
Hash 9850f8040d1903325ec8580a3a8d1b36
889122728d8cf39a766815dd57d1a23da65774e1
3f4459660c663b2acbddef6129d758ed83314137acf7a6c958557d09586217cc
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.5.6 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 15:59:45 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 17538
content-type: text/css
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/themes/digiqole-child/style.css?ver=6.0.3
198.38.91.55403 Forbidden 3.8 kB URL HTTP/2 fanic360.com/wp-content/themes/digiqole-child/style.css?ver=6.0.3
IP 198.38.91.55:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3237)
Hash 671d0e9f8d30dd97f7f78d805e992726
6cdca4138d4d17f3a5debc28aa42ad095dc1bac0
19e554a53a49b0065facc991f9bde3675f4cd7010632f3c263520bdee77c3405
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/digiqole-child/style.css?ver=6.0.3 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
accept-ranges: bytes
content-length: 3829
content-type: text/html
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/themes/digiqole/assets/css/icon-font.css?ver=2.0.2
198.38.91.55200 OK 1.2 kB URL HTTP/2 fanic360.com/wp-content/themes/digiqole/assets/css/icon-font.css?ver=2.0.2
IP 198.38.91.55:0
Hash a546d38358a99600731b29b9ab3d8306
3a1ae556ca7ddce6edfffadabb75bb4b1b1dc94d
15f9fa3305da2cbf2255a1161cda26b1cc7ee87b958c6179a0b4dc294d37ef3a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/digiqole/assets/css/icon-font.css?ver=2.0.2 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 30 Sep 2021 13:05:58 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1209
content-type: text/css
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/elementor/css/global.css?ver=1647879273
198.38.91.55200 OK 796 B URL HTTP/2 fanic360.com/wp-content/uploads/elementor/css/global.css?ver=1647879273
IP 198.38.91.55:0
File type ASCII text, with very long lines (5503)
Hash 34fff9baca906be7bc4223235de6426f
9faef31c49b1835d76a2f6cc0f118e814a711a3f
c4e6bbf2354ad7a87eef5e189defe14f5d298b14aa0193eec346ba2bb1165196
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/global.css?ver=1647879273 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:14:33 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 796
content-type: text/css
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.5.4
198.38.91.55200 OK 4.6 kB URL HTTP/2 fanic360.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.5.4
IP 198.38.91.55:0
File type ASCII text, with very long lines (17062), with no line terminators
Hash d378ba8becaeb3b6f3199b4f8e4f7cf9
8c74b56b163b261acf595a206da3100ca65287b4
232df2d4704fef9b47302c1c5c1b67901e6d34f74f9ed36e17aef774894b0450
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.5.4 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:00:27 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4648
content-type: application/javascript
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.5.4
198.38.91.55200 OK 3.2 kB URL HTTP/2 fanic360.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.5.4
IP 198.38.91.55:0
File type ASCII text, with very long lines (30283), with no line terminators
Hash fa8a82a872b3b2398c41c1bb265c5a66
c849c961903a1c55b8225baceeeefb20e1fde379
5b4878e61a75c816221675ce2c5f3aabb360fc6e268a0758f8d2938415d0ead1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.5.4 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:00:27 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3150
content-type: text/css
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/themes/digiqole/assets/css/all.css?ver=2.0.2
198.38.91.55200 OK 7.3 kB URL HTTP/2 fanic360.com/wp-content/themes/digiqole/assets/css/all.css?ver=2.0.2
IP 198.38.91.55:0
Hash 6db51c145492499588b4bf1873cd7eed
8e85ae1b7afe2683f916e946f15d3d905365c352
4e3409340b7645718a0e15fa54351cd8dbe231ba42f4247fbd4ed2f947679950
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/digiqole/assets/css/all.css?ver=2.0.2 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 30 Sep 2021 13:05:58 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7347
content-type: text/css
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/themes/digiqole/assets/js/script.js?ver=2.0.2
198.38.91.55200 OK 4.0 kB URL HTTP/2 fanic360.com/wp-content/themes/digiqole/assets/js/script.js?ver=2.0.2
IP 198.38.91.55:0
Hash a1ff01e960bb67872109f412e012e8b5
caecafa96bea111d449c7b62c9819d31d96cf741
e85a77b245e4dd5a33e09f37385173dd10b92d572f99c62041b69c23b4955c38
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/digiqole/assets/js/script.js?ver=2.0.2 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 30 Sep 2021 13:05:58 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3975
content-type: application/javascript
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/themes/digiqole/assets/images/logo/logo-light.png
198.38.91.55200 OK 8.7 kB URL HTTP/2 fanic360.com/wp-content/themes/digiqole/assets/images/logo/logo-light.png
IP 198.38.91.55:0
File type PNG image data, 441 x 66, 8-bit/color RGBA, non-interlaced\012- data
Hash b4afb59791edb910bdf900ef538a6532
b84c07be46adea12887ae27ecf3dcf6702cf412a
186d13f4c06bf61a465bf0404d9264b8ea68108bac54275ebdc0819c3a1edc7e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/digiqole/assets/images/logo/logo-light.png HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 09:16:23 GMT
accept-ranges: bytes
content-length: 8699
content-type: image/png
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/elementor/css/post-1878.css?ver=1647880151
198.38.91.55200 OK 3.1 kB URL HTTP/2 fanic360.com/wp-content/uploads/elementor/css/post-1878.css?ver=1647880151
IP 198.38.91.55:0
File type ASCII text, with very long lines (15357)
Hash 91e873afa1440ba2932e9fa723a3f073
57f8ccbcb1b389f980f4e89c417172b1a874e6b5
7ccdb6824810ec3d08edbd54edfc9f19871ccdb20abb408f15112b230afe2d17
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-1878.css?ver=1647880151 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:29:11 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3128
content-type: text/css
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.5.4
198.38.91.55200 OK 442 B URL HTTP/2 fanic360.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.5.4
IP 198.38.91.55:0
File type ASCII text, with very long lines (810), with no line terminators
Hash b96c7d958b2c4a3ff7e92608615daeb0
6e95b60a83d06479921cefd745c4dd058842604e
5176a7109dc14142199bbc99ce78c5c6536812d06562b1d300b283bd26849d2f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.5.4 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:00:27 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 442
content-type: application/javascript
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/themes/digiqole/assets/js/fontfaceobserver.js?ver=1
198.38.91.55200 OK 2.2 kB URL HTTP/2 fanic360.com/wp-content/themes/digiqole/assets/js/fontfaceobserver.js?ver=1
IP 198.38.91.55:0
File type Unicode text, UTF-8 text, with very long lines (1031)
Hash 43884ef229f28f4da4e452236865d25a
2b30e27c23e166a70d02280d5ef942f02c90153a
cea619ffb74f118e29edeb23560adc62837dd18b08da6cd1a2c59e6456e977fb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/digiqole/assets/js/fontfaceobserver.js?ver=1 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 30 Sep 2021 13:05:58 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2224
content-type: application/javascript
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
198.38.91.55200 OK 3.3 kB URL HTTP/2 fanic360.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
IP 198.38.91.55:0
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash 4ac0d5ab8d83806d59c4e1f7bf0a855a
81153a2f5e3a21febe9ede53c9f0073da3e14829
605fd4e7f4d3fbb5505bb81e3f72c685b6ef411c27cde2f7bab2787c3d870b10
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 15:59:13 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3286
content-type: application/javascript
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.5.4
198.38.91.55200 OK 40 B URL HTTP/2 fanic360.com/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.5.4
IP 198.38.91.55:0
File type ASCII text, with no line terminators
Hash 94d041d462db321cdb888066586f2068
717d2f9da7fb9f9e2bf2058a8177a0344f8a8647
b8166c5475df6a64ab2456e95f64564164ed697d258e8bfed8cebca40efd6fa5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.5.4 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:00:25 GMT
accept-ranges: bytes
content-length: 40
vary: User-Agent
content-type: application/javascript
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
198.38.91.55200 OK 2.5 kB URL HTTP/2 fanic360.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 198.38.91.55:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 27cbbd0a9d7c5ad9402118c4afc36035
7659d08a005f5ecfa6c779e3cda45c30007fd059
ebc771d0af626966e38535357861fab0090e0bd7ff346cbe3c7ffdde1683809f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2457
content-type: application/javascript
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
198.38.91.55200 OK 3.0 kB URL HTTP/2 fanic360.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 198.38.91.55:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash cfea3c51880820f2962a7773fbc864f9
45aa7ddc9b0c4201097d0df36791ab346470b734
12296ac9ef200103f8eea198a2bcd92692119dacece39538499758a0349035fb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 15:59:59 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2993
content-type: application/javascript
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.5.6
198.38.91.55200 OK 4.6 kB URL HTTP/2 fanic360.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.5.6
IP 198.38.91.55:0
File type ASCII text, with very long lines (14196)
Hash cd1b7417983a82948419aea07e132cf4
4514554980f9a8cc75cf756728dc1dff9428eda2
4d9c09afca287a4bb8494402d7ba0e6b6a3ec441279b48cf7bf39696625f3506
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.5.6 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 15:59:57 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4611
content-type: application/javascript
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.5.6
198.38.91.55200 OK 2.6 kB URL HTTP/2 fanic360.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.5.6
IP 198.38.91.55:0
File type ASCII text, with very long lines (10019)
Hash 0ea81c35141c6a4692506e4fe8d36edb
392c5f96995e66d74c27ed5a42f93169c2f32d18
b7488fd21ad73e483cdcaf42097ea7787ffe0616477e29a537f53f6064e321ab
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.5.6 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 15:59:59 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2592
content-type: text/css
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.5.6
198.38.91.55200 OK 1.1 kB URL HTTP/2 fanic360.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.5.6
IP 198.38.91.55:0
File type ASCII text, with very long lines (2577)
Hash 71a6972e79bfdcc72ffc068e6e845a23
0e37b7f3c6252f6701998fa0e2e1b555b4804a97
dc7dbf2f94f1c49a262b4be428f54349805cfa2841806bc8d691fda13b82e90f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.5.6 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:00:06 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1099
content-type: application/javascript
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.5.6
198.38.91.55200 OK 2.2 kB URL HTTP/2 fanic360.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.5.6
IP 198.38.91.55:0
File type ASCII text, with very long lines (4866)
Hash 750b15864666ff778310a6fbc624fc7b
71179fa535ccd5346549090af58d3673ea1274fb
f71702f5360af697fb1e666b252c7fe98ea656e0b5b297a09593138861ee3022
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.5.6 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 15:59:51 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2166
content-type: application/javascript
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
198.38.91.55200 OK 5.0 kB URL HTTP/2 fanic360.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 198.38.91.55:0
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5009
content-type: application/javascript
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/elementor/css/post-1534.css?ver=1647880297
198.38.91.55200 OK 375 B URL HTTP/2 fanic360.com/wp-content/uploads/elementor/css/post-1534.css?ver=1647880297
IP 198.38.91.55:0
File type ASCII text, with very long lines (1804), with no line terminators
Hash bc6153a40247dd1a17d46d44c130ed14
911037413262831198e764d3167363970dd605b3
6c6ec71fde8c794db6f08b4528b5e8fc97a234d4e30c53f2301dd303110654b8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-1534.css?ver=1647880297 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:31:37 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 375
content-type: text/css
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/themes/digiqole/assets/css/bootstrap.min.css?ver=2.0.2
198.38.91.55200 OK 20 kB URL HTTP/2 fanic360.com/wp-content/themes/digiqole/assets/css/bootstrap.min.css?ver=2.0.2
IP 198.38.91.55:0
File type ASCII text, with very long lines (65325)
Hash d1811b567e915d3da37564caa7aff971
9cee91abb4e67bcf6b5df28b38a3f784ba190d91
7654ba161ffc92ff2a33cc5dd321fe5151f5cde4995c517f51fc8325a28af70e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/digiqole/assets/css/bootstrap.min.css?ver=2.0.2 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 05 Oct 2020 10:26:11 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 20519
content-type: text/css
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
198.38.91.55200 OK 4.2 kB URL HTTP/2 fanic360.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 198.38.91.55:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4169
content-type: application/javascript
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/themes/digiqole/assets/images/logo/logo-dark.png
198.38.91.55200 OK 8.9 kB URL HTTP/2 fanic360.com/wp-content/themes/digiqole/assets/images/logo/logo-dark.png
IP 198.38.91.55:0
File type PNG image data, 478 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 6636f4020e18076530cb6c6becff9bc2
2ab1ba53ec7a366e271204b8a6ba282f389a025c
87441131c6d0132b87030cc74fc9eeb8483bbb2df006b895a1fc38c75df64583
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/digiqole/assets/images/logo/logo-dark.png HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 09:16:23 GMT
accept-ranges: bytes
content-length: 8947
content-type: image/png
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
198.38.91.55200 OK 3.4 kB URL HTTP/2 fanic360.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
IP 198.38.91.55:0
File type ASCII text, with very long lines (10544)
Hash 88f71137b2a89a53df46cdb4deeb4e3d
426e12f0e8712db20afd2c54e77e1384074f3181
591a8b7a859de8af878c56e1ec72384596285f768387e9958f0a0afe53d89428
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 15:59:57 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3446
content-type: application/javascript
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/wp-ultimate-review/assets/public/script/content-page.js?ver=1.4.3
198.38.91.55200 OK 1.3 kB URL HTTP/2 fanic360.com/wp-content/plugins/wp-ultimate-review/assets/public/script/content-page.js?ver=1.4.3
IP 198.38.91.55:0
Hash afe80df349aee4bf0e546b3b43ecd011
7276700ef9357a0f7f5c4534753986a17fc6eabe
10b148d1056bc073d7cef5dd484bde0041268f32b4d651dee5deed6003bb44b2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wp-ultimate-review/assets/public/script/content-page.js?ver=1.4.3 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:00:55 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1269
content-type: application/javascript
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/elementor/css/post-1722.css?ver=1647880297
198.38.91.55200 OK 369 B URL HTTP/2 fanic360.com/wp-content/uploads/elementor/css/post-1722.css?ver=1647880297
IP 198.38.91.55:0
File type ASCII text, with very long lines (1389), with no line terminators
Hash 9ea6f1b1d3032b92b43d78480564371b
c2ab1b1e45654b34abc133c2802907b9c34ad75e
efee48e91d1569a8696cbf08a52554f201ebfdba4c1d36bab2b76494cf732e77
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-1722.css?ver=1647880297 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:31:37 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 369
content-type: text/css
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
198.38.91.55200 OK 6.9 kB URL HTTP/2 fanic360.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 198.38.91.55:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 7e2b78a6e8a9b90385330755ee1cf3e5
684c325f39d45e42ae44a9e42f5e9fe4fb0b909c
43f124dabb4bc663cc1cc8d3161c1e6365cf8445d873ed5d69bbfdb507cf24a9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 09 Apr 2022 05:37:18 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6914
content-type: application/javascript
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/themes/digiqole/assets/js/elementor.js?ver=2.0.2
198.38.91.55200 OK 2.7 kB URL HTTP/2 fanic360.com/wp-content/themes/digiqole/assets/js/elementor.js?ver=2.0.2
IP 198.38.91.55:0
Hash fa041eb26c6428cdb4ad96148c882b7c
7cb50e70b732ccc59724d2df826648006f822799
1d2b5a56aa49eebe66625ac20419bd3914434150f1411529d384847776f9a7c0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/digiqole/assets/js/elementor.js?ver=2.0.2 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 30 Sep 2021 13:05:58 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2721
content-type: application/javascript
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.5.6
198.38.91.55200 OK 11 kB URL HTTP/2 fanic360.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.5.6
IP 198.38.91.55:0
File type ASCII text, with very long lines (36994)
Hash d7ff5fd45fc02288d743cd156dda7579
fd55c40f994bef66af493e2eda26046e6f04efa7
fb58e6c0b5bbed4806b343070c7b1415011b780d5d20973c17552589237e7c8b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.5.6 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 15:59:51 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 10818
content-type: application/javascript
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
198.38.91.55200 OK 7.1 kB URL HTTP/2 fanic360.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 198.38.91.55:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 2f4fcc5a628b379672d76b7e91cbdf07
9d72f2c9cbc1e9b036360acfce8c8ccc8b832b8c
a360f715a418026d2e1acd81c02c83233d0c0b60fdf4ce0b4d33562925d6a0b5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7095
content-type: application/javascript
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/themes/digiqole/assets/js/bootstrap.min.js?ver=2.0.2
198.38.91.55200 OK 13 kB URL HTTP/2 fanic360.com/wp-content/themes/digiqole/assets/js/bootstrap.min.js?ver=2.0.2
IP 198.38.91.55:0
File type ASCII text, with very long lines (48664)
Hash d98cccfb9b89091fe42a0fa94083b07c
0d9a5dd0d65305186508b41ccd0075b2f6880389
9db75ee7822d0f0bea3137e023ed756f6f47922700ebfae6dc8707471380526b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/digiqole/assets/js/bootstrap.min.js?ver=2.0.2 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 09:16:23 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 13105
content-type: application/javascript
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.5.6
198.38.91.55200 OK 13 kB URL HTTP/2 fanic360.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.5.6
IP 198.38.91.55:0
File type ASCII text, with very long lines (43087)
Hash 23c73d78f1e7e1e7c3259995fabf1c38
02a3e510fbb13e641135dce8166629aea10649ef
c6838512e579eb4c2d88a3f90dba695aa460bdf090fa7e46150a03c811f9d667
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.5.6 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 15:59:56 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 13001
content-type: application/javascript
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
198.38.91.55200 OK 31 kB URL HTTP/2 fanic360.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 198.38.91.55:0
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 11 Mar 2021 01:37:24 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 30908
content-type: application/javascript
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
198.38.91.55200 OK 36 kB URL HTTP/2 fanic360.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP 198.38.91.55:0
File type ASCII text, with very long lines (65280)
Hash f2f239cb6e82311cd197aa5888632811
e2376a981fa3bf8e7e36e86b979f3a3ea6443d29
c4ceac2088d1b38f5263c50bdfb2e54ed643186248b3a81c5850214b55336e4d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 15:59:59 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 35491
content-type: application/javascript
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.5.4
198.38.91.55200 OK 44 kB URL HTTP/2 fanic360.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.5.4
IP 198.38.91.55:0
File type ASCII text, with very long lines (45027)
Hash e943369ab21f3e7c722c28e90a8005da
0bf6eb361741e677f0a76e2dbad49f3b2d4c1e41
c87eb53210f4d99d67f99e4c6f79f9e13fe6c8392eddd190feff19776e186afc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.5.4 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:00:28 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 44076
content-type: application/javascript
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/themes/digiqole/assets/js/all.js?ver=1
198.38.91.55200 OK 37 kB URL HTTP/2 fanic360.com/wp-content/themes/digiqole/assets/js/all.js?ver=1
IP 198.38.91.55:0
File type ASCII text, with very long lines (32011)
Hash 182b41ef26c4cc67eb7d9f91e717eebf
6b29f26f6085476c6182b93ec199016276ada21a
e2c05d5bb8fab0dd85901014d914dfa1514cc0cfdd26fcad2c7f78431e50795c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/digiqole/assets/js/all.js?ver=1 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 30 Sep 2021 13:05:58 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 37197
content-type: application/javascript
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/themes/digiqole/assets/css/master.css?ver=2.0.2
198.38.91.55200 OK 48 kB URL HTTP/2 fanic360.com/wp-content/themes/digiqole/assets/css/master.css?ver=2.0.2
IP 198.38.91.55:0
File type Unicode text, UTF-8 text, with very long lines (430)
Hash b33a9dcaa9abb7bfc366c09cc3e49323
c570712b4bcf616962c06125484f6c9d66ab204b
8f09b49d4c783017dd4b6a22748c49c5528cb0cc855a17c2d76f430c4ceeb4d5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/digiqole/assets/css/master.css?ver=2.0.2 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 30 Sep 2021 13:05:58 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 47483
content-type: text/css
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.5.4
198.38.91.55200 OK 50 kB URL HTTP/2 fanic360.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.5.4
IP 198.38.91.55:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash c8f948de08f4fdd324acaf1a7d019822
8e0ca75ac6cfa3c7581b9ca7dd743969a040c83a
d448cde381803bd0cb14351a0f83b6114704f37c072fbefe845e7c03ace2e25b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.5.4 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:00:27 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 50080
content-type: text/css
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 05:44:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 05:44:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fanic360.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 125452
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 05:44:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fanic360.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 123033
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Hash b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fanic360.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:40:23 GMT
expires: Thu, 23 Nov 2023 19:40:23 GMT
cache-control: public, max-age=31536000
age: 122658
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17336, version 1.0\012- data
Hash eec8dbfc49267c4d33cf31b49661bf37
0f49d4563cf9e22e3af6907d0785b9a6facadbf0
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fanic360.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17336
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:48:16 GMT
expires: Thu, 23 Nov 2023 19:48:16 GMT
cache-control: public, max-age=31536000
age: 122185
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 05:44:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fanic360.com/wp-content/uploads/2019/06/travel_2.jpg
198.38.91.55200 OK 44 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/06/travel_2.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 850x560, components 3\012- data
Hash 4ff0360adb6f26d0f2e16478312d7322
8c6be0215f49cdeeaeeeff76595dad7bb0e678ea
b12d40ddeb1d6817723d0bdebe9615e61be7a45d3463558bf588f1ba6c8f70a9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/06/travel_2.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:17 GMT
accept-ranges: bytes
content-length: 44530
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/06/food_6.jpg
198.38.91.55200 OK 55 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/06/food_6.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 850x560, components 3\012- data
Hash 681f9e64c96915ae464baffe4b824760
edbb3377e7aad30c80aa1f0ac8f1b6113b5723df
abd3ccd2fba653260fe80982a21818310feee44f7aba5ad30721897767023086
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/06/food_6.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:16 GMT
accept-ranges: bytes
content-length: 55051
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2022/04/Black-Sherif-1.jpeg
198.38.91.55200 OK 73 kB URL HTTP/2 fanic360.com/wp-content/uploads/2022/04/Black-Sherif-1.jpeg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 692x422, components 3\012- data
Hash 1833dc698b6eaaaa28bf152b92b82c98
b2806d53a59b05909db9a8210eaa3f472e104648
f880721f4089ee99d1b249543b45c04b0a9dbf4f8f867e44df941b5b62ac3b03
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/04/Black-Sherif-1.jpeg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 17 Apr 2022 04:30:56 GMT
accept-ranges: bytes
content-length: 72984
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2
216.58.207.195200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 21144, version 1.0\012- data
Hash 2bc7630144496092dc786ce63109e560
723df3658078cfed03c85e47f15fc439eb4331be
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
GET /s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fanic360.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21144
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 22:37:06 GMT
expires: Wed, 22 Nov 2023 22:37:06 GMT
cache-control: public, max-age=31536000
age: 198456
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/06/sports_4.jpg
198.38.91.55200 OK 86 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/06/sports_4.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 850x560, components 3\012- data
Hash 4e6a8c289ef04e7f13fd64522eb8c247
f567ca920fc035cf5a23fdac61084c8a78036839
854453235f62336272f98e995d9d572ef1c6dbe26d9c61d88c018868686d0b01
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/06/sports_4.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:16 GMT
accept-ranges: bytes
content-length: 85586
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/06/travel_4.jpg
198.38.91.55200 OK 95 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/06/travel_4.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 850x560, components 3\012- data
Hash f173e405a258dc40e7707f09e9cb9762
45a36f690017b9c763ddc116f2e1c8daa5a684a2
f5158c6024ade04251a30989a2ab4243adaace9e04c3566638bce20a38ed7c8d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/06/travel_4.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:17 GMT
accept-ranges: bytes
content-length: 95424
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/06/sports_2.png
198.38.91.55200 OK 91 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/06/sports_2.png
IP 198.38.91.55:0
File type PNG image data, 850 x 560, 8-bit colormap, non-interlaced\012- data
Hash de1009618c867a4563bbae0a017c59c0
9105ad100462b87dbb244c0ae6fa9ffcfd4eabbe
56dbe634a5918ef75bbe10b833ac0672c96c87e02783a26c18719507e6153662
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/06/sports_2.png HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:16 GMT
accept-ranges: bytes
content-length: 91188
content-type: image/png
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/04/health_5.jpg
198.38.91.55200 OK 113 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/04/health_5.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 850x560, components 3\012- data
Size 113 kB (112623 bytes)
Hash 3408378ad7e894d8c414524148fc0ec0
eab9101b063a35d249118b312a2c5b12de106f92
0df63cad3c6301523d00240175f6c4813726b4cedf4c56cd11e1226cb4a4d57a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/04/health_5.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:14 GMT
accept-ranges: bytes
content-length: 112623
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/06/travel_3.jpg
198.38.91.55200 OK 133 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/06/travel_3.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 850x560, components 3\012- data
Size 133 kB (132757 bytes)
Hash 68b483357c3c52d3a706872329632716
68e52e6e0e16b6a1e21a001358ca173144a036a9
a0ce63d96832fdd7194b2e5ca93b3443c7c14a4c55975a80f7c062967dc70d91
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/06/travel_3.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:17 GMT
accept-ranges: bytes
content-length: 132757
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2020/07/sports_3.jpg
198.38.91.55200 OK 110 kB URL HTTP/2 fanic360.com/wp-content/uploads/2020/07/sports_3.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 850x560, components 3\012- data
Size 110 kB (110090 bytes)
Hash d68f3b07a0957acf75f22b5e2bb71e73
9c8cd7f7e93366e9fd5564e76d5f030b3f7a6979
38d533e116eff8e8df68a6bab9a8889a2dbc5d65ba6edcf1d1c36e20357c1f01
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/07/sports_3.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:18 GMT
accept-ranges: bytes
content-length: 110090
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/07/video_1.jpg
198.38.91.55200 OK 196 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/07/video_1.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 850x560, components 3\012- data
Size 196 kB (195917 bytes)
Hash 91966a77cd8ae3ac53d1f36b228c738f
78fc0558ee8a2a90dec5bd49172f1f92730d6258
9ab3021afd6e5bf4926c838888c07d40d8690009ac9e3a310dee202d480ec230
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/07/video_1.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:18 GMT
accept-ranges: bytes
content-length: 195917
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:41 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/themes/digiqole/assets/fonts/iconfont.ttf?5i53bc
198.38.91.55200 OK 16 kB URL HTTP/2 fanic360.com/wp-content/themes/digiqole/assets/fonts/iconfont.ttf?5i53bc
IP 198.38.91.55:0
File type TrueType Font data, 11 tables, 1st "OS/2", 22 names, Macintosh\012- data
Hash e360aefb76047d263822ea6578de91b0
e607196f70cd933f675a15ff5bf36aed2a7017fa
4d81d169d1152a653a1e11058b2b1c42c732ce1697f0a8462ef1b173441cce97
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/digiqole/assets/fonts/iconfont.ttf?5i53bc HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/wp-content/themes/digiqole/assets/css/icon-font.css?ver=2.0.2
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 19 Aug 2021 11:57:40 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 16051
content-type: font/ttf
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/accesspress-social-counter/webfonts/fa-brands-400.woff2
198.38.91.55200 OK 55 kB URL HTTP/2 fanic360.com/wp-content/plugins/accesspress-social-counter/webfonts/fa-brands-400.woff2
IP 198.38.91.55:0
File type Web Open Font Format (Version 2), TrueType, length 55144, version 1.0\012- data
Hash 2ac01f7650b5ab76bfebbc708928929e
8ca7aeb88ef1fefb582f941e9216029328e25f4c
e8562087317b34c4b2ac60e28e272b7b33e37523aacd5f2adba7a4f108e415c6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/accesspress-social-counter/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://fanic360.com/wp-content/plugins/accesspress-social-counter/css/fontawesome-all.css?ver=1.9.2
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 15:59:07 GMT
accept-ranges: bytes
content-length: 55144
vary: Accept-Encoding,User-Agent
content-type: font/woff2
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2020/07/sidebar_banner.png
198.38.91.55200 OK 40 kB URL HTTP/2 fanic360.com/wp-content/uploads/2020/07/sidebar_banner.png
IP 198.38.91.55:0
File type PNG image data, 330 x 306, 8-bit colormap, non-interlaced\012- Minix filesystem, V1, 30 char names, 27066 zones\012- data
Hash 93b37fc2e7d9aa361b3b1087687b9297
fdc1f58c818c18aad444f55326b7570af78b93a6
d9b3fa34979fbae9d9f9653ce31ca7df675eb2746a4148f3c564be77b2d607d5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/07/sidebar_banner.png HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:18 GMT
accept-ranges: bytes
content-length: 39584
content-type: image/png
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2020/07/travel_1.jpg
198.38.91.55200 OK 68 kB URL HTTP/2 fanic360.com/wp-content/uploads/2020/07/travel_1.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 850x560, components 3\012- data
Hash 7ba07dc7930a3c50335211ec0caf17cb
b27cc969b154b906c1a20a194a86e0eeadfda5eb
e04f6941fbc12d3c4c12fc7b3ce7f4e18e8881daea6d7c37d731fb384db086ce
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/07/travel_1.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:18 GMT
accept-ranges: bytes
content-length: 67784
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2022/04/odweanoma.jpg
198.38.91.55200 OK 97 kB URL HTTP/2 fanic360.com/wp-content/uploads/2022/04/odweanoma.jpg
IP 198.38.91.55:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 600x450, components 3\012- data
Hash 17d84a1af654e083df86852cb6b535eb
a2b87446a10f5a7f5dea770325bf007b48839f0c
b7f0ac391d38ba252c24dd202ac45f4e2df0480602ac1ea984d1c969507a4330
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/04/odweanoma.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 17 Apr 2022 04:20:59 GMT
accept-ranges: bytes
content-length: 97360
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/06/fashion_4.jpg
198.38.91.55200 OK 93 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/06/fashion_4.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 850x560, components 3\012- data
Hash 4fac9a961fa4f2111ef18ad5534d2fd7
8298aec8e1461ebdbca8b88344f8de6c187cb196
ca7775ff804c00fce5de22f53d6fee9f072dad503a40555795097a76f56de947
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/06/fashion_4.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:14 GMT
accept-ranges: bytes
content-length: 92868
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/elementskit.woff?y24e1e
198.38.91.55200 OK 443 kB URL HTTP/2 fanic360.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/elementskit.woff?y24e1e
IP 198.38.91.55:0
File type Web Open Font Format, TrueType, length 442864, version 1.0\012- data
Size 443 kB (442864 bytes)
Hash fd4a1534fca171a46ef07ffca631465e
14c7b48fd5e85e3e375f721299da885330e95152
7659fa917839f5a43c0141f18cad5181d379bdb86a5923e15f5167a307107e2f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/elementskit.woff?y24e1e HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://fanic360.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.5.4
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:00:36 GMT
accept-ranges: bytes
content-length: 442864
vary: Accept-Encoding,User-Agent
content-type: font/woff
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/07/tech_2-600x398.jpg
198.38.91.55200 OK 30 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/07/tech_2-600x398.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x398, components 3\012- data
Hash 42df2240c07c6f4bf2eac03344b47050
9dc0df195f7db03cac7556b14594eb983a235580
541e9c4542658dd847ba8db5e418213fab3361791db4bcc5c1206d01973259d3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/07/tech_2-600x398.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:14:04 GMT
accept-ranges: bytes
content-length: 30192
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/07/tech_1-600x398.jpg
198.38.91.55200 OK 36 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/07/tech_1-600x398.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x398, components 3\012- data
Hash b866d161f9ddd2767fd46fe42233ef4f
e23de67ceca66c94bf5942d39187195ab547f8e0
cfad05f50655d2ef11251a0ba8226f6230362adab934cd0886ad91e1ec5ad9e3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/07/tech_1-600x398.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:14:04 GMT
accept-ranges: bytes
content-length: 36113
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/06/health_2-600x398.jpg
198.38.91.55200 OK 55 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/06/health_2-600x398.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x398, components 3\012- data
Hash c5638aa5c3c08a3faa679e77b0978884
990d7009a018051ef0f13dd0bb7732b9c8102bc8
6d802c4aa09db66e457b943c9bff4ce8ce381f64c2caaf0bf36cb6cc539e46ec
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/06/health_2-600x398.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:49 GMT
accept-ranges: bytes
content-length: 55040
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/07/sports_1-600x398.jpg
198.38.91.55200 OK 72 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/07/sports_1-600x398.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x398, components 3\012- data
Hash 40c526cbee1e32697bbde9ef088c3150
98382f000b1edcf472bf6debc8799b2461ae77ec
ba6c83441ac00a5f0f8892c2d712b6c2e5cdb73eb7ad3a65c4c28cda0e8f0206
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/07/sports_1-600x398.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:55 GMT
accept-ranges: bytes
content-length: 71711
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/06/fashion_3-600x398.jpg
198.38.91.55200 OK 72 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/06/fashion_3-600x398.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x398, components 3\012- data
Hash 675e7e8c3d7f7dd5241ff79b45f24213
42a10b7ce7739db64ba0f49e76e2f8473f285cfc
e6e29e204d2a5f4b7e4f193812b266bc8eb0622df2106b5174f627ef3a951e0b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/06/fashion_3-600x398.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:38 GMT
accept-ranges: bytes
content-length: 71870
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/06/fashion_5.jpg
198.38.91.55200 OK 67 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/06/fashion_5.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 850x560, components 3\012- data
Hash 3a207383719efcb5769258a2ea6d2107
334ff2479107abd3c37cb64e279ed93f6fe4898a
e65b783b16f6dbc7443bee62be64aa8ad742ef7778f6f87d19fddbb73f57365d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/06/fashion_5.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:14 GMT
accept-ranges: bytes
content-length: 67031
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/06/fashion_3.jpg
198.38.91.55200 OK 104 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/06/fashion_3.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 850x560, components 3\012- data
Size 104 kB (104348 bytes)
Hash fceef61944cdcde5e86d80c455022906
2547ea63594fac91c253e833f4efed1605926d65
17e314e69c20b62c4435b995fbbed77d167ef225d603354dadc2ed3fd9d9311e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/06/fashion_3.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:14 GMT
accept-ranges: bytes
content-length: 104348
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2020/07/sports_3-600x398.jpg
198.38.91.55200 OK 52 kB URL HTTP/2 fanic360.com/wp-content/uploads/2020/07/sports_3-600x398.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x398, components 3\012- data
Hash e77bb5ef9e9c6f91bb33a1338d59da22
98a90fbc90dd3c6558ac89102dc61d0d886147e9
0586e4157212288f1cf99426d510020ff4459dba6c1d0044b0475fd494e0d42e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/07/sports_3-600x398.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:14:25 GMT
accept-ranges: bytes
content-length: 51494
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/06/tech_3-600x398.jpg
198.38.91.55200 OK 32 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/06/tech_3-600x398.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x398, components 3\012- data
Hash 0bd4526c19b729157e18c30981ebd4ed
a818a6678bae6a53865649b4c5fae026aec981e8
f96ee22a6fbe1479260657508178440ea4c6deef8630fea57e8aa46654872602
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/06/tech_3-600x398.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:14:05 GMT
accept-ranges: bytes
content-length: 32413
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/06/travel_5-600x398.jpg
198.38.91.55200 OK 41 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/06/travel_5-600x398.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x398, components 3\012- data
Hash 1b9edf49e995dc9b170fb8c6ade07b4e
ad242a9c82b4416ce86c1d82312cae834c49a90f
d8449de0a8040ad85ca0f9735a915f3fbeb50b2eb30240d4c2e676df609183e8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/06/travel_5-600x398.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:14:10 GMT
accept-ranges: bytes
content-length: 41441
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2022/04/Black-Sherif-1-600x398.jpeg
198.38.91.55200 OK 28 kB URL HTTP/2 fanic360.com/wp-content/uploads/2022/04/Black-Sherif-1-600x398.jpeg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 600x398, components 3\012- data
Hash 4a2d40e6beca45c1f6ca51e275c64a4c
2ae333a29d7fcd5173048d58f66ed28ef42495f9
c42f8032cede3ea9b62799ad065ee25e473dea84c79a33b5bcc909a1d402eebc
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/04/Black-Sherif-1-600x398.jpeg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 17 Apr 2022 04:30:56 GMT
accept-ranges: bytes
content-length: 28415
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/06/food_6-600x398.jpg
198.38.91.55200 OK 42 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/06/food_6-600x398.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x398, components 3\012- data
Hash 9f61b1bfd5e9ec82e6290df8d6306418
53274756aefa511c7cf2352aae71ed0a228ad5fe
4430dc5b2f923328995a05c719fab949791aa254fa52a161c1298bdfe730dd94
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/06/food_6-600x398.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:48 GMT
accept-ranges: bytes
content-length: 42288
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/06/tech_5-600x398.jpg
198.38.91.55200 OK 34 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/06/tech_5-600x398.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x398, components 3\012- data
Hash 8410bfdd4c81ea499e33b7f3f2c5aba5
43b915342b8e234ce53580d9691867874d0e354c
e6938bc0100b754bd627261394bfcaea2325010e729d8d7cb88d9ed8cf7208d8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/06/tech_5-600x398.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:14:06 GMT
accept-ranges: bytes
content-length: 34541
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/07/tech_2.jpg
198.38.91.55200 OK 43 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/07/tech_2.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 850x560, components 3\012- data
Hash 409e11c816695a8cb9143e5b19904866
8424898e8efaf93506483f4b48c7c4e29f12e61d
8df006ffe5cf9cd00bbfb4b43bef36ba32023a5f307103e49b9178fe632966de
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/07/tech_2.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:17 GMT
accept-ranges: bytes
content-length: 42568
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/06/tech_3.jpg
198.38.91.55200 OK 56 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/06/tech_3.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 850x560, components 3\012- data
Hash bf0bf2bd4d27424bd5d3c4936974b033
cfbbd48f30a07ad9158cd40530427fc925c5bc95
ed06a28cb507d9e23e7ea2ebebb03f6f4ba43fa42cefbd5247f14bfdeffb2e9a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/06/tech_3.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:16 GMT
accept-ranges: bytes
content-length: 56125
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2022/04/odweanoma-600x398.jpg
198.38.91.55200 OK 57 kB URL HTTP/2 fanic360.com/wp-content/uploads/2022/04/odweanoma-600x398.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 600x398, components 3\012- data
Hash b9055f0b46d7c8972c572508dcafc4be
36f6999006e87a5366265505d24198464680f24a
0ad1698dd73d7cba378f37b153b1f0218b6b8874024407e7d45662a9e2acb1cf
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/04/odweanoma-600x398.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 17 Apr 2022 04:20:59 GMT
accept-ranges: bytes
content-length: 56743
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/06/travel_5.jpg
198.38.91.55200 OK 61 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/06/travel_5.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 850x560, components 3\012- data
Hash 300f3d9e9c7f193f464f07aa0b661df4
09df28bbb40ea3d8734efd83a408a406cf5b5928
4d092a7be2f8061b9d6822fa9cfb0b0e4562c760225650ed49a0e03c8b7c271e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/06/travel_5.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:17 GMT
accept-ranges: bytes
content-length: 60752
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/06/fashion_6.jpg
198.38.91.55200 OK 114 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/06/fashion_6.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 850x560, components 3\012- data
Size 114 kB (114203 bytes)
Hash de3ba18536de5d3484c3ce9fd88c022d
84ad0f2f8b617ec246662a589dac2749fef69d07
7ce73823717e1df8f14cab164dc0de782f7d887036a406b703c10a25e1625d0b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/06/fashion_6.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:14 GMT
accept-ranges: bytes
content-length: 114203
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/07/sports_1.jpg
198.38.91.55200 OK 121 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/07/sports_1.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 850x560, components 3\012- data
Size 121 kB (121355 bytes)
Hash 96e8654a7421bbb106f386caef50d647
06ad9d9999ed0a6d8f619bbc9ff7b8e4843ccc04
a071e098c6fb20143e712cfd5b392ef4d6b0a59628af82a89489e4eff8150504
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/07/sports_1.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:17 GMT
accept-ranges: bytes
content-length: 121355
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/07/tech_1.jpg
198.38.91.55200 OK 181 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/07/tech_1.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 850x560, components 3\012- data
Size 181 kB (181045 bytes)
Hash 66a815b118499fd821e9bdb9b7aab515
e923ce9149eb2bfe4f069ea1eb71e10049949da4
15b1c72fd822c9c07ca6ecc7a7d923098224f90cd6085d848d03c18904a1cf7f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/07/tech_1.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:17 GMT
accept-ranges: bytes
content-length: 181045
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/06/tech_4.jpg
198.38.91.55200 OK 320 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/06/tech_4.jpg
IP 198.38.91.55:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 850x560, components 3\012- data
Size 320 kB (320335 bytes)
Hash 81a9cce5941437c803367428077fbe91
85ff046f9fb86caa3e290b4f9c97e318d97c2576
39161240469ebc1b5a79452d1a6971efbcbce3937dba901ab1ad30d5f775d4ca
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/06/tech_4.jpg HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:17 GMT
accept-ranges: bytes
content-length: 320335
content-type: image/jpeg
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/uploads/2019/06/fashion_7-600x398.png
198.38.91.55200 OK 415 kB URL HTTP/2 fanic360.com/wp-content/uploads/2019/06/fashion_7-600x398.png
IP 198.38.91.55:0
File type PNG image data, 600 x 398, 8-bit/color RGBA, non-interlaced\012- data
Size 415 kB (415141 bytes)
Hash 6cb727b16169fbbb23eb5047f4cb1d8b
3e6f2a9b000cb7b41ac64597944157ac9aba50ab
d68aa2bd9cafffb55f089f6cc52c65c6bf9b607314c7e2a37e14d93441eeafeb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/06/fashion_7-600x398.png HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 16:13:39 GMT
accept-ranges: bytes
content-length: 415141
content-type: image/png
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-content/plugins/accesspress-social-counter/fonts/MyriadPro-Regular.otf
198.38.91.55200 OK 63 kB URL HTTP/2 fanic360.com/wp-content/plugins/accesspress-social-counter/fonts/MyriadPro-Regular.otf
IP 198.38.91.55:0
File type OpenType font data\012- data
Hash df1ba136e190b5cd13c9a862a89d9ce0
19f3f212a50ec896df6bd7ee78305ff1fa784edd
9c3e0080ea1f3dbe664245333f7acb403383ab64756eae0727783e76660b46bf
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/accesspress-social-counter/fonts/MyriadPro-Regular.otf HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/wp-content/plugins/accesspress-social-counter/css/frontend.css?ver=1.9.2
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Mar 2022 15:59:09 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-type: font/otf
date: Fri, 25 Nov 2022 05:44:42 GMT
server: Apache
X-Firefox-Spdy: h2
fanic360.com/wp-includes/images/w-logo-blue-white-bg.png
198.38.91.55200 OK 4.1 kB URL HTTP/2 fanic360.com/wp-includes/images/w-logo-blue-white-bg.png
IP 198.38.91.55:0
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: fanic360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fanic360.com/
Connection: keep-alive
Cookie: PHPSESSID=75fe36dea63cb27dfb6a26fb7def5cc1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Nov 2021 10:34:02 GMT
accept-ranges: bytes
content-length: 4119
content-type: image/png
date: Fri, 25 Nov 2022 05:44:43 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg
34.120.237.76200 OK 2.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 66d06d3cac1784e4ce6c8c89c300f10a
41ef94d198bbf98185eb332a3b6934c3c26c3afc
55312d1b43447e4f77d8e9e52451bb63a9868ba8122c9e16e0a20479d34367e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 2351
x-amzn-requestid: 1e3e6b14-8f46-4b62-a3d1-f5dbe5d5f94f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGupUE_VIAMFa3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f5e3b-573fabc44ce59c2f4c24a32d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 12:06:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XEUrOPYr2rn89eMIJORVFnpqJfxqfjBadcbplZKzqLjDkzHV8NEbHg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 18:51:30 GMT
age: 39197
etag: "41ef94d198bbf98185eb332a3b6934c3c26c3afc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A%2C400%2C700%2C900%7CBarlow%3A%2C400%2C700%2C900&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A%2C400%2C700%2C900%7CBarlow%3A%2C400%2C700%2C900&display=swap
IP 142.250.74.10:0
GET /css?family=Roboto%3A%2C400%2C700%2C900%7CBarlow%3A%2C400%2C700%2C900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 05:44:41 GMT
date: Fri, 25 Nov 2022 05:44:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3
IP 142.250.74.10:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanic360.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 05:44:41 GMT
date: Fri, 25 Nov 2022 05:44:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2