| r3.o.lencr.org/ |  23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash30c30d01178fc74ac5266ee64c3ee85b c0c2af8a864c00aa85a8775d55f85ab107150a3b c15644f69fbfeb99074c7e9711dfc9452ee164fa78eb981b6bae4fb7e3585f2a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C15644F69FBFEB99074C7E9711DFC9452EE164FA78EB981B6BAE4FB7E3585F2A"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12162
Expires: Fri, 18 Nov 2022 14:43:28 GMT
Date: Fri, 18 Nov 2022 11:20:46 GMT
Connection: keep-alive
|
|
| ns2.solenica.com/ |  162.241.17.109 | 301 Moved Permanently | 0 B |
IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET / HTTP/1.1
Host: ns2.solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 18 Nov 2022 11:20:46 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Content-Length: 0
X-Redirect-By: WordPress
Location: https://solenica.com/
Cache-Control: max-age=7200
Expires: Fri, 18 Nov 2022 13:20:40 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
X-Server-Cache: true
X-Proxy-Cache: HIT
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash3a38b6dd8a4cc335c026aebf2ed348b6 8a386e0ccb0ca4dc502746c45b2ebc3aa3f83cf8 8b4040a645cec1841a00a22765eb3a74978559daf15c54bd4b41b6b48aab7f95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2338
Expires: Fri, 18 Nov 2022 11:59:44 GMT
Date: Fri, 18 Nov 2022 11:20:46 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashbe1be806b5dca7facbb45a6c3db44652 7ae9380a2f3eca959fe6ff6b3832a17cffd12cf4 1f3338058f8e9cae5c9fdd733c74564312726b01c6efdcd628d851d0c99876b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5792
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 11:20:46 GMT
Last-Modified: Fri, 18 Nov 2022 09:44:14 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 12gEnrbecomvr79DGtV4M1tQcOB3u5auZsDHG/nYzygIavNadErOhk3e43CauEELT4cpQwyqJhmfXiArFO5ozQ==
x-amz-request-id: 2YVGGEW3483BR2Z6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 18 Nov 2022 10:52:51 GMT
age: 1675
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash4d7e4eed097b9c4e5d509419f1cfc85a 290bb3d428a7c6330e2e3d73a952b16f820896c8 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 18 Nov 2022 10:45:03 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2143
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 18 Nov 2022 11:20:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 18 Nov 2022 10:44:49 GMT
cache-control: public,max-age=3600
age: 2158
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashef57d73caef2513ff88df1261c41bcd8 59ec09b8637c102930f19f1db7b553193c0d2ef9 0e72d52e3eb49b3067c645c07e65b8f164d3f4911496506c1ef277dba7f20386
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E72D52E3EB49B3067C645C07E65B8F164D3F4911496506C1EF277DBA7F20386"
Last-Modified: Wed, 16 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21542
Expires: Fri, 18 Nov 2022 17:19:49 GMT
Date: Fri, 18 Nov 2022 11:20:47 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashfe40cc6ea871d80382b6082111393fbe 281f75d0a35dc8ef908bb0500e57abd86bd5388e 6d15422cdf7a6d72d06497188f27af893682314e82ac8a189a0ee2d798cb62d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5900
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 11:20:47 GMT
Last-Modified: Fri, 18 Nov 2022 09:42:27 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashfeaeba711c7421b074e726f89ff34e0b c590c0b76a7a78ab51a4dabcd8f20a1b172b02fb ebe6e312ea7116713547fbd756805843b1c242ad22269158a79305f1819fa990
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 11:20:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| push.services.mozilla.com/ | 52.35.74.102 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.35.74.102:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IX8NmWTTsS0Lv+5IV2/tIA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7T7kdkM/yDvmAMaA3YMDQeIARRw=
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashfeaeba711c7421b074e726f89ff34e0b c590c0b76a7a78ab51a4dabcd8f20a1b172b02fb ebe6e312ea7116713547fbd756805843b1c242ad22269158a79305f1819fa990
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 11:20:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| solenica.com/wp-includes/css/classic-themes.min.css?ver=1 | 162.241.17.109 | 200 OK | 189 B |
URL HTTP/2solenica.com/wp-includes/css/classic-themes.min.css?ver=1 IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
Hash5a18e16eb01cbaa862eb32e6b77bedb2 3abf9b913cc9f558f02cba7c9b822f8d1812cb96 d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 04:45:09 GMT
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=604800
expires: Sat, 19 Nov 2022 11:20:47 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
pragma: public
content-length: 189
content-type: text/css
date: Fri, 18 Nov 2022 11:20:47 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| solenica.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1 | 162.241.17.109 | 200 OK | 1.3 kB |
URL HTTP/2solenica.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1 IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeASCII text, with very long lines (4186), with no line terminators Hash91bab39b98d7e5c1632717b9ebe349e4 e639a447d06fc7827be5b5b35d603ff16b5f7bb1 47ff151faeb23a5654f6ec58b404e51193f6714849a69de241c2ee79662f74c6
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1 HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Nov 2019 22:59:14 GMT
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=604800
expires: Sat, 19 Nov 2022 11:20:47 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
pragma: public
content-length: 1298
content-type: text/css
date: Fri, 18 Nov 2022 11:20:47 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| solenica.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 | 162.241.17.109 | 200 OK | 3.2 kB |
URL HTTP/2solenica.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeASCII text, with very long lines (11256), with no line terminators Hash1054d0d53548e8bae51665b11acc6413 2eea6a05fe18db61fff58c431d34a86b3e0b7ade cb8b0f0f3f871d9776da32ee6d9e1af9277a211be61e97a831c7f8c98fbebfae
| Analyzer | Verdict | Alert |
|---|
| mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Dec 2020 11:01:08 GMT
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=604800
expires: Sat, 19 Nov 2022 11:20:47 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
pragma: public
content-length: 3239
content-type: text/css
date: Fri, 18 Nov 2022 11:20:47 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| solenica.com/wp-content/uploads/2017/06/Solenica_logo-1_Teal.png | 162.241.17.109 | 200 OK | 2.8 kB |
URL HTTP/2solenica.com/wp-content/uploads/2017/06/Solenica_logo-1_Teal.png IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
File typePNG image data, 281 x 40, 8-bit/color RGBA, non-interlaced\012- data Hash4f0c219c26c0442b9aad8a5f2cd94461 a21c46ecc7cd8388c53c62c1b6ea4595b3de9ee6 7b00c7c3452f2757bc030b1c2625f5a6b0de59f8dba6edcc55bdcfa2f5f3d2ce
| Analyzer | Verdict | Alert |
|---|
| mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET /wp-content/uploads/2017/06/Solenica_logo-1_Teal.png HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Jul 2017 14:20:19 GMT
accept-ranges: bytes
content-length: 2822
cache-control: public, max-age=604800
expires: Sat, 19 Nov 2022 11:20:48 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
vary: Accept-Encoding
pragma: public
content-type: image/png
date: Fri, 18 Nov 2022 11:20:48 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| solenica.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 | 162.241.17.109 | 409 Conflict | 83 B |
URL HTTP/2solenica.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeHTML document, ASCII text, with no line terminators Hash26267cd8990f15d3bbea71684a6d5995 ac3b38cf3fe0e112bb6aeb7e05226b7133575d93 769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 18 Nov 2022 11:20:47 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
|
|
| solenica.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.9.2 | 162.241.17.109 | 200 OK | 572 B |
URL HTTP/2solenica.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.9.2 IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
Hash163c85c033bf0089450e91dfcae120ee dade9e2c0b826a6e73d0fa3ad2382e8d905e4407 54ba512214b521dfd7696e42b786875789d9be13bb336ebf52a984cf5b19243d
| Analyzer | Verdict | Alert |
|---|
| mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET /wp-content/themes/Divi/core/admin/js/common.js?ver=4.9.2 HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 17 Mar 2021 10:45:00 GMT
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=604800
expires: Sat, 19 Nov 2022 11:20:48 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
pragma: public
content-length: 572
content-type: application/javascript
date: Fri, 18 Nov 2022 11:20:48 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| solenica.com/wp-content/et-cache/285/et-core-unified-285-16678318074276.min.css | 162.241.17.109 | 200 OK | 4.7 kB |
URL HTTP/2solenica.com/wp-content/et-cache/285/et-core-unified-285-16678318074276.min.css IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeASCII text, with very long lines (22423), with no line terminators Hash5c6747fd86c4afd5207125e761a6d4ba a0273e8b08255d1d99fdc65eadb147130ddf9171 f70530b315f0784d0903b2c1f604890ccb493ed091ea6cd39467a7feacd98c14
| Analyzer | Verdict | Alert |
|---|
| mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET /wp-content/et-cache/285/et-core-unified-285-16678318074276.min.css HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Nov 2022 14:36:48 GMT
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=604800
expires: Sat, 19 Nov 2022 11:20:48 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
pragma: public
content-length: 4709
content-type: text/css
date: Fri, 18 Nov 2022 11:20:48 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| solenica.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 | 162.241.17.109 | 200 OK | 4.6 kB |
URL HTTP/2solenica.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeASCII text, with very long lines (11126) Hashacdb97105af28a7066790c6748ae2e1e 65794d2c5a9d04f747faf370bc8bacd330e69e5a dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
| Analyzer | Verdict | Alert |
|---|
| mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Dec 2020 11:01:08 GMT
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=604800
expires: Sat, 19 Nov 2022 11:20:48 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
pragma: public
content-length: 4618
content-type: application/javascript
date: Fri, 18 Nov 2022 11:20:48 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| solenica.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 | 162.241.17.109 | 200 OK | 5.3 kB |
URL HTTP/2solenica.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeASCII text, with very long lines (15660) Hash710f8b142ea44c0682dc2c30f318f065 49144e9b3a76d3d383b1d4359cf7a25e947f4233 708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 24 May 2022 22:58:28 GMT
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=604800
expires: Sat, 19 Nov 2022 11:20:48 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
pragma: public
content-length: 5321
content-type: application/javascript
date: Fri, 18 Nov 2022 11:20:48 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| solenica.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 | 162.241.17.109 | 409 Conflict | 83 B |
URL HTTP/2solenica.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeHTML document, ASCII text, with no line terminators Hash26267cd8990f15d3bbea71684a6d5995 ac3b38cf3fe0e112bb6aeb7e05226b7133575d93 769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 18 Nov 2022 11:20:48 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
|
|
| solenica.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 | 162.241.17.109 | 409 Conflict | 83 B |
URL HTTP/2solenica.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeHTML document, ASCII text, with no line terminators Hash26267cd8990f15d3bbea71684a6d5995 ac3b38cf3fe0e112bb6aeb7e05226b7133575d93 769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
| Analyzer | Verdict | Alert |
|---|
| mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 18 Nov 2022 11:20:48 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
|
|
| solenica.com///wp-content/uploads/2017/06/Solenica_ClippedCaia_Back3quart.png | 162.241.17.109 | 200 OK | 581 kB |
URL HTTP/2solenica.com///wp-content/uploads/2017/06/Solenica_ClippedCaia_Back3quart.png IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
File typePNG image data, 1088 x 1102, 8-bit/color RGBA, non-interlaced\012- data Size581 kB (581184 bytes) Hash5fa94ab7cbbdf24bc83e96b12eb80837 47dc16add5332839d6ec87de5f36662fe5b7d06e 690c52c8fbe14e116af340ffe7a3f65e5a72c8c2126a25c5648b1299d7ffb1c5
| Analyzer | Verdict | Alert |
|---|
| mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET ///wp-content/uploads/2017/06/Solenica_ClippedCaia_Back3quart.png HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Jul 2017 14:20:19 GMT
accept-ranges: bytes
content-length: 581184
cache-control: public, max-age=604800
expires: Sat, 19 Nov 2022 11:20:48 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
vary: Accept-Encoding
pragma: public
content-type: image/png
date: Fri, 18 Nov 2022 11:20:48 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| solenica.com/ | 162.241.17.109 | 200 OK | 17 kB |
IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
Hashc7cbae1569b107fdf77b1d22c0c245bc 85c198d80061120c63d65e5f135f0343e3676ac2 49a19387f80c8ac15df0df4935811101e14e7fea2632010a07b1b3d658e62fe0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET / HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 18 Nov 2022 11:20:47 GMT
server: Apache
content-type: text/html; charset=UTF-8
link: <https://solenica.com/wp-json/>; rel="https://api.w.org/", <https://solenica.com/wp-json/wp/v2/pages/285>; rel="alternate"; type="application/json", <https://solenica.com/>; rel=shortlink
cache-control: max-age=7200
expires: Fri, 18 Nov 2022 12:56:07 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: d3AuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: none
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash71821131fa0825a241bb6f95ad63a26a 4c676dbf861c2fca225bd1b9620237246ddfc724 f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 11:20:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.googleapis.com/css?family=Nunito:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic|Josefin+Slab:100,100italic,300,300italic,regular,italic,600,600italic,700,700italic|Crimson+Text:regular,italic,600,600italic,700,700italic&subset=cyrillic,cyrillic-ext,latin,latin-ext,vietnamese&display=swap | 142.250.74.10 | 200 OK | 1.7 kB |
URL HTTP/2fonts.googleapis.com/css?family=Nunito:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic|Josefin+Slab:100,100italic,300,300italic,regular,italic,600,600italic,700,700italic|Crimson+Text:regular,italic,600,600italic,700,700italic&subset=cyrillic,cyrillic-ext,latin,latin-ext,vietnamese&display=swap IP142.250.74.10:0
Hash279dfa339437cf1898731543db015445 50058d7dd5ef0f95eed85f8c2675f664e2f523bb b74a0ff6629612d6bd689d4578d77235e52f2d1e92b977a8163d43de28816801
GET /css?family=Nunito:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic|Josefin+Slab:100,100italic,300,300italic,regular,italic,600,600italic,700,700italic|Crimson+Text:regular,italic,600,600italic,700,700italic&subset=cyrillic,cyrillic-ext,latin,latin-ext,vietnamese&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 18 Nov 2022 11:20:47 GMT
date: Fri, 18 Nov 2022 11:20:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash71821131fa0825a241bb6f95ad63a26a 4c676dbf861c2fca225bd1b9620237246ddfc724 f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 11:20:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| solenica.com/wp-content/plugins/jetpack/css/jetpack.css?ver=10.9.1 | 162.241.17.109 | 200 OK | 24 kB |
URL HTTP/2solenica.com/wp-content/plugins/jetpack/css/jetpack.css?ver=10.9.1 IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
Hash23c68e705d1dba5bea9695fb0ff2bcf5 47af1f4ac4a40ca1ed314c2de250342e6e2aec00 9f3c4d0449a6a1550ee79881bdffaab2f3deeffa889e4472a72f08ae263a3eed
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=10.9.1 HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 30 May 2022 06:03:22 GMT
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=604800
expires: Sat, 19 Nov 2022 11:20:47 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
pragma: public
content-type: text/css
date: Fri, 18 Nov 2022 11:20:47 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 | 216.58.207.195 | 200 OK | 36 kB |
URL HTTP/2fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data Hashc26b97e7f5bb7a34d190703522d75e16 69d9e5aea0544dbaf9b78c1b65139c03eceece8f 96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://solenica.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 21:11:05 GMT
expires: Tue, 14 Nov 2023 21:11:05 GMT
cache-control: public, max-age=31536000
age: 310183
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/josefinslab/v20/lW-5wjwOK3Ps5GSJlNNkMalnqg6v.woff2 | 216.58.207.195 | 200 OK | 19 kB |
URL HTTP/2fonts.gstatic.com/s/josefinslab/v20/lW-5wjwOK3Ps5GSJlNNkMalnqg6v.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 18756, version 1.0\012- data Hash2418d539cb98fa7283decf2f6cac0071 9bb6df14931fdd480abe579b3d8cbde3975285ac 42e2188226f22170e8c5b32e0591705221b9126610a84f145c8ce589734b07f6
GET /s/josefinslab/v20/lW-5wjwOK3Ps5GSJlNNkMalnqg6v.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://solenica.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 17:40:33 GMT
expires: Fri, 17 Nov 2023 17:40:33 GMT
cache-control: public, max-age=31536000
age: 63615
last-modified: Mon, 11 Jul 2022 20:59:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash71821131fa0825a241bb6f95ad63a26a 4c676dbf861c2fca225bd1b9620237246ddfc724 f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 11:20:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| solenica.com/wp-includes/css/dashicons.min.css?ver=6.1.1 | 162.241.17.109 | 200 OK | 36 kB |
URL HTTP/2solenica.com/wp-includes/css/dashicons.min.css?ver=6.1.1 IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
Hash9f6b9498e88019dcbfe06743a9712a72 387f38c3c9da3e17be34aa864d5ded2c0148e915 f9b7974dff4d33b5f9e5757aff6b3ef35202f44f83710b3b4b369cc44e551789
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET /wp-includes/css/dashicons.min.css?ver=6.1.1 HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 10:57:24 GMT
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=604800
expires: Sat, 19 Nov 2022 11:20:47 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
pragma: public
content-type: text/css
date: Fri, 18 Nov 2022 11:20:47 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf7c5da16d7c4384a4c2454d6b0d84710 69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13293
Expires: Fri, 18 Nov 2022 15:02:21 GMT
Date: Fri, 18 Nov 2022 11:20:48 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf7c5da16d7c4384a4c2454d6b0d84710 69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13293
Expires: Fri, 18 Nov 2022 15:02:21 GMT
Date: Fri, 18 Nov 2022 11:20:48 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf7c5da16d7c4384a4c2454d6b0d84710 69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13293
Expires: Fri, 18 Nov 2022 15:02:21 GMT
Date: Fri, 18 Nov 2022 11:20:48 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf7c5da16d7c4384a4c2454d6b0d84710 69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13293
Expires: Fri, 18 Nov 2022 15:02:21 GMT
Date: Fri, 18 Nov 2022 11:20:48 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashcd5bdc050716bb76afe8090fc81617e7 5109c156b180727767fc03c411190ccc0d3fb5fc 9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZLWa-RphwZqiAmeqffmEE8Mmfsfs9ZYz0bmANBEc5Ru1--VKDL4Fsw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 15:59:54 GMT
age: 69654
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg | 34.120.237.76 | 200 OK | 3.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5d0b6106f00f9fd8b89c2d484a559a1a 399ac393209dcdac7d2188d7aa8d95f04570ef7c 5d8151c9eb558f4a2b8bd2952c6845606ddb0c27e36f6e49aca7e60908cd9fe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3759
x-amzn-requestid: 8c91ac59-89dc-4218-b69f-0cebb29f301b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-wJHgxoAMF-hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab33-4dac305614a92bc52c038222;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mb2-PTjNmt06Wd5jOjQ5WoLY-0NgI80CKPXtwgzBt4n5km8Pu_WN0Q==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:50:49 GMT
age: 48599
etag: "399ac393209dcdac7d2188d7aa8d95f04570ef7c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| solenica.com///wp-content/uploads/2017/06/OliverBW.png | 162.241.17.109 | 200 OK | 229 kB |
URL HTTP/2solenica.com///wp-content/uploads/2017/06/OliverBW.png IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
File typePNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced\012- data Size229 kB (228567 bytes) Hashf9e9239604ee6a8806dc74cdedd239ad ed5cca42b401dd0f7c904724d9890a85ada7ca93 4af94d6681d9257f482f8c1d57b9faba35a65429711aac4b8e5d601e1866b58e
| Analyzer | Verdict | Alert |
|---|
| mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET ///wp-content/uploads/2017/06/OliverBW.png HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Jul 2017 14:20:18 GMT
accept-ranges: bytes
content-length: 228567
cache-control: public, max-age=604800
expires: Sat, 19 Nov 2022 11:20:48 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
vary: Accept-Encoding
pragma: public
content-type: image/png
date: Fri, 18 Nov 2022 11:20:48 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| solenica.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 | 162.241.17.109 | 200 OK | 69 kB |
URL HTTP/2solenica.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
Hash60a76d703b401823a04971ca6b13a7a7 b0c6eb8c31014610220507f1f0ca4f5b67ed9d65 5457c369d1ab2f36c135c1b65e6295d36a2160df05ea67b33b3ab590b9374b72
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Nov 2022 04:44:05 GMT
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=604800
expires: Sat, 19 Nov 2022 11:20:47 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
pragma: public
content-type: text/css
date: Fri, 18 Nov 2022 11:20:47 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ddb38f-d459-45e6-9351-068a5306b3a1.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ddb38f-d459-45e6-9351-068a5306b3a1.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash7d16e5ff718353c095d266b080fe547f fa7c5c9a1d16355859196271f3d13f3850931888 9a94d8eb20cc56d0898b1e2b80c0006ebbef75c15ad94e907050c5be4e19a960
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ddb38f-d459-45e6-9351-068a5306b3a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10349
x-amzn-requestid: fc85e078-a81a-4fed-899e-15249961f59c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-7tHGLIAMF00Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7d-4224d193517794684fcdc0ad;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UK-XD_8EcfPwfLb-QVwfLr8aG-sqVBoUJcbPb5hKAlQS68eOxdgM5g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:03:27 GMT
age: 47841
etag: "fa7c5c9a1d16355859196271f3d13f3850931888"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3a5d24e-84d5-4c9f-9fda-c8fafaeef64c.jpeg | 34.120.237.76 | 200 OK | 9.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3a5d24e-84d5-4c9f-9fda-c8fafaeef64c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6c07ca17dc4187cb964dcf51c7d4c803 3ab61331361e2755fa8339ac3131eceff4f535c1 5f9262f80a49bf673803568d17a290277d1235efbe7462fea0e6f0d5c1edaf5a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3a5d24e-84d5-4c9f-9fda-c8fafaeef64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9345
x-amzn-requestid: 986b938b-2dfa-4777-80c6-819a29b65e3d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw_FsFSsoAMFmEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376abbd-5dc3705f3a14a60d7bd11c35;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:46:37 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: u40g9pH7-OUaPF52MPmWuColzfcBybhSdCFY_YxQLnvfW0GzqMd50Q==
via: 1.1 332ef4544bd8b531e8f11abaa4197c08.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:52:40 GMT
age: 48488
etag: "3ab61331361e2755fa8339ac3131eceff4f535c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg | 34.120.237.76 | 200 OK | 6.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha9d32fa3866dd741de610a61a93ad893 4cb2141b1ef1e5bf19a3b355995dcd8fa36f695e 4492338de536cfae6fb42fd37170c60f4fbc281a2a924efe6d2b5af352cd102c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6344
x-amzn-requestid: cac35b04-be3b-4ae1-bb5e-8cedcd7a7db4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: btqOVFCXIAMFcOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63755728-45c28fa333b748520be29b57;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 21:33:28 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: mhgNSp1_LsVmn00ULm116flMHpnfE6G6JABrJwXH5i4q-isv_W1-Ig==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:34:18 GMT
age: 49590
etag: "4cb2141b1ef1e5bf19a3b355995dcd8fa36f695e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash05289172c1455c4134e496c6f4606efd ce1bb33256b0754f9acc01e7e9f3e5dc85f89244 a8b4411a0310cc376efe2aec7c0830b8d3b63b8827631b0ff43ec092f1f80f82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12065
x-amzn-requestid: 45c97153-71c7-4985-a1ad-fc21a509d153
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-K5FyVIAMFtDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa45-0f9d22dd544a4580570f3089;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dxT2WJB7m5tUhgBn2PwTIN4Zskzm3X7CW-29hl1nCyNPbKt5j6q5iA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:55:27 GMT
age: 48321
etag: "ce1bb33256b0754f9acc01e7e9f3e5dc85f89244"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| solenica.com///wp-content/uploads/2017/06/ClaudiaBW.png | 162.241.17.109 | 200 OK | 246 kB |
URL HTTP/2solenica.com///wp-content/uploads/2017/06/ClaudiaBW.png IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
File typePNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced\012- data Size246 kB (246173 bytes) Hasha9b75caf4866468cb9cbe59fe42b11d4 4be14276701499fc16f5ca4b8f800561546940cd ae3c1c3908e1a1e712153d1c254c6a0dca8f08254d58c636aae7979cc4c3d04f
| Analyzer | Verdict | Alert |
|---|
| mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET ///wp-content/uploads/2017/06/ClaudiaBW.png HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Jul 2017 14:20:17 GMT
accept-ranges: bytes
content-length: 246173
cache-control: public, max-age=604800
expires: Sat, 19 Nov 2022 11:20:48 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
vary: Accept-Encoding
pragma: public
content-type: image/png
date: Fri, 18 Nov 2022 11:20:48 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| solenica.com///wp-content/uploads/2017/06/MaxBW.png | 162.241.17.109 | 200 OK | 312 kB |
URL HTTP/2solenica.com///wp-content/uploads/2017/06/MaxBW.png IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
File typePNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced\012- data Size312 kB (312480 bytes) Hash67298fbbb93a61e7685872b758ae033e af2ec0698cdf69ff906590566dc5a768eb3b496c 2ce3f004110f04b0cdb4b3eb3982124bd102f210a14699d47daff4a5583531b1
| Analyzer | Verdict | Alert |
|---|
| mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET ///wp-content/uploads/2017/06/MaxBW.png HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Jul 2017 14:20:18 GMT
accept-ranges: bytes
content-length: 312480
cache-control: public, max-age=604800
expires: Sat, 19 Nov 2022 11:20:48 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
vary: Accept-Encoding
pragma: public
content-type: image/png
date: Fri, 18 Nov 2022 11:20:48 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| solenica.com///wp-content/uploads/2017/06/Solenica_Slider1Reverse_2880x1008-3-e1498060605503.jpg | 162.241.17.109 | 200 OK | 72 kB |
URL HTTP/2solenica.com///wp-content/uploads/2017/06/Solenica_Slider1Reverse_2880x1008-3-e1498060605503.jpg IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1080x378, components 3\012- data Hashef91c5ee3d2571edf26d0f1666027b81 dd1aae35ac5123fcd561031ff8805ecc0856292d 51eee7c8dc29466e7a19c9465734225ba7438ab920d158849a8e927de5d02176
| Analyzer | Verdict | Alert |
|---|
| mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET ///wp-content/uploads/2017/06/Solenica_Slider1Reverse_2880x1008-3-e1498060605503.jpg HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/wp-content/et-cache/285/et-core-unified-285-16678318074276.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Jul 2017 14:20:19 GMT
accept-ranges: bytes
content-length: 71955
cache-control: public, max-age=604800
expires: Sat, 19 Nov 2022 11:20:48 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
vary: Accept-Encoding
pragma: public
content-type: image/jpeg
date: Fri, 18 Nov 2022 11:20:48 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| solenica.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 | 162.241.17.109 | 409 Conflict | 83 B |
URL HTTP/2solenica.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeHTML document, ASCII text, with no line terminators Hash26267cd8990f15d3bbea71684a6d5995 ac3b38cf3fe0e112bb6aeb7e05226b7133575d93 769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
| Analyzer | Verdict | Alert |
|---|
| mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 18 Nov 2022 11:20:48 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
|
|
| solenica.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 | 162.241.17.109 | 409 Conflict | 83 B |
URL HTTP/2solenica.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeHTML document, ASCII text, with no line terminators Hash26267cd8990f15d3bbea71684a6d5995 ac3b38cf3fe0e112bb6aeb7e05226b7133575d93 769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 18 Nov 2022 11:20:49 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
|
|
| pixel.wp.com/g.gif?v=ext&j=1%3A10.9.1&blog=207454874&post=285&tz=1&srv=solenica.com&host=solenica.com&ref=&fcp=2311&rand=0.7737808779740426 | 192.0.76.3 | 200 OK | 50 B |
URL HTTP/2pixel.wp.com/g.gif?v=ext&j=1%3A10.9.1&blog=207454874&post=285&tz=1&srv=solenica.com&host=solenica.com&ref=&fcp=2311&rand=0.7737808779740426 IP192.0.76.3:0
File typeGIF image data, version 89a, 6 x 5\012- data Hashe4d673a55c5656f19ef81563fb10884c 1f2d8ed221d39329251ad3a6ff1edb20b7219443 f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A10.9.1&blog=207454874&post=285&tz=1&srv=solenica.com&host=solenica.com&ref=&fcp=2311&rand=0.7737808779740426 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 18 Nov 2022 11:20:49 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashaf11bb94a0e548b9b4d9289dfb071ca0 a5126b377181a1cfa97f2615df8dff43a27cdadf 407405cc365ae725a1279b378736139fa6f29f5ebc32ea53e81f3a734bf78d03
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2468
Cache-Control: max-age=163974
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 11:20:49 GMT
Etag: "63773e73-1d7"
Expires: Sun, 20 Nov 2022 08:53:43 GMT
Last-Modified: Fri, 18 Nov 2022 08:12:35 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash16bbadb18616687351d4047aedc2ab45 979123c7ad6726befbbab2c07b50ecca31aa2d18 de8231c6ee426b7a76ebf574998dec11ce908efc0a745c2182fb7b61c5915e9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 11:20:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google-analytics.com/analytics.js | 142.250.74.174 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.174:0
File typeASCII text, with very long lines (1325) Hash47e6f374ca946fddd5b59871b325736c baa9282efc8785e84d247c3bff518eaa45f101c4 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 18 Nov 2022 10:41:09 GMT
expires: Fri, 18 Nov 2022 12:41:09 GMT
cache-control: public, max-age=7200
age: 2380
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| connect.facebook.net/en_US/fbevents.js |  31.13.72.12 | 200 OK | 27 kB |
URL HTTP/2connect.facebook.net/en_US/fbevents.js IP31.13.72.12:0
File typeASCII text, with very long lines (64348) Hash44ecaa3c2a4929a40141edc4540aaf84 f29a573182333b2500d41bfc389d6c5232dfb348 6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 8yOoKuYAfq73tceSr764wHY6jPhiock+oKj8oRZL3dqY8dvm8MI40thBmQGUmqjGyT0NulF2ymNP3RHglvLcjg==
content-length: 27340
x-fb-trip-id: 1904183273
date: Fri, 18 Nov 2022 11:20:49 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashaf11bb94a0e548b9b4d9289dfb071ca0 a5126b377181a1cfa97f2615df8dff43a27cdadf 407405cc365ae725a1279b378736139fa6f29f5ebc32ea53e81f3a734bf78d03
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2468
Cache-Control: max-age=163974
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 11:20:49 GMT
Etag: "63773e73-1d7"
Expires: Sun, 20 Nov 2022 08:53:43 GMT
Last-Modified: Fri, 18 Nov 2022 08:12:35 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash16bbadb18616687351d4047aedc2ab45 979123c7ad6726befbbab2c07b50ecca31aa2d18 de8231c6ee426b7a76ebf574998dec11ce908efc0a745c2182fb7b61c5915e9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 11:20:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| solenica.com/wp-content/uploads/2017/06/cropped-solenica_Favicon-Teal-32x32.png | 162.241.17.109 | 200 OK | 1.0 kB |
URL HTTP/2solenica.com/wp-content/uploads/2017/06/cropped-solenica_Favicon-Teal-32x32.png IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data Hashb8cc366fdd44ec775659174c78be4643 11e15decb6fff4a339500e3b5f412a101627f77d 464c04925598bc9fad8f7dadd9bb9892490fed974d6a8fe568648901edd3b7df
| Analyzer | Verdict | Alert |
|---|
| mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET /wp-content/uploads/2017/06/cropped-solenica_Favicon-Teal-32x32.png HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Jul 2017 14:20:17 GMT
accept-ranges: bytes
content-length: 1005
cache-control: public, max-age=604800
expires: Sat, 19 Nov 2022 11:20:49 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
vary: Accept-Encoding
pragma: public
content-type: image/png
date: Fri, 18 Nov 2022 11:20:49 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| solenica.com/wp-content/uploads/2017/06/cropped-solenica_Favicon-Teal-192x192.png | 162.241.17.109 | 200 OK | 14 kB |
URL HTTP/2solenica.com/wp-content/uploads/2017/06/cropped-solenica_Favicon-Teal-192x192.png IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data Hashbe527742ed40f86e9da9aac55c024813 7cf7deb5a460032ec7f5632c34c5e0cd62b482b6 0499fd56c3887a601125c834347c2d1591fadcf3c98ff7974729baf09118f8fa
| Analyzer | Verdict | Alert |
|---|
| mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET /wp-content/uploads/2017/06/cropped-solenica_Favicon-Teal-192x192.png HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Jul 2017 14:20:17 GMT
accept-ranges: bytes
content-length: 13804
cache-control: public, max-age=604800
expires: Sat, 19 Nov 2022 11:20:49 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
vary: Accept-Encoding
pragma: public
content-type: image/png
date: Fri, 18 Nov 2022 11:20:49 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash5d0f26aabc1e6822799c7b2a0088c7c8 1fe0c1482425fd80388943a097e4bedd549cba84 2f946e377939664b21778a7453b114262582cca8484d148a16c24ca1710370fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 11:20:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-72958856-1&cid=965596262.1668770448&jid=2146447827&gjid=1127050093&_gid=277973836.1668770448&_u=IEBAAEAAAAAAACAAI~&z=751576186 | 142.250.150.154 | 200 OK | 1 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-72958856-1&cid=965596262.1668770448&jid=2146447827&gjid=1127050093&_gid=277973836.1668770448&_u=IEBAAEAAAAAAACAAI~&z=751576186 IP142.250.150.154:0
File typevery short file (no magic) Hashc4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-72958856-1&cid=965596262.1668770448&jid=2146447827&gjid=1127050093&_gid=277973836.1668770448&_u=IEBAAEAAAAAAACAAI~&z=751576186 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://solenica.com
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://solenica.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 18 Nov 2022 11:20:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash5d0f26aabc1e6822799c7b2a0088c7c8 1fe0c1482425fd80388943a097e4bedd549cba84 2f946e377939664b21778a7453b114262582cca8484d148a16c24ca1710370fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 11:20:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.facebook.com/tr/?id=501312740033643&ev=PageView&dl=https%3A%2F%2Fsolenica.com%2F&rl=&if=false&ts=1668770448445&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668770448444.992111785&it=1668770448008&coo=false&rqm=GET | 31.13.72.36 | 200 OK | 0 B |
URL HTTP/2www.facebook.com/tr/?id=501312740033643&ev=PageView&dl=https%3A%2F%2Fsolenica.com%2F&rl=&if=false&ts=1668770448445&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668770448444.992111785&it=1668770448008&coo=false&rqm=GET IP31.13.72.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=501312740033643&ev=PageView&dl=https%3A%2F%2Fsolenica.com%2F&rl=&if=false&ts=1668770448445&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668770448444.992111785&it=1668770448008&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Nov 2022 11:20:50 GMT
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d9d6315-de31-43b3-8c19-dc3528c7eefe.jpeg | 34.120.237.76 | 200 OK | 5.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d9d6315-de31-43b3-8c19-dc3528c7eefe.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash158a07cdb0174c0cf0c2473cb069a459 46753b0476f8a272a047b07070db272a0fd3b42e 40bacc15755d920085e52af0bc9f6e8eac0379a31765f6ba72cf53546e296a2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d9d6315-de31-43b3-8c19-dc3528c7eefe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5917
x-amzn-requestid: 47ec37aa-10ef-4e35-a76c-301d34e4a102
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw9VaHt9oAMFpIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376a8ef-6eb9776b4df9facd0f19c974;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:34:39 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qReov2_mDTOantzcbI8dBALwKBsq58MGL2yHuJwk0DxNL7um6T_M1g==
via: 1.1 76dcc62b68091cc715d50b5017be77fc.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:55:57 GMT
age: 48298
etag: "46753b0476f8a272a047b07070db272a0fd3b42e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| solenica.com/wp-content/themes/Divi/js/custom.unified.js?ver=4.9.2 | 162.241.17.109 | 200 OK | 0 B |
URL HTTP/2solenica.com/wp-content/themes/Divi/js/custom.unified.js?ver=4.9.2 IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
| Analyzer | Verdict | Alert |
|---|
| mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET /wp-content/themes/Divi/js/custom.unified.js?ver=4.9.2 HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 17 Mar 2021 10:45:00 GMT
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=604800
expires: Sat, 19 Nov 2022 11:20:48 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
pragma: public
content-type: application/javascript
date: Fri, 18 Nov 2022 11:20:48 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Nunito:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic|Josefin+Slab:100,200,300,regular,500,600,700,100italic,200italic,300italic,italic,500italic,600italic,700italic|Crimson+Text:regular,italic,600,600italic,700,700italic&subset=cyrillic,cyrillic-ext,latin,latin-ext,vietnamese&display=swap | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Nunito:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic|Josefin+Slab:100,200,300,regular,500,600,700,100italic,200italic,300italic,italic,500italic,600italic,700italic|Crimson+Text:regular,italic,600,600italic,700,700italic&subset=cyrillic,cyrillic-ext,latin,latin-ext,vietnamese&display=swap IP142.250.74.10:0
GET /css?family=Nunito:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic|Josefin+Slab:100,200,300,regular,500,600,700,100italic,200italic,300italic,italic,500italic,600italic,700italic|Crimson+Text:regular,italic,600,600italic,700,700italic&subset=cyrillic,cyrillic-ext,latin,latin-ext,vietnamese&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 18 Nov 2022 11:20:47 GMT
date: Fri, 18 Nov 2022 11:20:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| solenica.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 | 162.241.17.109 | 200 OK | 0 B |
URL HTTP/2solenica.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 04:45:08 GMT
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=604800
expires: Sat, 19 Nov 2022 11:20:47 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
pragma: public
content-type: application/javascript
date: Fri, 18 Nov 2022 11:20:47 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| solenica.com/wp-content/themes/Divi/style.css?ver=4.9.2 | 162.241.17.109 | 200 OK | 0 B |
URL HTTP/2solenica.com/wp-content/themes/Divi/style.css?ver=4.9.2 IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET /wp-content/themes/Divi/style.css?ver=4.9.2 HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 17 Mar 2021 10:45:00 GMT
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=604800
expires: Sat, 19 Nov 2022 11:20:47 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
pragma: public
content-type: text/css
date: Fri, 18 Nov 2022 11:20:47 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| solenica.com/wp-content/themes/Divi/core/admin/fonts/modules.ttf | 162.241.17.109 | 200 OK | 0 B |
URL HTTP/2solenica.com/wp-content/themes/Divi/core/admin/fonts/modules.ttf IP162.241.17.109:0 ASN#46606 UNIFIEDLAYER-AS-1
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | mnemonic_dns | Sinkholed | | | quad9 | Sinkholed | |
GET /wp-content/themes/Divi/core/admin/fonts/modules.ttf HTTP/1.1
Host: solenica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 11:20:48 GMT
server: Apache
content-type: font/truetype
last-modified: Wed, 17 Mar 2021 10:45:00 GMT
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=604800
expires: Fri, 18 Nov 2022 20:45:24 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
pragma: public
x-server-cache: true
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| stats.wp.com/e-202246.js | 192.0.76.3 | 200 OK | 0 B |
IP192.0.76.3:0
GET /e-202246.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solenica.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 18 Nov 2022 11:20:47 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Sun, 05 Nov 2023 21:02:58 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
|
|
0.0.0.0