r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3008
Expires: Thu, 24 Nov 2022 14:48:10 GMT
Date: Thu, 24 Nov 2022 13:58:02 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1623
Cache-Control: max-age=162012
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:58:02 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 10:58:14 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2378
Expires: Thu, 24 Nov 2022 14:37:40 GMT
Date: Thu, 24 Nov 2022 13:58:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 13:18:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2344
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: IYoWZZTOUChqsU59mqKI9YNC3Jl+AU1opjbUJW26beTc1pk5RYwkAjlLXQ7w+Ndm8Wy3WWiiIyk=
x-amz-request-id: MSCJ1W6TR2V9M481
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 13:43:25 GMT
age: 877
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 13:58:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 13:08:53 GMT
cache-control: public,max-age=3600
age: 2949
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
flipd.in/
111.118.215.51301 Moved Permanently 0 B IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 24 Nov 2022 13:57:49 GMT
Server: nginx/1.17.6
Content-Type: text/html; charset=UTF-8
Content-Length: 0
X-Redirect-By: WordPress
Location: https://flipd.in/
Cache-Control: max-age=7200
Expires: Thu, 24 Nov 2022 14:27:04 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
X-Server-Cache: true
X-Proxy-Cache: HIT
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2359
Cache-Control: max-age=157686
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:58:02 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 09:46:08 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.162.142.194101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.142.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9rOn4unxVixGkE9IOPUF0w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yetDXFrCCQPj47eW0uI2fTaFOTU=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6d63cffea36508d93015291acf4c68d1
1eafdb42c0e01770e6940f900128bb905d79d7e9
5ef513e11c850fb20ad4e185bdd71d8fac96759b49fd7c3cde08cb3fd53e8b44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EF513E11C850FB20AD4E185BDD71D8FAC96759B49FD7C3CDE08CB3FD53E8B44"
Last-Modified: Thu, 24 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 24 Nov 2022 19:58:03 GMT
Date: Thu, 24 Nov 2022 13:58:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17729
Expires: Thu, 24 Nov 2022 18:53:33 GMT
Date: Thu, 24 Nov 2022 13:58:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17729
Expires: Thu, 24 Nov 2022 18:53:33 GMT
Date: Thu, 24 Nov 2022 13:58:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17729
Expires: Thu, 24 Nov 2022 18:53:33 GMT
Date: Thu, 24 Nov 2022 13:58:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YJuHCuUgkLuFFiQUlrPWgv9grHznufMTU08hi4ZMpQTBmou6BGWrhQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:52 GMT
age: 58212
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 32016
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:08:16 GMT
age: 56988
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:10:24 GMT
age: 24460
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64d79191f005c9876b952c5f948aa0f7
1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DYBcunpyI0FBJsJGh1kKpFI3X8kzCkO3mCxzUtWnaMKBT-Bv-zkq3Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:59:18 GMT
age: 57526
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F707b8d34-3bd2-4793-9e17-c60d0b285f84.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F707b8d34-3bd2-4793-9e17-c60d0b285f84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dc118bae963b381ce5450890130ecf15
9355a16a81b11e024dd2c5c0024aba1121fff925
cb5bc2cc49e05c133434eeb725690b3e32a0d3c6b75074582f941eee3bf7e1c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F707b8d34-3bd2-4793-9e17-c60d0b285f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9828
x-amzn-requestid: bf2f8429-416d-40d4-a237-7593ee26c27a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEv0KHywIAMFvtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e934d-349e1dcc595b1be906a83577;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bQcpPUgu6eN6PQeLMGWwBlf01iHj77_aXHjKmh8SH7HsWlUX6kipDg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:15:49 GMT
age: 56535
etag: "9355a16a81b11e024dd2c5c0024aba1121fff925"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:58:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:58:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:58:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:58:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
flipd.in/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.1
111.118.215.51200 OK 4.5 kB URL HTTP/2 flipd.in/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (21597)
Hash 7f01d3c2dd8fdc231241f6a3b10def8c
76646b14e9ce97d384b9adb20c622f09c7ecd140
999c4a983cd4b5a1a7652aa436630a18c1a6dbf91de090c903ab507b07df536a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.1 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 03:30:39 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 24 Dec 2022 13:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4487
content-type: text/css
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-includes/css/classic-themes.min.css?ver=1
111.118.215.51200 OK 189 B URL HTTP/2 flipd.in/wp-includes/css/classic-themes.min.css?ver=1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 02:26:38 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 24 Dec 2022 13:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 189
content-type: text/css
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5
111.118.215.51200 OK 3.0 kB URL HTTP/2 flipd.in/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (10435), with no line terminators
Hash a6099ee677b6d930b6b878cf0cb08422
a2eb69454196d4250d624d25aaec587e97686642
755acd6dc98e63baff6d8b105b1bcaf63b79f935381fb3f32a79dace7faae0ac
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 01:39:47 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 24 Dec 2022 13:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2985
content-type: text/css
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/elementor/css/global.css?ver=1648008091
111.118.215.51200 OK 1.1 kB URL HTTP/2 flipd.in/wp-content/uploads/elementor/css/global.css?ver=1648008091
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (6697)
Hash 7925a5df5ac6e4c7abb8d166d2d59e79
5a01c01c75e565a3248d9736b1dbf3d8e538034c
22d0e4d10ed3b16e146e95047de05f9033bdd9c8b646ee9ff3fb7b60ceb6035c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/global.css?ver=1648008091 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Mar 2022 04:01:31 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 24 Dec 2022 13:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1122
content-type: text/css
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
111.118.215.51200 OK 4.0 kB URL HTTP/2 flipd.in/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (19233)
Hash 2701214b028ad24fa347df8335b36d12
156bc8a7ad2657f00881890637f07c6052636499
9a6e62615ceeec7a9763e4f9614e4715d04fd87873b23db2b3ead06c996cad27
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 14:04:50 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 24 Dec 2022 13:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4008
content-type: text/css
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/themes/azen/assets/css/material-design-iconic-font.min.css?ver=1.0.7
111.118.215.51200 OK 13 kB URL HTTP/2 flipd.in/wp-content/themes/azen/assets/css/material-design-iconic-font.min.css?ver=1.0.7
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65536), with no line terminators
Hash 62ae265dac0ef9c47ae112b683582857
571152aaa673a33099e913b3dee7047184971dc7
b14cade07a32928df81c6c161a5ed442412b3ce731bcb2a0332dd8ec14dcd583
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/azen/assets/css/material-design-iconic-font.min.css?ver=1.0.7 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Feb 2022 13:52:24 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 24 Dec 2022 13:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 12911
content-type: text/css
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/elementor/css/post-19.css?ver=1648008041
111.118.215.51200 OK 356 B URL HTTP/2 flipd.in/wp-content/uploads/elementor/css/post-19.css?ver=1648008041
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1118), with no line terminators
Hash 9579d58a2f9e4a2ea26a23dd1b05f30f
498c22d7f640fc1038b49192703aa391fd9e8a79
9d0a5d698e2c4a6508ee122a3f58482727753908a776affbe96a0901f9e6ae1b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-19.css?ver=1648008041 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Mar 2022 04:00:41 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 24 Dec 2022 13:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 356
content-type: text/css
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/
111.118.215.51200 OK 56 kB IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9381)
Hash 87230d7dbed61d56a558664c66631f6b
c935a95df055e39e8a8e3c869b3260427c2a53a5
595f1b22098b8cd883944eb279a9079636bb25d32d538eb1db5b5a6a4795a430
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 24 Nov 2022 13:58:05 GMT
server: Apache
content-type: text/html; charset=UTF-8
link: <https://flipd.in/wp-json/>; rel="https://api.w.org/", <https://flipd.in/wp-json/wp/v2/pages/1191>; rel="alternate"; type="application/json", <https://flipd.in/>; rel=shortlink
cache-control: max-age=7200
expires: Thu, 24 Nov 2022 15:58:05 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: true
x-proxy-cache: EXPIRED
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/physc-builder/assets/libs/countdown/jquery.plugin.min.js?ver=1.0.1
111.118.215.51200 OK 1.4 kB URL HTTP/2 flipd.in/wp-content/plugins/physc-builder/assets/libs/countdown/jquery.plugin.min.js?ver=1.0.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 (with BOM) text, with very long lines (2986)
Hash 5554cb5473ed8112237a9d68d295f8f5
424876a9d5bda339b489f1db460ad6e3d9e21caa
bd20df48800794e66275d9e6129d80669bdd7b99655a8ec155cf359f76487cb4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/physc-builder/assets/libs/countdown/jquery.plugin.min.js?ver=1.0.1 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Feb 2022 14:15:10 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1414
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
111.118.215.51200 OK 7.1 kB URL HTTP/2 flipd.in/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (30837)
Hash 09b8b6cbc1b0486aa66786792e8c6984
73a077a16ce58b6b5c7169a61989f7421a913936
a8e462cb54773ddf7cd4fdc03715c0cd12a537c633c026635d5810b621246db6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 14:04:50 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 24 Dec 2022 13:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 7112
content-type: text/css
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/physc-builder/assets/libs/owl/OwlCarousel2Thumbs.min.js?ver=2.3.4
111.118.215.51200 OK 1.0 kB URL HTTP/2 flipd.in/wp-content/plugins/physc-builder/assets/libs/owl/OwlCarousel2Thumbs.min.js?ver=2.3.4
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2605)
Hash f47e3a7618a7d56572b2aa9ef0c26530
688144bb459871f5c7e1cf6d8f98b184b90a27ad
c6fd23dcda6fb34fa71df3790e6f154e28fe7a8b2bdd30b5521d06e101373531
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/physc-builder/assets/libs/owl/OwlCarousel2Thumbs.min.js?ver=2.3.4 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Feb 2022 14:15:10 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1011
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/physcode/azen-options.css?ver=1651494836
111.118.215.51200 OK 4.2 kB URL HTTP/2 flipd.in/wp-content/uploads/physcode/azen-options.css?ver=1651494836
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2104)
Hash 495836503d2519625bc33f823ef078a7
6c5e4aedd5447d451c1d8d4e321f0015685b8232
ac8ca4ab1bcddfbde8ce79877cbb95c9505cc1c3ac76e3fea8d8c88f0c0126d1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/physcode/azen-options.css?ver=1651494836 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 May 2022 12:33:56 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 24 Dec 2022 13:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4243
content-type: text/css
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
111.118.215.51200 OK 5.3 kB URL HTTP/2 flipd.in/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 01:51:12 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 5321
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/elementor/css/post-1191.css?ver=1648009825
111.118.215.51200 OK 1.3 kB URL HTTP/2 flipd.in/wp-content/uploads/elementor/css/post-1191.css?ver=1648009825
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (8258), with no line terminators
Hash 026a5b45181cbdaccc26c933b5582dcc
325445beac8506eec711e53ac270a665d4588d1d
15c35fddad90a5999b6f1da8dc336b4deefe988c24f7ab1498df08eb98003922
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-1191.css?ver=1648009825 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Mar 2022 04:30:25 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 24 Dec 2022 13:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1345
content-type: text/css
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/physc-builder/assets/js/physc-builder.js?ver=1.0.4
111.118.215.51200 OK 1.3 kB URL HTTP/2 flipd.in/wp-content/plugins/physc-builder/assets/js/physc-builder.js?ver=1.0.4
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash e46dcc88df42bc24a927217721955921
9a59a4a59c34e9ac91efb1cc8e9072be001c2106
70a5587140532427ab4fcace5f8dafcd004d36e0548d479b2dbc1264c0d67a41
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/physc-builder/assets/js/physc-builder.js?ver=1.0.4 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Feb 2022 14:15:10 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1322
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
111.118.215.51200 OK 4.6 kB URL HTTP/2 flipd.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 14:36:06 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4618
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/useanyfont/uaf.css?ver=1667572709
111.118.215.51200 OK 0 B URL HTTP/2 flipd.in/wp-content/uploads/useanyfont/uaf.css?ver=1667572709
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/useanyfont/uaf.css?ver=1667572709 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 04 Nov 2022 14:38:29 GMT
accept-ranges: bytes
content-length: 0
cache-control: max-age=2592000
expires: Sat, 24 Dec 2022 13:58:06 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0
111.118.215.51200 OK 1.1 kB URL HTTP/2 flipd.in/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2938), with no line terminators
Hash 769e9d3f7fc383ec1a02024e39730474
4f5a5edf28ed19b48c5e40747ec6896f0df8f09e
4636689d57889e984a7a1a1c6e2516b7a2d951407ca826aaf505c50002e2b486
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 01:39:48 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1093
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/physc-builder/assets/libs/slick/slick.css?ver=1.8.1
111.118.215.51200 OK 605 B URL HTTP/2 flipd.in/wp-content/plugins/physc-builder/assets/libs/slick/slick.css?ver=1.8.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash f9742a8d5b68ce7822554fd21201e3cb
7508c3565fc8e03dab227099fb6f53925a1765f5
b57245d42a186c7305e7795453c7e04694308c4b3e675c8321fc27924b373d11
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/physc-builder/assets/libs/slick/slick.css?ver=1.8.1 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Feb 2022 14:15:10 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 24 Dec 2022 13:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 605
content-type: text/css
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/physc-builder/assets/libs/countdown/jquery.countdown.min.js?ver=2.0.2
111.118.215.51200 OK 5.3 kB URL HTTP/2 flipd.in/wp-content/plugins/physc-builder/assets/libs/countdown/jquery.countdown.min.js?ver=2.0.2
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (13714)
Hash faaef8e6a9b85e2e1213a15c9569bab0
8c665f8e4e7dc7f66dc65b041e009d6d18f3d5c1
c843bcdcf4a62852c6c748bb8ee135a106647e6d39e2f46910ad7e6868a4ac0e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/physc-builder/assets/libs/countdown/jquery.countdown.min.js?ver=2.0.2 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Feb 2022 14:15:10 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 5255
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0
111.118.215.51200 OK 3.9 kB URL HTTP/2 flipd.in/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (9111)
Hash a9d79ad492f5d209828cf75ff095edb0
b969ee59c642ce462a2cea6b487f2b1d57a8a18a
c362ad1758080d8a6214b29639dd88f082394a603d4afa9f12d8a037f55f94e5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 01:39:48 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3949
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=6.1
111.118.215.51200 OK 9.8 kB URL HTTP/2 flipd.in/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=6.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (27578)
Hash 0ed40f6324a5b865c2420ef2ee54e122
1f437f4efc895cb01d41aed4bb6fa5cb1c26df15
b30f9ec7831aa91b205849c4e45d7ccb20d3fb3a7f157b53bedbed9221f78585
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=6.1 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 03:30:39 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 9776
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/themes/azen/assets/js/jquery.magnific-popup.js?ver=1
111.118.215.51200 OK 9.5 kB URL HTTP/2 flipd.in/wp-content/themes/azen/assets/js/jquery.magnific-popup.js?ver=1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (445)
Hash 9e7ea8e464d738c31acbda46d96eb46f
950935cbe41e6c8a38bc86ec0d9347f0346ad2fb
cbbec51334399aa67c1e85b500b1167a44e7a7cc2613dd20bf4cd2d0faf64afe
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/azen/assets/js/jquery.magnific-popup.js?ver=1 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Feb 2022 13:52:24 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 9515
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/physc-builder/assets/libs/slick/slick.min.js?ver=1.8.1
111.118.215.51200 OK 14 kB URL HTTP/2 flipd.in/wp-content/plugins/physc-builder/assets/libs/slick/slick.min.js?ver=1.8.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (42862)
Hash e61b26be7b27fbf2a5c2f479364c12b8
ff046102856e16854639a9862521c193fa05e9d7
19f098db827ce2943ab549c6fb9b142c4cc70aa9ecd7d3afc657a3a0eed8be88
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/physc-builder/assets/libs/slick/slick.min.js?ver=1.8.1 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Feb 2022 14:15:10 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 14332
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/physc-builder/assets/libs/owl/owl.carousel.min.js?ver=2.3.4
111.118.215.51200 OK 16 kB URL HTTP/2 flipd.in/wp-content/plugins/physc-builder/assets/libs/owl/owl.carousel.min.js?ver=2.3.4
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (31997)
Hash 8a2ba9702fb3cca3c84924959fff383d
ec7e32b952d84e211870dd0e9f1520582e3b4270
ebcdf76e9e513c320785d95cbfa122a4aaa6143fc8ea69a2ea0dedf0277828b8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/physc-builder/assets/libs/owl/owl.carousel.min.js?ver=2.3.4 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Feb 2022 14:15:10 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 15883
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.1.0
111.118.215.51200 OK 13 kB URL HTTP/2 flipd.in/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.1.0
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (62781), with no line terminators
Hash 506114e76608d2cb13e2ae2bcf067c7e
7ea05a51a05343a1b32e7c886add36971a788133
0b16be7c9d35f598d1cb5b6c9a42088aac3245180430e6583984f03b1ff16bd6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.1.0 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 01:39:48 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 24 Dec 2022 13:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 13258
content-type: text/css
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2
111.118.215.51200 OK 14 kB URL HTTP/2 flipd.in/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (36548)
Hash fd78079b5bb7ba132ca4ff2b9a1d7a01
685463955947d5c2bd18ed2fa84bccb2e42eb381
0889031ef8e7431839189876b3f1ce668972c05db3fbc5b63f0d067d520f1bb8
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 02:26:38 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 13813
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/physc-builder/assets/libs/owl/owl.carousel.min.css?ver=2.3.4
111.118.215.51200 OK 1.1 kB URL HTTP/2 flipd.in/wp-content/plugins/physc-builder/assets/libs/owl/owl.carousel.min.css?ver=2.3.4
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (3184)
Hash 8110dac83703c6f3bdab05005b338dae
2d7fa29ab9e77366216866a3c399cff917625015
8b88b876325a3b5deaea39fc31f97d9ea452bf5f5a27a4eb0d0cdc5be386fb92
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/physc-builder/assets/libs/owl/owl.carousel.min.css?ver=2.3.4 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Feb 2022 14:15:10 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 24 Dec 2022 13:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1142
content-type: text/css
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8
111.118.215.51200 OK 374 B URL HTTP/2 flipd.in/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (754), with no line terminators
Hash ef785f463505633971eae5c08ad626d4
624e22257f386801822229db3a4bbd2e24b25e2f
b2a0dc77f0f79d81698a7e3893e16ecba7b0d980b80a5233656d9b11f1d8160d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 14:00:30 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 374
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-includes/js/wp-util.min.js?ver=6.1.1
111.118.215.51200 OK 758 B URL HTTP/2 flipd.in/wp-includes/js/wp-util.min.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1391)
Hash 60bc75e3b14030c62d9fd3a3d317d8a8
6d919bbd05a3984a8e5e67b693e6d5d41cc885f9
e22df84be1a3ffe3b54352a4a39e14adb3fac69f2ce755e4c7babbc243c5bb4b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-util.min.js?ver=6.1.1 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 02:26:38 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 758
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/physc-builder/inc/modules/general/countdown/assets/js/countdown.js?ver=1.0.0
111.118.215.51200 OK 363 B URL HTTP/2 flipd.in/wp-content/plugins/physc-builder/inc/modules/general/countdown/assets/js/countdown.js?ver=1.0.0
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4bbe73542a4ec0e46be15e556e88aaf3
a61d3bfaa43e0d86e960e5479682a6d82102f1af
46132759a7a996cc4d5989c4c6c2990a57845fd80b9468360095cfc1ee46b014
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/physc-builder/inc/modules/general/countdown/assets/js/countdown.js?ver=1.0.0 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Feb 2022 14:15:10 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 363
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0
1.2 kB URL flipd.in/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0
IP :0
File type gzip compressed data, from Unix\012- data
Hash 1d43db37790e13f685a3c696579e3b2c
ecd7d8bcf06c069e2f296726649b6959608abfbe
4207a6e0849fcaec34e8b6de5931cf3158aca1121c232039654b4144aea9552e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
flipd.in/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0
111.118.215.51200 OK 792 B URL HTTP/2 flipd.in/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2139), with no line terminators
Hash 1ca3f41c13e0027acc45f0601f8b640f
cced34af0c6a59e9cee4229faa66ab39c7031506
d3bc5eaf4c6be9473dbba690825cce9a1a6f4accb6721dae7875efef54942f41
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 01:39:48 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 792
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0
111.118.215.51200 OK 1.0 kB URL HTTP/2 flipd.in/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1668)
Hash 0bebfb5722cbc8ac04e62aa40698be49
3bc5e4f29cb19a2d80d46dee242dabf7e42c0fd3
70d02eabbadbe176455a2bb53d8d567feca69847c067a5274987a8bdc65e3c05
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 01:39:48 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1000
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/physc-builder/inc/modules/woocommerce/flash-list-sale/assets/js/flash-list-countdown.js?ver=1.0.0
111.118.215.51200 OK 562 B URL HTTP/2 flipd.in/wp-content/plugins/physc-builder/inc/modules/woocommerce/flash-list-sale/assets/js/flash-list-countdown.js?ver=1.0.0
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 8fc5aff08357f23e26773e8003de380b
735548afa857d6e1c05074c41631592cecdc606c
0b9562c10b713d8cff64386bd21c5aa7776facf14616b6dfa551b8e95d316f42
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/physc-builder/inc/modules/woocommerce/flash-list-sale/assets/js/flash-list-countdown.js?ver=1.0.0 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Feb 2022 14:15:10 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 562
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-includes/js/underscore.min.js?ver=1.13.4
111.118.215.51200 OK 8.3 kB URL HTTP/2 flipd.in/wp-includes/js/underscore.min.js?ver=1.13.4
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (18798)
Hash ac9c7baaab74ef2576932d5798161987
fa202113e12b09696788a7024984879bddd29143
c03d52f8f157e9209646e3e696e9845d7d2b3cf3e73c8204f371b7393e738026
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 02:26:38 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 8305
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
111.118.215.51200 OK 2.3 kB URL HTTP/2 flipd.in/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (4918)
Hash afe0ea20b00c3b25a89a6b2d6a98c6ac
53c0425fb9abdc217a90ec20509996cd2a5f9e1d
f70c2aa0ee7d185b9ded30b1f2037e4fbd828583d61f68eab99fd2f37b36b2a3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 14:04:50 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2312
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
111.118.215.51200 OK 3.7 kB URL HTTP/2 flipd.in/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (12198), with no line terminators
Hash e2a8decccf4d0a6b925af707a36077a9
26a0febc9c3d91e75410f74b9ec62099ba1cbe90
09e0e638a6f53c0fdcfeeb8ae91f3a404bef47b471324e335e29be14a2aa87f7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 14:04:50 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3747
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/themes/azen/assets/js/theme.js?ver=1.0.7
111.118.215.51200 OK 4.3 kB URL HTTP/2 flipd.in/wp-content/themes/azen/assets/js/theme.js?ver=1.0.7
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash a8d4ab082c18af2b4a93de66a589b501
5c88b950c7a0135355c8a527d1791b6e65085abd
157b9ddd90e1db96ec18944413f721c1a39d290f93425d2333c18dc9dde4c5c7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/azen/assets/js/theme.js?ver=1.0.7 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Feb 2022 13:52:24 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4257
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2-wc.7.1.0
111.118.215.51200 OK 8.5 kB URL HTTP/2 flipd.in/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2-wc.7.1.0
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (22741), with no line terminators
Hash 92e2471e6c28343b865c8c6bed3743bd
8a03728161868942917e470754fb91ae4fa846a6
14328ee645bcf68ecbd02de75f79f8ab786f9769bb4e9378b62065c20a4a9506
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2-wc.7.1.0 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 01:39:48 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 8510
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
111.118.215.51200 OK 8.3 kB URL HTTP/2 flipd.in/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 838560e989767f2ef5951b9eeee20352
6bf8419cb4d68d9beced9e4b79b22b347ae16a46
72e6d275c5229613a59aef94523fc6a96330553976aee003d8544d5806fa0c3d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 02:26:38 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 8344
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/instagram-feed/img/placeholder.png
111.118.215.51200 OK 176 B URL HTTP/2 flipd.in/wp-content/plugins/instagram-feed/img/placeholder.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 1000 x 560, 1-bit colormap, non-interlaced\012- data
Hash a5443c5bb9bd40f1b1e6652eedce9925
aefb6c761d953a69c8b7ee7d98cad00545d74364
f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/instagram-feed/img/placeholder.png HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 03:30:39 GMT
accept-ranges: bytes
content-length: 176
cache-control: max-age=31536000
expires: Fri, 24 Nov 2023 13:58:06 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
111.118.215.51200 OK 13 kB URL HTTP/2 flipd.in/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (32907)
Hash ec532bc72e833d74239248a507033f2d
e682bb6b3a3d8dce061c9974064efa177b286cbc
5225c44ca2b4081202505c1b0a9c16446eda2d51038ac8ed1a5eea1630b0541b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 14:04:50 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 13291
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
111.118.215.51200 OK 16 kB URL HTTP/2 flipd.in/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (40474)
Hash 6aeb2153cae643eef82bc2bfd981284f
72ded3873d2eca2490b951a270c2ad90d2be820f
e1f85226ca5e06d9aa02a495ab567529e78f5aeae6924566e58e18debe6f38bb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 14:04:50 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 16151
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/2022/02/congrats.png
111.118.215.51200 OK 21 kB URL HTTP/2 flipd.in/wp-content/uploads/2022/02/congrats.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Hash 71b013595c4ff6cfb4349a5a7f25b2e0
cc37d3762c97148b7b03d17619d45c46d3704878
150fd0e2bbe21cc7d98a54c9d6b10727c485e425ec86a857a271b4ee4079fe21
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/02/congrats.png HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Feb 2022 11:31:11 GMT
accept-ranges: bytes
content-length: 20631
cache-control: max-age=31536000
expires: Fri, 24 Nov 2023 13:58:06 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/2022/02/loved-1.png
111.118.215.51200 OK 24 kB URL HTTP/2 flipd.in/wp-content/uploads/2022/02/loved-1.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Hash c41158578cdb6bfdf2c388e3a7c65b54
8b5b3708b25f45f96947073a1c98eb5ca7cfa7a5
af665b95191e4674feee49e9bd0b394b85f96b24f0337f615454212eb2cec42e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/02/loved-1.png HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Feb 2022 11:30:21 GMT
accept-ranges: bytes
content-length: 23484
cache-control: max-age=31536000
expires: Fri, 24 Nov 2023 13:58:06 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/2022/02/PunHub.png
111.118.215.51200 OK 26 kB URL HTTP/2 flipd.in/wp-content/uploads/2022/02/PunHub.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Hash a6f4181c9e13b3721541806b2ba12de4
7bb96dd1a2fe71c63e2dc9e4e779d348d06fe8fa
497fc621b6f85a7176fcc64f236f150563106e8f21cec33888b2aaa05f892ce1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/02/PunHub.png HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Feb 2022 11:30:28 GMT
accept-ranges: bytes
content-length: 26539
cache-control: max-age=31536000
expires: Fri, 24 Nov 2023 13:58:06 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/2022/02/hbd.png
111.118.215.51200 OK 37 kB URL HTTP/2 flipd.in/wp-content/uploads/2022/02/hbd.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Hash 722720c782a178b5ac326f695af4405b
3eae82172d143db218521bd6f54f7c1574579e9c
2b19e1fa92e7aea898d89b257eb2113c1fc819ac7525abd76d0e5c30bf139353
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/02/hbd.png HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Feb 2022 11:30:16 GMT
accept-ranges: bytes
content-length: 37005
cache-control: max-age=31536000
expires: Fri, 24 Nov 2023 13:58:06 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/2022/02/tv-shows.png
111.118.215.51200 OK 73 kB URL HTTP/2 flipd.in/wp-content/uploads/2022/02/tv-shows.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Hash f2384fd33e56578bf6470cb79383cae7
2e0b9abc76f46dedfdd3369dbac870f41041ba1f
c564100e2709bf6784ab6d668a1ef800e422ca156479e67819ec24781c6428fa
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/02/tv-shows.png HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Feb 2022 12:27:52 GMT
accept-ranges: bytes
content-length: 72967
cache-control: max-age=31536000
expires: Fri, 24 Nov 2023 13:58:06 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/2022/04/Flipd-Logo_Final-OLD.png
111.118.215.51200 OK 93 kB URL HTTP/2 flipd.in/wp-content/uploads/2022/04/Flipd-Logo_Final-OLD.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 1274 x 324, 8-bit/color RGBA, non-interlaced\012- data
Hash e713a33d984fe27b42de3dd4627367ce
9f011a16fa3d847b80130a563a6fab26ab0dc6c6
6fddecc1359d501231d61b788b6557e55a3072200b01a59428fb0ba5633dc2dc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/04/Flipd-Logo_Final-OLD.png HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 22 Apr 2022 13:28:20 GMT
accept-ranges: bytes
content-length: 92868
cache-control: max-age=31536000
expires: Fri, 24 Nov 2023 13:58:06 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/2022/02/Flipd-Logo_Final.png
111.118.215.51200 OK 93 kB URL HTTP/2 flipd.in/wp-content/uploads/2022/02/Flipd-Logo_Final.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 1274 x 324, 8-bit/color RGBA, non-interlaced\012- data
Hash e713a33d984fe27b42de3dd4627367ce
9f011a16fa3d847b80130a563a6fab26ab0dc6c6
6fddecc1359d501231d61b788b6557e55a3072200b01a59428fb0ba5633dc2dc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/02/Flipd-Logo_Final.png HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Feb 2022 07:54:09 GMT
accept-ranges: bytes
content-length: 92868
cache-control: max-age=31536000
expires: Fri, 24 Nov 2023 13:58:06 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/2022/02/IMG-8652.png
111.118.215.51200 OK 180 kB URL HTTP/2 flipd.in/wp-content/uploads/2022/02/IMG-8652.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 714 x 1024, 8-bit colormap, non-interlaced\012- data
Size 180 kB (180086 bytes)
Hash dc2e453e5910e4069b5d6a20d8f3af3d
d162409a9f002c9e417a36a13c216cb06a810fa3
1d4c1fb01fab54f8831f8d9b421eebd2c70b31baaa5af5e8d036ceb42727e866
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/02/IMG-8652.png HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Feb 2022 15:23:24 GMT
accept-ranges: bytes
content-length: 180086
cache-control: max-age=31536000
expires: Fri, 24 Nov 2023 13:58:06 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/2022/02/Science.png
111.118.215.51200 OK 227 kB URL HTTP/2 flipd.in/wp-content/uploads/2022/02/Science.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 227 kB (226956 bytes)
Hash 9d900f255620afaa95105114492f8bb8
480ca877eadf8d20478170cb5e7df360a14af2b1
bbbbd70816a7a6a460c59b001c67726a0b8125900e1133a6ef81037a84187d6e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/02/Science.png HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Feb 2022 11:30:31 GMT
accept-ranges: bytes
content-length: 226956
cache-control: max-age=31536000
expires: Fri, 24 Nov 2023 13:58:06 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/contact-form-7/includes/js/html5-fallback.js?ver=5.6.4
111.118.215.51409 Conflict 83 B URL HTTP/2 flipd.in/wp-content/plugins/contact-form-7/includes/js/html5-fallback.js?ver=5.6.4
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/html5-fallback.js?ver=5.6.4 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
111.118.215.51409 Conflict 83 B URL HTTP/2 flipd.in/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
111.118.215.51409 Conflict 83 B URL HTTP/2 flipd.in/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/contact-form-7/includes/js/jquery-ui/themes/smoothness/jquery-ui.min.css?ver=1.12.1
111.118.215.51409 Conflict 83 B URL HTTP/2 flipd.in/wp-content/plugins/contact-form-7/includes/js/jquery-ui/themes/smoothness/jquery-ui.min.css?ver=1.12.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/jquery-ui/themes/smoothness/jquery-ui.min.css?ver=1.12.1 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
111.118.215.51409 Conflict 83 B URL HTTP/2 flipd.in/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:58:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:58:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:58:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2
216.58.207.195200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 27428, version 1.0\012- data
Hash e6d08c334958c128b793b570a7dce066
081111500e97a7663ff936f847e050fee6b8be2b
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
GET /s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flipd.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27428
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 01:13:04 GMT
expires: Wed, 22 Nov 2023 01:13:04 GMT
cache-control: public, max-age=31536000
age: 218703
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 31196, version 1.0\012- data
Hash ea2343c7dccad57360fb611d67204445
b603d9e68bb1ed5e4b33d5e31121160cb4d23452
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
GET /s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flipd.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 06:19:59 GMT
expires: Fri, 24 Nov 2023 06:19:59 GMT
cache-control: public, max-age=31536000
age: 27488
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:58:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
flipd.in/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.1.0
111.118.215.51200 OK 1.3 kB URL HTTP/2 flipd.in/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.1.0
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (7043), with no line terminators
Hash 23030da399d26bb36e2effda3c58d488
2480e4b14c65a29b6013515cea8a55a6646aa85a
026d41f0bbec9c4116e05c06d43d3bbae4e9ec0975f84140565760431eaa88d7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.1.0 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 01:39:48 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 24 Dec 2022 13:58:07 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1294
content-type: text/css
date: Thu, 24 Nov 2022 13:58:07 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/themes/azen/assets/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0
111.118.215.51200 OK 38 kB URL HTTP/2 flipd.in/wp-content/themes/azen/assets/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format (Version 2), TrueType, length 38384, version 1.0\012- data
Hash a4d31128b633bc0b1cc1f18a34fb3851
6ee4c79372c3fd679706306ede47e4b03cf53d60
e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/azen/assets/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://flipd.in/wp-content/themes/azen/assets/css/material-design-iconic-font.min.css?ver=1.0.7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Feb 2022 13:52:24 GMT
accept-ranges: bytes
content-length: 38384
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:07 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: font/woff2
date: Thu, 24 Nov 2022 13:58:07 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
111.118.215.51200 OK 77 kB URL HTTP/2 flipd.in/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://flipd.in/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 14:04:50 GMT
accept-ranges: bytes
content-length: 77160
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:08 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: font/woff2
date: Thu, 24 Nov 2022 13:58:08 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/2022/02/93D18F00-EBFD-4E37-A1A4-FDAACE9C6228-300x300.jpg
111.118.215.51200 OK 15 kB URL HTTP/2 flipd.in/wp-content/uploads/2022/02/93D18F00-EBFD-4E37-A1A4-FDAACE9C6228-300x300.jpg
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, orientation=upper-left, software=Instagram, GPS-Data], baseline, precision 8, 300x300, components 3\012- data
Hash b8aaf6539a60ba86f6479632f4c47a6c
b8705544d95549d9fb927c2ac86a717551e1d31d
e4e1a5b6143bd06b87f316c6987a0ea56569ac01df1cbb2eb6b7e532f1f45c7d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/02/93D18F00-EBFD-4E37-A1A4-FDAACE9C6228-300x300.jpg HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Feb 2022 13:26:01 GMT
accept-ranges: bytes
content-length: 15121
cache-control: max-age=31536000
expires: Fri, 24 Nov 2023 13:58:08 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Thu, 24 Nov 2022 13:58:08 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/2022/02/IMG_4657-300x300.jpeg
111.118.215.51200 OK 20 kB URL HTTP/2 flipd.in/wp-content/uploads/2022/02/IMG_4657-300x300.jpeg
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 300x300, components 3\012- data
Hash 95e8da592318f6e70656d088c65b6977
06926a1d35a7345c530172db8d7e57f25925676e
2cb15fbedbcf5e258101b3624d9888478d168a3f3e1333d5eef5e78a0f8a01ad
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/02/IMG_4657-300x300.jpeg HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 13:58:08 GMT
server: Apache
content-type: image/jpeg
content-length: 20352
last-modified: Thu, 17 Feb 2022 07:01:58 GMT
cache-control: max-age=31536000
expires: Sun, 13 Aug 2023 16:14:16 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5
111.118.215.51200 OK 85 kB URL HTTP/2 flipd.in/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash ae6e84c6bebad86748f0e9c20d50fe92
f32d6972d4fddd523477135d3b1722ec1ece6efa
690e93f924f98433342538898201259b6e80998eeadcd7611e15ce210124edf8
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 01:39:47 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 24 Dec 2022 13:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
111.118.215.51200 OK 33 kB URL HTTP/2 flipd.in/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash ef9e70afba83aeba274ab63232981998
8fe845b5b3a587cbc9a34a2a6febd87338952705
599fc4c2efbd75d2ecd17108316f41f1fb92d3d4314a83cfaf1988919445811c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Nov 2022 01:56:56 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 24 Dec 2022 13:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/2022/02/03180919-D51F-4B7E-93B8-29EC95209DE7-300x300.jpeg
111.118.215.51200 OK 15 kB URL HTTP/2 flipd.in/wp-content/uploads/2022/02/03180919-D51F-4B7E-93B8-29EC95209DE7-300x300.jpeg
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left], baseline, precision 8, 300x300, components 3\012- data
Hash db6e199b1e0a7d041bb2c1e1fb6bcc1c
72a6e3ead4be23b909529a79e6070b6f17b2b357
18155bdc554ebdb6344c17d9b9a3484947e0dd055e4d4179edc6088f42f8c4dc
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/02/03180919-D51F-4B7E-93B8-29EC95209DE7-300x300.jpeg HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 13:58:08 GMT
server: Apache
content-type: image/jpeg
content-length: 15272
last-modified: Thu, 17 Feb 2022 06:59:35 GMT
cache-control: max-age=31536000
expires: Sun, 13 Aug 2023 16:14:16 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/2022/02/8ac4e16d-ef3a-4eb4-a412-86b013d8a582-300x300.jpeg
111.118.215.51200 OK 21 kB URL HTTP/2 flipd.in/wp-content/uploads/2022/02/8ac4e16d-ef3a-4eb4-a412-86b013d8a582-300x300.jpeg
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left], baseline, precision 8, 300x300, components 3\012- data
Hash 49ec61d19d171c638dd36945135e2dbe
3a8eceb2c86b101ebad833dafdf76fe66b6ba218
4236fb02e33447ac7da33e2e2677713b7c0fb652ce6c561bcee6ae97fab4fed0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/02/8ac4e16d-ef3a-4eb4-a412-86b013d8a582-300x300.jpeg HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 13:58:08 GMT
server: Apache
content-type: image/jpeg
content-length: 20675
last-modified: Thu, 17 Feb 2022 06:59:00 GMT
cache-control: max-age=31536000
expires: Sun, 13 Aug 2023 16:14:16 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/2022/02/D94A9BC7-2BA6-4903-9840-C9079A03C8D5-300x300.jpeg
111.118.215.51200 OK 22 kB URL HTTP/2 flipd.in/wp-content/uploads/2022/02/D94A9BC7-2BA6-4903-9840-C9079A03C8D5-300x300.jpeg
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left], baseline, precision 8, 300x300, components 3\012- data
Hash 6bcd83f32216843974dda8e9dbfc9bca
a8c988eae96d3a1c3661c343b8c11651af5cc3f2
54a058e570da21a054ac24a38e78f202df538959648cb7d7214145e597504fbb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/02/D94A9BC7-2BA6-4903-9840-C9079A03C8D5-300x300.jpeg HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 13:58:08 GMT
server: Apache
content-type: image/jpeg
content-length: 22129
last-modified: Thu, 17 Feb 2022 07:00:16 GMT
cache-control: max-age=31536000
expires: Sun, 13 Aug 2023 09:57:23 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
111.118.215.51409 Conflict 83 B URL HTTP/2 flipd.in/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Thu, 24 Nov 2022 13:58:08 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/2022/02/4cbb0d5a-606e-4eff-a7be-5fd71a1ec04e-300x300.jpg
111.118.215.51200 OK 22 kB URL HTTP/2 flipd.in/wp-content/uploads/2022/02/4cbb0d5a-606e-4eff-a7be-5fd71a1ec04e-300x300.jpg
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 4532182ac7e51df415fe297c7251f004
6a8be74fe3ff756b42af4484845554b04492172b
929124d08068744514e7e5dec8380d091a746303b7035d9e2b800f948544fc70
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/02/4cbb0d5a-606e-4eff-a7be-5fd71a1ec04e-300x300.jpg HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Feb 2022 06:53:42 GMT
accept-ranges: bytes
content-length: 22118
cache-control: max-age=31536000
expires: Fri, 24 Nov 2023 13:58:08 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Thu, 24 Nov 2022 13:58:08 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
111.118.215.51409 Conflict 83 B URL HTTP/2 flipd.in/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Thu, 24 Nov 2022 13:58:08 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/contact-form-7/includes/js/html5-fallback.js?ver=5.6.4
111.118.215.51409 Conflict 83 B URL HTTP/2 flipd.in/wp-content/plugins/contact-form-7/includes/js/html5-fallback.js?ver=5.6.4
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/html5-fallback.js?ver=5.6.4 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Thu, 24 Nov 2022 13:58:08 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1faf6-1f3fb.svg
192.0.77.48200 OK 1.4 kB URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1faf6-1f3fb.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1390), with no line terminators
Hash 9c99205dc782580acfd8acfc599b4ecc
59c6549445922bf9ea4ac4d7006f75f1bdff0741
fe84023e9a7eefda53a208236094cf37a77a6eb4d40b3f0d4679e04709a3d61c
GET /images/core/emoji/14.0.0/svg/1faf6-1f3fb.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 13:58:08 GMT
content-type: image/svg+xml
content-length: 1390
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/2022/04/cropped-Flipd-Logo_Final-32x32.png
111.118.215.51200 OK 565 B URL HTTP/2 flipd.in/wp-content/uploads/2022/04/cropped-Flipd-Logo_Final-32x32.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash f16fb716a7bacd23461934c31704b132
b48ac2bc49bc0fd4e43ee7531dfdad0acdc259e8
297a099c504c36885e6207ff762654144dfbd410e09d679cba3b46fd9ab16362
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/04/cropped-Flipd-Logo_Final-32x32.png HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 20 Apr 2022 11:47:52 GMT
accept-ranges: bytes
content-length: 565
cache-control: max-age=31536000
expires: Fri, 24 Nov 2023 13:58:08 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 24 Nov 2022 13:58:08 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/2022/04/cropped-Flipd-Logo_Final-192x192.png
111.118.215.51200 OK 6.1 kB URL HTTP/2 flipd.in/wp-content/uploads/2022/04/cropped-Flipd-Logo_Final-192x192.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 10adf48422806904c3e10819bc0ffa04
1970907709829cb38f4f3d5ce74a6f77575ae7a2
dee7178ae701b8ec5b92e2af5ccac3b5f4aecfd5a99d750c47c37e5b5328e83b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/04/cropped-Flipd-Logo_Final-192x192.png HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 20 Apr 2022 11:47:52 GMT
accept-ranges: bytes
content-length: 6141
cache-control: max-age=31536000
expires: Fri, 24 Nov 2023 13:58:08 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 24 Nov 2022 13:58:08 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/sb-instagram-feed-images/287750430_562510625274629_593129918160521240_nthumb.jpg
111.118.215.51200 OK 5.1 kB URL HTTP/2 flipd.in/wp-content/uploads/sb-instagram-feed-images/287750430_562510625274629_593129918160521240_nthumb.jpg
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x187, components 3\012- data
Hash 9cd301d6af1f50a01ade5bf359d8a969
d5a5007fa39b2343189c1f83da2d7ce95b08c4ca
7fe69f740e7f3e03e12dc19102870f8e16f23afe97b6b6459b1a7663bed08a21
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/sb-instagram-feed-images/287750430_562510625274629_593129918160521240_nthumb.jpg HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 15 Jun 2022 16:09:27 GMT
accept-ranges: bytes
content-length: 5148
cache-control: max-age=31536000
expires: Fri, 24 Nov 2023 13:58:09 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Thu, 24 Nov 2022 13:58:09 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/sb-instagram-feed-images/288937659_1022389155313855_5833980075091015443_nthumb.jpg
111.118.215.51200 OK 5.4 kB URL HTTP/2 flipd.in/wp-content/uploads/sb-instagram-feed-images/288937659_1022389155313855_5833980075091015443_nthumb.jpg
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x173, components 3\012- data
Hash 383f0dad0b360f145050151f7766520e
4f888c3e4598df74997b44e1667d8bae4c25832f
4e7f751e023ebc65937e0c9ca6fe92f5879eeaa3b6c9fcab6b1029dca2077233
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/sb-instagram-feed-images/288937659_1022389155313855_5833980075091015443_nthumb.jpg HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 19 Jun 2022 05:32:03 GMT
accept-ranges: bytes
content-length: 5421
cache-control: max-age=31536000
expires: Fri, 24 Nov 2023 13:58:09 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Thu, 24 Nov 2022 13:58:09 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/sb-instagram-feed-images/288210163_1146137559650885_3784406669870930922_nthumb.jpg
111.118.215.51200 OK 2.8 kB URL HTTP/2 flipd.in/wp-content/uploads/sb-instagram-feed-images/288210163_1146137559650885_3784406669870930922_nthumb.jpg
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x188, components 3\012- data
Hash af49104144896012ee8221d28fc138e8
c70a77bc24918f5db2153af641cd2fbd5453f223
39c3dae43107e2740fdbe9211186ec7c66910091e2bee112c24f01f57756c503
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/sb-instagram-feed-images/288210163_1146137559650885_3784406669870930922_nthumb.jpg HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jun 2022 17:40:57 GMT
accept-ranges: bytes
content-length: 2840
cache-control: max-age=31536000
expires: Fri, 24 Nov 2023 13:58:09 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Thu, 24 Nov 2022 13:58:09 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
111.118.215.51200 OK 671 B URL HTTP/2 flipd.in/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1320)
Hash 3b0adb15e8343e46117fae1a91c1519f
96c16d5554d161466f482aba020ec272b004c57c
3c227e3607c75db2282b30d2d12ad8a6d8b6e57bee331aa9c58a0f5dd9177955
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 14:04:50 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:09 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 671
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:09 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/2022/02/A3B65270-32CA-43DA-976B-3B07E936D99F.jpg
111.118.215.51200 OK 240 kB URL HTTP/2 flipd.in/wp-content/uploads/2022/02/A3B65270-32CA-43DA-976B-3B07E936D99F.jpg
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=Instagram, datetime=2021:08:09 21:14:12, GPS-Data], baseline, precision 8, 958x1197, components 3\012- data
Size 240 kB (239743 bytes)
Hash 0732ff5487be8c4becab8a2d2db6554e
746dbb5ba7b63b606f512c37aff83ee908253481
a8caf3c90bb817f9aab6dd3f727ce10bacfafb820d94a18c779d3611e6c3edd2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/02/A3B65270-32CA-43DA-976B-3B07E936D99F.jpg HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Feb 2022 15:23:22 GMT
accept-ranges: bytes
content-length: 239743
cache-control: max-age=31536000
expires: Fri, 24 Nov 2023 13:58:09 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Thu, 24 Nov 2022 13:58:09 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/?wc-ajax=get_refreshed_fragments
111.118.215.51200 OK 200 B URL HTTP/2 flipd.in/?wc-ajax=get_refreshed_fragments
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JSON data\012- , ASCII text, with very long lines (303), with no line terminators
Hash 2105b4f0bb2f8138d93fb0141d21f3d3
28e4795e1caf090991ff64824b45c779924c40b2
fb36d0d95808cfd2b31f18e70e2fcb9c08d1615a62d7dbed5a958d2b54b83fcc
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://flipd.in
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://flipd.in
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 200
content-type: application/json; charset=UTF-8
date: Thu, 24 Nov 2022 13:58:08 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/uploads/2022/02/WhatsApp-Image-2022-02-17-at-12.06.47-PM.jpeg
111.118.215.51200 OK 42 kB URL HTTP/2 flipd.in/wp-content/uploads/2022/02/WhatsApp-Image-2022-02-17-at-12.06.47-PM.jpeg
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 768x1024, components 3\012- data
Hash 12fdd991fa03518c8c940045a82e729e
436467160428b4c80a9f3dd7fc0ca8bc70fd237c
1593e4560885325313d818f8f071e4c6cbaf35a6deb85af52b5be44b97823a78
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/02/WhatsApp-Image-2022-02-17-at-12.06.47-PM.jpeg HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 13:58:09 GMT
server: Apache
content-type: image/jpeg
content-length: 41688
last-modified: Thu, 17 Feb 2022 08:43:51 GMT
cache-control: max-age=31536000
expires: Sun, 23 Apr 2023 04:18:19 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
111.118.215.51200 OK 7.5 kB URL HTTP/2 flipd.in/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format, TrueType, length 7536, version 1.0\012- data
Hash 04eb8fc57f27498e5ae37523e3bfb2c7
d942ae11706c3f7e511e3c49b0e4574d7ad199c4
f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://flipd.in/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.22
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Feb 2022 14:14:22 GMT
accept-ranges: bytes
content-length: 7536
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:09 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: font/woff
date: Thu, 24 Nov 2022 13:58:09 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Muli:800%2C600%7CRoboto:400
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Muli:800%2C600%7CRoboto:400
IP 142.250.74.10:0
GET /css?family=Muli:800%2C600%7CRoboto:400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 13:58:06 GMT
date: Thu, 24 Nov 2022 13:58:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
flipd.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
111.118.215.51200 OK 0 B URL HTTP/2 flipd.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 02:26:38 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22
111.118.215.51200 OK 0 B URL HTTP/2 flipd.in/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Feb 2022 14:14:22 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f493.svg
192.0.77.48200 OK 0 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f493.svg
IP 192.0.77.48:0
GET /images/core/emoji/14.0.0/svg/1f493.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 13:58:08 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Mulish:200,300,400,500,600,700,800,900,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&display=swap&ver=1651494836
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Mulish:200,300,400,500,600,700,800,900,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&display=swap&ver=1651494836
IP 142.250.74.10:0
GET /css?family=Mulish:200,300,400,500,600,700,800,900,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&display=swap&ver=1651494836 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 13:58:06 GMT
date: Thu, 24 Nov 2022 13:58:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1
111.118.215.51200 OK 0 B URL HTTP/2 flipd.in/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 14:04:50 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 24 Dec 2022 13:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.22
111.118.215.51200 OK 0 B URL HTTP/2 flipd.in/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.22
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.22 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Feb 2022 14:14:22 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Thu, 24 Nov 2022 19:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/2728.svg
192.0.77.48200 OK 0 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/2728.svg
IP 192.0.77.48:0
GET /images/core/emoji/14.0.0/svg/2728.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 13:58:08 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2
flipd.in/wp-content/themes/azen/style.css?ver=1.0.7
111.118.215.51200 OK 0 B URL HTTP/2 flipd.in/wp-content/themes/azen/style.css?ver=1.0.7
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/azen/style.css?ver=1.0.7 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 07:38:28 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 24 Dec 2022 13:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
flipd.in/wp-content/themes/azen/assets/css/bootstrap.min.css?ver=1.0.7
111.118.215.51200 OK 0 B URL HTTP/2 flipd.in/wp-content/themes/azen/assets/css/bootstrap.min.css?ver=1.0.7
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/azen/assets/css/bootstrap.min.css?ver=1.0.7 HTTP/1.1
Host: flipd.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Feb 2022 13:52:24 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 24 Dec 2022 13:58:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Thu, 24 Nov 2022 13:58:06 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.10:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flipd.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 13:58:06 GMT
date: Thu, 24 Nov 2022 13:58:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2