shingroup.com/
185.220.204.64301 Moved Permanently 293 B IP 185.220.204.64:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2bedadcbae3f19e3b16392b2b361086a
8c0a9bb94ceeea7d3be661ae22570e449a37c692
d0dd1101335b22ebbe244ebc2faac6af53bb51a07274814c1b14f55f1753f03f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 06 Dec 2022 08:10:56 GMT
Server: Apache
Location: https://shingroup.com/
Content-Length: 293
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7117
Expires: Tue, 06 Dec 2022 10:09:33 GMT
Date: Tue, 06 Dec 2022 08:10:56 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4153
Cache-Control: max-age=98976
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 08:10:56 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 11:40:32 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 07:18:37 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3139
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3364
Expires: Tue, 06 Dec 2022 09:07:00 GMT
Date: Tue, 06 Dec 2022 08:10:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Ok4722lWeJKFLaj0LIA8I2XH/s0kxbnDsrJEw1522DLZsctx0miE+6j232N8axXtut6qGG3MALA=
x-amz-request-id: WYFNPY794DC2KBNP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 07:47:01 GMT
age: 1435
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 08:10:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 08:08:58 GMT
cache-control: public,max-age=3600
age: 119
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4132
Cache-Control: max-age=93887
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 08:10:57 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:15:44 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.34.4.233101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.34.4.233:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1UIPMFwpfwpRekkyNf8aQg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yTBmQ9cfX75uJLfQEqFtgYCGFu4=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6091
Expires: Tue, 06 Dec 2022 09:52:29 GMT
Date: Tue, 06 Dec 2022 08:10:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6091
Expires: Tue, 06 Dec 2022 09:52:29 GMT
Date: Tue, 06 Dec 2022 08:10:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99d1ff8fa2e095dcf2bda3d1e1af1221
f914f04a0e1fb45a221d31d2105bfc73015b03e6
90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10183
x-amzn-requestid: 557e6b38-7be9-4953-968b-2e5bd3491ef4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUDYEQbIAMFwRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66e2-1fcd8fc4719bc0bc7d11abd2;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z1_zJTJMuk724WMOmIc660b54AyZK8ffNVF5N7ehZ00W2kaL3Lcd1A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:14 GMT
age: 37424
etag: "f914f04a0e1fb45a221d31d2105bfc73015b03e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17c7b7e3a4e6f3ad9ccf7f42c400749c
76432db96e8280e24da56670fba8f8f80a95ab31
f67d401ebc225c2a9dac5b4f98dc969e22f927455c2537df353ac86f046cc4c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4905
x-amzn-requestid: d80a0dd7-01ec-4801-a5b5-6a1b01eb1944
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csTMSHsyoAMF6BQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6581-177e519d6dbd1875555b0961;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:41:21 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KmaWXiNE4GPEU9-X5rhVcEsUak4C9m-mjdTCdFUFCPFj8f2uGwCvcQ==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:46:52 GMT
etag: "76432db96e8280e24da56670fba8f8f80a95ab31"
content-type: image/jpeg
age: 37446
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:23:09 GMT
age: 35269
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8450e32d-c4fa-4c40-82bc-1c36f479692e.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8450e32d-c4fa-4c40-82bc-1c36f479692e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd0fdca9dfb3e18fcbb5c89e12922da7
d8acf7053a01df2c503c734d52070ff4802d5a01
61e6235613c8ecda0321ecbe0870419bfa65cf3e44e3b85acd257f78725a6843
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8450e32d-c4fa-4c40-82bc-1c36f479692e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8978
x-amzn-requestid: eb1d3e42-f07c-4b92-983e-a40e2e2eda31
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csWdTE5goAMFRKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6abb-734e39b84aeb2370277122f0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 22:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rtVWLjbbjO2z-TlZqURPHGqbMJOSNd0yEFuYUnE3FGVmypSDqxaXwg==
via: 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 07:17:59 GMT
age: 3179
etag: "d8acf7053a01df2c503c734d52070ff4802d5a01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba08976-65c4-4b8b-9ef1-92055a7b5235.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba08976-65c4-4b8b-9ef1-92055a7b5235.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53afd826523f4c18bf968764818d7ca7
9a26884875abb0652c568c50438b65f801779f9a
4f9dfeda67a040fef9c6987a7c334a91c993c84f694fa91771fcf7fd1d2e4937
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba08976-65c4-4b8b-9ef1-92055a7b5235.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12293
x-amzn-requestid: 49891ceb-3f74-4e83-8064-f54fc8b30961
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyGHPOIAMFYqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-651e4e0c55257bcc553cd176;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4f0QQ4-21m-DiP4oUtIG75_vremc835laqhfDerlqCuW-WyKClvc9Q==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:29:38 GMT
age: 34880
etag: "9a26884875abb0652c568c50438b65f801779f9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42536ef2-6e40-4541-ac60-0ff74058daa7.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42536ef2-6e40-4541-ac60-0ff74058daa7.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b5e953213b7b13b8ee202406147fac52
67a09d8cd23ed444667b225f7fbf4bb17b9f42dd
cf6b2502f0a992148f9401c16a329cae5a6c21fb81f03131f3e69c58bc608110
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42536ef2-6e40-4541-ac60-0ff74058daa7.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15732
x-amzn-requestid: 7467ddb0-b9f9-47e9-ac31-c7599fe45698
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csVIIESBIAMFU6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e689a-79e3f8b66e1cf72f3283ac5b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:54:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3seQ7H4qrlKKpuIWUobiey92ZMkB4jWqd5v6T6379g0V0y6XdVFvWQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:21 GMT
age: 35317
etag: "67a09d8cd23ed444667b225f7fbf4bb17b9f42dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
shingroup.com/wp-content/plugins/nivo-slider/scripts/nivo-slider/nivo-slider.css?ver=4.9.22
185.220.204.64200 OK 1.9 kB URL HTTP/1.1 shingroup.com/wp-content/plugins/nivo-slider/scripts/nivo-slider/nivo-slider.css?ver=4.9.22
IP 185.220.204.64:0
Hash d958a618b211c9391ef05499ad7f1eff
e4567914096e1d2111643d2e53e190349bb5e7be
1445a1c40e53d785721c7af9b6121eebff659c3cdbdd993284c89ab87c873d09
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/nivo-slider/scripts/nivo-slider/nivo-slider.css?ver=4.9.22 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:01 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 23:05:16 GMT
Accept-Ranges: bytes
Content-Length: 1946
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
shingroup.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1
185.220.204.64200 OK 1.7 kB URL HTTP/1.1 shingroup.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1
IP 185.220.204.64:0
Hash 5ad1cfa3f5175f627385651790ed0bbd
7a06ac744a748ce4c315c798614d6d0068596cc4
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:01 GMT
Server: Apache
Last-Modified: Sun, 21 Apr 2019 19:39:00 GMT
Accept-Ranges: bytes
Content-Length: 1685
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
shingroup.com/wp-content/themes/fiction/modules/shortcode-zocial-buttons/style.css?ver=4.9.22
185.220.204.64200 OK 19 kB URL HTTP/1.1 shingroup.com/wp-content/themes/fiction/modules/shortcode-zocial-buttons/style.css?ver=4.9.22
IP 185.220.204.64:0
Hash 25a7dffaf1e8ef7aadf2d804c13c867e
44be17602cdfbfbf9bf5a8c4dfc6e1d7e8b934e2
fa7a890753eb0b2924994fc4398d894475505b74b035196280f27d9eed345deb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/fiction/modules/shortcode-zocial-buttons/style.css?ver=4.9.22 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:01 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 23:06:53 GMT
Accept-Ranges: bytes
Content-Length: 18618
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
shingroup.com/wp-content/plugins/LayerSlider/css/layerslider.css?ver=4.6.0
185.220.204.64200 OK 15 kB URL HTTP/1.1 shingroup.com/wp-content/plugins/LayerSlider/css/layerslider.css?ver=4.6.0
IP 185.220.204.64:0
Hash 80651e7f60418a359286c4322d2dc2ea
bbcdfec8ba285f8b8a834f58f2b68d28d898f2be
bb8003fda1078b61a1f729a150b0d13a86a6b9a727dc990eba084c009b8fb44c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/LayerSlider/css/layerslider.css?ver=4.6.0 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:01 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 22:51:10 GMT
Accept-Ranges: bytes
Content-Length: 14651
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
shingroup.com/wp-content/plugins/mnky-vector-icons/css/icon-font-style.css?ver=4.9.22
185.220.204.64200 OK 54 kB URL HTTP/1.1 shingroup.com/wp-content/plugins/mnky-vector-icons/css/icon-font-style.css?ver=4.9.22
IP 185.220.204.64:0
Hash bfe85ce59753704c7a71985bc1dad71f
918d7140eb950db3641536c74ca9e5e30dd18455
2b0347ed58ba5eb961132643596c065957ff76a68154b84af4ceb2c952deabc9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/mnky-vector-icons/css/icon-font-style.css?ver=4.9.22 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:01 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 22:52:34 GMT
Accept-Ranges: bytes
Content-Length: 54353
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
shingroup.com/wp-content/plugins/css3-pricing-tables/responsive.css?ver=4.9.22
185.220.204.64200 OK 11 kB URL HTTP/1.1 shingroup.com/wp-content/plugins/css3-pricing-tables/responsive.css?ver=4.9.22
IP 185.220.204.64:0
File type ASCII text, with very long lines (508)
Hash d027253d48a21222cb79318af1ee562f
726afdf4755dfcf732c3f5f56d4808d98a035cde
e4d732569665275f1d9a684a59a5411ac3bb754f9a73f85c913ed552cbe7404c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/css3-pricing-tables/responsive.css?ver=4.9.22 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:01 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 22:48:28 GMT
Accept-Ranges: bytes
Content-Length: 10902
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
shingroup.com/wp-content/plugins/mega-addons-for-visual-composer/css/style.css?ver=4.9.22
185.220.204.64200 OK 1.4 kB URL HTTP/1.1 shingroup.com/wp-content/plugins/mega-addons-for-visual-composer/css/style.css?ver=4.9.22
IP 185.220.204.64:0
File type ASCII text, with CRLF line terminators
Hash 5c58463a592378f38d45ca1d1df0834a
7774921cdeab0cda96e1949b31917c96a1b9eeb3
c95b879561e19ae45fa002f19fab5a8d1b0ca8c9f975409eb3abd829cf83031d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/mega-addons-for-visual-composer/css/style.css?ver=4.9.22 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:01 GMT
Server: Apache
Last-Modified: Sun, 21 Apr 2019 19:39:14 GMT
Accept-Ranges: bytes
Content-Length: 1384
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
shingroup.com/wp-content/themes/fiction/modules/prettyphoto/css/prettyPhoto.css?ver=4.9.22
185.220.204.64200 OK 20 kB URL HTTP/1.1 shingroup.com/wp-content/themes/fiction/modules/prettyphoto/css/prettyPhoto.css?ver=4.9.22
IP 185.220.204.64:0
File type ASCII text, with very long lines (402)
Hash e8d324d0a1c308cc2c9fdddb263223d5
a1ae5ab211ad71549139f3a26c1da50a24710fa6
c63be02717683d2efdc8c887d77d289092a50b7d51210e87033045ea2b7c9eed
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/fiction/modules/prettyphoto/css/prettyPhoto.css?ver=4.9.22 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:01 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 23:12:00 GMT
Accept-Ranges: bytes
Content-Length: 19888
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
shingroup.com/wp-content/plugins/css3-pricing-tables/table1/css3_grid_style.css?ver=4.9.22
185.220.204.64200 OK 142 kB URL HTTP/1.1 shingroup.com/wp-content/plugins/css3-pricing-tables/table1/css3_grid_style.css?ver=4.9.22
IP 185.220.204.64:0
Size 142 kB (141773 bytes)
Hash 7d67706e0750cb4fb5e0a97ac8729afd
6f1acd80f24d948e30fe3082b1182e69f2dcf80e
b9ed3ce38b840e65e1d30ebc95fdd16e9618b800bb3a9d1d387ed62bd358d508
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/css3-pricing-tables/table1/css3_grid_style.css?ver=4.9.22 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:01 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 22:51:01 GMT
Accept-Ranges: bytes
Content-Length: 141773
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
shingroup.com/wp-content/plugins/mega-addons-for-visual-composer/css/font-awesome/css/font-awesome.css?ver=4.9.22
185.220.204.64200 OK 37 kB URL HTTP/1.1 shingroup.com/wp-content/plugins/mega-addons-for-visual-composer/css/font-awesome/css/font-awesome.css?ver=4.9.22
IP 185.220.204.64:0
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash c495654869785bc3df60216616814ad1
0140952c64e3f2b74ef64e050f2fe86eab6624c8
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/mega-addons-for-visual-composer/css/font-awesome/css/font-awesome.css?ver=4.9.22 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:01 GMT
Server: Apache
Last-Modified: Sun, 21 Apr 2019 19:39:14 GMT
Accept-Ranges: bytes
Content-Length: 37414
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
shingroup.com/wp-content/plugins/css3-pricing-tables/table2/css3_grid_style.css?ver=4.9.22
185.220.204.64200 OK 188 kB URL HTTP/1.1 shingroup.com/wp-content/plugins/css3-pricing-tables/table2/css3_grid_style.css?ver=4.9.22
IP 185.220.204.64:0
Size 188 kB (187502 bytes)
Hash 49c2dfd217929933f69a64f1cc629e18
9252861ba38618336eabe016152fc0d85e5f01cb
309e1d18ab76bd0f0c79cf84b4f2ea1123eacae70124739dc34c2ec27c3d38c8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/css3-pricing-tables/table2/css3_grid_style.css?ver=4.9.22 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:01 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 22:51:03 GMT
Accept-Ranges: bytes
Content-Length: 187502
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
shingroup.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
185.220.204.64200 OK 97 kB URL HTTP/1.1 shingroup.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 185.220.204.64:0
File type ASCII text, with very long lines (31997)
Hash dc5ba5044fccc0297be7b262ce669a7c
f137ff98ae379e35b0702967d3b6866a0a40e3be
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:01 GMT
Server: Apache
Last-Modified: Thu, 05 Sep 2019 01:27:35 GMT
Accept-Ranges: bytes
Content-Length: 96874
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
shingroup.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
185.220.204.64200 OK 10 kB URL HTTP/1.1 shingroup.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 185.220.204.64:0
File type ASCII text, with very long lines (9959)
Hash 7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:01 GMT
Server: Apache
Last-Modified: Fri, 20 May 2016 06:11:28 GMT
Accept-Ranges: bytes
Content-Length: 10056
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
shingroup.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.22
185.220.204.64200 OK 12 kB URL HTTP/1.1 shingroup.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.22
IP 185.220.204.64:0
File type ASCII text, with very long lines (9063)
Hash fe0575b66568074463f12485d90f6d4c
aeedd9ab3b7874e63f647042963cb1301a38b391
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=4.9.22 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:01 GMT
Server: Apache
Last-Modified: Fri, 16 Apr 2021 00:30:08 GMT
Accept-Ranges: bytes
Content-Length: 11943
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
shingroup.com/wp-content/plugins/mega-addons-for-visual-composer/css/ihover.css?ver=4.9.22
185.220.204.64200 OK 437 kB URL HTTP/1.1 shingroup.com/wp-content/plugins/mega-addons-for-visual-composer/css/ihover.css?ver=4.9.22
IP 185.220.204.64:0
File type ASCII text, with very long lines (377), with CRLF line terminators
Size 437 kB (437326 bytes)
Hash 9548e3a6444d77703ec9e834647da266
435d08cc11eb41ead3bf515f10f1c0dbe6a7214e
63191b1a178830374eee4b5a002a02fd5f6bcf0d742a8869ad3277646b2c8f3f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/mega-addons-for-visual-composer/css/ihover.css?ver=4.9.22 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:01 GMT
Server: Apache
Last-Modified: Sun, 21 Apr 2019 19:39:15 GMT
Accept-Ranges: bytes
Content-Length: 437326
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
shingroup.com/wp-content/plugins/LayerSlider/js/layerslider.kreaturamedia.jquery.js?ver=4.6.0
185.220.204.64200 OK 49 kB URL HTTP/1.1 shingroup.com/wp-content/plugins/LayerSlider/js/layerslider.kreaturamedia.jquery.js?ver=4.6.0
IP 185.220.204.64:0
File type Unicode text, UTF-8 text, with very long lines (48521)
Hash 9984d2beeb2a2ba4200867325ecd2089
6b053a3d0a5d7d2ead7815457e4848e98f04ac50
a39143ebb95fce3fce7c599ffa51ccf4c7b59f04372613fd0366f4ecad5cf63c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/LayerSlider/js/layerslider.kreaturamedia.jquery.js?ver=4.6.0 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:01 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 22:51:17 GMT
Accept-Ranges: bytes
Content-Length: 48706
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
shingroup.com/wp-content/plugins/LayerSlider/js/jquery-easing-1.3.js?ver=1.3.0
185.220.204.64200 OK 8.2 kB URL HTTP/1.1 shingroup.com/wp-content/plugins/LayerSlider/js/jquery-easing-1.3.js?ver=1.3.0
IP 185.220.204.64:0
Hash e91e3a60e7765ffa4ead2aa4a0a53e62
a2ca8d32a6ffbbf801fa826d37de402e05506eb6
8f523fa3caad6a62e93d8db0137e6cfc132911e1416f6f9496b747c499790504
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/LayerSlider/js/jquery-easing-1.3.js?ver=1.3.0 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:01 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 22:51:15 GMT
Accept-Ranges: bytes
Content-Length: 8152
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
shingroup.com/wp-content/plugins/LayerSlider/js/jquerytransit.js?ver=0.9.9
185.220.204.64200 OK 6.8 kB URL HTTP/1.1 shingroup.com/wp-content/plugins/LayerSlider/js/jquerytransit.js?ver=0.9.9
IP 185.220.204.64:0
File type ASCII text, with very long lines (6563)
Hash 03bb1197b3cbcf89a1dc47e0f6d0a86f
77140daacc3dc5e8019e0d02827c70317a731ab2
d8a3f914c98da2f5630c7f5e2c118562df53c2b8964de1ae365df89e74e681ce
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/LayerSlider/js/jquerytransit.js?ver=0.9.9 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:01 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 22:51:15 GMT
Accept-Ranges: bytes
Content-Length: 6830
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
shingroup.com/wp-content/plugins/LayerSlider/js/layerslider.transitions.js?ver=4.6.0
185.220.204.64200 OK 21 kB URL HTTP/1.1 shingroup.com/wp-content/plugins/LayerSlider/js/layerslider.transitions.js?ver=4.6.0
IP 185.220.204.64:0
File type ASCII text, with very long lines (20819)
Hash b4949369baa25c6e20f483e6109d7cef
246d2d53c414a282b6c1116a10ad03296c01aa1d
9bc991013bdde4e68f1c704f407a31851faaf185bf7f07f128db1f8a54cf3c89
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/LayerSlider/js/layerslider.transitions.js?ver=4.6.0 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:01 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 22:51:17 GMT
Accept-Ranges: bytes
Content-Length: 21024
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
shingroup.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
185.220.204.64200 OK 3.9 kB URL HTTP/1.1 shingroup.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
IP 185.220.204.64:0
File type ASCII text, with very long lines (3704)
Hash e6784d91bf2c668bc4093063c5b15113
687e1d2e957a821280dbd205ae66182f16dfdc30
194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:01 GMT
Server: Apache
Last-Modified: Fri, 16 Apr 2021 00:30:08 GMT
Accept-Ranges: bytes
Content-Length: 3929
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
shingroup.com/wp-content/plugins/mega-addons-for-visual-composer/js/script.js?ver=4.9.22
185.220.204.64200 OK 4.9 kB URL HTTP/1.1 shingroup.com/wp-content/plugins/mega-addons-for-visual-composer/js/script.js?ver=4.9.22
IP 185.220.204.64:0
File type ASCII text, with CRLF line terminators
Hash 9c7b2d7544b22e92c54fe1e73de71b80
078ca5e3dceb449ecbc60574067387fd6daf5081
9ae6ae6e6130b6b91681bab8ee87595b66b45392d952a8143a2c534d985a6c6e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/mega-addons-for-visual-composer/js/script.js?ver=4.9.22 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:01 GMT
Server: Apache
Last-Modified: Sun, 21 Apr 2019 19:39:16 GMT
Accept-Ranges: bytes
Content-Length: 4870
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
shingroup.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1
185.220.204.64200 OK 14 kB URL HTTP/1.1 shingroup.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1
IP 185.220.204.64:0
Hash 1534f06aa2b1b721a45372f8238e2461
86f7e7b926e1a88209d171b56dadbccc2c96f578
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:01 GMT
Server: Apache
Last-Modified: Sun, 21 Apr 2019 19:39:00 GMT
Accept-Ranges: bytes
Content-Length: 14440
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
shingroup.com/wp-includes/js/comment-reply.min.js?ver=4.9.22
185.220.204.64200 OK 1.1 kB URL HTTP/1.1 shingroup.com/wp-includes/js/comment-reply.min.js?ver=4.9.22
IP 185.220.204.64:0
File type ASCII text, with very long lines (1076), with no line terminators
Hash 9ef21a469fc37e845d6303fcfea70897
a86ec94ec7bee9227bcdf8d6374cabe82ae43e49
6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/comment-reply.min.js?ver=4.9.22 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:02 GMT
Server: Apache
Last-Modified: Fri, 16 Apr 2021 00:30:09 GMT
Accept-Ranges: bytes
Content-Length: 1076
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
shingroup.com/wp-content/themes/fiction/assets/vendor/jquery-easing.js
185.220.204.64200 OK 8.1 kB URL HTTP/1.1 shingroup.com/wp-content/themes/fiction/assets/vendor/jquery-easing.js
IP 185.220.204.64:0
Hash 6516449ed5089677ed3d7e2f11fc8942
82e40d060bc269a6dde20c3990ca5a4fea6ca754
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/fiction/assets/vendor/jquery-easing.js HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:02 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 23:06:31 GMT
Accept-Ranges: bytes
Content-Length: 8097
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
shingroup.com/wp-content/themes/fiction/assets/vendor/jquery-waypoints.js
185.220.204.64200 OK 8.0 kB URL HTTP/1.1 shingroup.com/wp-content/themes/fiction/assets/vendor/jquery-waypoints.js
IP 185.220.204.64:0
File type ASCII text, with very long lines (7808)
Hash b72a7b8d3d65ebc954b5b3103fdff409
c0c0d473a9bc5a9739f8f44158027d34e31bd642
d271120b283f037391dcecfb7e65de5ac6d4feaf3a990ba2a4a2d5289a40333e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/fiction/assets/vendor/jquery-waypoints.js HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:02 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 23:06:32 GMT
Accept-Ranges: bytes
Content-Length: 8044
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
shingroup.com/wp-content/themes/fiction/assets/vendor/jquery-autoclear.js
185.220.204.64200 OK 9.1 kB URL HTTP/1.1 shingroup.com/wp-content/themes/fiction/assets/vendor/jquery-autoclear.js
IP 185.220.204.64:0
Hash f5ad927867bf3db1b9204f6242f8c865
72bb4be9410b809b90ce2ecc025837c96355b56d
9320f6fc6681ad155bac9190a738565da59d6101015ea35f96357534f7a00ebd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/fiction/assets/vendor/jquery-autoclear.js HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:02 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 23:06:30 GMT
Accept-Ranges: bytes
Content-Length: 9104
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 08:11:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
shingroup.com/wp-content/themes/fiction/assets/vendor/jquery-qtip.js
185.220.204.64200 OK 40 kB URL HTTP/1.1 shingroup.com/wp-content/themes/fiction/assets/vendor/jquery-qtip.js
IP 185.220.204.64:0
File type ASCII text, with very long lines (39785)
Hash 2a163f435f65243c665793a161c74d9e
3f2fe240dca872f8934b5bab38126a8c0f089410
8b080f4a765d322cdff4850f9a55254c9393b9c0b6924926e8fb5d111eb220be
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/fiction/assets/vendor/jquery-qtip.js HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:02 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 23:06:32 GMT
Accept-Ranges: bytes
Content-Length: 39925
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
shingroup.com/wp-content/themes/fiction/modules/prettyphoto/js/jquery.prettyPhoto.js
185.220.204.64200 OK 25 kB URL HTTP/1.1 shingroup.com/wp-content/themes/fiction/modules/prettyphoto/js/jquery.prettyPhoto.js
IP 185.220.204.64:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (3572)
Hash df5ed82a0659a0b31cd84d656d8637c9
4452fc2e60a0d1a682cf465b9e27b0713cfcdf4f
e117353e17f7c89acc2053a5298324797da12d6ab31cab0fdaf0cae822ab28d2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/fiction/modules/prettyphoto/js/jquery.prettyPhoto.js HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:02 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 23:12:00 GMT
Accept-Ranges: bytes
Content-Length: 25216
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
shingroup.com/wp-content/themes/fiction/assets/vendor/fiction.js
185.220.204.64200 OK 1.3 kB URL HTTP/1.1 shingroup.com/wp-content/themes/fiction/assets/vendor/fiction.js
IP 185.220.204.64:0
Hash 1cbbb98bdddc5dc00aa4d51b5454cf5f
d4cb797144d2b45b395a2b709a2364d229a5a36e
a024c2ec5818a01fbe7fd58a3b64754d706cf866d3d642cc554543a8dba1bb2c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/fiction/assets/vendor/fiction.js HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:02 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 23:06:29 GMT
Accept-Ranges: bytes
Content-Length: 1303
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
shingroup.com/wp-includes/js/wp-embed.min.js?ver=4.9.22
185.220.204.64200 OK 1.4 kB URL HTTP/1.1 shingroup.com/wp-includes/js/wp-embed.min.js?ver=4.9.22
IP 185.220.204.64:0
File type ASCII text, with very long lines (1391), with no line terminators
Hash 570ae0f3c201604926ea599d3d1f6c04
2c29243a73660964d4712b969d2a15e27777bc14
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-embed.min.js?ver=4.9.22 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:02 GMT
Server: Apache
Last-Modified: Fri, 16 Apr 2021 00:30:09 GMT
Accept-Ranges: bytes
Content-Length: 1391
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
shingroup.com/wp-content/themes/fiction/js_composer/assets/js/js_composer_front.js?ver=3.6.4.1
185.220.204.64200 OK 19 kB URL HTTP/1.1 shingroup.com/wp-content/themes/fiction/js_composer/assets/js/js_composer_front.js?ver=3.6.4.1
IP 185.220.204.64:0
File type HTML document, ASCII text
Hash 0bbe37cc4044be47f0eb7b83fa70c712
713272f669b4fdd63f83f985bb23ec01a2b06198
4a172e8193b47621d0cdf8319b1b5f7430cc21a1cc469df25acffe88bb7f88fd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/fiction/js_composer/assets/js/js_composer_front.js?ver=3.6.4.1 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:02 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 23:07:49 GMT
Accept-Ranges: bytes
Content-Length: 18704
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
shingroup.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
185.220.204.64200 OK 6.8 kB URL HTTP/1.1 shingroup.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
IP 185.220.204.64:0
File type ASCII text, with very long lines (6608)
Hash 664c2622f0d31d62678f4830aabfe291
4e317239cbcadf241bf89340262542e6962ea69c
99ada7e01817367027759ac452a1dd11eca7557272b8940d659c07adb6bc8cbe
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:02 GMT
Server: Apache
Last-Modified: Fri, 16 Apr 2021 00:30:08 GMT
Accept-Ranges: bytes
Content-Length: 6832
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
shingroup.com/wp-content/themes/fiction/js_composer/assets/lib/jquery-ui-tabs-rotate/jquery-ui-tabs-rotate.js?ver=3.6.4.1
185.220.204.64200 OK 1.8 kB URL HTTP/1.1 shingroup.com/wp-content/themes/fiction/js_composer/assets/lib/jquery-ui-tabs-rotate/jquery-ui-tabs-rotate.js?ver=3.6.4.1
IP 185.220.204.64:0
Hash 20144aecaf895cf2a5e6923bb0e23fc0
d472e9d683919b27cba4363836bdff84a79cfb6c
1379822391f2108ffc969e106ed54cca65a0109124ded89420b64577a7f6f252
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/fiction/js_composer/assets/lib/jquery-ui-tabs-rotate/jquery-ui-tabs-rotate.js?ver=3.6.4.1 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:02 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 23:14:04 GMT
Accept-Ranges: bytes
Content-Length: 1784
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
shingroup.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4
185.220.204.64200 OK 12 kB URL HTTP/1.1 shingroup.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4
IP 185.220.204.64:0
File type ASCII text, with very long lines (11801)
Hash 5baf42281f4fbb128816f6883fb5ff3e
ee59fc985c4c7d6b34ed6f8b31a1fbbbd7ad7713
af6dd3662512bb4d13849eefd579d23ad8b28152aa6bf822fcf652412fd0cebf
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:02 GMT
Server: Apache
Last-Modified: Fri, 16 Apr 2021 00:30:08 GMT
Accept-Ranges: bytes
Content-Length: 12014
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
shingroup.com/wp-content/themes/fiction/modules/shortcode-caroufredsel/caroufredsel.js?ver=4.9.22
185.220.204.64200 OK 55 kB URL HTTP/1.1 shingroup.com/wp-content/themes/fiction/modules/shortcode-caroufredsel/caroufredsel.js?ver=4.9.22
IP 185.220.204.64:0
File type ASCII text, with very long lines (32032)
Hash 72805fb6fa518285d00f3721f2eeed88
ee393d37abf534eb94bdbfe72b15e4d07a26ef12
e9cdbebb93c076de37e208742a252641c50a5a527efcee16fd18dff10f237e36
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/fiction/modules/shortcode-caroufredsel/caroufredsel.js?ver=4.9.22 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:02 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 23:06:50 GMT
Accept-Ranges: bytes
Content-Length: 54780
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
shingroup.com/wp-content/themes/fiction/assets/vendor/jquery-blackandwhite.js
185.220.204.64200 OK 9.1 kB URL HTTP/1.1 shingroup.com/wp-content/themes/fiction/assets/vendor/jquery-blackandwhite.js
IP 185.220.204.64:0
Hash 61ea6f90f363d075f04a81c4d181b37e
db0046eb04c21d349c3aee9480f50c0ce04c0462
6499e8211c1ecf80e1d7e0b017b28fb5acd80d1ccf14ea5f153056bada740e67
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/fiction/assets/vendor/jquery-blackandwhite.js HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:02 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 23:06:31 GMT
Accept-Ranges: bytes
Content-Length: 9137
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 08:11:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
shingroup.com/
185.220.204.64200 OK 48 kB IP 185.220.204.64:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1746), with CRLF, LF line terminators
Hash 284427dae37a3d2b01077245cd65514c
3d2eb2031d2f66263e1e93325abe30c55173915b
5df0ceadec8f7ed785a92c79accfeebb12c24e0deb5c6ed6317a8dadfb289a4b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:10:56 GMT
Server: Apache
X-Powered-By: PHP/5.3.29
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: https://shingroup.com/xmlrpc.php
Link: <https://shingroup.com/wp-json/>; rel="https://api.w.org/", <https://shingroup.com/>; rel=shortlink
Set-Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
shingroup.com/wp-admin/admin-ajax.php?action=style&ver=4.9.22
185.220.204.64200 OK 392 kB URL HTTP/1.1 shingroup.com/wp-admin/admin-ajax.php?action=style&ver=4.9.22
IP 185.220.204.64:0
File type assembler source, ASCII text, with very long lines (1496)
Size 392 kB (391678 bytes)
Hash 38882b82388776383d6aa38a70e5374a
37768d4f4a88d3311841b395b80e7520f034d644
0d6c2269354b28d18f520727e1975e05e67e27882fa5ec0ece065950b4c1f37e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-admin/admin-ajax.php?action=style&ver=4.9.22 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:01 GMT
Server: Apache
X-Powered-By: PHP/5.3.29
Pragma: no-cache
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
shingroup.com/wp-content/themes/fiction/images/small_logo_new.png
185.220.204.64200 OK 6.0 kB URL HTTP/1.1 shingroup.com/wp-content/themes/fiction/images/small_logo_new.png
IP 185.220.204.64:0
File type PNG image data, 104 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash d58e6f11bd40800df56a09060a4d8194
14170c6391404894d32f7b87c9addd2ceb44bf81
d43888d4bf0d8dd5d992dd363e1df8eb384b61458cd9f8f58e748e6d3b2eed3c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/fiction/images/small_logo_new.png HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:04 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 22:54:41 GMT
Accept-Ranges: bytes
Content-Length: 5995
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
shingroup.com/wp-content/themes/fiction/images/linkedinbtn.png
185.220.204.64200 OK 365 B URL HTTP/1.1 shingroup.com/wp-content/themes/fiction/images/linkedinbtn.png
IP 185.220.204.64:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash c23d0e02f222d5d1f6d37929f30ecdaf
3116aa21fedcbf8f23a125ab6c1615bd6c7845c5
201342272949c6a7aacf619598d5eef3fdd819af911b7ccbdbb7e712af45a702
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/fiction/images/linkedinbtn.png HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shingroup.com/wp-admin/admin-ajax.php?action=style&ver=4.9.22
Connection: keep-alive
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:04 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 22:54:41 GMT
Accept-Ranges: bytes
Content-Length: 365
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 08:11:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 08:11:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 08:11:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12860, version 1.0\012- data
Hash ab21c24efd75543e16e34807ebc6cdec
eb2562f9729079333fbcbbe94868695669dd3301
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
GET /s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://shingroup.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 21:03:13 GMT
expires: Tue, 05 Dec 2023 21:03:13 GMT
cache-control: public, max-age=31536000
age: 40071
last-modified: Mon, 09 May 2022 18:27:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PX66DTR
172.217.21.168200 OK 62 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PX66DTR
IP 172.217.21.168:0
File type ASCII text, with very long lines (2140)
Hash 2265c845ea58f427d57e93934f48f02b
7e9c15d300a52ac6e27e07c21bf370d653380768
f054940c2f47ece67b712c514dadfcbeb4f4e093f33c02c95469e0a9962d899f
GET /gtm.js?id=GTM-PX66DTR HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 08:11:04 GMT
expires: Tue, 06 Dec 2022 08:11:04 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 62136
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12684, version 1.0\012- data
Hash 0c235386bcf6af06f67e6c89fd19e434
10720574d4609322023984a761f32f9518c07bc4
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
GET /s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://shingroup.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12684
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:23:34 GMT
expires: Fri, 01 Dec 2023 21:23:34 GMT
cache-control: public, max-age=31536000
age: 384450
last-modified: Mon, 09 May 2022 18:28:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 08:11:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
shingroup.com/wp-content/plugins/mega-addons-for-visual-composer/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
185.220.204.64200 OK 77 kB URL HTTP/1.1 shingroup.com/wp-content/plugins/mega-addons-for-visual-composer/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 185.220.204.64:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/mega-addons-for-visual-composer/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://shingroup.com/wp-content/plugins/mega-addons-for-visual-composer/css/font-awesome/css/font-awesome.css?ver=4.9.22
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:04 GMT
Server: Apache
Last-Modified: Sun, 21 Apr 2019 19:39:14 GMT
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 08:11:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
shingroup.com/wp-content/plugins/LayerSlider/skins/noskin/skin.css
185.220.204.64200 OK 1.1 kB URL HTTP/1.1 shingroup.com/wp-content/plugins/LayerSlider/skins/noskin/skin.css
IP 185.220.204.64:0
Hash 38ef5d685e14d73ae722de05e32e611c
70c8109c1f446f79ed921616109d8036ecacb431
21e583e3cb84d4babbb4200b0e45724e06ede285dae5d48f83b4b0ed605d715e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/LayerSlider/skins/noskin/skin.css HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:04 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 23:04:52 GMT
Accept-Ranges: bytes
Content-Length: 1051
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
shingroup.com/wp-content/themes/fiction/images/ems-icon.png
185.220.204.64200 OK 6.4 kB URL HTTP/1.1 shingroup.com/wp-content/themes/fiction/images/ems-icon.png
IP 185.220.204.64:0
File type PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 60ba0e918eeca52c2d6b56d4f99d0bb1
e02169db20abdda03667ed9e39682494a8aeb496
e834b5664ea55568aeb3740395ae7dc9ce056ea891b958355a307f52ddad3d46
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/fiction/images/ems-icon.png HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shingroup.com/wp-admin/admin-ajax.php?action=style&ver=4.9.22
Connection: keep-alive
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:04 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 22:54:41 GMT
Accept-Ranges: bytes
Content-Length: 6430
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
shingroup.com/wp-content/themes/fiction/images/buttons-sprite.png
185.220.204.64200 OK 2.9 kB URL HTTP/1.1 shingroup.com/wp-content/themes/fiction/images/buttons-sprite.png
IP 185.220.204.64:0
File type PNG image data, 170 x 49, 8-bit/color RGBA, non-interlaced\012- data
Hash f628879f1ae28df831b14645520c6f40
234d68c91d0c06797f1f1507fa9650a91ae220ec
17b8c6b6ee5693af3f6224692f27e4da1b92b935328441d0a9bf6679ea7c6082
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/fiction/images/buttons-sprite.png HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shingroup.com/wp-admin/admin-ajax.php?action=style&ver=4.9.22
Connection: keep-alive
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:04 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 22:54:41 GMT
Accept-Ranges: bytes
Content-Length: 2857
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
shingroup.com/wp-content/themes/fiction/images/footer_green_back.png
185.220.204.64200 OK 1.1 kB URL HTTP/1.1 shingroup.com/wp-content/themes/fiction/images/footer_green_back.png
IP 185.220.204.64:0
File type PNG image data, 37 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash 05b77656afa0fafc3d43b96c9139c5d6
cb4829ffc1ee3378f7740cb92b340ef9325b4e97
1342c087172dfe80ec0314162771084d63ae64b4a825ca9b63663f0a6126672b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/fiction/images/footer_green_back.png HTTP/1.1
Host: shingroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shingroup.com/wp-admin/admin-ajax.php?action=style&ver=4.9.22
Connection: keep-alive
Cookie: PHPSESSID=c00f345236259890fbb25d7f0f464461
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 08:11:04 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2013 22:54:41 GMT
Accept-Ranges: bytes
Content-Length: 1063
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin
IP 142.250.74.74:0
GET /css?family=Noto+Sans:400,700&subset=latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shingroup.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 08:11:02 GMT
date: Tue, 06 Dec 2022 08:11:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2