firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 24 Oct 2022 14:23:47 GMT
Expires: Mon, 24 Oct 2022 14:36:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WOBTE79kqwUEvDgfwQNzPn6bGfxTD3HyrCpwfcSH_wZ9JUd84byhAw==
Age: 2073
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 73c4166ca864f777db2cc1cd8658a7c2
c56b66b0b7c8516d4d5bfafe0c166711c78f3d25
310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3596
Expires: Mon, 24 Oct 2022 15:58:16 GMT
Date: Mon, 24 Oct 2022 14:58:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3576
Expires: Mon, 24 Oct 2022 15:57:56 GMT
Date: Mon, 24 Oct 2022 14:58:20 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ImCqCkQVYsfo8F4hjjTlpfo/TOGuuXYqwhuozEdKcsth0PuNyskDGk2yH6PzJZivQZQaoQvTka8=
x-amz-request-id: PE9JVFQ7W73Z3HKH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 24 Oct 2022 14:38:25 GMT
age: 1195
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 14:58:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 24 Oct 2022 14:33:32 GMT
Cache-Control: max-age=3600
Expires: Mon, 24 Oct 2022 14:58:05 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iwmFU_Q_ci7gjgHga_nINY5fe-P4nXChw9ZbHOurQgGNSd8yDdQhLg==
Age: 1489
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7c6fdc8e76ef5875b5c965ade2df503e
45d548aa2a9d7ede163743274790700878eaea62
d2ff6eacd48af4892a2642e5d7bb925ca683062139f5a5cb4047f6f706830618
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3754
Cache-Control: max-age=151858
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 14:58:21 GMT
Etag: "63564795-1d7"
Expires: Wed, 26 Oct 2022 09:09:19 GMT
Last-Modified: Mon, 24 Oct 2022 08:06:45 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
lucasartoys.com/
162.241.123.54301 Moved Permanently 0 B IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 24 Oct 2022 14:58:20 GMT
Server: Apache
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://lucasartoys.com/
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
35.165.143.157101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.143.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ebyOe+Hzt+X/tbHbEtPOJQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Wq3pNDwN7bGPoD2QUsxf/Nvq8hQ=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f9e83fa4db63e44eddcfd9cef2034a2d
668bbbaa434d12ad66b07048881a9fade9519704
9e081e886c6dab50de6107c2597e2881d08a97c78afbfcfe7c2cbfda353bc426
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9E081E886C6DAB50DE6107C2597E2881D08A97C78AFBFCFE7C2CBFDA353BC426"
Last-Modified: Mon, 24 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21533
Expires: Mon, 24 Oct 2022 20:57:14 GMT
Date: Mon, 24 Oct 2022 14:58:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4263
Expires: Mon, 24 Oct 2022 16:09:25 GMT
Date: Mon, 24 Oct 2022 14:58:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4263
Expires: Mon, 24 Oct 2022 16:09:25 GMT
Date: Mon, 24 Oct 2022 14:58:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4263
Expires: Mon, 24 Oct 2022 16:09:25 GMT
Date: Mon, 24 Oct 2022 14:58:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4263
Expires: Mon, 24 Oct 2022 16:09:25 GMT
Date: Mon, 24 Oct 2022 14:58:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4263
Expires: Mon, 24 Oct 2022 16:09:25 GMT
Date: Mon, 24 Oct 2022 14:58:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e8ac15f-1a51-4bfe-ab4a-570fc480a976.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e8ac15f-1a51-4bfe-ab4a-570fc480a976.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f12f21779aa94b557db8037ceefd15b2
1698d8d0ff47fc4e6dd20d99ceae84cfcdd69e86
0d33ee5a721c2f940ff1e7d5fae9abba3781f6d37e458a36285718466ecdcd10
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e8ac15f-1a51-4bfe-ab4a-570fc480a976.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4434
x-amzn-requestid: 41e95a27-2955-4224-8d2c-f12d1254cda7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelB0EQboAMFmMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b53e-5cb99b700c84c99c2d9e52d7;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:22 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 49FYzrcMWfgHbe4smL20px9dbIcXIGCujJ6djuVRT3bEwCkBvgz7Iw==
via: 1.1 27f6faf9790b5a2877fb528fa31f7922.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:46:57 GMT
age: 61885
etag: "1698d8d0ff47fc4e6dd20d99ceae84cfcdd69e86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F869ea046-6a24-4b66-a52f-bc9a678d7ebb.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F869ea046-6a24-4b66-a52f-bc9a678d7ebb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3f174281da48e4a62aab93bcdc57d14a
8ee29d073b84530a30bb370838598115f1a65da8
0096edb7703f0bcea7e5c0d5b529482eceea9123f5f3b278f3f9012f87875f1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F869ea046-6a24-4b66-a52f-bc9a678d7ebb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8400
x-amzn-requestid: b1436934-5b97-4aa8-937a-78bce0b9181c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelN4GACoAMFYmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b58b-29da495d75578b3c20eb37ba;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:43:39 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: glooBvGL65FGrYbL-DVx3o9aVH28zKh3hlXiw5vTRe_PJMLLnYqM1g==
via: 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:54:55 GMT
age: 61407
etag: "8ee29d073b84530a30bb370838598115f1a65da8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0d6114a-4321-4b7f-bc5c-97a5fd5ac537.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0d6114a-4321-4b7f-bc5c-97a5fd5ac537.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0a156d6aed9764d3759987c28b80d6f6
864d279c98c2d821010f0846de71f1b20187024f
ee73e1ab7b53ebba35dc2d00958df54a7229096ff8b5e9fd60989e92acb3fbf5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0d6114a-4321-4b7f-bc5c-97a5fd5ac537.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11635
x-amzn-requestid: aed8aa4d-2cd1-4c5e-999e-ea7391a3ebde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelIoH3BIAMFZ8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b56a-359118d242e827e67150ca6d;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:43:06 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sEgtn4AnAFeNUDPLPcpKl6ed2zAjDJzK724ITXxXY913c6XeqZ7RNA==
via: 1.1 94f8839a97f73584e70cc07d9f704d62.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:30:00 GMT
age: 59302
etag: "864d279c98c2d821010f0846de71f1b20187024f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff75bf2c3-b1dc-465c-ba9a-30b41f6f5cac.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff75bf2c3-b1dc-465c-ba9a-30b41f6f5cac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9b1a13676d3fac304595806959135a2
9c16b23d37594b041cf8678399e6eaeb690346a9
7bc8f67670709caae6b39435fdaa3e5c71b9b30db76c006cc2c841300291a246
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff75bf2c3-b1dc-465c-ba9a-30b41f6f5cac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9568
x-amzn-requestid: 0a162a3c-1723-4926-8651-7d22ecade080
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelN4EVKoAMFWnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b58b-10dae6262d730d1f12c50a20;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:43:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dQhcd1Ip1LFxzOlFCnVRBsX4nIAvOuKjONC0HKysRDmR-Y8G_x4sTg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:52:34 GMT
age: 61548
etag: "9c16b23d37594b041cf8678399e6eaeb690346a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e44a0c5-308b-4a3c-a704-fed082e5c701.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e44a0c5-308b-4a3c-a704-fed082e5c701.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f1a2e95e4cdae92b60d0fde61c6c8312
fa110a433705597d1384e6d5dd0e757090dbe366
bfa8bc3faf60272c250c0b7d220c90bcf9f01267907dd81465ed0a6a4fda8fdc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e44a0c5-308b-4a3c-a704-fed082e5c701.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10639
x-amzn-requestid: 983ddbdb-f97d-44dc-b502-6a555f50217f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelDaEkBoAMFcRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b548-351c26ae42c01c94616d04b4;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: J-VZLP51uG6onthE4ymBDhlNk5KtxsfX_sF-J_pjUHsr5mFrORdvwQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:52:34 GMT
age: 61548
etag: "fa110a433705597d1384e6d5dd0e757090dbe366"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af3d4b4d16ad8b30805be96afa6472e3
bceb257123711c43994e5a03e9caf22eeee16423
30d7fea8d87522ce3ba2abf2c47e0025af1b7c05d6b4ea9f26aaa1f06aff4a67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10072
x-amzn-requestid: 2f26fcdb-0540-49ea-be46-83c00182fcc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelB0FKvoAMFVFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b53e-1be524647e3db4a211e4c4ff;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:22 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: sNu31Qx0p_Ikus0GsGKRNGVxOGnIRSewAXfkXyzOCmT6bJ1D1Qz-0w==
via: 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:10:20 GMT
etag: "bceb257123711c43994e5a03e9caf22eeee16423"
content-type: image/jpeg
age: 60482
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d114ab00b1cfe7f9b4f56c7b3655b55d
641e580d6148329b0c9eb2d49f5f8a30c08f30e9
e5420e919b2c05c148179c7d85a210941be6862b1f65ccfafcfc38d960bf38d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 14:58:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4c236f4ca13cd8fafc580bceb0995642
b6a7de7a8d994ed2cfb5ac74b6d7703de515ecdb
671228953eba5b2678df03acebb493e411752c6f5f72ff7f1e485032241d4aeb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 14:58:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lucasartoys.com/wp-content/plugins/woocommerce-mercadopago/assets/css/global.min.css?ver=6.1.0
162.241.123.54200 OK 398 B URL HTTP/2 lucasartoys.com/wp-content/plugins/woocommerce-mercadopago/assets/css/global.min.css?ver=6.1.0
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (777), with no line terminators
Hash cb3a50704163bfd18a282fa64d68b8df
6fa616a3dbd0fb3fc17f9cd7d3994d8af72fbeb5
4a174ec2910bc5935962a01d2f2c7f9be8e799160284c5f6f737851b08dbc130
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-mercadopago/assets/css/global.min.css?ver=6.1.0 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 28 Aug 2022 23:34:18 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 398
content-type: text/css
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/wishlist.css?ver=3.10.2
162.241.123.54200 OK 1.3 kB URL HTTP/2 lucasartoys.com/wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/wishlist.css?ver=3.10.2
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 0bcbd888a0b91e30ad241bad7b63e933
f63c5dc0a41cca4a70f0b68e4925d4e9552ce88b
a5f1832ea5909c9d66aa3c59b0248ebdc120533b9fd54593eaa87f2d5fbf4796
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/wishlist.css?ver=3.10.2 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 18 Jun 2022 00:17:01 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1312
content-type: text/css
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/themes/flatsome-child/style.css?ver=3.0
162.241.123.54200 OK 211 B URL HTTP/2 lucasartoys.com/wp-content/themes/flatsome-child/style.css?ver=3.0
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash cf04568241f593ca0756d8cc3eca79a1
d4a11a9168b686e936267bbb2a13a20d78768832
5d00bfafd7eaf2282efb87bf13ec66f5840cfd9bf968a331d3bb3d31e73673b7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/flatsome-child/style.css?ver=3.0 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 18 Jun 2022 00:17:16 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 211
content-type: text/css
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/plugins/wordpress-whatsapp-support/assets/css/wws-public-template-4.css?ver=2.2.0
162.241.123.54200 OK 119 B URL HTTP/2 lucasartoys.com/wp-content/plugins/wordpress-whatsapp-support/assets/css/wws-public-template-4.css?ver=2.2.0
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash af7a45edda51f3fb7e3909641ad4da5e
74497b932c10ecbb06584ed74a10e70d6b1ef962
81cc120caca4c820aa27df2cf398bf76a8d06634b6039f5dbd016ac72e56a2cf
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wordpress-whatsapp-support/assets/css/wws-public-template-4.css?ver=2.2.0 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jul 2022 04:30:51 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 119
content-type: text/css
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/plugins/wordpress-whatsapp-support/assets/css/wws-public-style.css?ver=2.2.0
162.241.123.54200 OK 978 B URL HTTP/2 lucasartoys.com/wp-content/plugins/wordpress-whatsapp-support/assets/css/wws-public-style.css?ver=2.2.0
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 8831ad28026d95bda52b309740aed07e
4d5a1702862fb10777291053b2fcea7f96de4b80
732340b76f77a534ae05b87027d6e11f9be917935cc4a8e93c80e28cf2724d22
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wordpress-whatsapp-support/assets/css/wws-public-style.css?ver=2.2.0 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jul 2022 04:30:51 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 978
content-type: text/css
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/themes/flatsome/assets/css/flatsome-shop.css?ver=3.15.6
162.241.123.54200 OK 8.0 kB URL HTTP/2 lucasartoys.com/wp-content/themes/flatsome/assets/css/flatsome-shop.css?ver=3.15.6
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (24034), with no line terminators
Hash 8e4484ef75534c1d2335967bdc7d63f8
79516b961e69cbf94d104f76d9002ebee40be3c9
58d1bf62a14ab6ce9f1bf84307758813aeec994b774e9cfd499699c7ba67b5bf
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/flatsome/assets/css/flatsome-shop.css?ver=3.15.6 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 16 Jul 2022 21:33:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8040
content-type: text/css
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/08/final-hot-toys.jpg
162.241.123.54200 OK 7.6 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/08/final-hot-toys.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 115x50, components 3\012- data
Hash b7ed3b699e2430f3cc685537fa6152ca
312093e04101f17c37ebcd12e293062c67085611
e48e7ce07d1620852459ca4f3d3164dd863b8c6268a4f2bbad564e698c4f0e99
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/final-hot-toys.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 20:08:28 GMT
accept-ranges: bytes
content-length: 7605
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/08/storm-final.jpg
162.241.123.54200 OK 8.7 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/08/storm-final.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 115x50, components 3\012- data
Hash f249320d3ec25d78b401374e6e45daf9
3bbeef8e12ff7f31d583f95f9e4d9455946e1f51
04e9fd4014c1696bf106e4cfb2e9c4ced6f9c8b9d67f6a13a860375e5bde485e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/storm-final.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 20:10:27 GMT
accept-ranges: bytes
content-length: 8715
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/06/logos-02.jpg
162.241.123.54200 OK 20 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/06/logos-02.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=50, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=115], baseline, precision 8, 115x50, components 3\012- data
Hash cccc6f9cb98ed2a84eaa366f531f5b4e
6ee77096d44b2778600064283aab556c4ec908b1
42e8ffbcebe331b5cce61caf25df88221677c87cee6cf5821f43a446b18571f8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/logos-02.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 23 Jun 2022 00:19:05 GMT
accept-ranges: bytes
content-length: 20237
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/06/lucasartoys-logo.svg
162.241.123.54200 OK 8.1 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/06/lucasartoys-logo.svg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4555a32eede21ea31f78f7378f15d285
5f444c2853110ffe4e7175b0482f8362d07f9340
87742c2dddc7ea919530000e5d68ed09bf3bba9a212c502295520285afc18fd2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/lucasartoys-logo.svg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 18 Jun 2022 02:27:40 GMT
accept-ranges: bytes
content-length: 8142
content-type: image/svg+xml
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
162.241.123.54200 OK 4.6 kB URL HTTP/2 lucasartoys.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4618
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/06/logos-03.jpg
162.241.123.54200 OK 21 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/06/logos-03.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=50, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=115], baseline, precision 8, 115x50, components 3\012- data
Hash 197d743424c332f5f5b4971360e6557c
0681fb3b41c6f1cb97524e73ac37141ea65a28ba
b964aa781db935b4ad222c4b668b726b5e33ced07b85fad1299d5fe76cfaae95
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/logos-03.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 23 Jun 2022 00:19:06 GMT
accept-ranges: bytes
content-length: 21127
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/06/peru.jpg
162.241.123.54200 OK 1.9 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/06/peru.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 30x20, components 3\012- data
Hash 9be4dea717f5232132ee5def4daf8683
8a97a547bb4308794071d8f44c23d405287d1e76
74e02ee3bf8c265442704270bb0e3e34cfd9e20227741acb786ed437ff7c3819
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/peru.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 19 Jun 2022 01:43:42 GMT
accept-ranges: bytes
content-length: 1851
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/06/ver-todos.jpg
162.241.123.54200 OK 3.8 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/06/ver-todos.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 50x50, components 3\012- data
Hash a435210e143526e733910fb3bc177528
0e002f6f03cb126420986c6189f8c8f7fca566c0
0d296027d801dd66f45b3d4e32621d3437d1c3e7a5172fdc3c7a81a6a4e2c4fb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/ver-todos.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 18 Jun 2022 21:28:57 GMT
accept-ranges: bytes
content-length: 3765
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/08/gunpla-final.jpg
162.241.123.54200 OK 8.9 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/08/gunpla-final.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 115x50, components 3\012- data
Hash 91ca0c73177ad8c109bbaf0066c02fb7
6d17cb26f0a6432be761393a52b0e20a787cc536
13e287ac3bdddbe6f6195bbf8ad2dbbeceb3f6292acb658f979db0d6dd754864
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/gunpla-final.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 20:13:08 GMT
accept-ranges: bytes
content-length: 8853
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
162.241.123.54200 OK 5.3 kB URL HTTP/2 lucasartoys.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5321
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
162.241.123.54409 Conflict 83 B URL HTTP/2 lucasartoys.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
162.241.123.54409 Conflict 83 B URL HTTP/2 lucasartoys.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.8.2
162.241.123.54200 OK 1.2 kB URL HTTP/2 lucasartoys.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.8.2
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 267e8958dbad03e5b8e684648aa15aa2
fb81c3ab32d537817004715e011c33f2f7efaa81
8d2937738bf3b55c9ec65b0f2429361d4a2b0679f52ef2b9700192ae20acb03e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.8.2 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 28 Aug 2022 23:34:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1202
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2
162.241.123.54200 OK 1.0 kB URL HTTP/2 lucasartoys.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1668)
Hash 0bebfb5722cbc8ac04e62aa40698be49
3bc5e4f29cb19a2d80d46dee242dabf7e42c0fd3
70d02eabbadbe176455a2bb53d8d567feca69847c067a5274987a8bdc65e3c05
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 28 Aug 2022 23:34:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1000
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ffbfbd6d5d1e91af3c02313339eed0d0
df6457b655ac278fe32f3015bba4cff22dae5b2d
1991ca3e854e53f89b92ce93e01e6094f815b1d2c7c31e664481760211ac200a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 14:58:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ffbfbd6d5d1e91af3c02313339eed0d0
df6457b655ac278fe32f3015bba4cff22dae5b2d
1991ca3e854e53f89b92ce93e01e6094f815b1d2c7c31e664481760211ac200a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 14:58:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lucasartoys.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:34:08 GMT
expires: Thu, 19 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 415457
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lucasartoys.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:34:08 GMT
expires: Thu, 19 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 415457
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ffbfbd6d5d1e91af3c02313339eed0d0
df6457b655ac278fe32f3015bba4cff22dae5b2d
1991ca3e854e53f89b92ce93e01e6094f815b1d2c7c31e664481760211ac200a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 14:58:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.wp.com/s-202243.js
192.0.76.3200 OK 4.5 kB IP 192.0.76.3:0
File type ASCII text, with very long lines (9364), with no line terminators
Hash 8e41dc3d060970c9778eaba9b8460bac
b445c40f2973b6b2fccdf8e67b9a7e89daea43f0
de32b9b8e87d566a0e70707e2bb645159371da844b2be2d164b50965dc15b0a3
GET /s-202243.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 14:58:24 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-2494"
content-encoding: br
expires: Mon, 23 Oct 2023 20:10:41 GMT
cache-control: max-age=31536000
x-nc: HIT arn
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/wishlist.js?ver=3.10.2
162.241.123.54200 OK 751 B URL HTTP/2 lucasartoys.com/wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/wishlist.js?ver=3.10.2
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash b9dca71a0be3bfe5c7cee046f8ffcaee
fc81bda0372890ba604a8386614f73eeb3e79167
73d138c6d2d0b138f537526a73b6e9d000d5b4737ff8f28bfd633dd552a12dd8
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/wishlist.js?ver=3.10.2 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 18 Jun 2022 00:17:01 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 751
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.2
162.241.123.54200 OK 792 B URL HTTP/2 lucasartoys.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.2
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2139), with no line terminators
Hash 1ca3f41c13e0027acc45f0601f8b640f
cced34af0c6a59e9cee4229faa66ab39c7031506
d3bc5eaf4c6be9473dbba690825cce9a1a6f4accb6721dae7875efef54942f41
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.2 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 28 Aug 2022 23:34:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 792
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2
162.241.123.54200 OK 4.0 kB URL HTTP/2 lucasartoys.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9115)
Hash 30e4855ccd2fde73cd01838d073b8d4b
aa39e03ffb6e39bf82b6a04d72e3f7cf7509f778
cbcfd79d48b4735b59e17b77cb3930f8a51fcdcb3d4675718a45af6077469636
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 28 Aug 2022 23:34:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3955
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.15.6
162.241.123.54200 OK 6.4 kB URL HTTP/2 lucasartoys.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.15.6
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12801)
Hash 3150f0bfb58d59d79cf34dbf4718aa77
d22faadbb77f8f01f023ec8fcc21ca9098caf447
a75ea09600c356a57b7b3337335b254de11dce060e89b137fe6abc89198884db
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.15.6 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 18 Jun 2022 00:17:01 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6374
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
162.241.123.54409 Conflict 83 B URL HTTP/2 lucasartoys.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2
162.241.123.54200 OK 1.1 kB URL HTTP/2 lucasartoys.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2938), with no line terminators
Hash 769e9d3f7fc383ec1a02024e39730474
4f5a5edf28ed19b48c5e40747ec6896f0df8f09e
4636689d57889e984a7a1a1c6e2516b7a2d951407ca826aaf505c50002e2b486
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 28 Aug 2022 23:34:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1093
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/plugins/woocommerce/assets/js/frontend/password-strength-meter.min.js?ver=6.8.2
162.241.123.54200 OK 790 B URL HTTP/2 lucasartoys.com/wp-content/plugins/woocommerce/assets/js/frontend/password-strength-meter.min.js?ver=6.8.2
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2028), with no line terminators
Hash a3da2e61a237dfda44152d1e697cc317
093693c9688f5790e9124ed401838b5ae6813c52
939a1b24f4d7b757e3c79450679f7d490759600e835ce28ceae5963d3e901fde
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/password-strength-meter.min.js?ver=6.8.2 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 28 Aug 2022 23:34:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 790
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-includes/js/wp-util.min.js?ver=6.0.3
162.241.123.54200 OK 709 B URL HTTP/2 lucasartoys.com/wp-includes/js/wp-util.min.js?ver=6.0.3
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1305)
Hash e9edb7bac979409cf7dbc48d7ab8aca7
ed3f941a8fe41e3994a3ca5e620219328628f532
2a0742cad9937c742b2f51c1ea2ae48359ce8d88d8b56f6d8910c0a267d631b5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-util.min.js?ver=6.0.3 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 25 Jun 2021 14:50:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 709
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-admin/js/password-strength-meter.min.js?ver=6.0.3
162.241.123.54200 OK 626 B URL HTTP/2 lucasartoys.com/wp-admin/js/password-strength-meter.min.js?ver=6.0.3
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1088)
Hash 2a1a5ba30b6feff379f8f52e05d44a38
b32f5f99d898167f44e799df8b6bc8647fcec201
3e68707da0ef62c21037b17d5b9abb0ceb90817c735e02af05cbbdb0f7f9edf9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-admin/js/password-strength-meter.min.js?ver=6.0.3 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 22 Jan 2021 12:32:03 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 626
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-includes/js/zxcvbn-async.min.js?ver=1.0
162.241.123.54200 OK 256 B URL HTTP/2 lucasartoys.com/wp-includes/js/zxcvbn-async.min.js?ver=1.0
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (316)
Hash 0f489595323807d5ba17b35e2a404142
5a4f9c8416f5989fb9394ee59d818a8f3d20bdfe
50581316aa4c1054f4e404bb8c19b99cc8c040af3d0e6f82a313445edf188e01
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/zxcvbn-async.min.js?ver=1.0 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Feb 2021 16:45:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 256
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
162.241.123.54200 OK 1.7 kB URL HTTP/2 lucasartoys.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4875)
Hash 6a452794a68bc140a53b30519b94edf6
68046f5611ba3cf5da1c46087609aff18f59fdc1
259990a9e6191a72a51ac9d038d0c52bb56d880a2b0d460b1fca3f3fee7961ed
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1712
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.15.6
162.241.123.54200 OK 6.8 kB URL HTTP/2 lucasartoys.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.15.6
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 6752, version 1.0\012- data
Hash fea1aeac745dbd246870467857e90f02
b9f8ea8bd9d496f5706b306bc0e777b6a9906b27
343b461359461daad66cca6ae40315cd78bf58ebe79eca9af84596d3d873c209
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.15.6 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 18 Jun 2022 00:16:59 GMT
accept-ranges: bytes
content-length: 6752
content-type: font/woff2
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
162.241.123.54200 OK 2.7 kB URL HTTP/2 lucasartoys.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6475), with no line terminators
Hash 45bd1d6f7fc3a4069fc6fd400b90c961
903c7e28c7141e9fc1bdb4dfc62d043a97a01e2d
c638a0057b4be0a61cfb65b1860a855a327397e9871f5dde28fa2f138fb394dc
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2675
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/plugins/wordpress-whatsapp-support/assets/js/wws-public-script.js?ver=2.2.0
162.241.123.54200 OK 4.0 kB URL HTTP/2 lucasartoys.com/wp-content/plugins/wordpress-whatsapp-support/assets/js/wws-public-script.js?ver=2.2.0
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 6933689d9998b3ce0a454caffed01d66
ee970db2be8c707a7e5bd513577c77288b31c7be
fee80c7d37ffbabe1add83a8765c0c968ed52dab3b55f5989cfe3e850413ec44
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wordpress-whatsapp-support/assets/js/wws-public-script.js?ver=2.2.0 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jul 2022 04:30:51 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3959
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
162.241.123.54200 OK 4.9 kB URL HTTP/2 lucasartoys.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (14924), with no line terminators
Hash 1d777bdd8d096b6dc90a1181c6b564fd
9fb6f0a8be1d12c80100d3e61a4d3d3482ad4c76
06d2d0d6e48f958929d6035eb16b3e7a7d73f19c548b324546c54bc6853e8820
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 28 Aug 2022 23:34:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4877
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=6.8.2
162.241.123.54200 OK 4.6 kB URL HTTP/2 lucasartoys.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=6.8.2
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (13887), with no line terminators
Hash 4d728e71811e2eec3160d805315170dc
1a2ebcf16c0e29b7ae388187f4dd528e671fec5e
53ce82cb57a4d3fa593c481a1788d16cc939d0d7b0b7fa2f7c914e8cfbf77b1c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=6.8.2 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 28 Aug 2022 23:34:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4621
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
162.241.123.54200 OK 4.2 kB URL HTTP/2 lucasartoys.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash a72df5f7a597c541e18a33abef3c11f5
9500913a0a3fca9979a0aed9cb745926d9f86f83
258da631753c1d8d88fb1316024b671fa4a9ac87c9d6c4f38a45bc2c3bf9f3fc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Apr 2022 15:12:47 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4234
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
162.241.123.54200 OK 7.3 kB URL HTTP/2 lucasartoys.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (21310), with no line terminators
Hash 442f178b97cc7dc7fac8cf0444afd364
f135cc89cc3d6308d2d3c7dfb3f04a595116c245
d3220d63ec2995c7ce09e37c2495915fbd30721c4ea94bdaab42310ff44b926b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 28 Aug 2022 23:34:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7256
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2C700%2Cregular&display=swap&ver=3.9
142.250.74.10200 OK 7.9 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2C700%2Cregular&display=swap&ver=3.9
IP 142.250.74.10:0
File type ASCII text, with very long lines (18420)
Hash bbf4faabc411e3d107a3ebd99a5bd941
2b94fce77232159bf528b00dc30b7ed40ee15cd8
bf344f3da5f9715828be2d849b7057aabddc94f5b515f1fa1a39c90e63d3d972
GET /css?family=Roboto%3Aregular%2C700%2Cregular%2C700%2Cregular&display=swap&ver=3.9 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 24 Oct 2022 14:58:24 GMT
date: Mon, 24 Oct 2022 14:58:24 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lucasartoys.com/wp-includes/js/underscore.min.js?ver=1.13.3
162.241.123.54200 OK 8.3 kB URL HTTP/2 lucasartoys.com/wp-includes/js/underscore.min.js?ver=1.13.3
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18876)
Hash 61a4a3c276f704185a925bfa0f4d8b1b
0176eb701bb114d9cb170193f6208ec4fbb35f71
f0875cbb46e9eeb5e497dd52d8c33725509228193c2dbe9ab464f62a15c2f0e2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/underscore.min.js?ver=1.13.3 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Apr 2022 14:39:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8313
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
162.241.123.54200 OK 8.3 kB URL HTTP/2 lucasartoys.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash e49f0561a452c9d04fb7d1510a23cc8c
9e8fc2e3129da4fe2790eee565a6478b864bea83
ab4f9f418b022ab34d617ee2f95d70afff005ed4d4d92e313ce84a56b40bce75
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8254
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.12.0
162.241.123.54200 OK 9.4 kB URL HTTP/2 lucasartoys.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.12.0
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (24951), with no line terminators
Hash 6d2ebadcf4496f03ee153215e6af7193
ac396b45d5770afd86ca93eafba8b0bf725468af
1d5c56ff3f3e8516fea460dc7fbc9ce95b44dc56de0e9c43d96b38e0d589f78c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.12.0 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 28 Aug 2022 23:34:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9365
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/10/aa8662b2-e444-414b-a4e5-eb049effa889-247x296.jpg
162.241.123.54200 OK 9.7 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/10/aa8662b2-e444-414b-a4e5-eb049effa889-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash b811cc70924a004614311878a0a39fad
485b0fcae54c6aa189d52578155c17101593afc5
8c3350d12354f161951d626189381e3bad320f213e609a570f20fdfd49c43488
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/aa8662b2-e444-414b-a4e5-eb049effa889-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 05 Oct 2022 21:07:03 GMT
accept-ranges: bytes
content-length: 9683
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/10053947a2-1-247x296.jpg
162.241.123.54200 OK 11 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/10053947a2-1-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 247x296, components 3\012- data
Hash 8b8be96d62610872ca0bf09a44907999
486c6f0339da4ecca98155dfa1802803b060aa1f
40023d6a344cff4df42e1320b4bd66c87e686a0eb3b3ffe8260a9836f6c28e3f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/10053947a2-1-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 26 Sep 2022 16:28:16 GMT
accept-ranges: bytes
content-length: 11164
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/10/540d9c6c-8efa-4c35-95e0-fab512766b67-247x296.jpg
162.241.123.54200 OK 10 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/10/540d9c6c-8efa-4c35-95e0-fab512766b67-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash 4b6d967e367b526d22fea18c6cdc31fa
8f72b9a7e66e14c319a6c94b6ce01bffb728d1d8
f4dc6ca5b1936901c9567602266a8fcb029b847ae5596f28682710e947c8e3d2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/540d9c6c-8efa-4c35-95e0-fab512766b67-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 05 Oct 2022 21:06:56 GMT
accept-ranges: bytes
content-length: 10424
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/10/2c3212c2-094b-4e5d-8ceb-fb1500f2c10f-247x296.jpg
162.241.123.54200 OK 12 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/10/2c3212c2-094b-4e5d-8ceb-fb1500f2c10f-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash ef2e7c8f54e7bf2028aabf854ad974df
19c582c77dc77e9d14643f86934568283962b56d
dc34bfd75874cb68f347d61bb7cd7284a1289abffcdd7c7defe0feb2df161cf3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/2c3212c2-094b-4e5d-8ceb-fb1500f2c10f-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 05 Oct 2022 21:07:07 GMT
accept-ranges: bytes
content-length: 11498
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/f8b73255-f7be-41b9-ab92-0505ca3df014-247x296.jpg
162.241.123.54200 OK 10 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/f8b73255-f7be-41b9-ab92-0505ca3df014-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash 2861a6a742b2814005d570bb958c7259
ac37097e0bf7f0cbe8adecdc9c2bcb58cf5395e8
9edf5bbcee04796e5abe89f96bb644f5a5e14b4621e048ba187ae6e5a309be69
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/f8b73255-f7be-41b9-ab92-0505ca3df014-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 26 Sep 2022 16:20:44 GMT
accept-ranges: bytes
content-length: 10339
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/10/9d416732-262c-47ef-b4f3-d8b3e9a5a5f3-247x296.jpg
162.241.123.54200 OK 12 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/10/9d416732-262c-47ef-b4f3-d8b3e9a5a5f3-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash d04fecdd863a1b0ee884a7271a5f1d57
48af3d5c82d90fbdd07ee18574bc8e3c8ee4f029
8619dcef955de71696400017ea6f7ebe36a8befbfee3bdc2a960f072bebb20b1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/9d416732-262c-47ef-b4f3-d8b3e9a5a5f3-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 05 Oct 2022 17:25:33 GMT
accept-ranges: bytes
content-length: 12131
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/10/fce387c4-c060-49b8-bb39-7b938bad9f5d-247x296.jpg
162.241.123.54200 OK 12 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/10/fce387c4-c060-49b8-bb39-7b938bad9f5d-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash d88caa4528e9bf32d10a1f4a23c6f039
c8438d2b25f7154a0e3cabbb97ba05f4db1f2d19
52a5f33837ae59683d01b6b72860732d58a3b9bf7bf29876214fd12f323319a6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/fce387c4-c060-49b8-bb39-7b938bad9f5d-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 05 Oct 2022 21:07:05 GMT
accept-ranges: bytes
content-length: 12500
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/06/medios-pago.png
162.241.123.54200 OK 14 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/06/medios-pago.png
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 450 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash f0159c5401e77f081bed079eaf653a5f
d5d4adcb878cccd2c3b9973ef871a6fb9966e6a8
edfda280febd9883824a624006fc7a9bca88f22622d15c636044ad0afa5d8dd8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/medios-pago.png HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Jun 2022 21:12:14 GMT
accept-ranges: bytes
content-length: 13874
content-type: image/png
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/e441e275-2fca-4859-bc29-d82a1e081dc2-247x296.jpg
162.241.123.54200 OK 13 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/e441e275-2fca-4859-bc29-d82a1e081dc2-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash 81cae686f39682b3cfe7eac8fab3f867
47fa5da78488b43097383aa3b3e6f17e0efa60fe
c818d6ccd084751a8d63a7e4fd2241ab0f667350a6f61483eb24a31eca2dde59
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/e441e275-2fca-4859-bc29-d82a1e081dc2-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Sep 2022 22:52:34 GMT
accept-ranges: bytes
content-length: 13053
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/1d731ac0-3018-4f2c-ad62-78bb765d24b4-247x296.jpg
162.241.123.54200 OK 14 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/1d731ac0-3018-4f2c-ad62-78bb765d24b4-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash 0fcc74cfa3443ba2561cb5a2dc97a0be
a74f91eb78f0b281ded82389b9e0d500023eda0d
8c44de9c9ded8ebeb5295354c5c9900a541a9aa44ea6b27f8fad72a659ab30d7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/1d731ac0-3018-4f2c-ad62-78bb765d24b4-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Sep 2022 22:52:35 GMT
accept-ranges: bytes
content-length: 14092
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/10/93a4e45a-00a6-4be6-a143-b707d21e022b-247x296.jpg
162.241.123.54200 OK 16 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/10/93a4e45a-00a6-4be6-a143-b707d21e022b-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash d10009e4d91682a287c50cf55dded36e
7a7ba37a1c063b71e05c2851d48ac5c3c4c22be6
51012ed6e54a0e2ab4fcf4736fb814a91ca09490d744a7cf6c4b68019839dcae
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/93a4e45a-00a6-4be6-a143-b707d21e022b-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 05 Oct 2022 17:25:44 GMT
accept-ranges: bytes
content-length: 15468
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/10/knightmare-batman-and-superman_dc-comics_gallery_605385ac47322-247x296.jpg
162.241.123.54200 OK 16 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/10/knightmare-batman-and-superman_dc-comics_gallery_605385ac47322-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 247x296, components 3\012- data
Hash 09dfc1261eb6e55a6a3efa5606ab8bb5
336b2efead3cbcc5b761bdf6bc86b85f9aa29007
a14e87c7edd35af4d947d502ea53b75755fa594fefe67f285628a0337e7ca24a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/knightmare-batman-and-superman_dc-comics_gallery_605385ac47322-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 07 Oct 2022 19:25:53 GMT
accept-ranges: bytes
content-length: 16410
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/black-adam_dc-comics_gallery_6337167597eb9-247x296.jpg
162.241.123.54200 OK 17 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/black-adam_dc-comics_gallery_6337167597eb9-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 247x296, components 3\012- data
Hash 921667b09edef6544170b97bfa2dfda6
ecf6f6cef8bb6b94518514a89ffe2401e0fac5a3
1b109d2f77dbcd1804e9f4ad8f965fa88988e8dc4d46dd6cba32beeae81db16b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/black-adam_dc-comics_gallery_6337167597eb9-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 30 Sep 2022 19:15:30 GMT
accept-ranges: bytes
content-length: 16675
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/10/harley-quinn-premium-format-figure_dc-comics_gallery_632e34a812cb5-247x296.jpg
162.241.123.54200 OK 17 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/10/harley-quinn-premium-format-figure_dc-comics_gallery_632e34a812cb5-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 247x296, components 3\012- data
Hash d687376d30cf7545dea3583558259bae
b2a91cf1737b94eeca35e63206016c9dbcc01b49
6b4eba6147f307eee4a221e902cd0a6926b2715d9ee11271a6f56f546669af44
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/harley-quinn-premium-format-figure_dc-comics_gallery_632e34a812cb5-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 06 Oct 2022 21:17:08 GMT
accept-ranges: bytes
content-length: 17112
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/black-adam-golden-armor-deluxe-version_dc-comics_gallery_63371a174e1fd-247x296.jpg
162.241.123.54200 OK 19 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/black-adam-golden-armor-deluxe-version_dc-comics_gallery_63371a174e1fd-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 247x296, components 3\012- data
Hash 572ed7b4eff61172bc4ddd84fb32017f
8b8a40ec9959b9c9ca52fb892b27c3b338f16f96
faa3cd14aa3b734affbb416f319a3cef80b10faadd5d15677e90f7548dd00011
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/black-adam-golden-armor-deluxe-version_dc-comics_gallery_63371a174e1fd-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 30 Sep 2022 18:15:43 GMT
accept-ranges: bytes
content-length: 19397
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/black-adam_dc-comics_gallery_633716753ecc4-247x296.jpg
162.241.123.54200 OK 20 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/black-adam_dc-comics_gallery_633716753ecc4-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 247x296, components 3\012- data
Hash 520d3cbe54707f5a623be30b5738133c
24a232d78ede9eca1d6971ee40d8aeb61f3862f3
ac510f47e8c98950747b995e6c2022d396e917aa3aaf868a85c42a79218bab9a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/black-adam_dc-comics_gallery_633716753ecc4-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 30 Sep 2022 19:15:26 GMT
accept-ranges: bytes
content-length: 20182
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/10/harley-quinn-premium-format-figure_dc-comics_gallery_632e34a2ea6d6-247x296.jpg
162.241.123.54200 OK 20 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/10/harley-quinn-premium-format-figure_dc-comics_gallery_632e34a2ea6d6-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash 717f481195a7e818f77bedd4c9033d92
4a5a48b320854f67263608239bebcea24ebf1a6b
2e5ec58befaa2844d1faa6e360b81c20a5a5efe3088f9d686fd4dc376021ba79
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/harley-quinn-premium-format-figure_dc-comics_gallery_632e34a2ea6d6-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 06 Oct 2022 21:17:29 GMT
accept-ranges: bytes
content-length: 19595
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/10/knightmare-batman-and-superman_dc-comics_gallery_605385abb94d8-247x296.jpg
162.241.123.54200 OK 21 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/10/knightmare-batman-and-superman_dc-comics_gallery_605385abb94d8-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 247x296, components 3\012- data
Hash 38ce2d3571d659d08b80a0f3ed368c06
17e9693ac6718a58bd9870db4f28dabda4d502bd
0f46fd406a0d591c5f86b6cd967cfb66f78f3636e7775877ed152f626a981e03
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/knightmare-batman-and-superman_dc-comics_gallery_605385abb94d8-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 07 Oct 2022 19:25:50 GMT
accept-ranges: bytes
content-length: 20800
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/caqrm6-247x296.jpg
162.241.123.54200 OK 24 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/caqrm6-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash b51d80a2e2107278b9d39a88915f74c1
e2aeee84554ab5e891dfa078978cd381d8dd5c14
1669b9440e3d372de7127b80ad3e00fb8cd32cedc20468c056877c66496251c5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/caqrm6-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 26 Sep 2022 16:20:41 GMT
accept-ranges: bytes
content-length: 23728
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/35d46c83-297b-43f6-b559-4b211b01d850-247x296.jpg
162.241.123.54200 OK 24 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/35d46c83-297b-43f6-b559-4b211b01d850-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash a80aed785a5a01311f2c60479e511090
9b7e198b6ccffcfa925df95a9687a8f9948bb262
853d6c70df237a7e9743670a211119356d6dacb89611b97b51e90f51fc4514f9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/35d46c83-297b-43f6-b559-4b211b01d850-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 26 Sep 2022 16:27:50 GMT
accept-ranges: bytes
content-length: 23926
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/black-adam-golden-armor-deluxe-version_dc-comics_gallery_63371a16eb34a-247x296.jpg
162.241.123.54200 OK 26 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/black-adam-golden-armor-deluxe-version_dc-comics_gallery_63371a16eb34a-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 247x296, components 3\012- data
Hash e558c6b116840ceff433c2ba57de5238
34064db67c96d02335433703472acb6f4921dbeb
43f91a42e028010213ab8ceb2b8d5556b2f9f3b004bcc4eb20fd19eb4ff78c60
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/black-adam-golden-armor-deluxe-version_dc-comics_gallery_63371a16eb34a-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 30 Sep 2022 18:15:40 GMT
accept-ranges: bytes
content-length: 25797
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/08/fondo_titulos3-2022.jpg
162.241.123.54200 OK 50 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/08/fondo_titulos3-2022.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1400x130, components 3\012- data
Hash 62f511694198483baedffe42967e22a2
7827fb0f5852a25561101e57befd87396d5ab198
2cb0d9dd0e8c5ae7d47da3d435191dba3553df151c4c3a24d3f5d8770f252280
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/fondo_titulos3-2022.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 17:36:51 GMT
accept-ranges: bytes
content-length: 49640
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/08/fondo_titulos-2022.jpg
162.241.123.54200 OK 75 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/08/fondo_titulos-2022.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1400x130, components 3\012- data
Hash 4ddb6ebcdbb328b1422453e7340d85c1
f2e341b8ad7ab0d9c1e3b7853d6083f8f27e7e5d
cfb767306273cbb7c500268b61e11c3007663e7f9fa398396c6b19727a38f2db
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/fondo_titulos-2022.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 17:36:52 GMT
accept-ranges: bytes
content-length: 74945
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/08/fondo_titulos2-2022.jpg
162.241.123.54200 OK 84 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/08/fondo_titulos2-2022.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1400x130, components 3\012- data
Hash 81ffac714ceb106a87c43ffcb0e6abd6
57aec136b65da50c90875846f283bf339e913317
49b88d3d0be330f18548e5414dda7563d38fc2f0f7e3e438fd0dd6ca297549c0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/fondo_titulos2-2022.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 17:36:50 GMT
accept-ranges: bytes
content-length: 84526
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:25 GMT
server: Apache
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&j=1%3A11.3.1&blog=210545508&post=100&tz=0&srv=lucasartoys.com&host=lucasartoys.com&ref=&fcp=4996&rand=0.7065081119513527
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&j=1%3A11.3.1&blog=210545508&post=100&tz=0&srv=lucasartoys.com&host=lucasartoys.com&ref=&fcp=4996&rand=0.7065081119513527
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A11.3.1&blog=210545508&post=100&tz=0&srv=lucasartoys.com&host=lucasartoys.com&ref=&fcp=4996&rand=0.7065081119513527 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 14:58:25 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/cropped-favicon-32x32.jpg
162.241.123.54200 OK 1.5 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/cropped-favicon-32x32.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 32x32, components 3\012- data
Hash 4b1347eb2973ce0fe3b61d080ea6c36c
0b790fe941de8edb86f4985221be4de1b02b17ed
f90e5c84c9be882931e8cf24eb83260c93aeda041e14735db8351d2ac542b2f2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/cropped-favicon-32x32.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 09 Sep 2022 01:09:34 GMT
accept-ranges: bytes
content-length: 1512
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/cropped-favicon-192x192.jpg
162.241.123.54200 OK 6.4 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/cropped-favicon-192x192.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 192x192, components 3\012- data
Hash 806c86b612c49476243e4028122032ae
d6816c984d38614790750f6b78923263e1b8704d
32a457479093a706b8a6bbc41119939d2ab9770e2e7c8cb768a990d4ac19e345
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/cropped-favicon-192x192.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 09 Sep 2022 01:09:34 GMT
accept-ranges: bytes
content-length: 6359
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/themes/flatsome/assets/js/chunk.sticky-sidebar.a58a6557.js
162.241.123.54200 OK 4.0 kB URL HTTP/2 lucasartoys.com/wp-content/themes/flatsome/assets/js/chunk.sticky-sidebar.a58a6557.js
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10850), with no line terminators
Hash 0d352cfc16d1ffdb4c8f83d9578bb346
f6298645b35da7e6bfe406792cdf408da7c87a7e
fb2e6a9cbb311d2f8f251f13479ad117c7e90c977e0f36fe83972ce02506dfb1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/flatsome/assets/js/chunk.sticky-sidebar.a58a6557.js HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 18 Jun 2022 00:16:59 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4024
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/themes/flatsome/assets/js/chunk.countup.fe2c1016.js
162.241.123.54200 OK 1.7 kB URL HTTP/2 lucasartoys.com/wp-content/themes/flatsome/assets/js/chunk.countup.fe2c1016.js
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4771), with no line terminators
Hash 85ab546ba8007370b26392052208d34a
022f82447b5faa69fecb7d85b3ecc33250e51dd8
5e713176604cd212058d987d419205218bcf6c093cdcf308ba1e2d822c6bbdfd
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/flatsome/assets/js/chunk.countup.fe2c1016.js HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 18 Jun 2022 00:16:59 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1741
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/themes/flatsome/assets/js/chunk.tooltips.29144c1c.js
162.241.123.54200 OK 5.8 kB URL HTTP/2 lucasartoys.com/wp-content/themes/flatsome/assets/js/chunk.tooltips.29144c1c.js
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (16876), with no line terminators
Hash 00132aa5470b0de62627fd6c9af4d4e7
aa460183c94247ecafe500c6ce4096a737f9b360
89e29f20b9c02d3dc87b363c8ab754cbe376b825d3636f03fee090d1da8a9e9a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/flatsome/assets/js/chunk.tooltips.29144c1c.js HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 18 Jun 2022 00:16:59 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5814
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/themes/flatsome/assets/js/chunk.vendors-popups.947eca5c.js
162.241.123.54200 OK 9.0 kB URL HTTP/2 lucasartoys.com/wp-content/themes/flatsome/assets/js/chunk.vendors-popups.947eca5c.js
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (20237), with no line terminators
Hash af8cdd693d22f2d91956a0fdbd680dbf
411e7c8c3bd9601a98ab6251e7c0554983753543
608344b53d4ef9e3572cc7983224c460a9433cd3fc289e5e487a295542c6df41
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/flatsome/assets/js/chunk.vendors-popups.947eca5c.js HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 18 Jun 2022 00:16:59 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9029
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/08/banners_cortesia-scaled.jpg
162.241.123.54200 OK 177 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/08/banners_cortesia-scaled.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2560x854, components 3\012- data
Size 177 kB (177239 bytes)
Hash 98b678db0930c889de3851e39d3d5c94
d8c3c213c2fe4c83dbb361a2aec8652a3e937d79
335d2a8ee51c4df1ec16ffb0804a09ae35f5cc5a2a25e2b9d2d3b585f7e65df3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/banners_cortesia-scaled.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 17:29:04 GMT
accept-ranges: bytes
content-length: 177239
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/08/923322ec-c12f-488e-a87a-70907d0d8746-247x296.jpg
162.241.123.54200 OK 11 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/08/923322ec-c12f-488e-a87a-70907d0d8746-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash 2b5fd123142362d03a9193e72e4569ea
451e8b07ce2d722b4cc0beb3572805201c465807
f6ceabe54fc5d7b902c729fb1e00c7b7e083a20440c7089541072fbcad400c2a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/923322ec-c12f-488e-a87a-70907d0d8746-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 17:13:03 GMT
accept-ranges: bytes
content-length: 10738
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/08/0b88779d-a5c3-4f58-a613-a97238fae581-247x296.jpg
162.241.123.54200 OK 16 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/08/0b88779d-a5c3-4f58-a613-a97238fae581-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash 1a9c7645062cadd206dadd0704d682d5
582f82d8e83c13e75d6eabd163fe34b83c18b9bd
e89321d12629bd688348cd80c87273fd2a0db5d89e17a437fc49b4a50736398d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/0b88779d-a5c3-4f58-a613-a97238fae581-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 19:42:19 GMT
accept-ranges: bytes
content-length: 15660
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/4f0a8272-ec7d-48f7-beac-7198388a1a68-247x296.jpg
162.241.123.54200 OK 13 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/4f0a8272-ec7d-48f7-beac-7198388a1a68-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash b6bef3ddf14fda7fd80a6aa83c2b0694
757787f3a34cf3ce39a113772bb4f2a099ba7401
b1146568d050b27f2b3383048bd305da231c7d38a4e74c6730be6f8f5831acb5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/4f0a8272-ec7d-48f7-beac-7198388a1a68-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 04 Sep 2022 16:48:00 GMT
accept-ranges: bytes
content-length: 13143
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/6ff9960d-03a8-44c6-877a-94a28072c88f-247x296.jpg
162.241.123.54200 OK 16 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/6ff9960d-03a8-44c6-877a-94a28072c88f-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash e6a288928600447dfb21f4438ffaf20f
724832344265b651fabecb68617d77f881c1cce5
3d5ca1c3208f98dc4cbadf40e4bc809f9b441f5de59ed26469774caa7102d50a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/6ff9960d-03a8-44c6-877a-94a28072c88f-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Sep 2022 21:08:04 GMT
accept-ranges: bytes
content-length: 16425
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/d40a41ca-94ce-43ba-b618-bad51be71904-247x296.jpg
162.241.123.54200 OK 17 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/d40a41ca-94ce-43ba-b618-bad51be71904-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash 883591b6ebce19516431a4275c4cbaec
b502711897cf0a07d038923cbf6571a2e77798a3
33cdc4c31bd00ca558e01304f02d534977e91ca90098d94f1948b53d00e8e4bf
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/d40a41ca-94ce-43ba-b618-bad51be71904-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Sep 2022 21:08:03 GMT
accept-ranges: bytes
content-length: 17277
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/44304dc6-b00c-49f1-a561-ca1f2c01af51-247x296.jpg
162.241.123.54200 OK 11 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/44304dc6-b00c-49f1-a561-ca1f2c01af51-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash 9ba84ac17ba9976980bfc0292376c83f
a433b7e259bccabded78f74703d9ea8d12f3fb12
8ce6c6354b7a557040572412a192bc398012aeb2eedc19f0d307d9e95f3fd1d2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/44304dc6-b00c-49f1-a561-ca1f2c01af51-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 17:01:33 GMT
accept-ranges: bytes
content-length: 10673
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/08/36bac752-f052-4f25-9f13-1f103d24111e-247x296.jpg
162.241.123.54200 OK 16 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/08/36bac752-f052-4f25-9f13-1f103d24111e-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash 81ba20a30896a3cc00219dd581261986
130c119b5644ea5e0e2b8b57d852d27867b1a23e
4891ee9c0bf7d8c2e199e09778962cb5733197bfabcb0bdb9ac98bd65241ad17
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/36bac752-f052-4f25-9f13-1f103d24111e-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 19:42:19 GMT
accept-ranges: bytes
content-length: 16298
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/227717bb-12d9-426a-88c2-660f33b69d9a-247x296.jpg
162.241.123.54200 OK 14 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/227717bb-12d9-426a-88c2-660f33b69d9a-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash f7d7bd78fdc1ff62f65c8f7367944373
02cff4fd501783f70b06d756d06dc8e4381fba41
20fe9638e5b266c7a910c4c2cfc7824122baf95aea037f036b2e35e0cf01f289
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/227717bb-12d9-426a-88c2-660f33b69d9a-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 04 Sep 2022 16:47:54 GMT
accept-ranges: bytes
content-length: 13887
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/08/bd5eea91-c0e7-41e0-955f-501abee847d5-247x296.jpg
162.241.123.54200 OK 9.2 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/08/bd5eea91-c0e7-41e0-955f-501abee847d5-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash 4928c69e35c262559bcbfff1f2d7f923
cc98106b866d87f9dda6a1d6ece3d7e0c9c1e3f2
32dc5a24db9990c17e3f6876ddfd1deafbd201b5cc47eca0cb28c831853bdf9a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/bd5eea91-c0e7-41e0-955f-501abee847d5-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 17:12:58 GMT
accept-ranges: bytes
content-length: 9194
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/3cc59a6a-c92f-44ba-bd6c-ea6e0df6a78b-2-247x296.jpg
162.241.123.54200 OK 10 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/3cc59a6a-c92f-44ba-bd6c-ea6e0df6a78b-2-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash 1424aadc9dc1b5d46a85b21454fd04b7
827c00dfa967abf6e8a41e03ed46db097f9a37f4
23654a0ff0ccc5e74edb5e535bce94687888789681c7367fd691389042069ed6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/3cc59a6a-c92f-44ba-bd6c-ea6e0df6a78b-2-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Sep 2022 16:40:53 GMT
accept-ranges: bytes
content-length: 10183
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/7982a972-358d-430e-80e9-aec0904431ad-247x296.jpg
162.241.123.54200 OK 13 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/7982a972-358d-430e-80e9-aec0904431ad-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash 278a68ef35320200e9b251df6d5e5adf
acf685126353c8ede2742c7989424542b88cd585
6b086d317180f15044094ab5f9b759121075d6458898943d810bc1fef32c3499
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/7982a972-358d-430e-80e9-aec0904431ad-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 17:01:27 GMT
accept-ranges: bytes
content-length: 13139
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/e105d905-957b-45d1-922e-435848d097cc-2-247x296.jpg
162.241.123.54200 OK 9.4 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/e105d905-957b-45d1-922e-435848d097cc-2-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash 5dc7fdad188607ce8d01919801c8dc18
dc973bcd413119ead9067a9839709aa1633a212f
ca75b3576533d18050038f9e5d4f148119deb58be894c3e11e107bd73fa8f13f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/e105d905-957b-45d1-922e-435848d097cc-2-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Sep 2022 16:40:51 GMT
accept-ranges: bytes
content-length: 9419
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/item_0000013750_MoDDMbsy_03-247x296.jpg
162.241.123.54200 OK 13 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/item_0000013750_MoDDMbsy_03-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 247x296, components 3\012- data
Hash 7809e47f08e91e242adddb14496a55b5
1cbe25ef16cf1791f9bc41e721f8a0887ed54012
d0dd16d37ae7c4977547e7dcaf12706e42389ad65f55272f8c7cc672d29cb389
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/item_0000013750_MoDDMbsy_03-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Sep 2022 16:47:11 GMT
accept-ranges: bytes
content-length: 12944
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/27f81a19-d2f7-4cd1-a7ea-6721706efe77-247x296.jpg
162.241.123.54200 OK 15 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/27f81a19-d2f7-4cd1-a7ea-6721706efe77-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash 25344b0e7783dd5369c6acdca7b6c762
9e49e0970edfe1c15ee2588c7ad908e7c72037b3
f64b3a75b482ec7602e1cc0c024e49782866d4e67931b01a4f79601ff335b91d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/27f81a19-d2f7-4cd1-a7ea-6721706efe77-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 04 Sep 2022 19:57:26 GMT
accept-ranges: bytes
content-length: 14753
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/c6061e50-b42e-4efa-9789-77fd19c3fe66-247x296.jpg
162.241.123.54200 OK 11 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/c6061e50-b42e-4efa-9789-77fd19c3fe66-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash ec8bbf15f8f557a94ff61ef35c637924
0b30438bf99d41f3f7da629ddac225dcee17e0be
e28beab148d7f3fff7460f7b920cdbf1109a545da2159e2dce1924341dbea570
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/c6061e50-b42e-4efa-9789-77fd19c3fe66-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 19:27:28 GMT
accept-ranges: bytes
content-length: 11181
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/9de30dc7-e4c9-443c-afae-532e864926ad-247x296.jpg
162.241.123.54200 OK 14 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/9de30dc7-e4c9-443c-afae-532e864926ad-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash b76137fc9017710aa950792c1dbf3496
741f93a80faf5e5c95d7d5f61f9002e5762b4e0d
8cc87b76a753d9a973df4e4b25b0f6623ddf7e42285ad299e89a36256a3263ce
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/9de30dc7-e4c9-443c-afae-532e864926ad-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 23:12:52 GMT
accept-ranges: bytes
content-length: 14388
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/1a8faa6d-fea3-45f3-a0af-c4730f11adde-247x296.jpg
162.241.123.54200 OK 16 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/1a8faa6d-fea3-45f3-a0af-c4730f11adde-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash a3f617a56ce52b3a1950207eaf8f55c2
77620fd883bd869a0c3c23145ddcbc4b9a8af71b
e12e9123a0d9ac58de75d421ccf4032ea5a56fb924f31f9750a6c40467f62397
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/1a8faa6d-fea3-45f3-a0af-c4730f11adde-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 04 Sep 2022 19:57:16 GMT
accept-ranges: bytes
content-length: 15703
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/08/01c89037-910b-4235-9511-af1c335a4ea7-247x296.jpg
162.241.123.54200 OK 12 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/08/01c89037-910b-4235-9511-af1c335a4ea7-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash da98494f3390082efb2b198d2864b0d8
931caf0d438a260c8209d6bc3b9fbd60e4f4641a
f97f6be206401d57b7dfa0905a6d978b823abb8fa2c1f471dbe0b9bbf3586713
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/01c89037-910b-4235-9511-af1c335a4ea7-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 29 Aug 2022 21:31:47 GMT
accept-ranges: bytes
content-length: 11548
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/f1def150-6241-4856-96c8-827f405e897a-247x296.jpg
162.241.123.54200 OK 12 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/f1def150-6241-4856-96c8-827f405e897a-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash 3407c6ea3c7c6e124bb77daf060947ff
b7f8091682b75733672809788d78aa6dc46a9173
8ab5938ce01bf5604f5bc446cb69eca996c38d6808c1c015a3404934e732a291
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/f1def150-6241-4856-96c8-827f405e897a-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 19:27:29 GMT
accept-ranges: bytes
content-length: 11461
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/bd60e5_35c6690610f24cbda267987dd80e390f_mv2-247x296.jpg
162.241.123.54200 OK 22 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/bd60e5_35c6690610f24cbda267987dd80e390f_mv2-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 247x296, components 3\012- data
Hash c8c62d9c4357c6e1b94390a293128cb0
545560420f572c2062f3c9bc76a42bf789e93674
cc143a58441a5dfc4360c776dae7eeadaead0e67ff3b3b648790856038463f06
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/bd60e5_35c6690610f24cbda267987dd80e390f_mv2-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Sep 2022 15:59:48 GMT
accept-ranges: bytes
content-length: 21815
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/08/654234dd-e564-4363-8a6f-33498b01806c-247x296.jpg
162.241.123.54200 OK 30 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/08/654234dd-e564-4363-8a6f-33498b01806c-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash fb171f9bb03afc4df2ffd02c1ab2ae32
0c6bf0680f9351cd1aa1e2d98a3436b8ea6ccdc4
7a1a55bc75d7ddde4f79f37a55a2c5526f106f4815c5170801a3d409860f8112
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/654234dd-e564-4363-8a6f-33498b01806c-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 28 Aug 2022 15:15:13 GMT
accept-ranges: bytes
content-length: 29621
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/08/9ca28101-057a-4d5b-b8a1-e07ed7f5037e-247x296.jpg
162.241.123.54200 OK 24 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/08/9ca28101-057a-4d5b-b8a1-e07ed7f5037e-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash 8c9aac9291d741187b6252b922bd360e
03d02e1bdcbd6dea257dac0fd52ea642d4ae67e2
a5368cff0251ef429c25a3e0e2a7e0e9921e0a9e63aa83cc9c2dec6ae8c622fd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/9ca28101-057a-4d5b-b8a1-e07ed7f5037e-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 28 Aug 2022 15:15:06 GMT
accept-ranges: bytes
content-length: 23521
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/bd60e5_70fa985b0b314e9a99fa54298c3e6e57_mv2-247x296.jpg
162.241.123.54200 OK 23 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/bd60e5_70fa985b0b314e9a99fa54298c3e6e57_mv2-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 247x296, components 3\012- data
Hash d0c953a27ea148587e14f04bc1ef6232
ff751792f13cdafdf42c532aceb44ee8bc330a78
4bec2aabde2128d7eda8f27e72c6f49aa5c4080cf607bb04668d7dfe1884d3e1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/bd60e5_70fa985b0b314e9a99fa54298c3e6e57_mv2-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Sep 2022 15:59:52 GMT
accept-ranges: bytes
content-length: 23286
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/item_0000013750_MoDDMbsy_01-247x296.jpg
162.241.123.54200 OK 25 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/item_0000013750_MoDDMbsy_01-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 247x296, components 3\012- data
Hash cb6d26bea4f73cf7de3285fd33675fe2
8282870b9bb3af2f63a0deca5948826e414e1c17
60ee5cf6641142f23d59ef7ac6549e5f83acf41972b95218a67c34adfa109210
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/item_0000013750_MoDDMbsy_01-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Sep 2022 16:47:09 GMT
accept-ranges: bytes
content-length: 24614
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/08/81qdhYr99dL._AC_SL1500_-247x296.jpg
162.241.123.54200 OK 24 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/08/81qdhYr99dL._AC_SL1500_-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash 01cbb9ab54f9f4b8009459a87fd166b3
99c700bb268088dd94e542f27c3f442b3e364176
8e324db2b1ca489a356675011b4120b6ed4f4e2064aad0c40f96c99bb3572edb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/81qdhYr99dL._AC_SL1500_-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 29 Aug 2022 21:31:50 GMT
accept-ranges: bytes
content-length: 23651
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/08/f652a865-c54b-4a27-93b0-371af8dcadd6-247x296.jpg
162.241.123.54200 OK 20 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/08/f652a865-c54b-4a27-93b0-371af8dcadd6-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash cf01db0a8c786cb4c8f9cb632ebed480
c851e1bcfd7e1c06b2519b7383306cbe0657a0d7
0136336c362712d61d38159a76350b779827db0829cc85d2be4ef46c1a9c93f1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/f652a865-c54b-4a27-93b0-371af8dcadd6-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 23:45:53 GMT
accept-ranges: bytes
content-length: 19655
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/08/d757ce06-9df3-4ff0-b40a-b75bcfc872f1-247x296.jpg
162.241.123.54200 OK 19 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/08/d757ce06-9df3-4ff0-b40a-b75bcfc872f1-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash d3c182e4d43a6c2192f9f3052af7c764
808ca129c8c8c226b6496cb597ae2a88f06cf8d5
65295354feed5046656a944dd71f406c5572fc9ecd061552058eb54a0f22c1bc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/d757ce06-9df3-4ff0-b40a-b75bcfc872f1-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 23:46:58 GMT
accept-ranges: bytes
content-length: 18578
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/08/d8246a0a-42fa-4bdc-84b8-34cec5668bed-247x296.jpg
162.241.123.54200 OK 19 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/08/d8246a0a-42fa-4bdc-84b8-34cec5668bed-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash 226fe84ea4704a9b277c72f7ed26b907
d911a6bb301709559dda183259d9543bb4b74684
1994817bc3de06b2e15962b130c3cd5819be20e22058b3d99c9569c3020f1a29
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/d8246a0a-42fa-4bdc-84b8-34cec5668bed-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 29 Aug 2022 21:43:59 GMT
accept-ranges: bytes
content-length: 18639
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/09/be04e146-e7c0-47f8-9b15-82eb67807b4d-247x296.jpg
162.241.123.54200 OK 16 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/09/be04e146-e7c0-47f8-9b15-82eb67807b4d-247x296.jpg
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 247x296, components 3\012- data
Hash 2aeba930af9e05e68ee405b4881b898d
1ed15fa5a30c9aa817c42e126fa49eb6fbf7bc01
dc38415a1079eac8f92ab0254c5f99bcb07f703bd14d380242bda9914beb2919
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/be04e146-e7c0-47f8-9b15-82eb67807b4d-247x296.jpg HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 23:13:01 GMT
accept-ranges: bytes
content-length: 16458
content-type: image/jpeg
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/uploads/2022/08/bans61788_0-247x296.png
162.241.123.54200 OK 162 kB URL HTTP/2 lucasartoys.com/wp-content/uploads/2022/08/bans61788_0-247x296.png
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 247 x 296, 8-bit/color RGBA, non-interlaced\012- data
Size 162 kB (161863 bytes)
Hash a63e0ad7c06548dc799316e87186d421
a7858c86f58b3ef2b24b293ab075d1a30daddea2
599b9db3cf6106879a033144b7081e6ba51863c30cb82c75cb27e3f3c5f8b482
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/bans61788_0-247x296.png HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 29 Aug 2022 21:44:12 GMT
accept-ranges: bytes
content-length: 161863
content-type: image/png
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/?wc-ajax=get_refreshed_fragments
162.241.123.54200 OK 287 B URL HTTP/2 lucasartoys.com/?wc-ajax=get_refreshed_fragments
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JSON data\012- , ASCII text, with very long lines (520), with no line terminators
Hash a1b62b72d8ac0a30cf16da7051bca2e3
a13b03aff584811d41a96a2a814ab5512d73cc9d
ef270ed25004c527bf8a61d742d876fc6933acacbe3ad83865098ed48a6132f9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://lucasartoys.com
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://lucasartoys.com
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
vary: Accept-Encoding
content-encoding: gzip
content-length: 287
content-type: application/json; charset=UTF-8
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=8d32fe071187c00e5c8eae51dcdefdd9
162.241.123.54200 OK 0 B URL HTTP/2 lucasartoys.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=8d32fe071187c00e5c8eae51dcdefdd9
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/flatsome/assets/js/flatsome.js?ver=8d32fe071187c00e5c8eae51dcdefdd9 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 18 Jun 2022 00:16:59 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
162.241.123.54200 OK 0 B URL HTTP/2 lucasartoys.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-includes/js/zxcvbn.min.js
162.241.123.54200 OK 0 B URL HTTP/2 lucasartoys.com/wp-includes/js/zxcvbn.min.js
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/zxcvbn.min.js HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 26 Oct 2019 00:17:07 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
stats.wp.com/e-202243.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /e-202243.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 14:58:24 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 16 Oct 2023 10:12:22 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.3.1
162.241.123.54200 OK 0 B URL HTTP/2 lucasartoys.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.3.1
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.3.1 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 13 Sep 2022 22:36:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.15.6
162.241.123.54200 OK 0 B URL HTTP/2 lucasartoys.com/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.15.6
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.15.6 HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lucasartoys.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 09 Sep 2022 04:09:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Mon, 24 Oct 2022 14:58:24 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/wp-content/themes/flatsome/assets/js/chunk.vendors-slider.f0d2cbc9.js
162.241.123.54200 OK 0 B URL HTTP/2 lucasartoys.com/wp-content/themes/flatsome/assets/js/chunk.vendors-slider.f0d2cbc9.js
IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/flatsome/assets/js/chunk.vendors-slider.f0d2cbc9.js HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://lucasartoys.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 18 Jun 2022 00:16:59 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 24 Oct 2022 14:58:26 GMT
server: Apache
X-Firefox-Spdy: h2
lucasartoys.com/
162.241.123.54200 OK 0 B IP 162.241.123.54:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: lucasartoys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
link: <https://lucasartoys.com/wp-json/>; rel="https://api.w.org/", <https://lucasartoys.com/wp-json/wp/v2/pages/100>; rel="alternate"; type="application/json", <https://lucasartoys.com/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 24 Oct 2022 14:58:22 GMT
server: Apache
X-Firefox-Spdy: h2