r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5561
Expires: Fri, 09 Dec 2022 05:22:19 GMT
Date: Fri, 09 Dec 2022 03:49:38 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7915
Expires: Fri, 09 Dec 2022 06:01:33 GMT
Date: Fri, 09 Dec 2022 03:49:38 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5126
Expires: Fri, 09 Dec 2022 05:15:04 GMT
Date: Fri, 09 Dec 2022 03:49:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 03:08:17 GMT
content-type: application/json
age: 2481
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ru6AFxMzMekkt+uhLBkpF9/XQPxCiXwsmzk72sjfdM5NxGHuQtO/75kKJKEkicEGb+LpEzVs5fw=
x-amz-request-id: JMZTX23YC8GJRTYG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 02:50:05 GMT
age: 3573
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 03:49:38 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 03:07:55 GMT
age: 2504
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
kenvin.in/
301 Moved Permanently 0 B IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 03:49:38 GMT
Server: Apache
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://kenvin.in/
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
200 OK 471 B IP
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3441
Cache-Control: max-age=108874
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:49:39 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:04:13 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7dbaa0afc9061e7615de4e89800629a0
214a52d10e2409c5e48efabf747e21f54be14167
2c477116530c4fdd3a7db3cc02c841647b9065f92271d3319aa579fd80567e49
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C477116530C4FDD3A7DB3CC02C841647B9065F92271D3319AA579FD80567E49"
Last-Modified: Wed, 07 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9705
Expires: Fri, 09 Dec 2022 06:31:24 GMT
Date: Fri, 09 Dec 2022 03:49:39 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AI5TrPsd5ttFqp3elNNT2w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BFh958UIcAMTbdWIUKMumF3+phU=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3669
Expires: Fri, 09 Dec 2022 04:50:49 GMT
Date: Fri, 09 Dec 2022 03:49:40 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3669
Expires: Fri, 09 Dec 2022 04:50:49 GMT
Date: Fri, 09 Dec 2022 03:49:40 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3669
Expires: Fri, 09 Dec 2022 04:50:49 GMT
Date: Fri, 09 Dec 2022 03:49:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oV7bB5Tek01MFi9x2tr_Wix13-UGlQPIt042XM0ALNUvVFYnu5DRcg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:38:26 GMT
age: 674
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg
200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 955c6ac69b89f6cbd497df53fcb2ae1b
2506152cdd1056533116feb9350124356e570e54
fca1b303a554aa9cdd13c4769a1088e1905ef888ed703de17864fe76ff880abe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7217
x-amzn-requestid: be9196fc-3d43-49db-8522-8781cbf5a247
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUEDEWpIAMFqUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66e6-04b24220213872ba378d3538;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4QlJZW4ZiPNVhOJbcRldanR8veym3l0sIBGa1Ym-4FOTT_utMQeZQg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 10:15:09 GMT
age: 63271
etag: "2506152cdd1056533116feb9350124356e570e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 730ba1a8edb79ba6f83b46d1ba5aed7b
55a236fedf6f5f7ca2bb88ae13e20846a50fd36d
f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12748
x-amzn-requestid: edd028e3-c23e-4985-b12d-d3ebe760df47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjuciEptIAMFj9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af783-1c151eb66f590c9c0e0c4c82;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:15:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -y4-_OwHl5_OFykJYYZSqwIopjKoYy1MhaGTpVXd4Grq2EsUP2c3IA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 18:34:32 GMT
age: 33308
etag: "55a236fedf6f5f7ca2bb88ae13e20846a50fd36d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb00a2a503a690cee3e4dd729b5bc9bd
cfb1e5bcab2148a777889680e6e36b9d7e8917ec
7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7960
x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEd8HC0oAMFUag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yL-FrFYh-3PuCZCpCHYg--ebTS7wMmMQ7IE2mgimDVsKWFEtKC2gVQ==
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 05:44:09 GMT
age: 79531
etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45e0c1638ad919bde19731f7987ab064
1e492807c665e6e6b24ec6ce19035fdfc6f23b92
f0d3738ec8406958470c8fd152a02a123d7654c30f974c1df5c4977a380c2d62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10205
x-amzn-requestid: c5704c7a-60c4-402b-8018-5885a8dae971
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F9BIAMF3ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-3e9573d900714e3250f43e17;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mLTL7L808-OguYGrl3FUvwmFmPQjBPRj7PVfgEheFHWg4g4skoBvOg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 18:05:28 GMT
age: 35052
etag: "1e492807c665e6e6b24ec6ce19035fdfc6f23b92"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9cb76c68a8cd472600106cc118067868
6cee6b1828c709f68b995197ca943a5c393f86fb
009d9ba19043b03b5aceeb80b69bf249f19a0a225bdbfef7ab8691669cb64130
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8204
x-amzn-requestid: cf54b5f8-ede8-49d5-aa56-5d9de98e3ab8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjtKfEiToAMFSXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af576-6ddfe35c0b31074d6a07076f;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:06:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UfqFAlLedF6ZkfbGXhyYDcvu0porNJb6LPaeQ8p4dqWqsFD6iRgWLw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 15:50:07 GMT
age: 43173
etag: "6cee6b1828c709f68b995197ca943a5c393f86fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:49:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900&ver=6.0.3
200 OK 1.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900&ver=6.0.3
IP
Hash 2eed5de8c9d411bc7e199bc2f1e7b2c8
d72d8c0d3d52770820b691be2f426fe92f954a6b
6c3e3ad2b48bf8ac8c5496fcdf5c5bd79b10ffbf51e31a5e110ddcdbb52e6069
GET /css?family=Poppins%3A300%2C400%2C500%2C600%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 03:49:40 GMT
date: Fri, 09 Dec 2022 03:49:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.6.7
200 OK 1.6 kB URL HTTP/2 kenvin.in/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.6.7
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (13766)
Hash 802be6b67baa16e381ee1c5d1d06c973
c671b16428c604b5076e3e5a271704505509f777
50915eefa73a069f2bce4a5f4f4b1faf699fbc07cb3e8042decc19b27e628c27
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.6.7 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jul 2022 05:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1608
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/uploads/elementor/css/post-4367.css?ver=1658953434
200 OK 2.3 kB URL HTTP/2 kenvin.in/wp-content/uploads/elementor/css/post-4367.css?ver=1658953434
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (16183), with no line terminators
Hash 2e579663361ed805f2169d9f163f5f42
88f4c60f9c69d68266e0cd5240dd0e0b420b5751
eb9b6aea14f146cd5d9ddb23a17c19637b55d8db7b63701933d2755cf5beaf6a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-4367.css?ver=1658953434 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 20:23:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2335
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/uploads/elementor/css/post-4275.css?ver=1658953434
200 OK 3.1 kB URL HTTP/2 kenvin.in/wp-content/uploads/elementor/css/post-4275.css?ver=1658953434
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (21483), with no line terminators
Hash f81df08e8f18b1a5397d963c2acab6ea
cf892323f55a9fdf63537700d35739bb5a09f7aa
94652138a9139d57c8ec8650c6ead695a57e98b618a1fdf501619b8831ff6d8d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-4275.css?ver=1658953434 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 25 Sep 2022 11:38:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3113
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.6.7
200 OK 4.4 kB URL HTTP/2 kenvin.in/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.6.7
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (26516)
Hash fdd462f58aee3f9349eabdefb5ca0b57
bb6e017d5537630516ccb98952593690a8c69864
ca51806fcedbe90dd613c4c28673af8693381806a5cb3b43dce2ea4f43e8b314
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.6.7 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jul 2022 05:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4436
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=1.3.5
200 OK 13 kB URL HTTP/2 kenvin.in/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=1.3.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (59158)
Hash e6b67e11736ae36a062b381717f2ea9f
a663a79bc8d42aa58bfea1351cc27e0d0b09c9b2
a07a94d36246d0b3e5b9b18e274e31995d0e23cda955babf5e350e91a879523d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=1.3.5 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jul 2022 05:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12862
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/chaty/css/chaty-front.min.css?ver=1655812681
200 OK 6.2 kB URL HTTP/2 kenvin.in/wp-content/plugins/chaty/css/chaty-front.min.css?ver=1655812681
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (20627), with no line terminators
Hash afc6c697104434ea99aa61e7680139c5
f3b294585de75fd487f5552294c0be19a2393c14
9b21d1b570cbfa1588ba3a0a20588562f2ea9d20920deab1f9bd1ea8c2a0045e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/chaty/css/chaty-front.min.css?ver=1655812681 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Jul 2022 12:37:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6194
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
200 OK 17 kB URL HTTP/2 kenvin.in/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (43771)
Hash 2a67a4888baa44de739f3fe56203ce07
da175eae57f26b655747d79f055477e3fee1abb9
3a4d7627476a0099ca4bcc101685f27de04cb49dd66ef842d72c6cda270599dd
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Jul 2022 05:28:07 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 16594
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
200 OK 4.0 kB URL HTTP/2 kenvin.in/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (19082)
Hash 1a51c193793d105fc6aaddfc3bc05349
238e509973276daa145be273af1aba0fbb3801bf
69e8578f795564941f826ab314ab57c83da7fb6ca7d9221c8df5f1e9081ae6e3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jul 2022 05:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3978
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.6.2
200 OK 12 kB URL HTTP/2 kenvin.in/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.6.2
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4fb0795711301ef32d45d6f3fdef07b4
631536b58397ce6a01ea02f5b15bd445176f4a06
9ae496f3fc96cb6feec38d3965fefe4f998320f9a0c92130658d81367a696fa5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.6.2 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Jul 2022 12:35:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12485
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/css/select2.min.css?ver=6.0.3
200 OK 3.4 kB URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/css/select2.min.css?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15195), with CRLF line terminators
Hash 0c7f5013403d25127956651ffdfa3f97
dd8967e9182b59e01126b3d7ceab4cd101806370
5b1ba70c82cda7a35d9baaf5a865a017ff5bf45dfb5fe29ea43a2e94704f0b85
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/css/select2.min.css?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Mar 2021 15:33:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3370
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/css/magnific-popup.css?ver=6.0.3
200 OK 2.2 kB URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/css/magnific-popup.css?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 5691b07253c4a30382130c2da4be8343
4c12d34016c7061965c996599c4086683958e0f1
095326e797678e4aa4be8217bf991180f7b79cdcce552897123ffa68981a0747
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/css/magnific-popup.css?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Mar 2021 15:33:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2190
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/css/nivo-slider.min.css?ver=6.0.3
200 OK 475 B URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/css/nivo-slider.min.css?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1197), with no line terminators
Hash 933d49811d1785111005feaac0095cd9
475903ba7258ab0aa02a41f3f7980c226ecabfca
5f24b11e1073b6ebcdab3ecc5d89b9dcb00afc3985d172061c43a4dd4913912a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/css/nivo-slider.min.css?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Mar 2021 15:33:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 475
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/css/animate.min.css?ver=6.0.3
200 OK 5.1 kB URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/css/animate.min.css?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (52592), with CRLF line terminators
Hash a318d1dc4f289f0279ed5fc42951b6e6
6bbd1ca2cb8f40444793356aba574e2c2ee19e19
c79fe0a6bdd77b1d8e2fcf3917daaa955e2df26c57cb6c02060d07de5b7c44b5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/css/animate.min.css?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Mar 2021 15:33:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5116
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/css/default.css?ver=6.0.3
200 OK 4.3 kB URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/css/default.css?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 45b4b1cfc872e4c0243af0d25f3e6f65
b8b24d3ee5f9feecf9a76c3bd2a72ee79cab71ad
d4c5c5d426ca2b4143eb422dd786c3b173f7c737608aea6e11ea8317beaebde3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/css/default.css?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Mar 2021 15:33:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4341
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/css/font-awesome.min.css?ver=6.0.3
200 OK 7.1 kB URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/css/font-awesome.min.css?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (30837)
Hash 82a55032c4b614390aea6ef6870d3e90
bb21577feea531540a8d4f27ac3730ffac111e1b
4f068500ef9ef0dbffa5b76ac10f1970a7a9de8ff033f84228971a140eb20069
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/css/font-awesome.min.css?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Mar 2021 15:33:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7114
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/css/rt-canvas-menu.css?ver=6.0.3
200 OK 1.2 kB URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/css/rt-canvas-menu.css?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 07bbc992960df66be73d71967cb0a796
671dc8a0d7ba4e6d42a1e17d1a90fc428d7bada9
5694c5e963c6860808805e7849891a6f252613b046d53194e96fb3be2605149f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/css/rt-canvas-menu.css?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Mar 2021 15:33:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1189
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/fonts/flaticon-clenix/flaticon.css?ver=6.0.3
200 OK 579 B URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/fonts/flaticon-clenix/flaticon.css?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash e6b883600d190b84bee57f25b86f3ccf
fa52c590aa033562ff0d1aa4494a0caf360a7ed3
e666e0f43537adbde872ce508b9f8f099d79560aeea28cf2f58493a3bd771087
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/fonts/flaticon-clenix/flaticon.css?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Mar 2021 15:33:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 579
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/css/swiper.min.css?ver=6.0.3
200 OK 4.1 kB URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/css/swiper.min.css?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (19512)
Hash 1e3fd7b7946d324d72e0fdde1958c0a6
9872f8d5f617f7384928a675f6ce829a48b698cc
cb33db4435ab1a4570b0a531d2c4d3f594a247940174d0ad891bf77ea58f5060
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/css/swiper.min.css?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Mar 2021 15:33:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4081
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/uploads/2022/06/prestige-logo.jpg
200 OK 14 kB URL HTTP/2 kenvin.in/wp-content/uploads/2022/06/prestige-logo.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 573x268, components 3\012- data
Hash 1fa0d4cdeb8ab4a493d54d395ddfd60c
94ae23b0cd49ea64dab2e2d6d0e8cc1aa3be1311
e369d7575d52b96b110958cb0f968de5f61b6c6dcf5a87096e9f10673bac16d0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/prestige-logo.jpg HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jun 2022 13:38:41 GMT
accept-ranges: bytes
content-length: 14437
content-type: image/jpeg
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/uploads/2022/06/mantra-logo.jpg
200 OK 17 kB URL HTTP/2 kenvin.in/wp-content/uploads/2022/06/mantra-logo.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 573x268, components 3\012- data
Hash 484405e58e03aa5e1daf0313d40ad4b7
423927348055b9febd6cf247825c48116ecbced0
0ec1c88774e627105708ea5a7f7785378b5e1fe83ef1e748efb4cbbe44b5725a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/mantra-logo.jpg HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jun 2022 13:38:41 GMT
accept-ranges: bytes
content-length: 17089
content-type: image/jpeg
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/css/jquery.timepicker.min.css?ver=6.0.3
200 OK 578 B URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/css/jquery.timepicker.min.css?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1002)
Hash 0281b986dd2b299584b4f1b6e8c7424f
6734ab0016a79bdfabddd7eee986c28c90e04848
e44895e592e9251e878683a5419d2b24049e009c401bd2f6a375ddc2d6300bd1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/css/jquery.timepicker.min.css?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Mar 2021 15:33:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 578
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.6.7
200 OK 4.4 kB URL HTTP/2 kenvin.in/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.6.7
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (14869)
Hash 7bab7ad64ffbd7846dd6819250b93e2e
c924918d540389aff62220088b6761f38a5da272
045250efe67364c953a91f6a60cf407ebb5cfdb2da04e84c3d98e5bab5eca9ba
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.6.7 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jul 2022 05:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4359
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/uploads/2022/06/bridage-logo.jpg
200 OK 19 kB URL HTTP/2 kenvin.in/wp-content/uploads/2022/06/bridage-logo.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 573x268, components 3\012- data
Hash 3356d03e64a8399a9916bbbf3bc01bd2
ff56f3ff1b179cfb7744e7a688ead8678450579e
59789f4fa5dcaff197e9578409152849127d188d85d666988b9cf0cd166e97c3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/bridage-logo.jpg HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jun 2022 13:38:40 GMT
accept-ranges: bytes
content-length: 18590
content-type: image/jpeg
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
200 OK 5.3 kB URL HTTP/2 kenvin.in/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 15 Jun 2022 12:17:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5321
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 4.6 kB URL HTTP/2 kenvin.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 15 Jun 2022 12:17:16 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4618
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/uploads/2022/06/salarpurari-logo.jpg
200 OK 16 kB URL HTTP/2 kenvin.in/wp-content/uploads/2022/06/salarpurari-logo.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 573x268, components 3\012- data
Hash 24bc9fdb22a2093d8fe77554d49c5cb3
98134bedd27ad24481033b342e30aa48b9c381d0
80f321387c72c53d1ada2ced61bb1c3fdb6ee2aad6305142ba7f132dfb95b555
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/salarpurari-logo.jpg HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jun 2022 13:38:42 GMT
accept-ranges: bytes
content-length: 16086
content-type: image/jpeg
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/uploads/2022/06/shoba-logo.jpg
200 OK 23 kB URL HTTP/2 kenvin.in/wp-content/uploads/2022/06/shoba-logo.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 573x268, components 3\012- data
Hash f28a6aa07e8a483ae91cdbdaf5770652
0a601ae0429b53d21b9cf1a960cd5704600851a4
2e178ddcc05c9497b88078fe45e12f77691a356eea5d348e1b43eb9545a5af76
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/shoba-logo.jpg HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jun 2022 13:38:43 GMT
accept-ranges: bytes
content-length: 22768
content-type: image/jpeg
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
200 OK 13 kB URL HTTP/2 kenvin.in/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (57726)
Hash dc63c0a8e2d5857cc7a00a4b5456dabb
ee29df5eb2a4bf3eb805b160551c1afd84b42599
035ef40b1dd3df1eefb2dd3c8c2096425727fb939b06f3aa0bc6ef91dafd5441
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jul 2022 05:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12577
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/uploads/elementor/css/post-4290.css?ver=1664105832
200 OK 16 kB URL HTTP/2 kenvin.in/wp-content/uploads/elementor/css/post-4290.css?ver=1664105832
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65536), with no line terminators
Hash bad50b52f5bc0949b31b28ee7b0388b4
47f40b418d7c2d250d01f2787a3b4c3925cb3dd7
ecd8d3e17bd05a530d17d4c961651992fb5a5ea27c07fb5d422ea9c4725e8a08
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-4290.css?ver=1664105832 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 25 Sep 2022 11:37:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 15578
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
200 OK 308 B URL HTTP/2 kenvin.in/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (489)
Hash 0a08469d24387f830bbaaa00b3c228ae
01f5dfeb8f93a32c9a8f66fe5940758109771fcd
3c7c29e5fc1193ff7ce24f72f77b2dc129e1a9434a97ef7b625f6f715531803c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jul 2022 05:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 308
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.6.2
200 OK 4.4 kB URL HTTP/2 kenvin.in/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.6.2
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (30283), with no line terminators
Hash c2c381b76f533a3992b1060b1e8275ed
8441603d412df07e265d70d72569bd3ed90c51ee
6b1c02e5f7f5a04d0320c0a69a67651c6c322b81dfcf1ad9ca29e0f7374cf613
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.6.2 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Jul 2022 12:35:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4436
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/uploads/elementor/css/post-3653.css?ver=1661011470
200 OK 395 B URL HTTP/2 kenvin.in/wp-content/uploads/elementor/css/post-3653.css?ver=1661011470
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1212), with no line terminators
Hash b58ebbe0cd7cfb19d5f234970ee27a6a
de77008f1de0fae4a38465288b6582de579eff4c
c0c318a4c03440398fa574fccfe5ba3c032941c2bfae4fd75fc4909466652150
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-3653.css?ver=1661011470 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 20 Aug 2022 16:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 395
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/
200 OK 69 kB IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (41762), with CRLF, LF line terminators
Hash 783d31ca1dc5757352af1083c7150310
0accbc64edb51256af1d52a7ab0ecd57ebfb01be
54c2f38e1f27bab5793b54413759e806a23a9bf782607d05a2d5815889525793
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
link: <https://kenvin.in/wp-json/>; rel="https://api.w.org/", <https://kenvin.in/wp-json/wp/v2/pages/4290>; rel="alternate"; type="application/json", <https://kenvin.in/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 09 Dec 2022 03:49:39 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/uploads/elementor/css/post-4693.css?ver=1658953426
200 OK 9.1 kB URL HTTP/2 kenvin.in/wp-content/uploads/elementor/css/post-4693.css?ver=1658953426
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (13483), with CRLF line terminators
Hash 1c1c17a789d188f7cba7c92a74e40589
789d01f45a790f45a037e452d8294f54c3ae1b17
a46e109648b614e90ed96039d20a508279345bdd716e3665d49a5131112c8743
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-4693.css?ver=1658953426 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 20:23:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9146
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/uploads/2022/06/assetz-logo.jpg
200 OK 24 kB URL HTTP/2 kenvin.in/wp-content/uploads/2022/06/assetz-logo.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 573x268, components 3\012- data
Hash 56fd5a13a60be4a83d58d89ebb32916f
8740a069e6022cf1ee6559d4e3f1f93f54d96da5
5d7bb73a4a0107adb5a6e6752272845fc810f56d398a077ef5acb7f6b8361ac7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/assetz-logo.jpg HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jun 2022 13:38:39 GMT
accept-ranges: bytes
content-length: 23588
content-type: image/jpeg
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/js/rt-canvas-menu.js?ver=6.0.3
200 OK 1.5 kB URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/js/rt-canvas-menu.js?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash cd2bb43981ae12f0931351dc6f999c96
2c645b9d74fe040c6d3855387d332144f13ba808
c51178e5e5fc17b0b5c884aa05cf82077298f2b49f2a35e9a815266052e5b959
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/js/rt-canvas-menu.js?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Mar 2021 15:33:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1454
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/js/jquery.timepicker.min.js?ver=6.0.3
200 OK 4.9 kB URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/js/jquery.timepicker.min.js?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (12134)
Hash f1e4d1dcc13fab67521410f81322dc84
68e8a9fd701de1d5801c142b3bf6011dddbcd9be
ea3e2403d275f7dce6c0182be3d8b5692ba2479d04ad7d2da6ca90ee6681e058
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/js/jquery.timepicker.min.js?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Mar 2021 15:33:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4856
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3
200 OK 2.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Lato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3
IP
Hash ec6acd0d28ed7c7e60b83bf21ae6d8a7
a29cd805673a4106ab532917a2e67daacef0af3e
af457e0e9b6916f89b8f6fd08f68d5c682647997b23cac04f705969d0e9a84bb
GET /css?family=Lato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 03:49:40 GMT
date: Fri, 09 Dec 2022 03:49:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/js/jquery.nav.min.js?ver=6.0.3
200 OK 1.1 kB URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/js/jquery.nav.min.js?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2580), with no line terminators
Hash c2927b13c4307f92f2b89f1ddec1d4b9
839270c4c471327bcdf32972e14fbadb85d54701
c236adc9fa5e329ba6e6a2cda1a0d0628503e96c5bf4ccdf3b2ec3733fe61664
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/js/jquery.nav.min.js?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Mar 2021 15:33:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1124
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/js/theia-sticky-sidebar.min.js?ver=6.0.3
200 OK 2.0 kB URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/js/theia-sticky-sidebar.min.js?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with very long lines (5370), with CRLF line terminators
Hash 0905752369e8bf04a1dd4f46c355eb8b
847e89d6f67c33df4766ef656f8b83668ede1ca0
f0577b193c122ba0f15bee6e03905bacfc173e58b50683d8376bee03e92fb527
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/js/theia-sticky-sidebar.min.js?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Mar 2021 15:33:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2014
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-includes/js/imagesloaded.min.js?ver=4.1.4
200 OK 2.1 kB URL HTTP/2 kenvin.in/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (5477)
Hash f0bd7ad12acdee26cbb2701c1ba3610b
53c5d15129860868b60b74cb010b2c6050a64f69
e6d0cb19e56d22e8e511c23ca2bd233bedb40e3c7cf4ff38fe6f059bc7e0c64f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 15 Jun 2022 12:17:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2103
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/js/jquery.nivo.slider.min.js?ver=6.0.3
200 OK 3.9 kB URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/js/jquery.nivo.slider.min.js?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (11999)
Hash 0c8dc5bf7a544c58fb22c32d8c79deb0
f3b1f0f34eab5e7a4be62d6f885a73e574fd0427
ad6ba82599dbb955b28f638628257c00fec55403c4d985b92646ff474a8bd591
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/js/jquery.nivo.slider.min.js?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Mar 2021 15:33:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3870
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/js/jquery.countdown.min.js?ver=6.0.3
200 OK 2.5 kB URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/js/jquery.countdown.min.js?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (4136)
Hash ff5bc1fe520c58187e372a98f74ad918
4e445c2109c5e2fb0f64293813184ba67c287d3c
75eb55d5a0f62ad60f07ece9c2a1492fa5da628f550994d336a7545b75301dd0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/js/jquery.countdown.min.js?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Mar 2021 15:33:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2528
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/js/main.js?ver=6.0.3
200 OK 7.3 kB URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/js/main.js?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 8c4d95c73afe12d0e1cdc94a0eab871b
0b5f39a521e2c9882ce62e8af90fb03b3f8c9c5f
d3f8e65d30e26e751f1e15f6ba5d749e0af0e93c3c20d7366bd4eeb6dd96675e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/js/main.js?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 01 Jun 2021 13:35:36 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7281
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/js/js.cookie.min.js?ver=6.0.3
200 OK 905 B URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/js/js.cookie.min.js?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1709), with no line terminators
Hash c896fb2062a7efd8db456356e6b3c465
7daf0307d949861c77e5dd4c165c75db432c7433
9898483a9f074c5ad7126278e014e9223dbc66b7730502d5054367a646285f6e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/js/js.cookie.min.js?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Mar 2021 15:33:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 905
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
200 OK 2.7 kB URL HTTP/2 kenvin.in/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (6475), with no line terminators
Hash 45bd1d6f7fc3a4069fc6fd400b90c961
903c7e28c7141e9fc1bdb4dfc62d043a97a01e2d
c638a0057b4be0a61cfb65b1860a855a327397e9871f5dde28fa2f138fb394dc
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 15 Jun 2022 12:17:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2675
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-includes/js/masonry.min.js?ver=4.2.2
200 OK 9.2 kB URL HTTP/2 kenvin.in/wp-includes/js/masonry.min.js?ver=4.2.2
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (23966)
Hash 2a730dafa34e6ff81513d31e486cdbdb
1fce17d256f67ae086d74092a03006997d9b0add
7a5fd36a453a3a7471fa93b8169579f9a98e2df7a262c44d28d3de41a0f7ae1c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 15 Jun 2022 12:17:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9216
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/js/tilt.jquery.js?ver=6.0.3
200 OK 3.4 kB URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/js/tilt.jquery.js?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (320), with CRLF line terminators
Hash 21e213aa056bab8b9776c63278e79030
3e0195dad921275787f2898c2e10194d96bcdda4
9309eb6948b7ee793877dc24b23d18027ae2ef4f4c9c67f83c0710bad05a32f6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/js/tilt.jquery.js?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Mar 2021 15:33:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3371
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-includes/js/dist/escape-html.min.js?ver=00a5735837e9efe13da1d979f16a7105
200 OK 544 B URL HTTP/2 kenvin.in/wp-includes/js/dist/escape-html.min.js?ver=00a5735837e9efe13da1d979f16a7105
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1104)
Hash f3903c03392b2b1cab9779afe87aa161
e1e86bebb2bebe2fa4ed4cc5e1bc771de27d9758
4cd5a187386a39e4155d2a940b20c039b15862d88c5423ccab9cbeb559ee3cc9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/escape-html.min.js?ver=00a5735837e9efe13da1d979f16a7105 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 15 Jun 2022 12:17:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 544
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.3.1
200 OK 2.6 kB URL HTTP/2 kenvin.in/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.3.1
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (5419)
Hash bafa102e68f3fe4aee805efaac8893dd
20c4b7d2ea1f97cf7fdf1172647dd6ac18286b41
5dc6ecca4fef4a79d64be6542dc0629eb33a134ff1f47dba8f37b469a7236881
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.3.1 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Jul 2022 07:01:29 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2572
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.7
200 OK 5.8 kB URL HTTP/2 kenvin.in/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.7
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (14448)
Hash 6927a5aa81bbba29cfc30dbd1c5d948e
cbb9a407b01a3b772f4c522534bbfaa084979421
004a40e9b0514d9c9b072735aeb4dec289fe6e8a5cfdbcceafa8a6309d223c81
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.7 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jul 2022 05:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5798
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.7
200 OK 2.3 kB URL HTTP/2 kenvin.in/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.7
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (4918)
Hash cbd7eed220e5b1bb961b0c15b6057e23
f394c304e485b8e0b45e45f54a0d66d95493ef53
b970ce8c388d5eb0e502d4b8a577689e51da13cb3d6f352117536c1a7eba29f2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.7 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jul 2022 05:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2315
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-includes/js/dist/element.min.js?ver=3dfdc75a0abf30f057df44e9a39abe5b
200 OK 4.7 kB URL HTTP/2 kenvin.in/wp-includes/js/dist/element.min.js?ver=3dfdc75a0abf30f057df44e9a39abe5b
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (10925)
Hash 49fb1b84f866014a6d6b500d4cfac0d8
6100ecf00b9e34b645ae1278823543c0dc8aa17b
6c1908fc15fc5d723d0dee02865dbe0720b44ce310ec6ea4598fde9b3b5b5c91
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/element.min.js?ver=3dfdc75a0abf30f057df44e9a39abe5b HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 15 Jun 2022 12:17:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4690
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/metform/public/assets/js/htm.js?ver=2.2.0
200 OK 677 B URL HTTP/2 kenvin.in/wp-content/plugins/metform/public/assets/js/htm.js?ver=2.2.0
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1264), with no line terminators
Hash c9c167597319770014ec96049f580966
f445c96241ce7e2371341aa5b730127e5de73226
ddc95177633be34dea224faef4f79992a5c824e41f11bc989f85684562c2206e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/metform/public/assets/js/htm.js?ver=2.2.0 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Jul 2022 12:35:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 677
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
200 OK 8.3 kB URL HTTP/2 kenvin.in/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash e49f0561a452c9d04fb7d1510a23cc8c
9e8fc2e3129da4fe2790eee565a6478b864bea83
ab4f9f418b022ab34d617ee2f95d70afff005ed4d4d92e313ce84a56b40bce75
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 15 Jun 2022 12:17:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8254
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
200 OK 8.2 kB URL HTTP/2 kenvin.in/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash a0a1c8194f131320e1798f90a7b1262a
3346d35be1f2e4886f19e7fcc0cc96ee4753d9ed
7f618ab13cec0933ec2c61fa2b580ad77ca41522028649677494219fa9ce56db
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 15 Jun 2022 12:17:16 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8169
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.7
200 OK 15 kB URL HTTP/2 kenvin.in/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.7
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (37920)
Hash f3028a179ea0a9864e047d69ba09dd86
84c7242760730284170a4d30733ee46365f38355
b62b659bbf6a9008af15083266d3481da4614c8b736b094f495d946d183ed56e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.7 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jul 2022 05:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 14837
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.6.2
200 OK 442 B URL HTTP/2 kenvin.in/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.6.2
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (810), with no line terminators
Hash b96c7d958b2c4a3ff7e92608615daeb0
6e95b60a83d06479921cefd745c4dd058842604e
5176a7109dc14142199bbc99ce78c5c6536812d06562b1d300b283bd26849d2f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.6.2 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Jul 2022 12:35:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 442
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
200 OK 4.2 kB URL HTTP/2 kenvin.in/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (10544)
Hash 552977febe8ef2c71b0806dfaefd2552
01baebfd09383c5d44f066e7b5540fcca6a5eae4
7895907f5a4f54c08c4705b1a194e21c556d68027c5e0a70d4c05b377e712b1d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jul 2022 05:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4200
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.7
200 OK 3.0 kB URL HTTP/2 kenvin.in/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.7
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (10019)
Hash c2b5af6052f630a96e450e5e2a3cea52
00ca76a8828a1bbec1534eb10786804fd36492f2
58f6cc2d4fa3e528622102975fb62949dc0170bd47b588a67318d18552a57d59
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.7 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jul 2022 05:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2997
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
200 OK 3.7 kB URL HTTP/2 kenvin.in/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (12198), with no line terminators
Hash e2a8decccf4d0a6b925af707a36077a9
26a0febc9c3d91e75410f74b9ec62099ba1cbe90
09e0e638a6f53c0fdcfeeb8ae91f3a404bef47b471324e335e29be14a2aa87f7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jul 2022 05:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3747
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.6.7
200 OK 1.2 kB URL HTTP/2 kenvin.in/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.6.7
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2577)
Hash 159281ac01a46f042b38d0d44cf3eb7a
54677be6b1cf85899d2ab1a6fada531ca5613d29
0738d3f931e8df2b67f3be1ec216b103560266c56cc38fdafae055bcb807ffea
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.6.7 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jul 2022 05:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1151
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-includes/js/dist/vendor/react.min.js?ver=17.0.1
200 OK 4.9 kB URL HTTP/2 kenvin.in/wp-includes/js/dist/vendor/react.min.js?ver=17.0.1
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (11082)
Hash b725a8dd8c43cfde32eb6e5a8022a56c
e20b1ff3f34a8c093fe1db28c8ff2b3c1f1e6475
8952ccc0253b7045512ea80e9319dd51f6e812ef6abf0eba5fc72553a689b454
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/react.min.js?ver=17.0.1 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 15 Jun 2022 12:17:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4893
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.6.2
200 OK 5.7 kB URL HTTP/2 kenvin.in/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.6.2
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (17065), with no line terminators
Hash 91e58ca4df088cc0232ce63fabe031b1
653d86d2ecc4d88e08f57b8e9f238ea6c817801e
0e91db767cfbf62300d865395618f603f7cd86e81bacf45d93b73615bfa5eb0c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.6.2 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Jul 2022 12:35:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5668
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.6.7
200 OK 17 kB URL HTTP/2 kenvin.in/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.6.7
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (43069)
Hash fad4413b7223d3561e8212f9c430b4bf
8c8febd4709918c91c908ce3779dc9553a83e1d7
f856bea9ba9b08baf41bd3ef3c54659e4113ea1b51827fc78c8c3de64dd66c8a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.6.7 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jul 2022 05:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 16875
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/js/isotope.pkgd.min.js?ver=6.0.3
200 OK 13 kB URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/js/isotope.pkgd.min.js?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (32019), with CRLF line terminators
Hash 9e4c7c84c5c37bb9020c65610f5bcb20
4a701612443fa4891f711ba88fc6a298deabf82d
806ea2ffabf83d4c253dfbd74b829931c61d1852ecb50b62798c036cb53d59df
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/js/isotope.pkgd.min.js?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Mar 2021 15:33:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13113
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/js/popper.js?ver=6.0.3
200 OK 8.2 kB URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/js/popper.js?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (19295), with no line terminators
Hash 8d3e92f51040f122848b098be65459e0
9eb09497f02efe106f203ba890cbca2497a530bc
bfde076eceb2b068c9dce9f81419ad7b661e384afca8e88589228568e041766a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/js/popper.js?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Mar 2021 15:33:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8190
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.3.1
200 OK 2.2 kB URL HTTP/2 kenvin.in/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.3.1
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (6595), with no line terminators
Hash 2aa47e22e033b1a04cf09550d521033e
a0cf9de580a0eae9481906f97c1d6b38a0f8cf36
bda46e0dfe6c4c18bc8a9f9562a6e18e4261844d2d39ddcdb8b4c0160d267be7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.3.1 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Jul 2022 07:01:29 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2153
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:49:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:49:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:49:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kenvin.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 12:29:22 GMT
expires: Fri, 08 Dec 2023 12:29:22 GMT
cache-control: public, max-age=31536000
age: 55219
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 22504, version 1.0\012- data
Hash 1c6c65523675abc6fcd78e804325bd77
898d9808304dc157f5dcb18ca169ec6e2b96b3d7
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
GET /s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kenvin.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 17:14:55 GMT
expires: Wed, 06 Dec 2023 17:14:55 GMT
cache-control: public, max-age=31536000
age: 210886
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:49:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kenvin.in/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.6.7
200 OK 32 kB URL HTTP/2 kenvin.in/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.6.7
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash c1c4f5346a2ee20ec0bce6ae51fc265e
4f8c2015f52e91d19551a768f208dba9563d2819
b5246fb9c7239690c7669315ae440d014f201327805847cdf4e7837fc813d725
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.6.7 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jul 2022 05:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kenvin.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 06:30:11 GMT
expires: Sat, 02 Dec 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 595170
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kenvin.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:54 GMT
expires: Thu, 07 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 116147
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kenvin.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:56 GMT
expires: Thu, 07 Dec 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 116145
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kenvin.in/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.19
200 OK 45 kB URL HTTP/2 kenvin.in/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.19
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 0e131d1dbd46fae19c899acfaf55228a
0ee70593528ea1ce22dbeee9f006ac42c509312f
388cd97c7a8943215d1acf2e93324cd49fa9f7f94b20c9807ab677c81d4c8165
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.19 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 15 Jun 2022 12:17:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:49:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kenvin.in/wp-content/uploads/2022/07/Kenvin_Laundry_img_02.jpg
200 OK 264 kB URL HTTP/2 kenvin.in/wp-content/uploads/2022/07/Kenvin_Laundry_img_02.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1300x600, components 3\012- data
Size 264 kB (264199 bytes)
Hash 43748503d159e32cc884221e3592c2f5
4e641b709f0cc455316f9b292de286cb42a10e5c
13f03109a92c4c0aac7176f6b27086df1387f583511ed373dbe25d82f4a061dc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/07/Kenvin_Laundry_img_02.jpg HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/wp-content/uploads/elementor/css/post-4290.css?ver=1664105832
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Jul 2022 19:32:51 GMT
accept-ranges: bytes
content-length: 264199
content-type: image/jpeg
date: Fri, 09 Dec 2022 03:49:41 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.15.0
200 OK 92 kB URL HTTP/2 kenvin.in/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.15.0
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format (Version 2), TrueType, length 92444, version 1.0\012- data
Hash e5d9164498f1649084fe6fb95d3ad593
29e71123f8ef22f20f8d50bc4caac9db6e04a824
1525cd3ea05d1c00e4b385e781749c3bac5c01570b5800198bec0a252bb6c715
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.15.0 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://kenvin.in/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jul 2022 05:22:49 GMT
accept-ranges: bytes
content-length: 92444
content-type: font/woff2
date: Fri, 09 Dec 2022 03:49:41 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/js/swiper.min.js?ver=6.0.3
200 OK 486 kB URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/js/swiper.min.js?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Size 486 kB (486139 bytes)
Hash fa4c981b8a2629977674dd5e0295b40f
631b349c55efb695b1dab777d1903fa982137feb
27729b10f66de4774539f773bcd8246c3a36fe8b9c600d5a0808d1028c62dea8
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/js/swiper.min.js?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Mar 2021 15:33:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/uploads/2022/07/Kenvin_Laundry_img_1.png
200 OK 558 kB URL HTTP/2 kenvin.in/wp-content/uploads/2022/07/Kenvin_Laundry_img_1.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 1300 x 600, 8-bit/color RGB, non-interlaced\012- data
Size 558 kB (557458 bytes)
Hash fed03ed1c72652cdfdbcfb7c8875cfd1
0edf3498f5427c4e10f8eb2326322cf32d08d794
c3d4a3fb07561f37ff0aab18e47a728945a3f71ee389072ea487885f8cce12e3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/07/Kenvin_Laundry_img_1.png HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/wp-content/uploads/elementor/css/post-4290.css?ver=1664105832
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Jul 2022 19:23:16 GMT
accept-ranges: bytes
content-length: 557458
content-type: image/png
date: Fri, 09 Dec 2022 03:49:41 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://kenvin.in/wp-content/themes/clenix/assets/css/font-awesome.min.css?ver=6.0.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Mar 2021 15:33:46 GMT
accept-ranges: bytes
content-length: 77160
content-type: font/woff2
date: Fri, 09 Dec 2022 03:49:41 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
200 OK 77 kB URL HTTP/2 kenvin.in/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://kenvin.in/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jul 2022 05:22:49 GMT
accept-ranges: bytes
content-length: 76764
content-type: font/woff2
date: Fri, 09 Dec 2022 03:49:41 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.3.1
200 OK 27 kB URL HTTP/2 kenvin.in/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.3.1
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 0357a9d0d9bd5a7c289290f84a01c6fe
d05fcfdda851fd663dd59e321e513d10877a3ab9
da7875a406720dd2eaaa33898a07e35b76e85245101b334644a15aa640081582
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.3.1 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Jul 2022 07:01:29 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/uploads/2022/07/kenvin-laundry-img-2-comp.jpg
200 OK 19 kB URL HTTP/2 kenvin.in/wp-content/uploads/2022/07/kenvin-laundry-img-2-comp.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x600, components 3\012- data
Hash c41378219d81b15374bb20a76bd0b821
9b6ffffef65e5e09ab16609ab32c05d270628acf
6119fa82ef7b669aa54f6c34e115795e242af7edda01839c82d82a92238c8d6c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/07/kenvin-laundry-img-2-comp.jpg HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 16:18:39 GMT
accept-ranges: bytes
content-length: 18824
content-type: image/jpeg
date: Fri, 09 Dec 2022 03:49:41 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/uploads/2022/07/kenvin-accessories.jpg
200 OK 16 kB URL HTTP/2 kenvin.in/wp-content/uploads/2022/07/kenvin-accessories.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x600, components 3\012- data
Hash 624ae543bf49df5b9f7b4643aa0b4d48
97c3617eed1fb0a5f39eda0f66ab30ee6cb6ed9a
d125dd67974220976da9cd559dea94ef701290b66a12441e2628955c4fa1773d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/07/kenvin-accessories.jpg HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 16:29:23 GMT
accept-ranges: bytes
content-length: 16390
content-type: image/jpeg
date: Fri, 09 Dec 2022 03:49:41 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/metform/public/assets/js/app.js?ver=2.2.0
200 OK 208 kB URL HTTP/2 kenvin.in/wp-content/plugins/metform/public/assets/js/app.js?ver=2.2.0
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Size 208 kB (207865 bytes)
Hash 643d506ae96df3a884f4d1c63288e7b0
dd38fcebba689a2c75bbbb89e11770df69228a4b
1058e10ffa9b4d5e1cea7e6eda5bdc5c6e9e1f036ef546c2eab825d1520a6eab
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/metform/public/assets/js/app.js?ver=2.2.0 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Jul 2022 12:35:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/uploads/2022/07/Kenvin-dry-clean-2-comp.jpg
200 OK 33 kB URL HTTP/2 kenvin.in/wp-content/uploads/2022/07/Kenvin-dry-clean-2-comp.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x600, components 3\012- data
Hash d3a2edf6996112ca24fbf9b3448aff81
e38307cebcd2d9d15888dac54d0b3cf1da8365a6
04c5bd8db098edc6258429d2039e2805e9200ffa43d18202856d14e0c75c7d2f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/07/Kenvin-dry-clean-2-comp.jpg HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 16:18:38 GMT
accept-ranges: bytes
content-length: 32685
content-type: image/jpeg
date: Fri, 09 Dec 2022 03:49:41 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/uploads/2022/07/kenvin-new-why.png
200 OK 287 kB URL HTTP/2 kenvin.in/wp-content/uploads/2022/07/kenvin-new-why.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 638 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size 287 kB (286921 bytes)
Hash b37c4942f5b66917ce0689bfbd2f1c17
6995577222d596c6f6d36560d808677e03ef5812
dd356c494ea1bdb9160984ac91777e36b1fdd7a68cac1d27c74862305b61f6f6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/07/kenvin-new-why.png HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 12:38:32 GMT
accept-ranges: bytes
content-length: 286921
content-type: image/png
date: Fri, 09 Dec 2022 03:49:41 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/chaty/images/whatsapp.png
200 OK 114 kB URL HTTP/2 kenvin.in/wp-content/plugins/chaty/images/whatsapp.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 550 x 999, 8-bit colormap, non-interlaced\012- data
Size 114 kB (114536 bytes)
Hash 8a055527b27b887521a9f084497d8879
3d3dd626e5a52c280df47631892d6cbd635f3312
66f09c394acf0c248dd6e5a53918fdd90c9bcc148e66f4de6d23e22225ade842
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/chaty/images/whatsapp.png HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/wp-content/plugins/chaty/css/chaty-front.min.css?ver=1655812681
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Jul 2022 12:37:46 GMT
accept-ranges: bytes
content-length: 114536
content-type: image/png
date: Fri, 09 Dec 2022 03:49:41 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/uploads/2022/06/cropped-fav-icon-32x32.png
200 OK 1.1 kB URL HTTP/2 kenvin.in/wp-content/uploads/2022/06/cropped-fav-icon-32x32.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash f1e56ab1821f6dace15cc6c4c512eaf0
a8512985e5a886b70535760bd51f4571af600c67
cbac38de3e49783461c252951d55f3c0ff4c9f262bff6eac6b58c26d44401acf
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/cropped-fav-icon-32x32.png HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Cookie: chatyWidget_0=[{"k":"v-widget","v":"2022-12-09T03:49:40.995Z"}]; activechatyWidgets=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 23 Jun 2022 05:03:19 GMT
accept-ranges: bytes
content-length: 1085
content-type: image/png
date: Fri, 09 Dec 2022 03:49:42 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/uploads/2022/06/cropped-fav-icon-192x192.png
200 OK 12 kB URL HTTP/2 kenvin.in/wp-content/uploads/2022/06/cropped-fav-icon-192x192.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 27cf226cd92a4f3eafd2df6fed96dbc8
3aad18ff3d8489d1c03358148259d0804e509c59
50e9e795f00db181b68ab035ff0c87eaf3c84cc36bd7b3a092d82ee1440e85fb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/cropped-fav-icon-192x192.png HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Cookie: chatyWidget_0=[{"k":"v-widget","v":"2022-12-09T03:49:40.995Z"}]; activechatyWidgets=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 23 Jun 2022 05:03:19 GMT
accept-ranges: bytes
content-length: 11883
content-type: image/png
date: Fri, 09 Dec 2022 03:49:42 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-json/metform/v1/forms/views/4693
200 OK 0 B URL HTTP/2 kenvin.in/wp-json/metform/v1/forms/views/4693
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
POST /wp-json/metform/v1/forms/views/4693 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kenvin.in/
X-WP-Nonce: 9d8c1913d0
Origin: https://kenvin.in
Connection: keep-alive
Cookie: chatyWidget_0=[{"k":"v-widget","v":"2022-12-09T03:49:40.995Z"}]; activechatyWidgets=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
x-robots-tag: noindex
link: <https://kenvin.in/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-wp-nonce: 9d8c1913d0
allow: GET, POST, PUT, PATCH, DELETE
access-control-allow-origin: https://kenvin.in
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
access-control-allow-credentials: true
vary: Origin
content-length: 0
content-type: application/json; charset=UTF-8
date: Fri, 09 Dec 2022 03:49:42 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e00cf5825452b2f69b0ac859dccb64ab
60aed079c48181cf46cef4d1aaa1c316a7ef7048
3aea2aa14407b6ac9d64d0f35111fec50f51632adfc39047c15bde4afd148a78
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7694
x-amzn-requestid: 0c67138c-1a6d-49ef-bd43-f9a7176679ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c2LZjFjrIAMFUSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63925909-764272151a0a4d284c6cb1bb;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 21:37:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aaEYG20Wueg557qEBq46sSUl3-_HxgZA73s-kPo3GmYgWgrGgFPl_Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:48:32 GMT
age: 21675
etag: "60aed079c48181cf46cef4d1aaa1c316a7ef7048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/js/bootstrap.min.js?ver=6.0.3
200 OK 0 B URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/js/bootstrap.min.js?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/js/bootstrap.min.js?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Mar 2021 15:33:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.6.2
200 OK 0 B URL HTTP/2 kenvin.in/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.6.2
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.6.2 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Jul 2022 12:35:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
200 OK 0 B URL HTTP/2 kenvin.in/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jul 2022 05:22:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1
200 OK 0 B URL HTTP/2 kenvin.in/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 15 Jun 2022 12:17:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.3.1
200 OK 0 B URL HTTP/2 kenvin.in/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.3.1
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.3.1 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Jul 2022 07:01:29 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/css/style.css?ver=6.0.3
200 OK 0 B URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/css/style.css?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/css/style.css?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 01 Jun 2021 14:02:08 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/chaty/js/cht-front-script.min.js?ver=1655812681
200 OK 0 B URL HTTP/2 kenvin.in/wp-content/plugins/chaty/js/cht-front-script.min.js?ver=1655812681
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/chaty/js/cht-front-script.min.js?ver=1655812681 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Jul 2022 12:37:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/css/elementor.css?ver=6.0.3
200 OK 0 B URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/css/elementor.css?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/css/elementor.css?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Mar 2021 17:22:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.3.1
200 OK 0 B URL HTTP/2 kenvin.in/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.3.1
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.3.1 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Jul 2022 07:01:29 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/js/select2.min.js?ver=6.0.3
200 OK 0 B URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/js/select2.min.js?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/js/select2.min.js?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Mar 2021 15:33:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/themes/clenix/assets/css/bootstrap.min.css?ver=6.0.3
200 OK 0 B URL HTTP/2 kenvin.in/wp-content/themes/clenix/assets/css/bootstrap.min.css?ver=6.0.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/clenix/assets/css/bootstrap.min.css?ver=6.0.3 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Mar 2021 15:33:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/uploads/elementor/css/global.css?ver=1658953435
200 OK 0 B URL HTTP/2 kenvin.in/wp-content/uploads/elementor/css/global.css?ver=1658953435
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/global.css?ver=1658953435 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 20:23:55 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
200 OK 0 B URL HTTP/2 kenvin.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 15 Jun 2022 12:17:16 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/metform/public/assets/css/metform-ui.css?ver=2.2.0
200 OK 0 B URL HTTP/2 kenvin.in/wp-content/plugins/metform/public/assets/css/metform-ui.css?ver=2.2.0
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/metform/public/assets/css/metform-ui.css?ver=2.2.0 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Jul 2022 12:35:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
kenvin.in/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.6.2
200 OK 0 B URL HTTP/2 kenvin.in/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.6.2
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.6.2 HTTP/1.1
Host: kenvin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenvin.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Jul 2022 12:35:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 09 Dec 2022 03:49:40 GMT
server: Apache
X-Firefox-Spdy: h2
162.251.80.17
23.36.77.32
93.184.220.29
0.0.0.0