ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
200 OK 9.8 kB URL GET HTTP/2 ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
IP
Requested by https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Certificate IssuerDigiCert Inc
Subject*.vo.msecnd.net
Fingerprint0E:7D:A8:CD:FE:61:1E:46:97:A3:57:99:70:DA:E0:59:1D:34:04:80
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 28 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (32033)
Hash 5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
GET /ajax/bootstrap/3.3.7/bootstrap.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fndynqh.com
DNT: 1
Connection: keep-alive
Referer: https://fndynqh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 11987089
cache-control: public,max-age=31536000
content-type: application/javascript
date: Wed, 06 Dec 2023 19:22:36 GMT
etag: "80bdc1e6cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:09:59 GMT
server: ECAcc (ska/F6C5)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9839
X-Firefox-Spdy: h2
fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
200 OK 24 kB URL User Request GET HTTP/3 fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
IP
Certificate IssuerGoogle Trust Services LLC
Subjectfndynqh.com
Fingerprint0E:60:BF:B7:66:0C:2A:09:4A:22:6D:FA:89:38:FE:B4:97:59:F6:D7
ValidityMon, 16 Oct 2023 17:08:52 GMT - Sun, 14 Jan 2024 17:08:51 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (536)
Hash 45da28b1a933f337a2c42304bdae891f
632ed6ac99ffe5424d8fe76d13ba2fe75245b2d5
34a4d56374469983e563dafc581861323f8990a5bfd172c8f270423deff55657
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /user/?SID=f6892a391b8f4de9aef27ff5927feeec HTTP/1.1
Host: fndynqh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fndynqh.com/user/?ofid=62&tbc=0393c8&a_aid=ccsbr&a_bid=4cc71e91&x_agent=PINK122&chan=PINK122&x_clickid=109922487&sitekey=889a8a927bbedbd6&rtr=1&rtid=0173214291
Cookie: PHPSESSID=f6892a391b8f4de9aef27ff5927feeec
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 06 Dec 2023 19:22:35 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=f6892a391b8f4de9aef27ff5927feeec; path=/; secure; SameSite=None
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQLxtO2JE2QvXOpE1hOf97Ieq2zVwLY%2B%2FPafk4FnroSvv78Cm41jU2LXBlSj%2BtXmvbBzutYVAfQXVp42nxMBhhGOe3LEEJ3pPeLKLIQ10t1ggwwu7t5gzuwXUcfrOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8316e6012887c00d-WAW
content-encoding: br
alt-svc: h3=":443"; ma=86400
ccsbr.joinwithassurance.com/routes/ccsbr/?ofid=62&tbc=0393c8&a_aid=ccsbr&a_bid=4cc71e91&x_agent=PINK122&chan=PINK122&x_clickid=109922487
31 kB URL ccsbr.joinwithassurance.com/routes/ccsbr/?ofid=62&tbc=0393c8&a_aid=ccsbr&a_bid=4cc71e91&x_agent=PINK122&chan=PINK122&x_clickid=109922487
IP
File type gzip compressed data, max compression\012- data
Hash 81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
GET /routes/ccsbr/?ofid=62&tbc=0393c8&a_aid=ccsbr&a_bid=4cc71e91&x_agent=PINK122&chan=PINK122&x_clickid=109922487 HTTP/1.1
Host: ccsbr.joinwithassurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 06 Dec 2023 19:22:34 GMT
content-type: text/html; charset=UTF-8
location: https://fndynqh.com/user/?ofid=62&tbc=0393c8&a_aid=ccsbr&a_bid=4cc71e91&x_agent=PINK122&chan=PINK122&x_clickid=109922487&sitekey=889a8a927bbedbd6&rtr=1&rtid=0173214291
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=122c8280578ed1873a9a043e191a28fc; path=/; secure; SameSite=None
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-Firefox-Spdy: h2
kit.fontawesome.com/b314bdf1b3.js
200 OK 4.8 kB URL GET HTTP/2 kit.fontawesome.com/b314bdf1b3.js
IP
Requested by https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Certificate IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D
ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash feafa29ede90c746099e386181cc13bc
97c3a908df03887a1f7171279a080a357a811b68
d33590a79df5c9059ab4ed99ce1c21a70293c3d289b3490e3f60ecd5f9cda1fe
GET /b314bdf1b3.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fndynqh.com
DNT: 1
Connection: keep-alive
Referer: https://fndynqh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 19:22:36 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, stale-while-revalidate=30
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F55Ol6PzBuCSUylUIXgC
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 8316e6072aae0d46-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-208173773-2
200 OK 69 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-208173773-2
IP
Requested by https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (4179)
Hash dce90c7d7059ed8e40ad9d3669f18c30
d180f58e663f1f48d0be1467e181f863e1f97fa7
7d7cd2ed227216c7dce36fb19901b2bb98ab4e658fe0c655d0b413b9371d76f5
GET /gtag/js?id=UA-208173773-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fndynqh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 06 Dec 2023 19:22:36 GMT
expires: Wed, 06 Dec 2023 19:22:36 GMT
cache-control: private, max-age=900
last-modified: Wed, 06 Dec 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68995
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fndynqh.com/common_tpls/images/ajax-loader.gif
200 OK 3.2 kB URL GET HTTP/3 fndynqh.com/common_tpls/images/ajax-loader.gif
IP
Requested by https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Certificate IssuerGoogle Trust Services LLC
Subjectfndynqh.com
Fingerprint0E:60:BF:B7:66:0C:2A:09:4A:22:6D:FA:89:38:FE:B4:97:59:F6:D7
ValidityMon, 16 Oct 2023 17:08:52 GMT - Sun, 14 Jan 2024 17:08:51 GMT
File type GIF image data, version 89a, 32 x 32\012- data
Hash be1cede97289c13920048f238fd37b85
313b867d11fc0dd6bc6ca47c334bbcf18956ca76
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /common_tpls/images/ajax-loader.gif HTTP/1.1
Host: fndynqh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Cookie: PHPSESSID=f6892a391b8f4de9aef27ff5927feeec
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 06 Dec 2023 19:22:36 GMT
content-type: image/gif
content-length: 3208
last-modified: Mon, 07 Oct 2013 22:49:23 GMT
etag: "52533a73-c88"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcZSm5HDV5ROkPiu4ZjBXtEq7wmvj90M7NExdx2b0AMQeiWGZeGFIAvLrRDzxSRNXxDLIxgkSsNmIWssyeq9YnuMPkje77Bt%2BzLYluI1w9%2BymhOw6wi7LNP58bUXgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8316e606eb79c00d-WAW
alt-svc: h3=":443"; ma=86400
fndynqh.com/common_tpls/images/icons/email.png
200 OK 1.3 kB URL GET HTTP/3 fndynqh.com/common_tpls/images/icons/email.png
IP
Requested by https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Certificate IssuerGoogle Trust Services LLC
Subjectfndynqh.com
Fingerprint0E:60:BF:B7:66:0C:2A:09:4A:22:6D:FA:89:38:FE:B4:97:59:F6:D7
ValidityMon, 16 Oct 2023 17:08:52 GMT - Sun, 14 Jan 2024 17:08:51 GMT
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash a86d99b9176d82a211cfa29b2f0b353f
62947ddfd87e3a21869818885e4bfa4e55ad0c11
f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /common_tpls/images/icons/email.png HTTP/1.1
Host: fndynqh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Cookie: PHPSESSID=f6892a391b8f4de9aef27ff5927feeec
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 06 Dec 2023 19:22:36 GMT
content-type: image/png
content-length: 1254
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-4e6"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1y%2BFHBi%2FlxCQyu1KQajnr0zcV4bWFenwqeCIfU5CWuNMtyPg4h%2FrZ1pTDUecY3Dkr2qOSVYHobWl%2Bl4VqkOkTmUxk74AC9MqIgrkJB32VQmf5Mv2M6%2FnSVACf8Fg%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8316e6071bafc00d-WAW
alt-svc: h3=":443"; ma=86400
fndynqh.com/common_tpls/images/icons/user.png
200 OK 1.5 kB URL GET HTTP/3 fndynqh.com/common_tpls/images/icons/user.png
IP
Requested by https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Certificate IssuerGoogle Trust Services LLC
Subjectfndynqh.com
Fingerprint0E:60:BF:B7:66:0C:2A:09:4A:22:6D:FA:89:38:FE:B4:97:59:F6:D7
ValidityMon, 16 Oct 2023 17:08:52 GMT - Sun, 14 Jan 2024 17:08:51 GMT
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash d2ace1024969666b8ecfd48b0091a0fd
fb2988bb4203176476469b8ad12abc3cf8ce2113
a28165011050b8c217837b2ce4692f49413e27b7b259144cd128d0a9db9f63dc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /common_tpls/images/icons/user.png HTTP/1.1
Host: fndynqh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Cookie: PHPSESSID=f6892a391b8f4de9aef27ff5927feeec
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 06 Dec 2023 19:22:36 GMT
content-type: image/png
content-length: 1491
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-5d3"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94Oc0cz25WfTLkQXi1I1i8lUUIQlxwoTQ1b%2BuDpzlWoI%2FyiUZxZtXNeiWBa21SdHhIR9LwTufVvRK4LTjrxLj1OGdAQPeYWOKAppamCsEJOr0%2FtXGghfY1lWQYNQQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8316e6071bb3c00d-WAW
alt-svc: h3=":443"; ma=86400
fndynqh.com/common_tpls/images/icons/password.png
200 OK 1.5 kB URL GET HTTP/3 fndynqh.com/common_tpls/images/icons/password.png
IP
Requested by https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Certificate IssuerGoogle Trust Services LLC
Subjectfndynqh.com
Fingerprint0E:60:BF:B7:66:0C:2A:09:4A:22:6D:FA:89:38:FE:B4:97:59:F6:D7
ValidityMon, 16 Oct 2023 17:08:52 GMT - Sun, 14 Jan 2024 17:08:51 GMT
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash 6f100f1cdbdce928118ffa4c9293ca5b
6b1a3593e792d4c00187d60560dd03fb42df1156
8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /common_tpls/images/icons/password.png HTTP/1.1
Host: fndynqh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Cookie: PHPSESSID=f6892a391b8f4de9aef27ff5927feeec
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 06 Dec 2023 19:22:36 GMT
content-type: image/png
content-length: 1452
last-modified: Tue, 22 Aug 2017 16:34:59 GMT
etag: "599c5d33-5ac"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAEP2cPcKzldUCRvptwlXiqkMS6hcJ8PEqgUOhN%2BC%2B5bByOQFOuw7GmUOWP7OPuktwIynnRonPd6U%2BTJGl9WB8d4QDa3J9YPAfbYZpW5Csy68bSmgrBtITFaMs%2BDwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8316e6071bb6c00d-WAW
alt-svc: h3=":443"; ma=86400
kit.fontawesome.com/b314bdf1b3/110588222/kit-upload.css
200 OK 0 B URL GET HTTP/2 kit.fontawesome.com/b314bdf1b3/110588222/kit-upload.css
IP
Requested by https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Certificate IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D
ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b314bdf1b3/110588222/kit-upload.css HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fndynqh.com/
Origin: https://fndynqh.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 06 Dec 2023 19:22:36 GMT
content-type: text/css
content-length: 0
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926, public, must-revalidate
etag: 54af53b207eef226d6511e0a88e3038e
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F5eN1HPopEud40KYalvC
cf-cache-status: HIT
age: 1907228
accept-ranges: bytes
server: cloudflare
cf-ray: 8316e60aaf270d46-ARN
X-Firefox-Spdy: h2
fndynqh.com/favicon.ico
404 Not Found 55 kB IP
Requested by https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Certificate IssuerGoogle Trust Services LLC
Subjectfndynqh.com
Fingerprint0E:60:BF:B7:66:0C:2A:09:4A:22:6D:FA:89:38:FE:B4:97:59:F6:D7
ValidityMon, 16 Oct 2023 17:08:52 GMT - Sun, 14 Jan 2024 17:08:51 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 70461da8b94c6ca5d2fda3260c5a8c3b
994bc667720c21257500e29038c1a5f61e25da1e
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: fndynqh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fndynqh.com/user/?ofid=62&tbc=0393c8&a_aid=ccsbr&a_bid=4cc71e91&x_agent=PINK122&chan=PINK122&x_clickid=109922487&sitekey=889a8a927bbedbd6&rtr=1&rtid=0173214291
Cookie: PHPSESSID=f6892a391b8f4de9aef27ff5927feeec
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 06 Dec 2023 19:22:35 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5IqQrFg9FuaTLUlbODT5KQGmzdUbwBwkk994vM9RU1uhJ9Im7TLyDq2UwK%2B%2B%2B4w3j2mL6NBH%2BegTNQoAZ89xU5Qd6BLQccHY1F2aCaKBDpmAhk5IwDcaku%2BY9VnRsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8316e601c9aec00d-WAW
content-encoding: br
alt-svc: h3=":443"; ma=86400
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
200 OK 4.2 kB URL GET HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
IP
Requested by https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Certificate IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D
ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File type ASCII text, with very long lines (26366)
Hash 715826d7cea0f100c00238e5e5dc92b4
ea2a076f73ed3826287a726f35ae5e54136f2cee
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6
GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fndynqh.com/
Origin: https://fndynqh.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 06 Dec 2023 19:22:36 GMT
content-type: text/css
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 666012
accept-ranges: bytes
server: cloudflare
cf-ray: 8316e60aaf200d46-ARN
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
200 OK 2.6 kB URL GET HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
IP
Requested by https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Certificate IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D
ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File type ASCII text, with very long lines (27832)
Hash 1cb05a2f9541200e1fa0a2cd0abc7663
fdf3292a6db22945eb79e08d847834205b749c6f
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60
GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fndynqh.com/
Origin: https://fndynqh.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 06 Dec 2023 19:22:36 GMT
content-type: text/css
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 573154
accept-ranges: bytes
server: cloudflare
cf-ray: 8316e60aaf220d46-ARN
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf
200 OK 21 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf
IP
Requested by https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type TrueType Font data, 18 tables, 1st "GDEF", 14 names, Microsoft, language 0x409, Copyright 2020 The Open Sans Project Authors (https://github.com/googlefonts/opensans)Open SansR\012- data
Hash 4e6feb3d0ab3cb546db1152394983bdb
8feb43afdb5a47fc1c8c03b53be6822c72f845b3
294ed1734fd63bdeca41e4ac6d668c513ea6932b0030ee10c605d09efba1900e
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fndynqh.com
DNT: 1
Connection: keep-alive
Referer: https://fndynqh.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21006
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 20:08:00 GMT
expires: Wed, 04 Dec 2024 20:08:00 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 83676
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fndynqh.com/common_tpls/js/iframeResizer.contentWindow.min.js
200 OK 22 kB URL GET HTTP/3 fndynqh.com/common_tpls/js/iframeResizer.contentWindow.min.js
IP
Requested by https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Certificate IssuerGoogle Trust Services LLC
Subjectfndynqh.com
Fingerprint0E:60:BF:B7:66:0C:2A:09:4A:22:6D:FA:89:38:FE:B4:97:59:F6:D7
ValidityMon, 16 Oct 2023 17:08:52 GMT - Sun, 14 Jan 2024 17:08:51 GMT
File type ASCII text, with very long lines (12990)
Hash 2cf9df789476bc39b9906030f639660d
de708b4a0fe32f3d77505675eb119b671327a6b4
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /common_tpls/js/iframeResizer.contentWindow.min.js HTTP/1.1
Host: fndynqh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Cookie: PHPSESSID=f6892a391b8f4de9aef27ff5927feeec
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 06 Dec 2023 19:22:36 GMT
content-type: application/javascript
last-modified: Thu, 04 Feb 2016 15:06:03 GMT
etag: W/"56b368db-3445"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqzioBMXNi%2BueHFEupw3s4bZyVpjzkZ0YNz1Wlmwjshjz374b4pJ3dUwC0Lb7mS8zzgqJmnhk9Y2d%2BQhOBocQSm%2BnT3l3cofc%2BL4EG%2BE6VsaOoeCQ5EPAeVp%2FZ7kNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8316e6071bb8c00d-WAW
content-encoding: br
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrQ.ttf
200 OK 28 kB URL GET HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrQ.ttf
IP
Requested by https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type TrueType Font data, 18 tables, 1st "GDEF", 12 names, Microsoft, language 0x409, Copyright 2010 The Raleway Project Authors (impallari@gmail.com), with Reserved Font Name "Ralew\012- data
Hash bdebf93c5407fe68ebcf28ea8e7bf5cf
efea252ba989bdafdda75070b433706be9eb60c1
ccea64b644439db63b8dbe4e042401ceffbb0ba0ab7338e856aa7fb1f4d33e49
GET /s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrQ.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fndynqh.com
DNT: 1
Connection: keep-alive
Referer: https://fndynqh.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27688
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 03:25:12 GMT
expires: Wed, 04 Dec 2024 03:25:12 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:57:58 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 143844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-TZX6ZCL
200 OK 44 kB URL GET HTTP/3 www.googletagmanager.com/gtm.js?id=GTM-TZX6ZCL
IP
Requested by https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (2213)
Hash e6f679d6592608438772ec9e05769869
12293897b0dda279dcce3f76d8614119f2b2d7df
779cbf7260fb8431208a1e04d77a52a9648891510995c6b406196b93f175179c
GET /gtm.js?id=GTM-TZX6ZCL HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fndynqh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 06 Dec 2023 19:22:36 GMT
expires: Wed, 06 Dec 2023 19:22:36 GMT
cache-control: private, max-age=900
last-modified: Wed, 06 Dec 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44395
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fndynqh.com/common_tpls/js/form_support.js?v=1101202201
200 OK 1.9 kB URL GET HTTP/3 fndynqh.com/common_tpls/js/form_support.js?v=1101202201
IP
Requested by https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Certificate IssuerGoogle Trust Services LLC
Subjectfndynqh.com
Fingerprint0E:60:BF:B7:66:0C:2A:09:4A:22:6D:FA:89:38:FE:B4:97:59:F6:D7
ValidityMon, 16 Oct 2023 17:08:52 GMT - Sun, 14 Jan 2024 17:08:51 GMT
Hash 4ffa5d12f2aa2394aa284438d9ab1658
66a6678dc24eae37e35b8ee571e78f6e8af796da
a35efd7238a1ef4c6581aadc6d001e8554adf949dc6cde5650c2235483f19bf0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /common_tpls/js/form_support.js?v=1101202201 HTTP/1.1
Host: fndynqh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Cookie: PHPSESSID=f6892a391b8f4de9aef27ff5927feeec
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 06 Dec 2023 19:22:36 GMT
content-type: application/javascript
last-modified: Fri, 18 Nov 2022 21:23:37 GMT
etag: W/"6377f7d9-ed7"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHJgp2XaxPDojuDGxxCrgx2xQ9t0vthR5bh06YrVPsEgOtfRPuFWNKrMJLJp8lE96n1E4SRVN8oImOHkI1NMCDV4WTWtUWQcZkx5aXyzvaNGAJ1xaDScNPgAwsJlmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8316e606eb58c00d-WAW
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.googletagmanager.com/gtag/js?id=G-MZ8S35MRED&l=dataLayer&cx=c
200 OK 81 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-MZ8S35MRED&l=dataLayer&cx=c
IP
Requested by https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (5955)
Hash b8d4352652a02b35cb3afa4684e64510
73c6be8ddedbe92bbeb87ee4529c4d743aa653fb
edd59d2fbe39d1aa0b7ad9a73fb1eb9e297682d0ee95a8bc8c792568bcc31aac
GET /gtag/js?id=G-MZ8S35MRED&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fndynqh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 06 Dec 2023 19:22:36 GMT
expires: Wed, 06 Dec 2023 19:22:36 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81294
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fndynqh.com/user/trk/?rtid=0173214291
200 OK 21 B URL GET HTTP/3 fndynqh.com/user/trk/?rtid=0173214291
IP
Requested by https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Certificate IssuerGoogle Trust Services LLC
Subjectfndynqh.com
Fingerprint0E:60:BF:B7:66:0C:2A:09:4A:22:6D:FA:89:38:FE:B4:97:59:F6:D7
ValidityMon, 16 Oct 2023 17:08:52 GMT - Sun, 14 Jan 2024 17:08:51 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash f1e1be592dd387323c455300c171ce10
f16a66519bf1b7502785d15415a18f84d1cac77e
12903548525f8d556c57afe059f0e24d3acea167d62be68d748ca627f54365a6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /user/trk/?rtid=0173214291 HTTP/1.1
Host: fndynqh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Cookie: PHPSESSID=f6892a391b8f4de9aef27ff5927feeec
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 06 Dec 2023 19:22:37 GMT
content-type: text/json;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GydCr6ylPeMg4dXVyRw2SxDKb4GLFg0bXf0BqprQzBDFJeWrW%2FknVj4H3O%2BhePtSZz52IZFtMpEDibBnAXkcYlefTSBpFPbLuPqJJKcVxl4ckW2%2BLanJwV3BXwhufQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8316e60d381bc00d-WAW
alt-svc: h3=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
200 OK 88 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
Requested by https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (65451)
Hash 220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fndynqh.com
DNT: 1
Connection: keep-alive
Referer: https://fndynqh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 13:16:53 GMT
expires: Wed, 04 Dec 2024 13:16:53 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 108343
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
200 OK 323 kB URL GET HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
IP
Requested by https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Certificate IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D
ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File type ASCII text, with very long lines (65397)
Size 323 kB (322695 bytes)
Hash 486b13730aafe2a39cdaf1666679fa5b
aa0f52f048688ada20d921fef78cf15684a25f04
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d
GET /releases/v5.15.4/css/pro.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fndynqh.com/
Origin: https://fndynqh.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 19:22:36 GMT
content-type: text/css
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 1907228
accept-ranges: bytes
server: cloudflare
cf-ray: 8316e60aaf1b0d46-ARN
X-Firefox-Spdy: h2
fndynqh.com/common_tpls/js/validate_form_v2.js?jsv=35
200 OK 26 kB URL GET HTTP/3 fndynqh.com/common_tpls/js/validate_form_v2.js?jsv=35
IP
Requested by https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Certificate IssuerGoogle Trust Services LLC
Subjectfndynqh.com
Fingerprint0E:60:BF:B7:66:0C:2A:09:4A:22:6D:FA:89:38:FE:B4:97:59:F6:D7
ValidityMon, 16 Oct 2023 17:08:52 GMT - Sun, 14 Jan 2024 17:08:51 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /common_tpls/js/validate_form_v2.js?jsv=35 HTTP/1.1
Host: fndynqh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Cookie: PHPSESSID=f6892a391b8f4de9aef27ff5927feeec
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 06 Dec 2023 19:22:36 GMT
content-type: application/javascript
last-modified: Thu, 19 Oct 2023 00:24:58 GMT
etag: W/"6530775a-6590"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ee%2Bg%2B1ZwtKZNz5h6b7%2F8zbOw%2B354Vp%2FjLus46JqNhi2MirwT54BWPVNx56jUTlie7Xpw9eWyGJqed8UGSK5Omip1XKKoHJ66m%2B1kX2CxgBEt42ILVmB1%2FMGaDbYQdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8316e606eb74c00d-WAW
content-encoding: br
alt-svc: h3=":443"; ma=86400
fndynqh.com/common_tpls/compactML/css/wideBaseML.css
200 OK 23 kB URL GET HTTP/3 fndynqh.com/common_tpls/compactML/css/wideBaseML.css
IP
Requested by https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Certificate IssuerGoogle Trust Services LLC
Subjectfndynqh.com
Fingerprint0E:60:BF:B7:66:0C:2A:09:4A:22:6D:FA:89:38:FE:B4:97:59:F6:D7
ValidityMon, 16 Oct 2023 17:08:52 GMT - Sun, 14 Jan 2024 17:08:51 GMT
File type ASCII text, with very long lines (22986), with no line terminators
Hash 5ede9814b7457a64e5c8ee8aa036c3f0
0b05378651df8ed45fb3c40ec99dd98aa1c2d7fd
c776450a0b93289511851e3e32db4e620b99121990869c2f377ce61a5defdfe7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /common_tpls/compactML/css/wideBaseML.css HTTP/1.1
Host: fndynqh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Cookie: PHPSESSID=f6892a391b8f4de9aef27ff5927feeec
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 06 Dec 2023 19:22:36 GMT
content-type: text/css
last-modified: Mon, 08 May 2023 14:48:38 GMT
etag: W/"64590bc6-59ca"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLjwpz51P%2FAd1gpJIJbudUS3SV1aKRZaEgXlk%2FXgSGM%2BmbpuvZYc%2F45qTHkjE1zD%2FPVvT5tToU59rM9TFZqRqr4yWlGTXpiNX3SUNiB%2F51D7k5q8jS%2BunTmGGfzTeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8316e606db45c00d-WAW
content-encoding: br
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw5aX8.ttf
200 OK 31 kB URL GET HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw5aX8.ttf
IP
Requested by https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type TrueType Font data, 16 tables, 1st "GDEF", 14 names, Microsoft, language 0x409, Copyright 2011 The Montserrat Project Authors (https://github.com/JulietaUla/Montserrat)Montserr\012- data
Hash 7537927902d147b33daa33bde3d17670
201f909e6a91b0f7af89c68c7c9683463f944ee3
c8861d4f88efa374f573575cb6063bf54ee05e7d65d83eb8668c531687d06c85
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw5aX8.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fndynqh.com
DNT: 1
Connection: keep-alive
Referer: https://fndynqh.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16454
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 09:32:18 GMT
expires: Wed, 04 Dec 2024 09:32:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:58:46 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 121818
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css
200 OK 121 kB URL GET HTTP/2 ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css
IP
Requested by https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Certificate IssuerDigiCert Inc
Subject*.vo.msecnd.net
Fingerprint0E:7D:A8:CD:FE:61:1E:46:97:A3:57:99:70:DA:E0:59:1D:34:04:80
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 28 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (65371)
Size 121 kB (121200 bytes)
Hash ec3bb52a00e176a7181d454dffaea219
6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
GET /ajax/bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fndynqh.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 21077237
cache-control: public,max-age=31536000
content-type: text/css
date: Wed, 06 Dec 2023 19:22:36 GMT
etag: "0e914f2cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:10:18 GMT
server: ECAcc (ska/F740)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 19629
X-Firefox-Spdy: h2
fonts.googleapis.com/icon?family=Material+Icons
200 OK 565 B URL GET HTTP/2 fonts.googleapis.com/icon?family=Material+Icons
IP
Requested by https://fndynqh.com/user/?SID=f6892a391b8f4de9aef27ff5927feeec
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (588), with no line terminators
Hash bdcf60bde5544e1017e1f2e60888a9c7
6fb24309b7ff90c1c99d19c0c7a127a16508840e
d701601406acfca6bfc0c58b411446e3e0e96c659f35c143355d3dd72c390952
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fndynqh.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 06 Dec 2023 19:22:36 GMT
date: Wed, 06 Dec 2023 19:22:36 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
208.73.164.53
188.114.97.1
104.18.40.68
0.0.0.0