flacademy.cd/
154.72.53.85301 Moved Permanently 229 B IP 154.72.53.85:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 27972c56ad55b5b0bf2ef18995e94f8a
b2cfbb6da90f515104668e6659f859fe09a9e785
7a48f899eb0959aebdef498894a8ba3d4a16795e311974f10bcfd080e70b7411
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 18 Nov 2022 10:12:52 GMT
Server: Apache
Location: https://flacademy.cd/
Content-Length: 229
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d27590a1d3cbe1e9632b8ae92aaae3f4
202b34e8a0c3b88c8826fd56c6227b34f2cd6f46
6bcfa518476658128c1fb4ea2435c4e58531454cf97138dce7ece9def589aead
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BCFA518476658128C1FB4EA2435C4E58531454CF97138DCE7ECE9DEF589AEAD"
Last-Modified: Wed, 16 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5258
Expires: Fri, 18 Nov 2022 11:40:30 GMT
Date: Fri, 18 Nov 2022 10:12:52 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash be1be806b5dca7facbb45a6c3db44652
7ae9380a2f3eca959fe6ff6b3832a17cffd12cf4
1f3338058f8e9cae5c9fdd733c74564312726b01c6efdcd628d851d0c99876b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4889
Cache-Control: max-age=92399
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 10:12:53 GMT
Etag: "63760d7b-1d7"
Expires: Sat, 19 Nov 2022 11:52:52 GMT
Last-Modified: Thu, 17 Nov 2022 10:31:23 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3a38b6dd8a4cc335c026aebf2ed348b6
8a386e0ccb0ca4dc502746c45b2ebc3aa3f83cf8
8b4040a645cec1841a00a22765eb3a74978559daf15c54bd4b41b6b48aab7f95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3022
Expires: Fri, 18 Nov 2022 11:03:15 GMT
Date: Fri, 18 Nov 2022 10:12:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 18 Nov 2022 09:45:03 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1670
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8Do4fhnP0hcLee7wD7VB+sMrMbKFL1m0Fm/UlRDOKa2160eIIiu6uPl7GmTMXD103tKJOaDmAUo=
x-amz-request-id: QGSZ3B3HJG6KGH39
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 18 Nov 2022 09:52:50 GMT
age: 1203
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 18 Nov 2022 10:12:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
flacademy.cd/
154.72.53.85200 OK 28 kB IP 154.72.53.85:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (9381), with CRLF, LF line terminators
Hash 5843ca907c2e625d3b24c6921ba12dd8
ed9aa1d5d8719aa4001bb5168c93deae431d5f3b
2aeaa77df1f919d4bb9c6aa2ecb7a5f53b18a6b058a2b1604e23a34a19742833
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Cache-Control: no-cache
Content-Encoding: gzip
WPO-Cache-Status: cached
Last-Modified: Fri, 18 Nov 2022 10:11:13 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
flacademy.cd/wp-content/plugins/bdthemes-prime-slider-lite/assets/css/bdt-uikit.css?ver=3.2
154.72.53.85200 OK 90 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/bdthemes-prime-slider-lite/assets/css/bdt-uikit.css?ver=3.2
IP 154.72.53.85:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 316ef47aa0fafe79e56b445c5d210f7f
8384be5db65a65f4a6550bef43be4d959eb87b16
166204480570d0d3667e14da4d529824da29b53f0763e03dc069ebc9d01fd305
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/bdthemes-prime-slider-lite/assets/css/bdt-uikit.css?ver=3.2 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 23:28:16 GMT
Accept-Ranges: bytes
Content-Length: 90312
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
154.72.53.85200 OK 19 kB URL HTTP/1.1 flacademy.cd/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 154.72.53.85:0
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Tue, 24 May 2022 23:41:05 GMT
Accept-Ranges: bytes
Content-Length: 18617
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5
154.72.53.85200 OK 10 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5
IP 154.72.53.85:0
File type ASCII text, with very long lines (10435), with no line terminators
Hash 27a91498e22d4778e559dd13a12c6ab6
9868807cc628fab1cc5ccb6f6c53934e6e9303b4
4a25eb6972f4a513da7ead5d8c0f74832ed42b1ae5e1f13ed3ea36f0865a59c9
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Fri, 11 Nov 2022 23:28:19 GMT
Accept-Ranges: bytes
Content-Length: 10435
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-includes/css/classic-themes.min.css?ver=1
154.72.53.85200 OK 217 B URL HTTP/1.1 flacademy.cd/wp-includes/css/classic-themes.min.css?ver=1
IP 154.72.53.85:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 11:29:21 GMT
Accept-Ranges: bytes
Content-Length: 217
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 16bbadb18616687351d4047aedc2ab45
979123c7ad6726befbbab2c07b50ecca31aa2d18
de8231c6ee426b7a76ebf574998dec11ce908efc0a745c2182fb7b61c5915e9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 10:12:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
flacademy.cd/wp-content/plugins/bdthemes-prime-slider-lite/assets/css/prime-slider-site.css?ver=3.2.0
154.72.53.85200 OK 16 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/bdthemes-prime-slider-lite/assets/css/prime-slider-site.css?ver=3.2.0
IP 154.72.53.85:0
File type ASCII text, with very long lines (15861), with no line terminators
Hash 64661b0a596f1b14344c003135c679e3
8d44eb2329edd4a2ef495576de6214dfe9a4f5c2
a95b60239ddcc7c90b369153ec4c5ec0e2c25b195ae43457d7d52acf3e3bf952
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/bdthemes-prime-slider-lite/assets/css/prime-slider-site.css?ver=3.2.0 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 23:28:16 GMT
Accept-Ranges: bytes
Content-Length: 15861
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.googletagmanager.com/gtag/js?id=G-K4GT307DHH
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-K4GT307DHH
IP 142.250.74.168:0
File type ASCII text, with very long lines (19102)
Hash 20f8ac691fc2cb55eea30a865af9a0eb
2b926b203af62529c835e225b9b6764973a9da57
7795418083d7d5b7008c2bcc5d8a966bf64378b25c17c9e884fed4d23a524b2d
GET /gtag/js?id=G-K4GT307DHH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 18 Nov 2022 10:12:53 GMT
expires: Fri, 18 Nov 2022 10:12:53 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75987
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
flacademy.cd/wp-content/themes/superowly/config-contact-form-7/assets/css/style.css?ver=5.6.4
154.72.53.85200 OK 5.2 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/config-contact-form-7/assets/css/style.css?ver=5.6.4
IP 154.72.53.85:0
File type ASCII text, with CRLF line terminators
Hash 5ddc682f44397b3da9b4515d6fc33277
87afeec75c5dc41b3aa064b95a5fce8bc136ce7b
21f2dfcf160d67bd8e44dfa4d0806b4cc52ce4c944e70674adc58f36bab49471
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/superowly/config-contact-form-7/assets/css/style.css?ver=5.6.4 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:51 GMT
Accept-Ranges: bytes
Content-Length: 5216
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/plugins/mp-timetable/media/css/style.css?ver=2.4.7
154.72.53.85200 OK 11 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/mp-timetable/media/css/style.css?ver=2.4.7
IP 154.72.53.85:0
File type ASCII text, with very long lines (11000), with no line terminators
Hash 7d2f670b51db087df5bea4f4c2c55c62
039729d27748d49b48100a49fe171ca5110ce536
663c6df2fa7c54275426ab585a41d5484599abd2faa2f156e4cb5f57a1f3f72b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/mp-timetable/media/css/style.css?ver=2.4.7 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 08:08:54 GMT
Accept-Ranges: bytes
Content-Length: 11000
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/plugins/school-management-pro-9.6/assets/css/jquery-confirm.min.css?ver=6.1.1
154.72.53.85200 OK 22 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/school-management-pro-9.6/assets/css/jquery-confirm.min.css?ver=6.1.1
IP 154.72.53.85:0
File type ASCII text, with very long lines (22251), with CRLF line terminators
Hash b8c805d1b516b6b0cec21665b56da1a6
e68f54daef8f9db0259bc1499d8fa538950a5a69
6f545eadeb021dde0a3bfa7af108cf85e1261a2a45b20e451f84b8ddac19f43f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/school-management-pro-9.6/assets/css/jquery-confirm.min.css?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Thu, 16 Dec 2021 07:06:34 GMT
Accept-Ranges: bytes
Content-Length: 22546
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
154.72.53.85200 OK 95 kB URL HTTP/1.1 flacademy.cd/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 154.72.53.85:0
File type ASCII text, with very long lines (47826)
Hash 71d925864153f0edf91037f3d31048e8
cc16a0524ac63b5ce29f703a66412224f0dd771a
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 23:29:02 GMT
Accept-Ranges: bytes
Content-Length: 94889
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/plugins/school-management-pro-9.6/assets/css/toastr.min.css?ver=6.1.1
154.72.53.85200 OK 6.7 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/school-management-pro-9.6/assets/css/toastr.min.css?ver=6.1.1
IP 154.72.53.85:0
File type ASCII text, with very long lines (6454), with CR line terminators
Hash bc96861d9899e4e68fb2e59c363d8c60
573b1f76e7a9db37e4e0d1a59da78714e46bc2a2
10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/school-management-pro-9.6/assets/css/toastr.min.css?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Thu, 16 Dec 2021 07:06:34 GMT
Accept-Ranges: bytes
Content-Length: 6741
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/plugins/school-management-pro-9.6/assets/css/zebra_datepicker.min.css?ver=6.1.1
154.72.53.85200 OK 2.9 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/school-management-pro-9.6/assets/css/zebra_datepicker.min.css?ver=6.1.1
IP 154.72.53.85:0
File type ASCII text, with very long lines (2870), with no line terminators
Hash ccef648688ab121397c37869e44fb9a6
0774f28d3aacbebe2c458cd4e6be4f97e14bb9b1
a2aa4afabf860d7ce6d0fbf18f67dde2719d79ad60900800084233c947c91d3a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/school-management-pro-9.6/assets/css/zebra_datepicker.min.css?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Thu, 16 Dec 2021 07:06:34 GMT
Accept-Ranges: bytes
Content-Length: 2870
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/plugins/school-management-pro-9.6/assets/css/print/wlsm-preview.css?ver=5.1
154.72.53.85200 OK 11 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/school-management-pro-9.6/assets/css/print/wlsm-preview.css?ver=5.1
IP 154.72.53.85:0
File type assembler source, ASCII text, with CRLF line terminators
Hash d2e69acb205dec64834caacc681734d2
a36d4ad802e2ab8c34b10229847f52d9d4fbff42
f32e1a200e62d50cdcf7170148103c5f8a815bcbc43bc7fbf5ad74e9503ff8dd
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/school-management-pro-9.6/assets/css/print/wlsm-preview.css?ver=5.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Thu, 16 Dec 2021 07:06:34 GMT
Accept-Ranges: bytes
Content-Length: 10837
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/plugins/school-management-pro-9.6/assets/css/wlsm.css?ver=5.1
154.72.53.85200 OK 10 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/school-management-pro-9.6/assets/css/wlsm.css?ver=5.1
IP 154.72.53.85:0
File type ASCII text, with CRLF line terminators
Hash 31fe464d2ee2d0c52b49aab404872db7
4c2f93f18fa5cb4be851f664164f8dddfcd5ca4e
58c150a176e820428a033c48205b86b8b7a67567c4b7b6821c4541d6dd84be2b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/school-management-pro-9.6/assets/css/wlsm.css?ver=5.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Thu, 16 Dec 2021 07:06:34 GMT
Accept-Ranges: bytes
Content-Length: 10210
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/plugins/school-management-pro-9.6/assets/css/wlsm-dashboard.css?ver=5.1
154.72.53.85200 OK 6.4 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/school-management-pro-9.6/assets/css/wlsm-dashboard.css?ver=5.1
IP 154.72.53.85:0
File type ASCII text, with CRLF line terminators
Hash 92d13df26861e9733879a574243f4059
d98d80305a8e3fb9174d9f5f4745783fc196febf
c7bfa1d23e11ac560c57aebdf864c0ffc101b5b43bd1bbd5d55ade190e4124f3
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/school-management-pro-9.6/assets/css/wlsm-dashboard.css?ver=5.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Thu, 16 Dec 2021 07:06:34 GMT
Accept-Ranges: bytes
Content-Length: 6355
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/themes/superowly/js/fancybox/helpers/jquery.fancybox-buttons.css?ver=6.1.1
154.72.53.85200 OK 2.4 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/js/fancybox/helpers/jquery.fancybox-buttons.css?ver=6.1.1
IP 154.72.53.85:0
Hash cac75538c2e3ddfadef839feaca8e356
1a9d8e5c22b371fcc69d4dbbb823d9c39f04c0c8
ae270bcb50f2d50d85d66e5fa909ad765d6a899b387bb6508d3d3e94bad43ec1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/superowly/js/fancybox/helpers/jquery.fancybox-buttons.css?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:52 GMT
Accept-Ranges: bytes
Content-Length: 2447
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/themes/superowly/js/owlcarousel/owl.carousel.css?ver=6.1.1
154.72.53.85200 OK 4.7 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/js/owlcarousel/owl.carousel.css?ver=6.1.1
IP 154.72.53.85:0
Hash e61f8deda51e4b3b464659a9dcf9c5be
dfbfcbcc18c31715c8990fa916d834cb706f8f06
3664883bfec45a24a668717504dc1467bd017ef7207335ff990c0ba8ef841b05
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/superowly/js/owlcarousel/owl.carousel.css?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:53 GMT
Accept-Ranges: bytes
Content-Length: 4711
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/themes/superowly/js/fancybox/helpers/jquery.fancybox-thumbs.css?ver=6.1.1
154.72.53.85200 OK 735 B URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/js/fancybox/helpers/jquery.fancybox-thumbs.css?ver=6.1.1
IP 154.72.53.85:0
Hash 52ddd84a9f42c1d4cd86d518a7f7e8bc
4ac329c16a5277592fc12a37cca3d72ca4ec292f
d836d81acb5d5e712c55c4f7911d93513fe1d7d0336353085aa5bd0f36b6998c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/superowly/js/fancybox/helpers/jquery.fancybox-thumbs.css?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:52 GMT
Accept-Ranges: bytes
Content-Length: 735
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/themes/superowly/js/fancybox/jquery.fancybox.css?ver=6.1.1
154.72.53.85200 OK 4.9 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/js/fancybox/jquery.fancybox.css?ver=6.1.1
IP 154.72.53.85:0
Hash 6c55951ce1e3115711f63f99b7501f3a
5f163444617b6cf267342f06ac166a237bb62df9
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/superowly/js/fancybox/jquery.fancybox.css?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:52 GMT
Accept-Ranges: bytes
Content-Length: 4895
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5
154.72.53.85200 OK 236 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5
IP 154.72.53.85:0
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size 236 kB (235926 bytes)
Hash 1f7f24d802dda3c86486d768519911d4
cd5408ee57e21aa1c6cdd92b56ecc27e5ac8e714
ed9766c9f4ce4f6851e3d8416e9bec35b425dfc2b817b7647b1db8ff1a96c731
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Fri, 11 Nov 2022 23:28:19 GMT
Accept-Ranges: bytes
Content-Length: 235926
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/themes/superowly/fonts/linea-ecommerce/styles.css?ver=6.1.1
154.72.53.85200 OK 5.7 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/fonts/linea-ecommerce/styles.css?ver=6.1.1
IP 154.72.53.85:0
Hash 8c2cf8b95a28fdd5f9869b9c6dfdd73a
e2b5f0b99aed67f6953de12f8a731ec6c97fb32d
ed6de28bcc1d5d8ce3ee11864854f9af6871af1a55383340a3e2603bc879ab26
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/superowly/fonts/linea-ecommerce/styles.css?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:51 GMT
Accept-Ranges: bytes
Content-Length: 5655
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/themes/superowly/css/jquery.arcticmodal-0.3.css?ver=6.1.1
154.72.53.85200 OK 654 B URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/css/jquery.arcticmodal-0.3.css?ver=6.1.1
IP 154.72.53.85:0
File type ASCII text, with CRLF line terminators
Hash def37117c605c3e5ae3368d2d1e8d42b
f33d8f201e2b1b50798b31e2e74cd8fb9af63427
9d53ab0f38d422c274af1768e45246f52ab01caae916e7b0adee53af87c67166
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/superowly/css/jquery.arcticmodal-0.3.css?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:51 GMT
Accept-Ranges: bytes
Content-Length: 654
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/themes/superowly/css/bootstrap.min.css
154.72.53.85200 OK 12 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/css/bootstrap.min.css
IP 154.72.53.85:0
File type ASCII text, with very long lines (11764), with CRLF line terminators
Hash ee687401602a1fd8f449bd71a6e3a599
08968df96fc2b6ca2cefcbde90c5b383645f96fe
ae902ea613ed112876fd86b34d3572cbe0cae9a481973e0be6eb5e8cd8998662
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/superowly/css/bootstrap.min.css HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:51 GMT
Accept-Ranges: bytes
Content-Length: 11940
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/themes/superowly/style.css
154.72.53.85200 OK 168 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/style.css
IP 154.72.53.85:0
Size 168 kB (168538 bytes)
Hash c88d71ba45eb488d913c140ee2ed66c5
7cf2777e9fa1f79c85b30f9ae6f001fef89f682d
3b77c10638345527b567c45ddfb084ee47b79118269d9dbbb81000ba2363f0e9
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/superowly/style.css HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:53 GMT
Accept-Ranges: bytes
Content-Length: 168538
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/themes/superowly/css/fontello.css
154.72.53.85200 OK 128 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/css/fontello.css
IP 154.72.53.85:0
Size 128 kB (128309 bytes)
Hash 356c42af714514df19550ec414da6125
bf96b43dc603f7d8f9836bb5ea47f66e7ce27e45
fb0983fd50fda5d960b9e7025cdfe90fea26fc1685c8dd11d401b95b5174ee2c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/superowly/css/fontello.css HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:51 GMT
Accept-Ranges: bytes
Content-Length: 128309
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/uploads/dynamic_superowly_dir/skin_1.css?ver=61dc1b91b0d57
154.72.53.85200 OK 7.7 kB URL HTTP/1.1 flacademy.cd/wp-content/uploads/dynamic_superowly_dir/skin_1.css?ver=61dc1b91b0d57
IP 154.72.53.85:0
Hash 4e87cba3d4595f0fe3a4453066b65e10
74fba9a903dfc96586e0e50caa5e0e1aa6feb53a
6119d0e2f7539c14acea8cdc2bfe4db0c9b2739363b656c8406be02a1e29061a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads/dynamic_superowly_dir/skin_1.css?ver=61dc1b91b0d57 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Mon, 10 Jan 2022 11:42:09 GMT
Accept-Ranges: bytes
Content-Length: 7739
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/themes/superowly/css/responsive.css
154.72.53.85200 OK 25 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/css/responsive.css
IP 154.72.53.85:0
File type assembler source, ASCII text
Hash 1a3fbc3e82c2f6d8a640192e44214a66
a6284face0d04e74aaf6d74e4652dd842128ee51
d99592c050011cdf4cb6bbf18ad002c0f2b5432a8a9e12e281910511fc3e9eb2
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/superowly/css/responsive.css HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:51 GMT
Accept-Ranges: bytes
Content-Length: 24905
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/themes/superowly/fonts/demo-files/demo.css
154.72.53.85200 OK 52 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/fonts/demo-files/demo.css
IP 154.72.53.85:0
Hash c0ae38eb72b70deb6d790c470f6cd5cd
7ab7d40042cf157499db5d432250884a59209f3a
6495f2295a6fdabadda73c3d5936cfd101626f1e9def6cb84c38be970937d00b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/superowly/fonts/demo-files/demo.css HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:51 GMT
Accept-Ranges: bytes
Content-Length: 51760
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
154.72.53.85200 OK 19 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 154.72.53.85:0
File type ASCII text, with very long lines (19233)
Hash d183c598fd582fe997f6782afed84f9b
7799820e0e849e8484543c3360a8d8cc62baa32f
83059e4c1a5c210e5585d96779fe655170817193d43e247c78dffaae7b7ba3a9
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Mon, 14 Nov 2022 08:13:20 GMT
Accept-Ranges: bytes
Content-Length: 19279
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1
154.72.53.85200 OK 104 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1
IP 154.72.53.85:0
File type ASCII text, with very long lines (65497)
Size 104 kB (103736 bytes)
Hash 4b537383067b0dfe61ff78af4bbefa85
aded11dce7b7ae49e731c27520051816141bf36e
68dc20b37b0b7071711805588742ddad6cc6aaac49f319148fb78a648baeaa60
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Mon, 14 Nov 2022 08:13:20 GMT
Accept-Ranges: bytes
Content-Length: 103736
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.8.1
154.72.53.85200 OK 12 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.8.1
IP 154.72.53.85:0
File type ASCII text, with very long lines (11952)
Hash eefbd5037a5c14287f5d0903978b2564
bdf10555fb67a30240ab2149a177f43f971cfae4
e2cdfae9b2eff11e91abf9c269b241e9cb414cb923117061ea377740fc17fb3e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.8.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Mon, 14 Nov 2022 08:13:22 GMT
Accept-Ranges: bytes
Content-Length: 11995
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/uploads/elementor/css/post-483.css?ver=1668589594
154.72.53.85200 OK 1.2 kB URL HTTP/1.1 flacademy.cd/wp-content/uploads/elementor/css/post-483.css?ver=1668589594
IP 154.72.53.85:0
File type ASCII text, with very long lines (1164), with no line terminators
Hash 7da1c8be98cc33f52a737dd0783b0e9e
432aa45d2a89c37902a675e05205594c6c401d81
f59e763d9eb5a86c313de921e67d94b3b6be937d767b7c34a6ec29e857ceeede
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-483.css?ver=1668589594 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 09:06:34 GMT
Accept-Ranges: bytes
Content-Length: 1164
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/themes/superowly/config-woocommerce/assets/css/woocommerce-mod.css?ver=6.1.1
154.72.53.85200 OK 52 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/config-woocommerce/assets/css/woocommerce-mod.css?ver=6.1.1
IP 154.72.53.85:0
File type ASCII text, with very long lines (6758), with CRLF line terminators
Hash 304d0a176531284dccb69fefeff7fe51
149c00d32029f66f172c9c305d315cd2489bfe4a
aa016bcae835aa4ba981e5674a8ae7730825795aa6d3a1255d075f3971b4ae91
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/superowly/config-woocommerce/assets/css/woocommerce-mod.css?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:51 GMT
Accept-Ranges: bytes
Content-Length: 51885
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/uploads/elementor/css/global.css?ver=1668589595
154.72.53.85200 OK 58 kB URL HTTP/1.1 flacademy.cd/wp-content/uploads/elementor/css/global.css?ver=1668589595
IP 154.72.53.85:0
File type ASCII text, with very long lines (26152)
Hash 060d9bb0574458dcb2193e8a636235f1
0d8bc860202d130750353096a0b4df9440efa879
2f6c0a0e003d7a33ac874670824c6c1e528b72e53d955de3092bc86eb6793bba
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/elementor/css/global.css?ver=1668589595 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:53 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 09:06:35 GMT
Accept-Ranges: bytes
Content-Length: 58459
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/uploads/elementor/css/post-884.css?ver=1668590342
154.72.53.85200 OK 7.5 kB URL HTTP/1.1 flacademy.cd/wp-content/uploads/elementor/css/post-884.css?ver=1668590342
IP 154.72.53.85:0
File type ASCII text, with very long lines (6815)
Hash 1671d5d5d71721153fd6cd749fc258af
30766b8a54c922d8c4da473215d397c38ed16ebf
5a40732453f60312544418d2ebf21c468210a65ad4a72326d897b77e225000f4
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-884.css?ver=1668590342 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 09:19:02 GMT
Accept-Ranges: bytes
Content-Length: 7501
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/plugins/custom-price-for-woocommerce/vendor_prefixed/wpdesk/custom-price-for-woocommerce-core//assets/css/frontend/front.css?ver=1668766272
154.72.53.85200 OK 1.6 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/custom-price-for-woocommerce/vendor_prefixed/wpdesk/custom-price-for-woocommerce-core//assets/css/frontend/front.css?ver=1668766272
IP 154.72.53.85:0
Hash 9a56b7e5cafe09b0a4eee6266612fa20
d4a7562ecb98a861f5d054324a25dc2112fe2393
18d363d35f6ca2b44ea381ed9b5df3400a44335ac0571f692ff6bf72f6bdb675
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/custom-price-for-woocommerce/vendor_prefixed/wpdesk/custom-price-for-woocommerce-core//assets/css/frontend/front.css?ver=1668766272 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 11:23:58 GMT
Accept-Ranges: bytes
Content-Length: 1553
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
154.72.53.85200 OK 11 kB URL HTTP/1.1 flacademy.cd/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 154.72.53.85:0
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 13:36:06 GMT
Accept-Ranges: bytes
Content-Length: 11224
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
154.72.53.85200 OK 90 kB URL HTTP/1.1 flacademy.cd/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 154.72.53.85:0
File type ASCII text, with very long lines (65447)
Hash 17738318d61d394f1de8890d589afaec
f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 11:29:21 GMT
Accept-Ranges: bytes
Content-Length: 89684
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.1
154.72.53.85200 OK 12 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.1
IP 154.72.53.85:0
File type ASCII text, with very long lines (1577)
Hash a76f61318af036823b08d73536486be6
31ff9b215dcef9151b9f4fc50ea91a9df1962102
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Wed, 09 Nov 2022 23:31:04 GMT
Accept-Ranges: bytes
Content-Length: 11898
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/plugins/cleantalk-spam-protect/js/apbct-public-bundle.min.js?ver=5.189
154.72.53.85200 OK 46 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/cleantalk-spam-protect/js/apbct-public-bundle.min.js?ver=5.189
IP 154.72.53.85:0
File type ASCII text, with very long lines (45529), with no line terminators
Hash de88bbadaf17178bc2da1f92e6436847
a2cd402f7c98464742b284189f5e2465d317d38c
b83c6996b8b62de253d21d5c66caef7e9475d216b125c183a3231aa342cc1eaf
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/cleantalk-spam-protect/js/apbct-public-bundle.min.js?ver=5.189 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 11:29:04 GMT
Accept-Ranges: bytes
Content-Length: 45529
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/themes/superowly/js/libs/jquery.modernizr.js?ver=6.1.1
154.72.53.85200 OK 10 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/js/libs/jquery.modernizr.js?ver=6.1.1
IP 154.72.53.85:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (10119), with CRLF line terminators
Hash e31d5a241293fd939c0457d95d569799
db460b8f127c58930562bde2c7ec566c929355b5
ebaacdf4a02a4353df19eb61086bb9830d4914af2f251b9cccc9a6aa26996fba
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/superowly/js/libs/jquery.modernizr.js?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:52 GMT
Accept-Ranges: bytes
Content-Length: 10388
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/themes/superowly/js/libs/retina.min.js?ver=6.1.1
154.72.53.85200 OK 2.6 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/js/libs/retina.min.js?ver=6.1.1
IP 154.72.53.85:0
File type ASCII text, with very long lines (2352)
Hash d6d3252daec57ca544ccd11bdbff701f
4534879a052d14dcbab3347220fc707fd9406503
772aed2cf700b617330eaacbdbd55ae8e1ef89a8747d2880f095c65d843ee02e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/superowly/js/libs/retina.min.js?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:53 GMT
Accept-Ranges: bytes
Content-Length: 2575
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/plugins/bdthemes-prime-slider-lite/assets/css/ps-dragon.css?ver=3.2.0
154.72.53.85200 OK 7.5 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/bdthemes-prime-slider-lite/assets/css/ps-dragon.css?ver=3.2.0
IP 154.72.53.85:0
File type ASCII text, with very long lines (7461), with no line terminators
Hash 5be20a201fceb784cf8ababb0ba94044
f48e63c7f3b8c2cc947b636a0dfa1163a8841b49
1abf81478430bcf470324999bd7be528dddeba8babebb0184674d432a061991d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/bdthemes-prime-slider-lite/assets/css/ps-dragon.css?ver=3.2.0 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 23:28:16 GMT
Accept-Ranges: bytes
Content-Length: 7461
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/plugins/bdthemes-prime-slider-lite/assets/css/ps-general.css?ver=3.2.0
154.72.53.85200 OK 29 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/bdthemes-prime-slider-lite/assets/css/ps-general.css?ver=3.2.0
IP 154.72.53.85:0
File type ASCII text, with very long lines (29231), with no line terminators
Hash ef2a4d199a43c5c0e1aa60b83b608b9b
8c122a0940e2d7d2c4dc45f9b388d0c4732dc836
f5c62c949c43baafaab995a90b4d4c2fd0b39be6d3bb12ec88981e4a4863d31b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/bdthemes-prime-slider-lite/assets/css/ps-general.css?ver=3.2.0 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 23:28:16 GMT
Accept-Ranges: bytes
Content-Length: 29231
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.1
154.72.53.85200 OK 18 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.1
IP 154.72.53.85:0
File type ASCII text, with very long lines (10019)
Hash 4601ba55044413706c2022cb6c1c3d05
5103ec2fbb389568ebf5cfe4fd721f3df2ff7aec
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 14 Nov 2022 08:13:20 GMT
Accept-Ranges: bytes
Content-Length: 18468
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.5
154.72.53.85200 OK 59 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.5
IP 154.72.53.85:0
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash 8b19c7f2e2f079405832a60776d26af4
fea9d5e85146d2736ee11fe34e039e418447fb9c
6abe94c8db415593d42b093301152b1e9c727364c2b5ed05b5ca2f163d8aa747
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.5 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 19:32:38 GMT
Accept-Ranges: bytes
Content-Length: 59103
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
flacademy.cd/wp-content/themes/superowly/includes/widgets/popular-widget/js/pop-widget.js?ver=1.0.1
154.72.53.85200 OK 190 B URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/includes/widgets/popular-widget/js/pop-widget.js?ver=1.0.1
IP 154.72.53.85:0
File type ASCII text, with CRLF line terminators
Hash d7f693ca1ff8c9aa03af1e31a86a9f38
e96860e5f334097c6574d04d6ecc2e9a957874c0
f35e389bfebebd928ea50c98d5d4544a9601b9fcfd5ff30dc07733ee6aba3462
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/superowly/includes/widgets/popular-widget/js/pop-widget.js?ver=1.0.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:52 GMT
Accept-Ranges: bytes
Content-Length: 190
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
154.72.53.85200 OK 9.9 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 154.72.53.85:0
File type ASCII text, with very long lines (9937), with no line terminators
Hash dc74c9954b1944928eca0172c3b8c6b3
e9e00e587e0e28491b69563b4e768945ff2e0ed5
d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Wed, 19 Oct 2022 11:37:58 GMT
Accept-Ranges: bytes
Content-Length: 9937
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
154.72.53.85200 OK 12 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 154.72.53.85:0
File type HTML document, ASCII text, with very long lines (12310), with no line terminators
Hash 1f9968a7c7a2a02491393fb9d4103dae
0032c8a6a692e6f072b2cef20828449402fdd57d
f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Wed, 19 Oct 2022 11:37:58 GMT
Accept-Ranges: bytes
Content-Length: 12310
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.5
154.72.53.85200 OK 124 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.5
IP 154.72.53.85:0
File type ASCII text, with very long lines (42889), with CRLF line terminators
Size 124 kB (124272 bytes)
Hash 45158046da12a8625b17fabca990d080
366f30392bde37bf0eec5c7de4ec8be5498d35e2
87664d848161d3a5bf83a511f4f483dc05e8472d06aedd5111488d267af298bb
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.5 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 19:32:40 GMT
Accept-Ranges: bytes
Content-Length: 124272
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/plugins/school-management-pro-9.6/assets/js/jquery-confirm.min.js?ver=1
154.72.53.85200 OK 28 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/school-management-pro-9.6/assets/js/jquery-confirm.min.js?ver=1
IP 154.72.53.85:0
File type ASCII text, with very long lines (27931), with CRLF line terminators
Hash 0e699aff8a60f425a428f4e56c280a50
e3e5564d87c4ffb5540c78e113e23646a13c18e9
a1fbeefceaa19bbe2fb991a57c5d7f6f83945a42bf7f39559405b19201ebf92e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/school-management-pro-9.6/assets/js/jquery-confirm.min.js?ver=1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Thu, 16 Dec 2021 07:06:34 GMT
Accept-Ranges: bytes
Content-Length: 28231
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/plugins/school-management-pro-9.6/assets/js/zebra_datepicker.min.js?ver=1
154.72.53.85200 OK 36 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/school-management-pro-9.6/assets/js/zebra_datepicker.min.js?ver=1
IP 154.72.53.85:0
File type Unicode text, UTF-8 text, with very long lines (36462), with no line terminators
Hash 2cd00c753c5589bab86c76abf24ef411
7e43650646d0ebd0c68193ce2e327796f85ad5e7
12af586157ecf6c6380b2ba0d9fbfe4ac10bbc322a31e7ec0afee72da00cd303
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/school-management-pro-9.6/assets/js/zebra_datepicker.min.js?ver=1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Thu, 16 Dec 2021 07:06:34 GMT
Accept-Ranges: bytes
Content-Length: 36470
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/plugins/school-management-pro-9.6/assets/js/toastr.min.js?ver=1
154.72.53.85200 OK 5.5 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/school-management-pro-9.6/assets/js/toastr.min.js?ver=1
IP 154.72.53.85:0
File type ASCII text, with very long lines (5215), with CRLF line terminators
Hash 1515ed21d8bd30ca0fae0970f85a7fb3
b7808c728fe5fcf884620df5e2154ce988e920c7
f2bb0e8511764611ff0081b549ff188c326c7376bf86e28513782b0a48f9c7aa
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/school-management-pro-9.6/assets/js/toastr.min.js?ver=1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Thu, 16 Dec 2021 07:06:34 GMT
Accept-Ranges: bytes
Content-Length: 5544
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0
154.72.53.85200 OK 16 kB URL HTTP/1.1 flacademy.cd/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0
IP 154.72.53.85:0
File type ASCII text, with very long lines (15977), with no line terminators
Hash 677c2f0968a30971c14028915d03af28
3b84de809a104c613617eec0f055be7535b318f0
bd947fc70043b66e61cf4aa9ccb2c0472e7ca8898879239c62b51582161c266c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 11:29:21 GMT
Accept-Ranges: bytes
Content-Length: 15977
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/plugins/school-management-pro-9.6/assets/js/wlsm.js?ver=5.1
154.72.53.85200 OK 59 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/school-management-pro-9.6/assets/js/wlsm.js?ver=5.1
IP 154.72.53.85:0
File type ASCII text, with CRLF line terminators
Hash 97c0bfe392d3caffc9aebe3a3cd417b4
88ef32fea615cb1d53a897a517a1dcb19da157e5
c46f4a2f69d734a2cc4256f8170722fd95fe0faf2b3f6c92d8ca73d7f5927f26
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/school-management-pro-9.6/assets/js/wlsm.js?ver=5.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Thu, 16 Dec 2021 07:06:34 GMT
Accept-Ranges: bytes
Content-Length: 59224
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0
154.72.53.85200 OK 1.8 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0
IP 154.72.53.85:0
File type ASCII text, with very long lines (1668)
Hash d0a6d8547c66b0d7b0172466558d1208
ff93916519c7b9483251f609e4d29f38c30a66e3
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Fri, 11 Nov 2022 23:28:19 GMT
Accept-Ranges: bytes
Content-Length: 1834
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0
154.72.53.85200 OK 9.5 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0
IP 154.72.53.85:0
File type ASCII text, with very long lines (9111)
Hash 4ffc462852340d9e6b5b7b29276fcb71
5e04050e09e3f7d8107ef3b9aa9313be618c460e
18336635cd5e9edf2aff3ae18b67250684311c2a459457091b063dafba57d526
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Fri, 11 Nov 2022 23:28:19 GMT
Accept-Ranges: bytes
Content-Length: 9505
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0
154.72.53.85200 OK 2.9 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0
IP 154.72.53.85:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash 0fd625c3991a4015814cffdc88e2fc82
d7c2f53e058210ff3ea773297641008bab71a5f3
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Fri, 11 Nov 2022 23:28:19 GMT
Accept-Ranges: bytes
Content-Length: 2938
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0
154.72.53.85200 OK 2.1 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0
IP 154.72.53.85:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash b72c1cbb1530a011a27bd9800f26765a
27b825c5d8255f33b8427a059d4545ebd65e1746
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Fri, 11 Nov 2022 23:28:19 GMT
Accept-Ranges: bytes
Content-Length: 2139
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.5
154.72.53.85200 OK 376 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.5
IP 154.72.53.85:0
File type ASCII text, with very long lines (64288)
Size 376 kB (375875 bytes)
Hash 1a73ac13c556f58db6b42f4264862266
936dec84980758c6f1fabadd3d3f9cdb53a44701
e4efcd6ec7d1fc476d9d3f43480ec9fb2b37ebcca255edefd2cfad8d2a96c27a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.5 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 19:32:40 GMT
Accept-Ranges: bytes
Content-Length: 375875
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
154.72.53.85200 OK 21 kB URL HTTP/1.1 flacademy.cd/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 154.72.53.85:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 034bd11ecaf6fb9240d905245e42e202
ff136c394ed95badfc0107fb98a890dcff642828
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 11:29:21 GMT
Accept-Ranges: bytes
Content-Length: 21440
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2
154.72.53.85200 OK 12 kB URL HTTP/1.1 flacademy.cd/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2
IP 154.72.53.85:0
File type ASCII text, with very long lines (11760)
Hash 88407dc30b83ffa7dd834fe4a35307b7
857a3a007e5ea8d88123bb47019606618e19eb77
6a0d53f68e013dac42a52a5264c5d28a12a06b6bc7cc1d63bc2d385558bd2dd7
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 11:29:21 GMT
Accept-Ranges: bytes
Content-Length: 11937
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/themes/superowly/js/jquery.arcticmodal-0.3.min.js?ver=6.1.1
154.72.53.85200 OK 6.1 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/js/jquery.arcticmodal-0.3.min.js?ver=6.1.1
IP 154.72.53.85:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (532), with CRLF line terminators
Hash cef3c1fb1c7f77ae32de5ddecd86f266
d77d40d4f82e1c4ded2ba0c4d4d6097307ba76d5
7401f047e7a87c22df7f1e1e5413da84bd53b2d5bd6869e6c759325676943d84
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/superowly/js/jquery.arcticmodal-0.3.min.js?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:52 GMT
Accept-Ranges: bytes
Content-Length: 6118
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/themes/superowly/js/fancybox/jquery.fancybox.pack.js?ver=6.1.1
154.72.53.85200 OK 23 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/js/fancybox/jquery.fancybox.pack.js?ver=6.1.1
IP 154.72.53.85:0
File type ASCII text, with very long lines (645)
Hash cc9e759f24ba773aeef8a131889d3728
53360764b429c212f424399384417ccc233bb3be
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/superowly/js/fancybox/jquery.fancybox.pack.js?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:52 GMT
Accept-Ranges: bytes
Content-Length: 23135
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/themes/superowly/js/fancybox/helpers/jquery.fancybox-thumbs.js?ver=6.1.1
154.72.53.85200 OK 3.8 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/js/fancybox/helpers/jquery.fancybox-thumbs.js?ver=6.1.1
IP 154.72.53.85:0
Hash cf1fc1df534eede4cb460c5cbd71aba6
53e194f4a72e649c04fb586dd57762b8c022800b
0ba02b924fc5beeb370ed64d478401e94a513e970cac2c46266c708348135cf2
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/superowly/js/fancybox/helpers/jquery.fancybox-thumbs.js?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:52 GMT
Accept-Ranges: bytes
Content-Length: 3836
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash feaeba711c7421b074e726f89ff34e0b
c590c0b76a7a78ab51a4dabcd8f20a1b172b02fb
ebe6e312ea7116713547fbd756805843b1c242ad22269158a79305f1819fa990
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 10:12:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
flacademy.cd/wp-content/themes/superowly/js/fancybox/helpers/jquery.fancybox-media.js?ver=6.1.1
154.72.53.85200 OK 5.3 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/js/fancybox/helpers/jquery.fancybox-media.js?ver=6.1.1
IP 154.72.53.85:0
Hash c017067f48d97ec4a077ccdf056e6a2e
3bdf69ed2469e4fb57f5a95f17300eef891ff90d
e53e650a83dbce1ab8d93c365299f2e8f5070c414c9ea302f2422ca65f5fdab4
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/superowly/js/fancybox/helpers/jquery.fancybox-media.js?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:52 GMT
Accept-Ranges: bytes
Content-Length: 5305
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/themes/superowly/js/fancybox/helpers/jquery.fancybox-buttons.js?ver=6.1.1
154.72.53.85200 OK 3.0 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/js/fancybox/helpers/jquery.fancybox-buttons.js?ver=6.1.1
IP 154.72.53.85:0
File type ASCII text, with very long lines (411)
Hash f53c246661fb995a3f12e67fa38e0fa0
91e41741c2e93f732c82aaacec4cfc6e3f3ec876
2d63b8ad7966c80ce51051da38da14f52b99cfb019aec650b2437fc74fac1560
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/superowly/js/fancybox/helpers/jquery.fancybox-buttons.js?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:52 GMT
Accept-Ranges: bytes
Content-Length: 3041
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/themes/superowly/js/jquery.scrollTo.min.js?ver=6.1.1
154.72.53.85200 OK 2.5 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/js/jquery.scrollTo.min.js?ver=6.1.1
IP 154.72.53.85:0
File type Unicode text, UTF-8 text, with very long lines (2272), with CRLF line terminators
Hash 0ee013c5f1f0f3172cfbaf893998fc24
ebf4b578ee55796e1c2fa064e6d807eec6d7a3b0
8873f8f2239b8c5127bc0e018c01a2d44f2ddb97779b4c8d09578e7972ed72e7
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/superowly/js/jquery.scrollTo.min.js?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:52 GMT
Accept-Ranges: bytes
Content-Length: 2451
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash feaeba711c7421b074e726f89ff34e0b
c590c0b76a7a78ab51a4dabcd8f20a1b172b02fb
ebe6e312ea7116713547fbd756805843b1c242ad22269158a79305f1819fa990
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 10:12:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 18 Nov 2022 09:25:01 GMT
cache-control: public,max-age=3600
age: 2873
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
flacademy.cd/wp-content/themes/superowly/js/jquery.localScroll.min.js?ver=6.1.1
154.72.53.85200 OK 1.5 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/js/jquery.localScroll.min.js?ver=6.1.1
IP 154.72.53.85:0
File type ASCII text, with very long lines (1306)
Hash d18df22ff25e1a28df27317fed2aa232
7f68c99f5012073778fbd44d079aa93837aad25a
2cd41238967b362ed5433880de66bcc48a9804c5616c9a5980042c88dcf13646
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/superowly/js/jquery.localScroll.min.js?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:52 GMT
Accept-Ranges: bytes
Content-Length: 1475
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/themes/superowly/js/owlcarousel/owl.carousel.min.js?ver=6.1.1
154.72.53.85200 OK 40 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/js/owlcarousel/owl.carousel.min.js?ver=6.1.1
IP 154.72.53.85:0
File type ASCII text, with very long lines (32061)
Hash 40f70ab03342e3891259517e6cdef44b
d0624b906af3531b2901bbc1071da7bd8ef832eb
fbd5cab38e29afaf8bfeab507963eb866097a967d3c77222499894c46915cc08
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/superowly/js/owlcarousel/owl.carousel.min.js?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:53 GMT
Accept-Ranges: bytes
Content-Length: 40394
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e487b4ba4a69545846305811fb55f578
43102c0262e1209a2eeec208de3b10aef7cf7b8a
fb831e81ad6aa60e83b900237f184d992945360ac4a0a28830086642b6a6a466
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 354
Cache-Control: max-age=135687
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 10:12:54 GMT
Etag: "6376c84b-1d7"
Expires: Sat, 19 Nov 2022 23:54:21 GMT
Last-Modified: Thu, 17 Nov 2022 23:48:27 GMT
Server: ECS (amb/6B80)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 50e43a539bb515bbfbfabf8a88ab4763
a487e3ebae27017e9aa017c0f50ea91810908c65
69785b8601889db8d94c67afd756e32438ca761ccac2ebb5d49f22e17149cf57
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2142
Cache-Control: max-age=142933
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 10:12:54 GMT
Etag: "6376dd9d-1d7"
Expires: Sun, 20 Nov 2022 01:55:07 GMT
Last-Modified: Fri, 18 Nov 2022 01:19:25 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
flacademy.cd/wp-content/themes/superowly/js/jquery.queryloader2.min.js?ver=6.1.1
154.72.53.85200 OK 12 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/js/jquery.queryloader2.min.js?ver=6.1.1
IP 154.72.53.85:0
File type ASCII text, with CRLF line terminators
Hash 0e589d94aadeac33c30e97c3bf47247b
c787907da93d739c7446a0dee40396504b9de04a
cc17b180fce7d9ffdb107410c94c39d8c18805b257f7a0a265e500470ccead62
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/superowly/js/jquery.queryloader2.min.js?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:52 GMT
Accept-Ranges: bytes
Content-Length: 12014
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 16bbadb18616687351d4047aedc2ab45
979123c7ad6726befbbab2c07b50ecca31aa2d18
de8231c6ee426b7a76ebf574998dec11ce908efc0a745c2182fb7b61c5915e9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 10:12:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
flacademy.cd/wp-content/themes/superowly/js/superowly.core.js?ver=6.1.1
154.72.53.85200 OK 16 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/js/superowly.core.js?ver=6.1.1
IP 154.72.53.85:0
File type ASCII text, with very long lines (373), with CRLF line terminators
Hash d6bd7dbe80014d7e338bda3e32b3f6e3
a379e489daf673fedb2039ecf8b3af7800cc61b6
c6928a59d9331d8a9649f1e1d68a4320ff523e90698eec3099f372044b8ce1a3
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/superowly/js/superowly.core.js?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:53 GMT
Accept-Ranges: bytes
Content-Length: 15831
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/themes/superowly/js/isotope.pkgd.min.js?ver=6.1.1
154.72.53.85200 OK 41 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/js/isotope.pkgd.min.js?ver=6.1.1
IP 154.72.53.85:0
File type ASCII text, with very long lines (32031)
Hash 993af08be0b86ea8d282f6300236c611
01f232e86fa362a808e391e333bc4dc5a886c4c7
338867db60061d0d769700bd29def22fd63bce55e904001ecb7a4bfe2f4912b4
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/superowly/js/isotope.pkgd.min.js?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:52 GMT
Accept-Ranges: bytes
Content-Length: 40847
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: application/javascript
checkout.stripe.com/checkout.js
151.101.84.176200 OK 23 kB URL HTTP/2 checkout.stripe.com/checkout.js
IP 151.101.84.176:0
File type Unicode text, UTF-8 text, with very long lines (32065)
Hash 051cdac3e3a4449ec26071243e34dabd
0ed8a66c66518da77f35b4eb1924a49a7bf2d117
b49f93c72fc1a6d6a99d8f919877c47d4d18c1414754cb1a262e8b3a7c975ddb
GET /checkout.js HTTP/1.1
Host: checkout.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 13 Jul 2022 15:14:21 GMT
etag: "9df39fdc36e7b7d12c767cc16f78989c"
cache-control: public, max-age=60
content-type: application/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Fri, 18 Nov 2022 10:12:54 GMT
via: 1.1 varnish
age: 56
x-request-id: 2a2a3e74-0e55-416e-a4bf-e2332ac196db
x-served-by: cache-bma1633-BMA
x-cache: HIT
x-cache-hits: 3
x-timer: S1668766375.546256,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 22937
X-Firefox-Spdy: h2
flacademy.cd/wp-content/themes/superowly/js/superowly.plugins.js?ver=6.1.1
154.72.53.85200 OK 25 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/js/superowly.plugins.js?ver=6.1.1
IP 154.72.53.85:0
File type ASCII text, with CRLF line terminators
Hash 4aea7f8ebcee12e2c98437c35affcf3b
fa98e9f8821b049740fdcc6cbfa8572e8fa31d2a
01f0596984677d09b0370d2d8033df8d52fc0256f6db68f9975a850ffffbd69b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/superowly/js/superowly.plugins.js?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:53 GMT
Accept-Ranges: bytes
Content-Length: 25441
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c10055ce87434f700ff8b20e3be1f919
477b3c9f1da0c464282bb54572737e76b6e346da
4d78eb296876122e5ff40fcd7667adf1bf8a4b1ee4c8203c88a63ce8d7910a57
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5923
Cache-Control: max-age=88364
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 10:12:54 GMT
Etag: "6375f9af-1d7"
Expires: Sat, 19 Nov 2022 10:45:38 GMT
Last-Modified: Thu, 17 Nov 2022 09:06:55 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
flacademy.cd/wp-content/themes/superowly/config-woocommerce/assets/js/woocommerce-mod.js?ver=1
154.72.53.85200 OK 3.3 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/config-woocommerce/assets/js/woocommerce-mod.js?ver=1
IP 154.72.53.85:0
File type ASCII text, with CRLF line terminators
Hash f0aa1b6485f5c09158365db73fdb79e5
f2621c26f08d5e7ae5c59543748f45719b1b1b01
5356de6699e86bfb1acca30cbcc71b0353149b4a5d9b80f0267936aca8c35188
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/superowly/config-woocommerce/assets/js/woocommerce-mod.js?ver=1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:51 GMT
Accept-Ranges: bytes
Content-Length: 3344
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash feaeba711c7421b074e726f89ff34e0b
c590c0b76a7a78ab51a4dabcd8f20a1b172b02fb
ebe6e312ea7116713547fbd756805843b1c242ad22269158a79305f1819fa990
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 10:12:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 24e839b9f3c854f1059813baa2c678a5
be2078cbfd0e0ed2de69e22e76c5c83aba9c656e
35b72207dddd79dce8c7f0bc72243dc70d0a9190b15fd344c790224513b8f810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 10:12:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
flacademy.cd/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
154.72.53.85200 OK 5.0 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
IP 154.72.53.85:0
File type ASCII text, with very long lines (4918)
Hash 562ad59077018eb139d1f46afd69a050
d33c188f7d0f306b8a0ede1e3b67a0edb7be8966
f6eb858ead7f15dcd18541c5433714e0c0966d81b8d009a2d49e5a181e548fbb
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 14 Nov 2022 08:13:20 GMT
Accept-Ranges: bytes
Content-Length: 4957
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
154.72.53.85200 OK 33 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
IP 154.72.53.85:0
File type Unicode text, UTF-8 text, with very long lines (32907)
Hash 48b7a16ab38005edf9c9964313ce1cd7
8b8569d937aac61fd792b6c68fca974e3cdd94ab
5d80f13fd7524318f81eb1301170d4d0fbee242c12403c01f3a06c9f681192c7
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 14 Nov 2022 08:13:20 GMT
Accept-Ranges: bytes
Content-Length: 32947
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 77f900222ff1d19c5bd0e1907137e8ef
6965200da467a2443441fbeb6da27ef1015d8ae5
1ca70708992718fbd9d83720dad44573012f2eeca1e0f9e4578bf75932b6064f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=150629
Date: Fri, 18 Nov 2022 10:12:54 GMT
Etag: "6376ee79-1d7"
Expires: Sun, 20 Nov 2022 04:03:23 GMT
Last-Modified: Fri, 18 Nov 2022 02:31:21 GMT
Server: ECS (dcb/7F7F)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 31Rj90kEQ8Bz59wMvi1MSo1PtF-Jx9qSr2IFhRIzCKVQqH5hFkGqtA==
Age: 5522
region1.google-analytics.com/g/collect?v=2&tid=G-K4GT307DHH>m=2oeb90&_p=389572191&gdid=dZGIzZG&cid=1851526916.1668766372&ul=en-us&sr=1280x1024&_s=1&sid=1668766372&sct=1&seg=0&dl=https%3A%2F%2Fflacademy.cd%2F&dt=HOME%20-%20Future%20Leaders%20Academy&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-K4GT307DHH>m=2oeb90&_p=389572191&gdid=dZGIzZG&cid=1851526916.1668766372&ul=en-us&sr=1280x1024&_s=1&sid=1668766372&sct=1&seg=0&dl=https%3A%2F%2Fflacademy.cd%2F&dt=HOME%20-%20Future%20Leaders%20Academy&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-K4GT307DHH>m=2oeb90&_p=389572191&gdid=dZGIzZG&cid=1851526916.1668766372&ul=en-us&sr=1280x1024&_s=1&sid=1668766372&sct=1&seg=0&dl=https%3A%2F%2Fflacademy.cd%2F&dt=HOME%20-%20Future%20Leaders%20Academy&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flacademy.cd
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://flacademy.cd
date: Fri, 18 Nov 2022 10:12:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
flacademy.cd/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
154.72.53.85200 OK 12 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 154.72.53.85:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash 3819c3569da71daec283a75483735f7e
ecd40a5cc6f0b76200c454ca880210dc301cfab8
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 14 Nov 2022 08:13:20 GMT
Accept-Ranges: bytes
Content-Length: 12198
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 10:12:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
flacademy.cd/wp-content/plugins/bdthemes-prime-slider-lite/assets/js/bdt-uikit.min.js?ver=3.2
154.72.53.85200 OK 135 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/bdthemes-prime-slider-lite/assets/js/bdt-uikit.min.js?ver=3.2
IP 154.72.53.85:0
File type ASCII text, with very long lines (59504)
Size 135 kB (135175 bytes)
Hash 02eecda8daea8b0aac06f56daf5adb08
004dddedf7f63221c650136b7b592d8d0f0450f7
d3cca349f5ebdb7b4b81ee5ec0d0db522668a6bd05dddc117162228dc0c8bc98
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/bdthemes-prime-slider-lite/assets/js/bdt-uikit.min.js?ver=3.2 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 23:28:16 GMT
Accept-Ranges: bytes
Content-Length: 135175
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.195200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flacademy.cd
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 21:48:50 GMT
expires: Thu, 16 Nov 2023 21:48:50 GMT
cache-control: public, max-age=31536000
age: 131044
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
flacademy.cd/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
154.72.53.85200 OK 40 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
IP 154.72.53.85:0
File type ASCII text, with very long lines (40474)
Hash 2331d602370faa61829c8aa628996c7d
e097dda010d924637e9c9f906be7653ae2d29343
5ceb0c2088d29cecbe3ee571dc3cf6fec764bbb7c73f0e22c73007149a2ce68d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 14 Nov 2022 08:13:20 GMT
Accept-Ranges: bytes
Content-Length: 40513
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/plugins/bdthemes-prime-slider-lite/assets/js/prime-slider-site.min.js?ver=3.2.0
154.72.53.85200 OK 4.9 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/bdthemes-prime-slider-lite/assets/js/prime-slider-site.min.js?ver=3.2.0
IP 154.72.53.85:0
File type ASCII text, with very long lines (4931), with no line terminators
Hash e2d5bf0f7b65e354322186ec8f0597bc
107fe93c00035fb04b6cd65754d8b979817c83ab
e00ba4b8f5a99b26429a5adc1c3accb4652e48c71e5eefab70646741ba48c0fa
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/bdthemes-prime-slider-lite/assets/js/prime-slider-site.min.js?ver=3.2.0 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 23:28:16 GMT
Accept-Ranges: bytes
Content-Length: 4931
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
154.72.53.85200 OK 6.5 kB URL HTTP/1.1 flacademy.cd/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 154.72.53.85:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 61449413a42d2daaa79dbe7298b40e21
d86c474164c603084397bdc50fb0e469d28b5772
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Tue, 24 May 2022 23:41:04 GMT
Accept-Ranges: bytes
Content-Length: 6475
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.1
154.72.53.85200 OK 5.2 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.1
IP 154.72.53.85:0
File type ASCII text, with very long lines (5191)
Hash f44edc9992aef81487f64b40e4e052d2
eeed718d00ea7f732c0cf73d57e4bf958e2fa1d9
cc65806adf6c251323693c9b7adb6b97e19879aa2f5428f2f05c0f08fca18404
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 14 Nov 2022 08:13:22 GMT
Accept-Ranges: bytes
Content-Length: 5234
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 10:12:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
flacademy.cd/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
154.72.53.85200 OK 18 kB URL HTTP/1.1 flacademy.cd/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 154.72.53.85:0
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash e495a4709e3eae31c67f8263f25d2d39
d43ba6a092e4823a71f3bff75d5ed279a481636b
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 11:29:21 GMT
Accept-Ranges: bytes
Content-Length: 17823
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
154.72.53.85200 OK 4.9 kB URL HTTP/1.1 flacademy.cd/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP 154.72.53.85:0
File type ASCII text, with very long lines (4875)
Hash b33ab4d5dcf02436276a717e9d1b7c18
f47b9a9c41b3b11c9dffabca22945727c3ec6566
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Tue, 24 May 2022 23:41:04 GMT
Accept-Ranges: bytes
Content-Length: 4910
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2
216.58.207.195200 OK 8.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 8668, version 1.0\012- data
Hash a242ba0df3a128a2cab929a8c45d5056
d70e2c70b21cbb66cd883ae56e2dedacefd81c7c
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
GET /s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flacademy.cd
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8668
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:53:37 GMT
expires: Thu, 16 Nov 2023 19:53:37 GMT
cache-control: public, max-age=31536000
age: 137957
last-modified: Wed, 27 Apr 2022 16:07:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.195200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flacademy.cd
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:30:59 GMT
expires: Thu, 16 Nov 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 139315
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
216.58.207.195200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flacademy.cd
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Nov 2022 14:43:52 GMT
expires: Wed, 15 Nov 2023 14:43:52 GMT
cache-control: public, max-age=31536000
age: 242942
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
flacademy.cd/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.1
154.72.53.85200 OK 22 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.1
IP 154.72.53.85:0
File type ASCII text, with very long lines (21520)
Hash a9c365ad6facee60ebfebf49a287fa22
8422edc3a9eae1a170d089ee915a6abee95c5d78
4a7fdd491f449c314d884b9b9b6d11cfe037179d84e567a62e1e19584881e3e9
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 14 Nov 2022 08:13:22 GMT
Accept-Ranges: bytes
Content-Length: 21563
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
154.72.53.85200 OK 10 kB URL HTTP/1.1 flacademy.cd/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP 154.72.53.85:0
Hash 8cd696505481e74ffee89b4995f37379
ee9aad199ef2bc60a3460f4c52f37d22907b2ec9
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 11:29:21 GMT
Accept-Ranges: bytes
Content-Length: 10230
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flacademy.cd
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:34:08 GMT
expires: Thu, 16 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 139126
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.240.207.158101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.240.207.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LZ/CEl0OMsmGGYZbJZZZUg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: sdk2ftg1RYplGwPPh7wWo0Ie/C0=
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flacademy.cd
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 14:07:32 GMT
expires: Thu, 16 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 158722
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
flacademy.cd/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.8.1
154.72.53.85200 OK 25 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.8.1
IP 154.72.53.85:0
File type ASCII text, with very long lines (24753)
Hash 055f01cb6912284f7e3c7d3ab88ec499
4b4712ecd4eeb4b51c3bf6bccc613d798d014f99
27c3bae726c78894582c23e5b507dda2dacd2c5c8aa9afe17ae179519e4ba3e0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.8.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 14 Nov 2022 08:13:22 GMT
Accept-Ranges: bytes
Content-Length: 24796
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
216.58.207.195200 OK 34 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data
Hash 848cd2ecd011428969dc6b90431bc482
6b1a7b562a56bd54510e0f6f95e26babca331a1b
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flacademy.cd
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 21:38:57 GMT
expires: Fri, 17 Nov 2023 21:38:57 GMT
cache-control: public, max-age=31536000
age: 45237
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
flacademy.cd/wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-before.js
154.72.53.85200 OK 1.3 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-before.js
IP 154.72.53.85:0
Hash ed2a4da46568eb4080ede2396431343a
3b63971d85ed7d69ac4f5f80ae4df8f10b5d3e00
ae6de183ae9a339fddbc7ca40bbccc092582999e99089fbe7a5b31e0b075445a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-before.js HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 08:08:52 GMT
Accept-Ranges: bytes
Content-Length: 1278
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-includes/js/underscore.min.js?ver=1.13.4
154.72.53.85200 OK 19 kB URL HTTP/1.1 flacademy.cd/wp-includes/js/underscore.min.js?ver=1.13.4
IP 154.72.53.85:0
File type ASCII text, with very long lines (18798)
Hash f88d5720bb454ed5d204cbdb56901f6b
f1952292fde4b15936e9aac16b2b9896684db95b
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 11:29:21 GMT
Accept-Ranges: bytes
Content-Length: 18833
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-after.js
154.72.53.85200 OK 928 B URL HTTP/1.1 flacademy.cd/wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-after.js
IP 154.72.53.85:0
Hash 5ecfc97f98f4182283767624aa556197
9a6c9ced34020bc7cfc3cb25ab4a201b1722a18b
28ba1826a2b215bb02c0182c67e01b2a361ed1f3726b45a191c67392f1dcec6b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-after.js HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 08:08:52 GMT
Accept-Ranges: bytes
Content-Length: 928
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-includes/js/wp-util.min.js?ver=6.1.1
154.72.53.85200 OK 1.4 kB URL HTTP/1.1 flacademy.cd/wp-includes/js/wp-util.min.js?ver=6.1.1
IP 154.72.53.85:0
File type ASCII text, with very long lines (1391)
Hash 19d386c9004e54941c1cc61d357efa5d
0a77594006c8d86fdcc0adbc2b9aecaef3869586
3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/wp-util.min.js?ver=6.1.1 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 11:29:21 GMT
Accept-Ranges: bytes
Content-Length: 1426
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8
154.72.53.85200 OK 754 B URL HTTP/1.1 flacademy.cd/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8
IP 154.72.53.85:0
File type ASCII text, with very long lines (754), with no line terminators
Hash afb55c29bdbcfc262d9fa56743572cad
d4b6cb9df2b1b5477cd968fb05cf5faa1d13d6bf
c30dab20b677f2b13f42a4a04385a3c6d380fa023a4a1c32f45f2996e152bfba
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 14 Nov 2022 08:13:33 GMT
Accept-Ranges: bytes
Content-Length: 754
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/plugins/mp-timetable/media/js/mptt-functions.js?ver=2.4.7
154.72.53.85200 OK 8.3 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/mp-timetable/media/js/mptt-functions.js?ver=2.4.7
IP 154.72.53.85:0
Hash d134d487a297b7e89971933088b9d15b
39dbd130c540a643db57ac33a938d8779d37bd17
b5c11876f56a93ea76b904e5a4bd517c7eed18a25f3e4e8df1b41fce05285cf1
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/mp-timetable/media/js/mptt-functions.js?ver=2.4.7 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 08:08:54 GMT
Accept-Ranges: bytes
Content-Length: 8318
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/plugins/mp-timetable/media/js/mptt-elementor-editor.js?ver=2.4.7
154.72.53.85200 OK 522 B URL HTTP/1.1 flacademy.cd/wp-content/plugins/mp-timetable/media/js/mptt-elementor-editor.js?ver=2.4.7
IP 154.72.53.85:0
Hash d9a5d71cdcea263a4e8fed0e278d78ad
b294506142ed0771a54977f431ca51ec0e6ecea5
a878900eaa3bda05034db8f3d207fbd73ef04042b86afc9911a75d6fe8a0729f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/mp-timetable/media/js/mptt-elementor-editor.js?ver=2.4.7 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 08:08:54 GMT
Accept-Ranges: bytes
Content-Length: 522
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/plugins/mp-timetable/media/js/events/event.js?ver=2.4.7
154.72.53.85200 OK 27 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/mp-timetable/media/js/events/event.js?ver=2.4.7
IP 154.72.53.85:0
Hash 7489e164a536edd0df3f98c97fd32ba3
d7c14791a136406c973cd7bcfb54d56f24e453c3
92cbe51450f5a44849a5b0c8fcb5a482c2dee886d90ff5fd73f538dd903c2118
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/mp-timetable/media/js/events/event.js?ver=2.4.7 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 08:08:54 GMT
Accept-Ranges: bytes
Content-Length: 27091
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
flacademy.cd/wp-content/themes/superowly/fonts/Linearicons.ttf
154.72.53.85200 OK 498 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/fonts/Linearicons.ttf
IP 154.72.53.85:0
File type TrueType Font data, 12 tables, 1st "GSUB", 24 names, Macintosh\012- data
Size 498 kB (498156 bytes)
Hash f6e2e9c30040079ab5b2bdc94f0a3289
dcb1a930a2896228f5075397e4fdc5afc1c0699b
97af2f6b511991503bee0d894553692d209292ea2cbc562006f4771513078399
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/superowly/fonts/Linearicons.ttf HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/wp-content/themes/superowly/fonts/demo-files/demo.css
Cookie: _ga_K4GT307DHH=GS1.1.1668766372.1.0.1668766372.0.0.0; _ga=GA1.1.1851526916.1668766372
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:51 GMT
Accept-Ranges: bytes
Content-Length: 498156
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: font/ttf
flacademy.cd/wp-content/uploads/2022/01/ITCEDSCR.woff2
154.72.53.85200 OK 30 kB URL HTTP/1.1 flacademy.cd/wp-content/uploads/2022/01/ITCEDSCR.woff2
IP 154.72.53.85:0
File type Web Open Font Format (Version 2), TrueType, length 30116, version 1.0\012- data
Hash 7fdc732f7fd8833e6df51c9479b40beb
6939c8d98b133931fa221a3dd227ef3134a76a75
02b5328feed31b2cbc21def9e37be7de03919f5e58671487cd60fbb9575a5fc3
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads/2022/01/ITCEDSCR.woff2 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://flacademy.cd/wp-content/uploads/elementor/css/post-884.css?ver=1668590342
Cookie: _ga_K4GT307DHH=GS1.1.1668766372.1.0.1668766372.0.0.0; _ga=GA1.1.1851526916.1668766372
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Thu, 06 Jan 2022 03:51:22 GMT
Accept-Ranges: bytes
Content-Length: 30116
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: font/woff2
flacademy.cd/wp-content/themes/superowly/fonts/alarm.woff?11759646
154.72.53.85200 OK 284 kB URL HTTP/1.1 flacademy.cd/wp-content/themes/superowly/fonts/alarm.woff?11759646
IP 154.72.53.85:0
File type Web Open Font Format, TrueType, length 284328, version 1.0\012- data
Size 284 kB (284328 bytes)
Hash f0c2e8d37e68bcf0cbd9b1f8e1779b2d
a0e8ddfc1cc3abeb3288d240c4aa93f58cfb8430
9aebcb40b2ed89473159b1b626f4f60ae068ea3430ab571858a5c9d9f890c742
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/superowly/fonts/alarm.woff?11759646 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://flacademy.cd/wp-content/themes/superowly/css/fontello.css
Cookie: _ga_K4GT307DHH=GS1.1.1668766372.1.0.1668766372.0.0.0; _ga=GA1.1.1851526916.1668766372
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 18:31:51 GMT
Accept-Ranges: bytes
Content-Length: 284328
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: font/woff
flacademy.cd/wp-content/uploads/2021/12/manager.jpg
154.72.53.85200 OK 91 kB URL HTTP/1.1 flacademy.cd/wp-content/uploads/2021/12/manager.jpg
IP 154.72.53.85:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=12, manufacturer=Canon, model=Canon EOS 7D, orientation=upper-left, xresolution=196, yresolution=204, resolutionunit=2, datetime=2015:11:23 09:14:47], progressive, precision 8, 688x460, components 3\012- data
Hash 65f467277fa076b1f46e66ee9741ffe2
95b5006fb19d83308e46ebf40495e757d9228924
5aeb35bf97ecc4617bcc072178695517aae32095517e5e59f6dec6123e899785
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/12/manager.jpg HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Cookie: _ga_K4GT307DHH=GS1.1.1668766372.1.0.1668766372.0.0.0; _ga=GA1.1.1851526916.1668766372
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Wed, 29 Dec 2021 13:28:39 GMT
Accept-Ranges: bytes
Content-Length: 91183
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: image/jpeg
flacademy.cd/wp-content/uploads/2021/12/cropped-new-logo.png
154.72.53.85200 OK 17 kB URL HTTP/1.1 flacademy.cd/wp-content/uploads/2021/12/cropped-new-logo.png
IP 154.72.53.85:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 7d7d880911116aaf87981f747cb0034c
acdab16330ddca80938d06477f746d344a30c5c6
b16ad40c054797824836bdd614aef2049ee93e09ef9bdacda0a774bcbebb917e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/12/cropped-new-logo.png HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Wed, 29 Dec 2021 13:32:22 GMT
Accept-Ranges: bytes
Content-Length: 17343
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/png
checkout.razorpay.com/v1/checkout.js
43.204.193.90200 OK 57 kB URL HTTP/1.1 checkout.razorpay.com/v1/checkout.js
IP 43.204.193.90:0
File type Unicode text, UTF-8 text, with very long lines (65379), with no line terminators
Hash 480c3b60e90a69bcf2531936f8696b91
ec87c3bd55cc94c92cb4dc090cf561be6034166d
6223e94475145ac332d63b5e7c78cfac43ecb4ef22821cb595841e726c1b2083
GET /v1/checkout.js HTTP/1.1
Host: checkout.razorpay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Age: 134
Cache-Control: max-age=120
Content-Encoding: br
Etag: W/"0bb2d258c9ed596beb5ec0e1fe85fffb"
Last-Modified: Thu, 17 Nov 2022 13:17:37 GMT
Strict-Transport-Security: max-age=315360000; includeSubDomains
Vary: Accept-Encoding
X-Cache-: HIT
X-Xss-Protection: 1; mode=block
velikorodnov.com/wordpress/superowly/wp-content/themes/superowly/images/rainbowstripe.jpg
169.46.108.5200 OK 1.9 kB URL HTTP/1.1 velikorodnov.com/wordpress/superowly/wp-content/themes/superowly/images/rainbowstripe.jpg
IP 169.46.108.5:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x4, components 3\012- data
Hash 54cda6bb57301264e23d5ee72de1a419
74954a66141d0059cafcb744e47b9cb5d64cf9d6
c9328011d116d60de81346a7c779787955fa5f64b7b0989b979b46b8f73900b9
GET /wordpress/superowly/wp-content/themes/superowly/images/rainbowstripe.jpg HTTP/1.1
Host: velikorodnov.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:55 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 10:20:49 GMT
Accept-Ranges: bytes
Content-Length: 1853
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
flacademy.cd/wp-content/plugins/bdthemes-prime-slider-lite/assets/images/side-round-mask.svg
154.72.53.85200 OK 430 B URL HTTP/1.1 flacademy.cd/wp-content/plugins/bdthemes-prime-slider-lite/assets/images/side-round-mask.svg
IP 154.72.53.85:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 5dc97477ccf83965123bf7e0110ef474
93a8c3b75321d1c314f4bd559980f2d9cd61d2fe
f4d9d9c5696d13d5208bf9b19eb391312f9b5a78f1c0b6397b6c5b315eeabdf9
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/bdthemes-prime-slider-lite/assets/images/side-round-mask.svg HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/wp-content/plugins/bdthemes-prime-slider-lite/assets/css/ps-dragon.css?ver=3.2.0
Cookie: _ga_K4GT307DHH=GS1.1.1668766372.1.0.1668766372.0.0.0; _ga=GA1.1.1851526916.1668766372; ct_ps_timestamp=1668766373; ct_fkp_timestamp=0; ct_pointer_data=0; ct_timezone=0; ct_screen_info=%7B%22fullWidth%22%3A1268%2C%22fullHeight%22%3A1666%2C%22visibleWidth%22%3A1268%2C%22visibleHeight%22%3A939%7D; apbct_headless=false; ct_checked_emails=0; ct_checkjs=a239e803ccad03ce63aa09ed0c84c8753c0f1f9d0a5c1a3a37ad500b75519409
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:55 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 23:28:16 GMT
Accept-Ranges: bytes
Content-Length: 430
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a0ff4263da14d748f44e432c42bd50b4
2525d276d073e5da159fbe3614719072ccfcbd75
40a82c763c561954966024399b2b39443508db32fbed1cca8cbb8cf921025769
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5747
Cache-Control: max-age=118035
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 10:12:55 GMT
Etag: "63766e47-1d7"
Expires: Sat, 19 Nov 2022 19:00:10 GMT
Last-Modified: Thu, 17 Nov 2022 17:24:23 GMT
Server: ECS (amb/6B80)
X-Cache: HIT
Content-Length: 471
velikorodnov.com/wordpress/superowly/wp-content/themes/superowly/images/footer_bottom_bg.jpg
169.46.108.5200 OK 69 kB URL HTTP/1.1 velikorodnov.com/wordpress/superowly/wp-content/themes/superowly/images/footer_bottom_bg.jpg
IP 169.46.108.5:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 825x171, components 3\012- data
Hash e415d1b4fa3477e8082becf319978782
bbd051406835381bf8a71ac38a8120f420addedf
07f0ac4d54b03c8df5094313ac18fe13da1c4d83af3c8c54739ec81865830ff1
GET /wordpress/superowly/wp-content/themes/superowly/images/footer_bottom_bg.jpg HTTP/1.1
Host: velikorodnov.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:55 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 10:20:49 GMT
Accept-Ranges: bytes
Content-Length: 69364
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
flacademy.cd/wp-content/uploads/2022/04/banner.png
154.72.53.85200 OK 445 kB URL HTTP/1.1 flacademy.cd/wp-content/uploads/2022/04/banner.png
IP 154.72.53.85:0
File type PNG image data, 1280 x 720, 8-bit colormap, non-interlaced\012- data
Size 445 kB (444660 bytes)
Hash c9a78411c60df8abfe06e7e29b2fa9f8
e8402a0d3a518df2a70d05e846b051ff0e8bbae5
af7a6c1291774576cd78c756c32897a07a609b41677f148352569fd47b2c7ed7
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/04/banner.png HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Cookie: _ga_K4GT307DHH=GS1.1.1668766372.1.0.1668766372.0.0.0; _ga=GA1.1.1851526916.1668766372; ct_ps_timestamp=1668766373; ct_fkp_timestamp=0; ct_pointer_data=0; ct_timezone=0; ct_screen_info=%7B%22fullWidth%22%3A1268%2C%22fullHeight%22%3A1666%2C%22visibleWidth%22%3A1268%2C%22visibleHeight%22%3A939%7D; apbct_headless=false; ct_checked_emails=0; ct_checkjs=a239e803ccad03ce63aa09ed0c84c8753c0f1f9d0a5c1a3a37ad500b75519409
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:55 GMT
Server: Apache
Last-Modified: Mon, 18 Apr 2022 10:48:21 GMT
Accept-Ranges: bytes
Content-Length: 444660
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Content-Type: image/png
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2319
Expires: Fri, 18 Nov 2022 10:51:34 GMT
Date: Fri, 18 Nov 2022 10:12:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2319
Expires: Fri, 18 Nov 2022 10:51:34 GMT
Date: Fri, 18 Nov 2022 10:12:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2319
Expires: Fri, 18 Nov 2022 10:51:34 GMT
Date: Fri, 18 Nov 2022 10:12:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2319
Expires: Fri, 18 Nov 2022 10:51:34 GMT
Date: Fri, 18 Nov 2022 10:12:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2319
Expires: Fri, 18 Nov 2022 10:51:34 GMT
Date: Fri, 18 Nov 2022 10:12:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d9d6315-de31-43b3-8c19-dc3528c7eefe.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d9d6315-de31-43b3-8c19-dc3528c7eefe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 158a07cdb0174c0cf0c2473cb069a459
46753b0476f8a272a047b07070db272a0fd3b42e
40bacc15755d920085e52af0bc9f6e8eac0379a31765f6ba72cf53546e296a2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d9d6315-de31-43b3-8c19-dc3528c7eefe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5917
x-amzn-requestid: 47ec37aa-10ef-4e35-a76c-301d34e4a102
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw9VaHt9oAMFpIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376a8ef-6eb9776b4df9facd0f19c974;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:34:39 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qReov2_mDTOantzcbI8dBALwKBsq58MGL2yHuJwk0DxNL7um6T_M1g==
via: 1.1 76dcc62b68091cc715d50b5017be77fc.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:55:57 GMT
age: 44218
etag: "46753b0476f8a272a047b07070db272a0fd3b42e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X3SUo1LP97TxraRav0ftskBhzWkTJInHaS44PW26yloF-dgD-bHBuA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 00:26:57 GMT
age: 35158
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ba71d8-c0f3-4d43-a49a-3576bdcfb322.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ba71d8-c0f3-4d43-a49a-3576bdcfb322.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 292dc2edef978e128f70b96ee4b2b3e2
1530f860e2b54b7b382f59654db63eaed59c5f95
f74b08f1bdd35ea7ebb6e2887fc6c02abc76f9e276cd30d1d7d6475e667b5624
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ba71d8-c0f3-4d43-a49a-3576bdcfb322.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4310
x-amzn-requestid: 6452483a-f96e-4f27-a18e-55e9206e7be6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-78FiToAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7f-4e366d3612f39c5c421e864e;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C8hVBVyCgsK-mT6_PXr68AjfNsNPGqD_TWBEwNlyY_Nur_RgB5aE3w==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:42:15 GMT
age: 41440
etag: "1530f860e2b54b7b382f59654db63eaed59c5f95"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd2b71261-68cc-40d8-9fce-033095c5889d.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd2b71261-68cc-40d8-9fce-033095c5889d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f22c78eb5d83b4a108e0fff0806ff1a1
7e246b0b4697140ae7429aeff92aa16ab88dd6f6
1afadc1fb89b5a321e067893609c154b6d7dbd39123d15883c799aab6214cd4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd2b71261-68cc-40d8-9fce-033095c5889d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9661
x-amzn-requestid: dcff71d8-a6ac-45f2-acc1-e14314334495
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-7RHGAIAMFSOA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7b-3598a746247615de161878e3;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:31 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nNm3mly0cy8etL6Tg2gC2jpSc37d77L8rNny7C5fSTG2jn4zRo04lg==
via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:49:45 GMT
age: 44590
etag: "7e246b0b4697140ae7429aeff92aa16ab88dd6f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d0b6106f00f9fd8b89c2d484a559a1a
399ac393209dcdac7d2188d7aa8d95f04570ef7c
5d8151c9eb558f4a2b8bd2952c6845606ddb0c27e36f6e49aca7e60908cd9fe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3759
x-amzn-requestid: 8c91ac59-89dc-4218-b69f-0cebb29f301b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-wJHgxoAMF-hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab33-4dac305614a92bc52c038222;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mb2-PTjNmt06Wd5jOjQ5WoLY-0NgI80CKPXtwgzBt4n5km8Pu_WN0Q==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:08:54 GMT
age: 43441
etag: "399ac393209dcdac7d2188d7aa8d95f04570ef7c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84053cb2-edec-465e-8700-6af61bae8236.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84053cb2-edec-465e-8700-6af61bae8236.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 676b1603008690786aa36dc3113b7581
cbdc425467a5d41aba5e8e5c54354b4f03cd194a
7e5e7bf695ff31df6c97e502a44f4fa9197c6579b0c7a7c590457ea067d1cf1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84053cb2-edec-465e-8700-6af61bae8236.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8155
x-amzn-requestid: 5650af50-eb93-47d9-8322-8a2e263e12ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-7vFU5IAMFYGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7e-759bbd5b5a22e07c1c181c0a;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XzJcm_AlMH4hb2urV7RORAjz7LR7NXZ2pAMEhx1foW2VJgj4mxVxJw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:05:52 GMT
age: 43623
etag: "cbdc425467a5d41aba5e8e5c54354b4f03cd194a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
flacademy.cd/wp-content/uploads/2021/12/cropped-new-logo.png
154.72.53.85200 OK 0 B URL HTTP/1.1 flacademy.cd/wp-content/uploads/2021/12/cropped-new-logo.png
IP 154.72.53.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
HEAD /wp-content/uploads/2021/12/cropped-new-logo.png HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://flacademy.cd/
Cookie: _ga_K4GT307DHH=GS1.1.1668766372.1.0.1668766372.0.0.0; _ga=GA1.1.1851526916.1668766372; ct_ps_timestamp=1668766373; ct_fkp_timestamp=0; ct_pointer_data=0; ct_timezone=0; ct_screen_info=%7B%22fullWidth%22%3A1268%2C%22fullHeight%22%3A1666%2C%22visibleWidth%22%3A1268%2C%22visibleHeight%22%3A939%7D; apbct_headless=false; ct_checked_emails=0; ct_checkjs=a239e803ccad03ce63aa09ed0c84c8753c0f1f9d0a5c1a3a37ad500b75519409
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:55 GMT
Server: Apache
Last-Modified: Wed, 29 Dec 2021 13:32:22 GMT
Accept-Ranges: bytes
Content-Length: 17343
Keep-Alive: timeout=5, max=79
Connection: Keep-Alive
Content-Type: image/png
flacademy.cd/wp-content/uploads/2022/04/banner.png
154.72.53.85200 OK 0 B URL HTTP/1.1 flacademy.cd/wp-content/uploads/2022/04/banner.png
IP 154.72.53.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
HEAD /wp-content/uploads/2022/04/banner.png HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://flacademy.cd/
Cookie: _ga_K4GT307DHH=GS1.1.1668766372.1.0.1668766372.0.0.0; _ga=GA1.1.1851526916.1668766372; ct_ps_timestamp=1668766373; ct_fkp_timestamp=0; ct_pointer_data=0; ct_timezone=0; ct_screen_info=%7B%22fullWidth%22%3A1268%2C%22fullHeight%22%3A1666%2C%22visibleWidth%22%3A1268%2C%22visibleHeight%22%3A939%7D; apbct_headless=false; ct_checked_emails=0; ct_checkjs=a239e803ccad03ce63aa09ed0c84c8753c0f1f9d0a5c1a3a37ad500b75519409
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:55 GMT
Server: Apache
Last-Modified: Mon, 18 Apr 2022 10:48:21 GMT
Accept-Ranges: bytes
Content-Length: 444660
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
flacademy.cd/wp-admin/images/spinner.gif
154.72.53.85200 OK 3.7 kB URL HTTP/1.1 flacademy.cd/wp-admin/images/spinner.gif
IP 154.72.53.85:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash d54cf50a44bd0aca6fd98bd46acbb2ba
3207333caacc856be8b253412cb7947981924934
5c2d44038a6c53bd74f3a26e690c1974e1385fffbc6def4c59f91dc1f738f0b3
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/images/spinner.gif HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Cookie: _ga_K4GT307DHH=GS1.1.1668766372.1.0.1668766372.0.0.0; _ga=GA1.1.1851526916.1668766372; ct_ps_timestamp=1668766373; ct_fkp_timestamp=0; ct_pointer_data=0; ct_timezone=0; ct_screen_info=%7B%22fullWidth%22%3A1268%2C%22fullHeight%22%3A1666%2C%22visibleWidth%22%3A1268%2C%22visibleHeight%22%3A939%7D; apbct_headless=false; ct_checked_emails=0; ct_checkjs=a239e803ccad03ce63aa09ed0c84c8753c0f1f9d0a5c1a3a37ad500b75519409
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:55 GMT
Server: Apache
Last-Modified: Wed, 19 Dec 2018 08:06:28 GMT
Accept-Ranges: bytes
Content-Length: 3656
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif
flacademy.cd/wp-content/uploads/2021/12/IMG-20211030-WA0103.jpg
154.72.53.85200 OK 0 B URL HTTP/1.1 flacademy.cd/wp-content/uploads/2021/12/IMG-20211030-WA0103.jpg
IP 154.72.53.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
HEAD /wp-content/uploads/2021/12/IMG-20211030-WA0103.jpg HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://flacademy.cd/
Cookie: _ga_K4GT307DHH=GS1.1.1668766372.1.0.1668766372.0.0.0; _ga=GA1.1.1851526916.1668766372; ct_ps_timestamp=1668766373; ct_fkp_timestamp=0; ct_pointer_data=0; ct_timezone=0; ct_screen_info=%7B%22fullWidth%22%3A1268%2C%22fullHeight%22%3A1666%2C%22visibleWidth%22%3A1268%2C%22visibleHeight%22%3A939%7D; apbct_headless=false; ct_checked_emails=0; ct_checkjs=a239e803ccad03ce63aa09ed0c84c8753c0f1f9d0a5c1a3a37ad500b75519409
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:55 GMT
Server: Apache
Last-Modified: Wed, 29 Dec 2021 13:28:31 GMT
Accept-Ranges: bytes
Content-Length: 169064
Keep-Alive: timeout=5, max=78
Connection: Keep-Alive
Content-Type: image/jpeg
flacademy.cd/wp-content/uploads/2021/12/IMG-20211030-WA0131.jpg
154.72.53.85200 OK 0 B URL HTTP/1.1 flacademy.cd/wp-content/uploads/2021/12/IMG-20211030-WA0131.jpg
IP 154.72.53.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
HEAD /wp-content/uploads/2021/12/IMG-20211030-WA0131.jpg HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://flacademy.cd/
Cookie: _ga_K4GT307DHH=GS1.1.1668766372.1.0.1668766372.0.0.0; _ga=GA1.1.1851526916.1668766372; ct_ps_timestamp=1668766373; ct_fkp_timestamp=0; ct_pointer_data=0; ct_timezone=0; ct_screen_info=%7B%22fullWidth%22%3A1268%2C%22fullHeight%22%3A1666%2C%22visibleWidth%22%3A1268%2C%22visibleHeight%22%3A939%7D; apbct_headless=false; ct_checked_emails=0; ct_checkjs=a239e803ccad03ce63aa09ed0c84c8753c0f1f9d0a5c1a3a37ad500b75519409
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:55 GMT
Server: Apache
Last-Modified: Wed, 29 Dec 2021 13:32:28 GMT
Accept-Ranges: bytes
Content-Length: 55733
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
api.razorpay.com/v1/checkout/public?traffic_env=production&build=1b81cbfce23a06fe8bf91b525015d1dbe5a6a3b4
3.7.231.33302 Found 110 B URL HTTP/1.1 api.razorpay.com/v1/checkout/public?traffic_env=production&build=1b81cbfce23a06fe8bf91b525015d1dbe5a6a3b4
IP 3.7.231.33:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f366e0e18b589cb6f243bf43ce75e83c
0f95dda86ab28586f00bc878b42ecd09e579a890
075f0fd7eeb4bfec31816d61be72b064d4899853b224bd5f380041d7dd0b1d19
GET /v1/checkout/public?traffic_env=production&build=1b81cbfce23a06fe8bf91b525015d1dbe5a6a3b4 HTTP/1.1
Host: api.razorpay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Fri, 18 Nov 2022 10:12:55 GMT
Content-Type: text/html
Content-Length: 110
Connection: keep-alive
Location: https://api.razorpay.com/v1/checkout/public?traffic_env=production&build=1b81cbfce23a06fe8bf91b525015d1dbe5a6a3b4&session_token=07E27B6F3201E6006C7881FC7955148063784F03EF809C96E0F7CCD15A9AE1307DFC9230AA69D7393D486104606ECDE21C7FDF8FE40DA0B7BA4CBB1F7C0843CFE34187B409B46651751C84B40301415933BF650E6E80F879C875A00751C7F1A7880B511AE93A242B9666C577AE63E2FABEF82E77DE343AF45AF2FDFAE3AB887DB599DA7E18211C14CCFA093DA62A2801DA66B7
Strict-Transport-Security: max-age=315360000; includeSubDomains
Via: rws
X-Xss-Protection: 1; mode=block
flacademy.cd/wp-content/uploads/2021/12/manager.jpg
154.72.53.85200 OK 0 B URL HTTP/1.1 flacademy.cd/wp-content/uploads/2021/12/manager.jpg
IP 154.72.53.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
HEAD /wp-content/uploads/2021/12/manager.jpg HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://flacademy.cd/
Cookie: _ga_K4GT307DHH=GS1.1.1668766372.1.0.1668766372.0.0.0; _ga=GA1.1.1851526916.1668766372; ct_ps_timestamp=1668766373; ct_fkp_timestamp=0; ct_pointer_data=0; ct_timezone=0; ct_screen_info=%7B%22fullWidth%22%3A1268%2C%22fullHeight%22%3A1666%2C%22visibleWidth%22%3A1268%2C%22visibleHeight%22%3A939%7D; apbct_headless=false; ct_checked_emails=0; ct_checkjs=a239e803ccad03ce63aa09ed0c84c8753c0f1f9d0a5c1a3a37ad500b75519409
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:55 GMT
Server: Apache
Last-Modified: Wed, 29 Dec 2021 13:28:39 GMT
Accept-Ranges: bytes
Content-Length: 91183
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
flacademy.cd/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
154.72.53.85200 OK 1.4 kB URL HTTP/1.1 flacademy.cd/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP 154.72.53.85:0
File type ASCII text, with very long lines (1320)
Hash bd7fa9b462b379ac441355772351f14e
5cc11b3af3e31e790cfa0ecf28598f9509cf9e68
4a518bd1723da2b6011895ad68059361ebb4cb80de3eec9145eacee89ddd9745
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Cookie: _ga_K4GT307DHH=GS1.1.1668766372.1.0.1668766372.0.0.0; _ga=GA1.1.1851526916.1668766372; ct_ps_timestamp=1668766373; ct_fkp_timestamp=0; ct_pointer_data=0; ct_timezone=0; ct_screen_info=%7B%22fullWidth%22%3A1268%2C%22fullHeight%22%3A1666%2C%22visibleWidth%22%3A1268%2C%22visibleHeight%22%3A939%7D; apbct_headless=false; ct_checked_emails=0; ct_checkjs=a239e803ccad03ce63aa09ed0c84c8753c0f1f9d0a5c1a3a37ad500b75519409
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:55 GMT
Server: Apache
Last-Modified: Mon, 14 Nov 2022 08:13:20 GMT
Accept-Ranges: bytes
Content-Length: 1359
Keep-Alive: timeout=5, max=77
Connection: Keep-Alive
Content-Type: application/javascript
api.razorpay.com/v1/checkout/public?traffic_env=production&build=1b81cbfce23a06fe8bf91b525015d1dbe5a6a3b4&session_token=07E27B6F3201E6006C7881FC7955148063784F03EF809C96E0F7CCD15A9AE1307DFC9230AA69D7393D486104606ECDE21C7FDF8FE40DA0B7BA4CBB1F7C0843CFE34187B409B46651751C84B40301415933BF650E6E80F879C875A00751C7F1A7880B511AE93A242B9666C577AE63E2FABEF82E77DE343AF45AF2FDFAE3AB887DB599DA7E18211C14CCFA093DA62A2801DA66B7
3.7.231.33200 OK 1.3 kB URL HTTP/1.1 api.razorpay.com/v1/checkout/public?traffic_env=production&build=1b81cbfce23a06fe8bf91b525015d1dbe5a6a3b4&session_token=07E27B6F3201E6006C7881FC7955148063784F03EF809C96E0F7CCD15A9AE1307DFC9230AA69D7393D486104606ECDE21C7FDF8FE40DA0B7BA4CBB1F7C0843CFE34187B409B46651751C84B40301415933BF650E6E80F879C875A00751C7F1A7880B511AE93A242B9666C577AE63E2FABEF82E77DE343AF45AF2FDFAE3AB887DB599DA7E18211C14CCFA093DA62A2801DA66B7
IP 3.7.231.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a2d54718e2fb11a266827b6a629dcd1e
1c18b3875ab012bd0cf0e4ed0d51121721d18cc0
c41f58617cf5824bf1a5f1b5948ddf0f35954605ddef4d2a93eb737e131d369c
GET /v1/checkout/public?traffic_env=production&build=1b81cbfce23a06fe8bf91b525015d1dbe5a6a3b4&session_token=07E27B6F3201E6006C7881FC7955148063784F03EF809C96E0F7CCD15A9AE1307DFC9230AA69D7393D486104606ECDE21C7FDF8FE40DA0B7BA4CBB1F7C0843CFE34187B409B46651751C84B40301415933BF650E6E80F879C875A00751C7F1A7880B511AE93A242B9666C577AE63E2FABEF82E77DE343AF45AF2FDFAE3AB887DB599DA7E18211C14CCFA093DA62A2801DA66B7 HTTP/1.1
Host: api.razorpay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flacademy.cd/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:55 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1296
Connection: keep-alive
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=315360000; includeSubDomains
Via: rws
X-Xss-Protection: 1; mode=block
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash d50056e80ce28a5538096f1a1ee5c7ed
3942defaab9cf4252256822eb9f20d7563e6171b
5f53b90a0ac7c8e9b5ce5bce2927df140cfddeb7467cfcfb3ed9fbbab056478f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=107658
Date: Fri, 18 Nov 2022 10:12:55 GMT
Etag: "63764f6f-1d7"
Expires: Sat, 19 Nov 2022 16:07:13 GMT
Last-Modified: Thu, 17 Nov 2022 15:12:47 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: yUnEtM6qW6mweCDWDNgEBPLYrmV03UUZiN_sQcrtTWPrDwSao3nJgw==
Age: 3266
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash d50056e80ce28a5538096f1a1ee5c7ed
3942defaab9cf4252256822eb9f20d7563e6171b
5f53b90a0ac7c8e9b5ce5bce2927df140cfddeb7467cfcfb3ed9fbbab056478f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=107039
Date: Fri, 18 Nov 2022 10:12:55 GMT
Etag: "63764f6f-1d7"
Expires: Sat, 19 Nov 2022 15:56:54 GMT
Last-Modified: Thu, 17 Nov 2022 15:12:47 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fRO1czlVDDEJuRHe99L-biA85wGOjOQLqik2YH8LPqIaFy9t-myuXw==
Age: 2647
flacademy.cd/wp-content/uploads/2021/12/cropped-new-logo-192x192.png
154.72.53.85200 OK 6.7 kB URL HTTP/1.1 flacademy.cd/wp-content/uploads/2021/12/cropped-new-logo-192x192.png
IP 154.72.53.85:0
File type PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Hash 614fba22d915b3118f389277c0b29f50
629bd5ab457c51b6ce82d975620353ab4da50d00
88869cb890e1953ac0b9a199e3643f4085ffa82225bb692e2768b920c861ce29
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/12/cropped-new-logo-192x192.png HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Cookie: _ga_K4GT307DHH=GS1.1.1668766372.1.0.1668766372.0.0.0; _ga=GA1.1.1851526916.1668766372; ct_ps_timestamp=1668766373; ct_fkp_timestamp=0; ct_pointer_data=%5B%5D; ct_timezone=0; ct_screen_info=%7B%22fullWidth%22%3A1268%2C%22fullHeight%22%3A1666%2C%22visibleWidth%22%3A1268%2C%22visibleHeight%22%3A939%7D; apbct_headless=false; ct_checked_emails=0; ct_checkjs=a239e803ccad03ce63aa09ed0c84c8753c0f1f9d0a5c1a3a37ad500b75519409
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:56 GMT
Server: Apache
Last-Modified: Wed, 29 Dec 2021 13:32:27 GMT
Accept-Ranges: bytes
Content-Length: 6678
Keep-Alive: timeout=5, max=76
Connection: Keep-Alive
Content-Type: image/png
flacademy.cd/wp-content/uploads/2021/12/cropped-new-logo-32x32.png
154.72.53.85200 OK 1.0 kB URL HTTP/1.1 flacademy.cd/wp-content/uploads/2021/12/cropped-new-logo-32x32.png
IP 154.72.53.85:0
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash 2b8e77ff19e4decb0e38099863083b00
37ed4adfc0f777754706f105d9d4ac4eed91a557
9a585a57384075bfc6a667951324ca65628133c8eb9a37f9f30ef6980eb76e29
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/12/cropped-new-logo-32x32.png HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Cookie: _ga_K4GT307DHH=GS1.1.1668766372.1.0.1668766372.0.0.0; _ga=GA1.1.1851526916.1668766372; ct_ps_timestamp=1668766373; ct_fkp_timestamp=0; ct_pointer_data=%5B%5D; ct_timezone=0; ct_screen_info=%7B%22fullWidth%22%3A1268%2C%22fullHeight%22%3A1666%2C%22visibleWidth%22%3A1268%2C%22visibleHeight%22%3A939%7D; apbct_headless=false; ct_checked_emails=0; ct_checkjs=a239e803ccad03ce63aa09ed0c84c8753c0f1f9d0a5c1a3a37ad500b75519409
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:56 GMT
Server: Apache
Last-Modified: Wed, 29 Dec 2021 13:32:27 GMT
Accept-Ranges: bytes
Content-Length: 1014
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
flacademy.cd/wp-admin/admin-ajax.php
154.72.53.85200 OK 0 B URL HTTP/1.1 flacademy.cd/wp-admin/admin-ajax.php
IP 154.72.53.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 40
Origin: https://flacademy.cd
Connection: keep-alive
Referer: https://flacademy.cd/
Cookie: _ga_K4GT307DHH=GS1.1.1668766372.1.0.1668766372.0.0.0; _ga=GA1.1.1851526916.1668766372
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Access-Control-Allow-Origin: https://flacademy.cd
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
Content-Length: 0
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
browser.sentry-cdn.com/7.2.0/bundle.min.js
151.101.2.217200 OK 19 kB URL HTTP/2 browser.sentry-cdn.com/7.2.0/bundle.min.js
IP 151.101.2.217:0
File type ASCII text, with very long lines (55343)
Hash 1fb6086ecc88a89672d27ae09d5e022c
509794782aac7aab12659973d73c4ebf33b8a71a
07743aa5afa4b4200caff22b3e8eb0301414b9aa1c8bcbda6607e062abf82b9a
GET /7.2.0/bundle.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://api.razorpay.com
Connection: keep-alive
Referer: https://api.razorpay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 27 Sep 2023 11:48:30 GMT
last-modified: Fri, 17 Jun 2022 12:03:22 GMT
etag: "1fb6086ecc88a89672d27ae09d5e022c"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Fri, 18 Nov 2022 10:12:56 GMT
age: 4487066
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 18853
X-Firefox-Spdy: h2
flacademy.cd/?wc-ajax=get_refreshed_fragments&elementor_page_id=884
154.72.53.85200 OK 438 B URL HTTP/1.1 flacademy.cd/?wc-ajax=get_refreshed_fragments&elementor_page_id=884
IP 154.72.53.85:0
File type JSON data\012- , ASCII text, with very long lines (438), with no line terminators
Hash e934b7573e8d5d9d4deb82b0de641148
a2c6552dfa57aaff538fc48ea836c86c469d7aa4
70556cb9805f364c68c23652240ac06cd68b69a4f6ce2a685b18f58382441b53
Analyzer Verdict Alert quad9 Sinkholed
POST /?wc-ajax=get_refreshed_fragments&elementor_page_id=884 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://flacademy.cd
Connection: keep-alive
Referer: https://flacademy.cd/
Cookie: _ga_K4GT307DHH=GS1.1.1668766372.1.0.1668766372.0.0.0; _ga=GA1.1.1851526916.1668766372; ct_ps_timestamp=1668766373; ct_fkp_timestamp=0; ct_pointer_data=0; ct_timezone=0; ct_screen_info=%7B%22fullWidth%22%3A1268%2C%22fullHeight%22%3A1666%2C%22visibleWidth%22%3A1268%2C%22visibleHeight%22%3A939%7D; apbct_headless=false; ct_checked_emails=0; ct_checkjs=a239e803ccad03ce63aa09ed0c84c8753c0f1f9d0a5c1a3a37ad500b75519409
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:55 GMT
Server: Apache
WPO-Cache-Status: not cached
WPO-Cache-Message: The request method was not GET (POST), In the settings, caching is disabled for matches for one of the current request's GET parameters
Access-Control-Allow-Origin: https://flacademy.cd
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Robots-Tag: noindex
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
flacademy.cd/wp-json/cleantalk-antispam/v1/apbct_get_pixel_url
154.72.53.85200 OK 80 B URL HTTP/1.1 flacademy.cd/wp-json/cleantalk-antispam/v1/apbct_get_pixel_url
IP 154.72.53.85:0
File type ASCII text, with no line terminators
Hash 35ec15cf97a8afadf7bba7735f42fc79
5364042eec1cd8ee8ead3b9da1ca0e51dac40ac4
d0853a090f9bc4378bbe4ca8441e25de781882032bdacbe4346e47f7cd7cf663
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
POST /wp-json/cleantalk-antispam/v1/apbct_get_pixel_url HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-WP-Nonce: ef09aaf8b9
Origin: https://flacademy.cd
Connection: keep-alive
Referer: https://flacademy.cd/
Cookie: _ga_K4GT307DHH=GS1.1.1668766372.1.0.1668766372.0.0.0; _ga=GA1.1.1851526916.1668766372; ct_ps_timestamp=1668766373; ct_fkp_timestamp=0; ct_pointer_data=0; ct_timezone=0; ct_screen_info=%7B%22fullWidth%22%3A1268%2C%22fullHeight%22%3A1666%2C%22visibleWidth%22%3A1268%2C%22visibleHeight%22%3A939%7D; apbct_headless=false; ct_checked_emails=0; ct_checkjs=a239e803ccad03ce63aa09ed0c84c8753c0f1f9d0a5c1a3a37ad500b75519409
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:55 GMT
Server: Apache
X-Robots-Tag: noindex
Link: <https://flacademy.cd/wp-json/>; rel="https://api.w.org/"
X-Content-Type-Options: nosniff
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type, X-HTTP-Method-Override
X-WP-Nonce: ef09aaf8b9
Allow: POST
Access-Control-Allow-Origin: https://flacademy.cd
Access-Control-Allow-Methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
Access-Control-Allow-Credentials: true
Vary: Origin
Set-Cookie: apbct_timestamp=1668766375; path=/; secure; SameSite=Lax
apbct_prev_referer=https%3A%2F%2Fflacademy.cd%2F; path=/; secure; HttpOnly; SameSite=Lax
apbct_site_landing_ts=1668766375; path=/; secure; HttpOnly; SameSite=Lax
apbct_page_hits=1; path=/; secure; HttpOnly; SameSite=Lax
apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_prev_referer%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%25227e9278ed53f6d363efe366592106150b%2522%257D; path=/; secure; HttpOnly; SameSite=Lax
apbct_urls=%7B%22flacademy.cd%2Fwp-json%2Fcleantalk-antispam%2Fv1%2Fapbct_get_pixel_url%22%3A%5B1668766375%5D%7D; expires=Mon, 21-Nov-2022 10:12:55 GMT; Max-Age=259200; path=/; domain=flacademy.cd; secure; HttpOnly; SameSite=Lax
apbct_site_referer=https%3A%2F%2Fflacademy.cd%2F; expires=Mon, 21-Nov-2022 10:12:55 GMT; Max-Age=259200; path=/; domain=flacademy.cd; secure; HttpOnly; SameSite=Lax
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 34cd8f25fafe95a6e58f8300c4f6b17b
01d28af8bb8fd7348b7aaaabccea06f3bbe40528
734d27e4a45e330ef280a6a7aa75485f706a45466e08a22a580462a3081b4ebb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "734D27E4A45E330EF280A6A7AA75485F706A45466E08A22A580462A3081B4EBB"
Last-Modified: Wed, 16 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2967
Expires: Fri, 18 Nov 2022 11:02:23 GMT
Date: Fri, 18 Nov 2022 10:12:56 GMT
Connection: keep-alive
o515678.ingest.sentry.io/api/4503925471707136/envelope/?sentry_key=faa87b9121f2449cb849f27e4d737f35&sentry_version=7
34.120.195.249200 OK 2 B URL HTTP/2 o515678.ingest.sentry.io/api/4503925471707136/envelope/?sentry_key=faa87b9121f2449cb849f27e4d737f35&sentry_version=7
IP 34.120.195.249:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/4503925471707136/envelope/?sentry_key=faa87b9121f2449cb849f27e4d737f35&sentry_version=7 HTTP/1.1
Host: o515678.ingest.sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.razorpay.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://api.razorpay.com
Content-Length: 467
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 18 Nov 2022 10:12:56 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: https://api.razorpay.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 34cd8f25fafe95a6e58f8300c4f6b17b
01d28af8bb8fd7348b7aaaabccea06f3bbe40528
734d27e4a45e330ef280a6a7aa75485f706a45466e08a22a580462a3081b4ebb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "734D27E4A45E330EF280A6A7AA75485F706A45466E08A22A580462A3081B4EBB"
Last-Modified: Wed, 16 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2967
Expires: Fri, 18 Nov 2022 11:02:23 GMT
Date: Fri, 18 Nov 2022 10:12:56 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 67c218f00afeb0ddc83a30badf671ea7
8eb5b98565d23e1a6c6a187d6188afded1e20666
0e8b0a046c106a4a05df1c63077e527716fb324d81d9f49d8d3cf0acc36af748
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 10:12:56 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 02:00:00 GMT
Expires: Thu, 24 Nov 2022 01:59:59 GMT
Etag: "8eb5b98565d23e1a6c6a187d6188afded1e20666"
Cache-Control: max-age=488222,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76bfee3dcc7ab4f9-OSL
moderate4.cleantalk.org/pixel/036b399c9d9f544f7a400571c8d2b30b.gif
159.69.51.30200 OK 43 B URL HTTP/1.1 moderate4.cleantalk.org/pixel/036b399c9d9f544f7a400571c8d2b30b.gif
IP 159.69.51.30:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /pixel/036b399c9d9f544f7a400571c8d2b30b.gif HTTP/1.1
Host: moderate4.cleantalk.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 18 Nov 2022 10:12:56 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 09feee24cfc12ffa7a2d747c5a9422d1
fa82d7f5f97f3e81aff1daf16d460209a57a6762
1388440f64f3a34ba9be1983f080e588360bc5c976791e2f1184d421f0d01357
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5326
Cache-Control: max-age=104310
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 10:12:56 GMT
Etag: "63763a50-1d7"
Expires: Sat, 19 Nov 2022 15:11:26 GMT
Last-Modified: Thu, 17 Nov 2022 13:42:40 GMT
Server: ECS (amb/6B80)
X-Cache: HIT
Content-Length: 471
checkout.paystack.com/popup
54.230.111.62200 OK 3.8 kB URL HTTP/2 checkout.paystack.com/popup
IP 54.230.111.62:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1906)
Hash d5c226620b15dc0028a42b454a6c8525
6d623fbcd4eacae3b5ca1534ea90a6289f851251
10a9f8afd9379c36a4b2ce994990074657305bf4bb105a8763532fcbfda5207b
GET /popup HTTP/1.1
Host: checkout.paystack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 3841
last-modified: Tue, 08 Nov 2022 16:22:08 GMT
x-amz-version-id: 5w9V6pRZjvcGAwFPxtT.znrRyBD1Rxw_
accept-ranges: bytes
server: AmazonS3
date: Thu, 17 Nov 2022 23:58:44 GMT
cache-control: no-cache
etag: "d5c226620b15dc0028a42b454a6c8525"
x-cache: Error from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xWcAg7JQ0KWigdwu8ca_vHhojn8w_5030vN5-LksH6UB6eLEYuMa7w==
age: 36910
X-Firefox-Spdy: h2
checkout.paystack.com/js/date-fns.590ddeab.js
54.230.111.62200 OK 7.9 kB URL HTTP/2 checkout.paystack.com/js/date-fns.590ddeab.js
IP 54.230.111.62:0
File type ASCII text, with very long lines (32688)
Hash 5393335c015d8825a63c1abfb09db52f
22723ec4e2cd22859fc30302aaded7326f0255f2
d550fcd45a2f7c78559b9fdb85c158412f151c776ce52f75743626452dd742b4
GET /js/date-fns.590ddeab.js HTTP/1.1
Host: checkout.paystack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://checkout.paystack.com/popup
Connection: keep-alive
Cookie: __cf_bm=dJVYwMI4PXTSeM6GyL89peP04rq_39ej7liRz9_SrJw-1668766376-0-AZDdPq9NiYS+VbGkSazVpW6YQtcP9zMfYuB62MP91tP/F5GOzRdolYDwi+ImO77FDWjd7yV8cZEHraSwrQiF0sc=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 16:22:24 GMT
x-amz-version-id: FrB4ngykguYCkqDw8FcThcXv88juRw9p
server: AmazonS3
content-encoding: gzip
date: Fri, 18 Nov 2022 05:22:57 GMT
etag: W/"c1fae5de03bb7d6199d0765edd9c869e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -C0bveoCs1jR3DaOd3DS_euSSkJ-SznZndlHnJzjxG_gFK0A_zP3wg==
age: 17568
X-Firefox-Spdy: h2
paystack.com/public/css/button.min.css
104.18.24.230200 OK 0 B URL HTTP/2 paystack.com/public/css/button.min.css
IP 104.18.24.230:0
GET /public/css/button.min.css HTTP/1.1
Host: paystack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 10:12:56 GMT
content-type: text/css
last-modified: Wed, 16 Nov 2022 13:11:48 GMT
etag: W/"6374e194-4f9"
pragma: public
cache-control: public, max-age=1800
content-encoding: gzip
cf-cache-status: HIT
age: 2029
expires: Fri, 18 Nov 2022 10:42:56 GMT
set-cookie: __cf_bm=dJVYwMI4PXTSeM6GyL89peP04rq_39ej7liRz9_SrJw-1668766376-0-AZDdPq9NiYS+VbGkSazVpW6YQtcP9zMfYuB62MP91tP/F5GOzRdolYDwi+ImO77FDWjd7yV8cZEHraSwrQiF0sc=; path=/; expires=Fri, 18-Nov-22 10:42:56 GMT; domain=.paystack.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76bfee3ecb181c0a-OSL
X-Firefox-Spdy: h2
flacademy.cd/wp-content/uploads/2021/12/slide2.mp4
154.72.53.85206 Partial Content 0 B URL HTTP/1.1 flacademy.cd/wp-content/uploads/2021/12/slide2.mp4
IP 154.72.53.85:0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads/2021/12/slide2.mp4 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://flacademy.cd/
Cookie: _ga_K4GT307DHH=GS1.1.1668766372.1.0.1668766372.0.0.0; _ga=GA1.1.1851526916.1668766372
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 206 Partial Content
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Tue, 21 Dec 2021 05:53:58 GMT
Accept-Ranges: bytes
Content-Length: 22895700
Content-Range: bytes 0-22895699/22895700
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: video/mp4
checkout.paystack.com/js/runtime.f58ee908.js
54.230.111.62200 OK 0 B URL HTTP/2 checkout.paystack.com/js/runtime.f58ee908.js
IP 54.230.111.62:0
GET /js/runtime.f58ee908.js HTTP/1.1
Host: checkout.paystack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://checkout.paystack.com/popup
Connection: keep-alive
Cookie: __cf_bm=dJVYwMI4PXTSeM6GyL89peP04rq_39ej7liRz9_SrJw-1668766376-0-AZDdPq9NiYS+VbGkSazVpW6YQtcP9zMfYuB62MP91tP/F5GOzRdolYDwi+ImO77FDWjd7yV8cZEHraSwrQiF0sc=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 16:22:13 GMT
x-amz-version-id: vfzHn7gTU3JoxS5qpXG2olcR47T7SnmG
server: AmazonS3
content-encoding: gzip
date: Fri, 18 Nov 2022 02:10:16 GMT
etag: W/"512ac62d6543995b6ae066f1a0a11562"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vUazCatc0FIS6SNTvdPdiQWDxfOwL85GWwKKPzRNDQ9XIOB9Cm1T-Q==
age: 30661
X-Firefox-Spdy: h2
checkout.paystack.com/js/datadog/browser-rum.89e5ef57.js
54.230.111.62200 OK 0 B URL HTTP/2 checkout.paystack.com/js/datadog/browser-rum.89e5ef57.js
IP 54.230.111.62:0
GET /js/datadog/browser-rum.89e5ef57.js HTTP/1.1
Host: checkout.paystack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://checkout.paystack.com/popup
Connection: keep-alive
Cookie: __cf_bm=dJVYwMI4PXTSeM6GyL89peP04rq_39ej7liRz9_SrJw-1668766376-0-AZDdPq9NiYS+VbGkSazVpW6YQtcP9zMfYuB62MP91tP/F5GOzRdolYDwi+ImO77FDWjd7yV8cZEHraSwrQiF0sc=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 16:22:02 GMT
x-amz-version-id: wpmk.l.TGoggLrbJ.Y6li_F2owvmsJC8
server: AmazonS3
content-encoding: gzip
date: Fri, 18 Nov 2022 07:52:37 GMT
etag: W/"b98bf72365a93b7e7f1633995c5b57ea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5rAyZ6XPzf_k35MA-UIA-ChJUwYDksmHdhZDpgjZsCLx9BxVpOfpSQ==
age: 8627
X-Firefox-Spdy: h2
checkout.paystack.com/js/rollbar.e8a7a018.js
54.230.111.62200 OK 0 B URL HTTP/2 checkout.paystack.com/js/rollbar.e8a7a018.js
IP 54.230.111.62:0
GET /js/rollbar.e8a7a018.js HTTP/1.1
Host: checkout.paystack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://checkout.paystack.com/popup
Connection: keep-alive
Cookie: __cf_bm=dJVYwMI4PXTSeM6GyL89peP04rq_39ej7liRz9_SrJw-1668766376-0-AZDdPq9NiYS+VbGkSazVpW6YQtcP9zMfYuB62MP91tP/F5GOzRdolYDwi+ImO77FDWjd7yV8cZEHraSwrQiF0sc=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 16:22:31 GMT
x-amz-version-id: Sq3O48fJpyxEeJJhSc7UgJxjSz1VIj.w
server: AmazonS3
content-encoding: gzip
date: Fri, 18 Nov 2022 05:22:57 GMT
etag: W/"1b4a2018a60c95764ef88d486a5c94be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8HsKWmV6KfIBWpQogc8dGCC9GAWiY03HaRAaQbE1dsjSk0J1xAfxcg==
age: 17567
X-Firefox-Spdy: h2
checkout.paystack.com/css/app.646fc538.css
54.230.111.62200 OK 0 B URL HTTP/2 checkout.paystack.com/css/app.646fc538.css
IP 54.230.111.62:0
GET /css/app.646fc538.css HTTP/1.1
Host: checkout.paystack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://checkout.paystack.com/popup
Connection: keep-alive
Cookie: __cf_bm=dJVYwMI4PXTSeM6GyL89peP04rq_39ej7liRz9_SrJw-1668766376-0-AZDdPq9NiYS+VbGkSazVpW6YQtcP9zMfYuB62MP91tP/F5GOzRdolYDwi+ImO77FDWjd7yV8cZEHraSwrQiF0sc=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Tue, 08 Nov 2022 16:23:04 GMT
last-modified: Tue, 08 Nov 2022 16:21:41 GMT
etag: W/"93f5c7e4b830c6b15090e97c049fc88b"
cache-control: max-age=31536000
x-amz-version-id: iev10bACfCDguchP6224B.XKMgGbJ0GC
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 24YrTxh43xoaoAfuK5g6YxCieMc2CpqYnCd6baiWaL2ADTOWr8WEFg==
age: 841793
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A300%2C300italic%2C400%2C400italic%2C500%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%257C%7CRubik%3A300%2C300italic%2C400%2C400italic%2C500%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%257C&subset&ver=6.1.1
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A300%2C300italic%2C400%2C400italic%2C500%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%257C%7CRubik%3A300%2C300italic%2C400%2C400italic%2C500%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%257C&subset&ver=6.1.1
IP 142.250.74.10:0
GET /css?family=Poppins%3A300%2C300italic%2C400%2C400italic%2C500%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%257C%7CRubik%3A300%2C300italic%2C400%2C400italic%2C500%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%257C&subset&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 18 Nov 2022 10:12:54 GMT
date: Fri, 18 Nov 2022 10:12:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
flacademy.cd/wp-content/uploads/2021/12/slide3.mp4
154.72.53.85206 Partial Content 0 B URL HTTP/1.1 flacademy.cd/wp-content/uploads/2021/12/slide3.mp4
IP 154.72.53.85:0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads/2021/12/slide3.mp4 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://flacademy.cd/
Cookie: _ga_K4GT307DHH=GS1.1.1668766372.1.0.1668766372.0.0.0; _ga=GA1.1.1851526916.1668766372
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 206 Partial Content
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Tue, 21 Dec 2021 05:55:00 GMT
Accept-Ranges: bytes
Content-Length: 17070093
Content-Range: bytes 0-17070092/17070093
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: video/mp4
checkout.paystack.com/js/libphonenumber-js.961778ee.js
54.230.111.62200 OK 0 B URL HTTP/2 checkout.paystack.com/js/libphonenumber-js.961778ee.js
IP 54.230.111.62:0
GET /js/libphonenumber-js.961778ee.js HTTP/1.1
Host: checkout.paystack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://checkout.paystack.com/popup
Connection: keep-alive
Cookie: __cf_bm=dJVYwMI4PXTSeM6GyL89peP04rq_39ej7liRz9_SrJw-1668766376-0-AZDdPq9NiYS+VbGkSazVpW6YQtcP9zMfYuB62MP91tP/F5GOzRdolYDwi+ImO77FDWjd7yV8cZEHraSwrQiF0sc=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 16:22:19 GMT
x-amz-version-id: c1sAz8KlZU8l2Y5Gb_pkk.jIMFFnDtK5
server: AmazonS3
content-encoding: gzip
date: Fri, 18 Nov 2022 00:51:36 GMT
etag: W/"ec8b51f45133c619c1643e49f9e0118c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ehQ8b3pQKr5mLkiJSUPsxzdU5GdbXWZ0_tclFxaubYSsdXQsWLB4AA==
age: 34094
X-Firefox-Spdy: h2
js.paystack.co/v1/inline.js
104.17.191.8200 OK 0 B URL HTTP/2 js.paystack.co/v1/inline.js
IP 104.17.191.8:0
GET /v1/inline.js HTTP/1.1
Host: js.paystack.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 10:12:54 GMT
content-type: application/javascript
last-modified: Fri, 16 Oct 2020 15:25:17 GMT
content-encoding: gzip
etag: W/"24dd8e673d42f49e9d561817dc8bd710"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Ofy6oYtftli9BMxMCIGV15EYezoSafixNBVXoqc0P3WstATnHKq9HA==
age: 6910
cf-cache-status: HIT
expires: Fri, 18 Nov 2022 14:12:54 GMT
cache-control: public, max-age=14400
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76bfee30cfe40b31-OSL
X-Firefox-Spdy: h2
checkout.paystack.com/js/gsap.ba039c4e.js
54.230.111.62200 OK 0 B URL HTTP/2 checkout.paystack.com/js/gsap.ba039c4e.js
IP 54.230.111.62:0
GET /js/gsap.ba039c4e.js HTTP/1.1
Host: checkout.paystack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://checkout.paystack.com/popup
Connection: keep-alive
Cookie: __cf_bm=dJVYwMI4PXTSeM6GyL89peP04rq_39ej7liRz9_SrJw-1668766376-0-AZDdPq9NiYS+VbGkSazVpW6YQtcP9zMfYuB62MP91tP/F5GOzRdolYDwi+ImO77FDWjd7yV8cZEHraSwrQiF0sc=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 16:22:10 GMT
x-amz-version-id: 3Rn_6U1XAOniJb59K9STpwyreDniq7gs
server: AmazonS3
content-encoding: gzip
date: Fri, 18 Nov 2022 05:22:57 GMT
etag: W/"6a5e64084543d930fcc5d3691223c699"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: h0lPiz3MXcapbLZfBoZjwKS3GEn39MW9BriikBfjeCRrZNDpRl3Kog==
age: 17567
X-Firefox-Spdy: h2
checkout-static.razorpay.com/build/1b81cbfce23a06fe8bf91b525015d1dbe5a6a3b4/checkout-frame.js
54.230.111.54200 OK 0 B URL HTTP/2 checkout-static.razorpay.com/build/1b81cbfce23a06fe8bf91b525015d1dbe5a6a3b4/checkout-frame.js
IP 54.230.111.54:0
GET /build/1b81cbfce23a06fe8bf91b525015d1dbe5a6a3b4/checkout-frame.js HTTP/1.1
Host: checkout-static.razorpay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://api.razorpay.com
Connection: keep-alive
Referer: https://api.razorpay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 17 Nov 2022 13:17:52 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Thu, 17 Nov 2022 13:04:45 GMT
etag: W/"86e2216d08adcfe9774868069f7829dd"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=31536000,immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: j8Ptysgnp_y0mmjn-wg4o-e6rzZOldf4ezi07XpMmF7Ur-G7w3BJHQ==
age: 75304
X-Firefox-Spdy: h2
checkout.paystack.com/js/chunk-vendors.ffaf035b.js
54.230.111.62200 OK 0 B URL HTTP/2 checkout.paystack.com/js/chunk-vendors.ffaf035b.js
IP 54.230.111.62:0
GET /js/chunk-vendors.ffaf035b.js HTTP/1.1
Host: checkout.paystack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://checkout.paystack.com/popup
Connection: keep-alive
Cookie: __cf_bm=dJVYwMI4PXTSeM6GyL89peP04rq_39ej7liRz9_SrJw-1668766376-0-AZDdPq9NiYS+VbGkSazVpW6YQtcP9zMfYuB62MP91tP/F5GOzRdolYDwi+ImO77FDWjd7yV8cZEHraSwrQiF0sc=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 16:22:21 GMT
x-amz-version-id: Fl.DjL.4n9Bgy_IWGdOe3WfqPMLVczO8
server: AmazonS3
content-encoding: gzip
date: Thu, 17 Nov 2022 15:38:31 GMT
etag: W/"7be0e253a2e67c14e0b043cfa5e017e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sdU3tnE9oeHHBpRqk7yYGJOkpTm9cpGCp94UGIZEbPrc349Anvh0tA==
age: 66866
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.10:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flacademy.cd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 18 Nov 2022 10:12:54 GMT
date: Fri, 18 Nov 2022 10:12:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
flacademy.cd/wp-content/uploads/2021/12/slide1.mp4
154.72.53.85206 Partial Content 0 B URL HTTP/1.1 flacademy.cd/wp-content/uploads/2021/12/slide1.mp4
IP 154.72.53.85:0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads/2021/12/slide1.mp4 HTTP/1.1
Host: flacademy.cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://flacademy.cd/
Cookie: _ga_K4GT307DHH=GS1.1.1668766372.1.0.1668766372.0.0.0; _ga=GA1.1.1851526916.1668766372
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 206 Partial Content
Date: Fri, 18 Nov 2022 10:12:54 GMT
Server: Apache
Last-Modified: Tue, 21 Dec 2021 05:52:53 GMT
Accept-Ranges: bytes
Content-Length: 10383743
Content-Range: bytes 0-10383742/10383743
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Content-Type: video/mp4
checkout-static.razorpay.com/build/1b81cbfce23a06fe8bf91b525015d1dbe5a6a3b4/css/checkout.css
54.230.111.54200 OK 0 B URL HTTP/2 checkout-static.razorpay.com/build/1b81cbfce23a06fe8bf91b525015d1dbe5a6a3b4/css/checkout.css
IP 54.230.111.54:0
GET /build/1b81cbfce23a06fe8bf91b525015d1dbe5a6a3b4/css/checkout.css HTTP/1.1
Host: checkout-static.razorpay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.razorpay.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
date: Thu, 17 Nov 2022 13:17:52 GMT
last-modified: Thu, 17 Nov 2022 13:04:45 GMT
etag: W/"e7f09b560e840fdc394c1c5b416742de"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=31536000,immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xusNrEEv5GAQPEJqg7OC7yKHptLMAARxKvwvGca1PdxIEQ2bvPm-tw==
age: 75304
X-Firefox-Spdy: h2