r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8424
Expires: Sat, 03 Dec 2022 13:18:06 GMT
Date: Sat, 03 Dec 2022 10:57:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5744
Cache-Control: max-age=90557
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:57:42 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 12:06:59 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8346
Expires: Sat, 03 Dec 2022 13:16:48 GMT
Date: Sat, 03 Dec 2022 10:57:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 10:19:59 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2263
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ecLDoOENS+oIXsvsneKkTjTkcs3/75OnQ2hpu0kTtGAxaHlmNbid58W3A+1lvuY1kGxrGvnjInM=
x-amz-request-id: YCVTZEVCV6RRXMYB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 10:46:32 GMT
age: 670
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/
192.232.251.94301 Moved Permanently 233 B IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 473012d97cd22adb8a43b9636e434a22
0df85ff03ee5e3c87f510317f0031954ba7e7059
2e61b1c51b2de7237d335b02a1275336eca0fda81ca818a9fa99a91834c891e7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 03 Dec 2022 10:57:42 GMT
Server: Apache
Location: https://lawn.bizdemo.xyz/
Cache-Control: max-age=7200
Expires: Sat, 03 Dec 2022 12:57:42 GMT
Content-Length: 233
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:57:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 10:11:17 GMT
cache-control: public,max-age=3600
age: 2786
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0ce01cf027c6a4d183c524c49d4336be
84896abbb7d8aa2d293c996d5b2a40d88d9c7f18
db1b06cc880f973e2ff97b8403ad2d948326ebc067d29a6d3125c0835df0375e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB1B06CC880F973E2FF97B8403AD2D948326EBC067D29A6D3125C0835DF0375E"
Last-Modified: Fri, 02 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21597
Expires: Sat, 03 Dec 2022 16:57:40 GMT
Date: Sat, 03 Dec 2022 10:57:43 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5734
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:57:43 GMT
Last-Modified: Sat, 03 Dec 2022 09:22:09 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:57:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:57:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.148.70.121101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.70.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Fe68mePMzz6m+Xnkii+0/A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tLGFEew7OJ2BCvKpP2ujbHtfdj0=
cdn.jsdelivr.net/fontawesome/4.7.0/css/font-awesome.min.css?ver=4.7.0
151.101.193.229200 OK 7.1 kB URL HTTP/2 cdn.jsdelivr.net/fontawesome/4.7.0/css/font-awesome.min.css?ver=4.7.0
IP 151.101.193.229:0
File type ASCII text, with very long lines (30837)
Hash c68c38b6f53bfc3bee6b736afa488757
871df21572c702142a7c237259326013ec2df26a
e2100c6e7b6f0d358ac92d33b11278661c9a80e4c62c056677e24bc572d6da34
GET /fontawesome/4.7.0/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
etag: W/"7918-USx9eQM+MCipvmG1QM8aaHDIlvg"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 03 Dec 2022 10:57:43 GMT
age: 13338113
x-served-by: cache-fra19147-FRA, cache-bma1637-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7055
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash f4d23cc0c9349350f6da678cda3f0e6e
f71d5d5051e2f1387ee1ab13bbc3082b36a33fb7
1a6be073093bc8e00a4f499a6b9b4143a2f43629063b30d555232ed853b6fd76
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 10:57:43 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "69455CAE4307E2FAB1EB20FE8EE526CF856DAAD9"
Expires: Sat, 03 Dec 2022 22:00:00 GMT
Last-Modified: Sat, 03 Dec 2022 10:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 230
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773bc8787981b529-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:57:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/css/bootstrap-grid.min.css
192.232.251.94200 OK 5.0 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/css/bootstrap-grid.min.css
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (23888)
Hash 5d1671c4d01c35693c61b2145e3839d9
c6ef02cec5be23184a8c6ef261bc493a808d5ccd
a898a5f677d0b6005313b7a6b17a4e15ecd96c513560f15af0b9326234e60d8d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/css/bootstrap-grid.min.css HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 5004
content-type: text/css
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/js/owl.carousel.min.css
192.232.251.94200 OK 911 B URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/js/owl.carousel.min.css
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2854), with no line terminators
Hash 0299c948c0b8799f1e5c6280933b57de
0af15fa1a6fe8ba20cb975638bbf075c853658e5
ed1ed8b9fdfb558045b21773ad109e56815b01f9c5a4d54e897b3cb8de501cdf
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/js/owl.carousel.min.css HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 911
content-type: text/css
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/css/animate.min.css
192.232.251.94200 OK 4.8 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/css/animate.min.css
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (53660)
Hash b47542a16e2ae01f66c9fb2daac259d4
600ebb40aa48a60b3d95b4319266300a27e95263
a81bf59f02367ae90db39dff0b35328e1006c2a9288e8b4aade0e8627b903b7f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/css/animate.min.css HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4766
content-type: text/css
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/css/lightbox.min.css
192.232.251.94200 OK 1.0 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/css/lightbox.min.css
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2800), with no line terminators
Hash 18ffc21394b7455fa58a525321e30caf
4d3581904ffc69edadda20eb7a0ccea0c7173a9a
61406e4d7cfbbe55f9369ffe22961ffb0d54b378611b6f2c6e6b539e9c3533ec
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/css/lightbox.min.css HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1046
content-type: text/css
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/css/font-awesome.min.css
192.232.251.94200 OK 7.1 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/css/font-awesome.min.css
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30837)
Hash 82a55032c4b614390aea6ef6870d3e90
bb21577feea531540a8d4f27ac3730ffac111e1b
4f068500ef9ef0dbffa5b76ac10f1970a7a9de8ff033f84228971a140eb20069
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/css/font-awesome.min.css HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 7114
content-type: text/css
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/home-services-jackpot-theme-child/style-color.css
192.232.251.94200 OK 1.5 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/home-services-jackpot-theme-child/style-color.css
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 54aba52a4cefe9aa229fb101c13b5270
59040925ee609d111fda0ba52d3c30aea30c8d62
8208c708ee5134acbedde05376323065e4086e42a7fc6d106b4c4954cfa38a05
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/home-services-jackpot-theme-child/style-color.css HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 03 Jun 2022 00:59:52 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1515
content-type: text/css
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
142.250.74.74200 OK 54 kB URL HTTP/2 fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
IP 142.250.74.74:0
File type ASCII text, with very long lines (2453)
Hash 40cace47c9a28f9676d3f8978e60103c
a3687d3b19ee11be4d0752cb8c4ff5e35e0443d6
2866fea926a027a7dae15cc7386ee4bb16aa7c2fa961f2752322849223d32cf9
GET /css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 10:57:43 GMT
date: Sat, 03 Dec 2022 10:57:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/style.css?ver=1659472481
192.232.251.94200 OK 15 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/style.css?ver=1659472481
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (671)
Hash 51da7d13380a06b13970a29c6290eb23
99cf07169f733e44e62a62a0d84d52eaa5ae489d
a974a39a7f78be486c6fc85ef6efbb7fadf85281ebf9cb11db04a6372c98bb66
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/style.css?ver=1659472481 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 15168
content-type: text/css
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/pro/assets/css/acf-pro-input.css?ver=5.7.8
192.232.251.94200 OK 3.8 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/pro/assets/css/acf-pro-input.css?ver=5.7.8
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 872df450a507bad729951cdc05caa19c
4f1f652caa9537b1781c5ae0005807a91696829b
e8710d67907484ec993f47a4533abe3729d200660eda9dc0511e04cf03c2c646
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/pro/assets/css/acf-pro-input.css?ver=5.7.8 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3793
content-type: text/css
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/wp-pagenavi/pagenavi-css.css?ver=2.70
192.232.251.94200 OK 239 B URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/wp-pagenavi/pagenavi-css.css?ver=2.70
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 21fec527969cbcfec759744ce51f94c0
827130fb99b0005a5206028abfe82e93610184f2
fe2a280a5ffe9f5d3b1bf125035d478e46bae689a2f0cde07d48bef1ba7c74b1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/wp-pagenavi/pagenavi-css.css?ver=2.70 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 239
content-type: text/css
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/css/input.css?ver=6.0.1
192.232.251.94200 OK 68 B URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/css/input.css?ver=6.0.1
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 40b6b35ecefaf9c4fc41dc578aacef15
986eb6c2447fd95ba9e2beff7e3b5aeac694e249
f9be802fa539d95fcbe936f4d97cb05a10d711d50a99285e811dfdaa2462c3df
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/css/input.css?ver=6.0.1 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:11 GMT
accept-ranges: bytes
content-length: 68
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/home-services-jackpot-theme-child/style.css?ver=6.0.1
192.232.251.94200 OK 587 B URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/home-services-jackpot-theme-child/style.css?ver=6.0.1
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (671)
Hash 10184d6bb9418dbd7b27fce6e87e74b7
8d2cc0de770207e56e8af2aefe7d8acd99ab9522
a652047d3881991130100938acfbfc999fd76254214c09e7f49f7702f39570db
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/home-services-jackpot-theme-child/style.css?ver=6.0.1 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 21:12:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 587
content-type: text/css
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-font-awesome/css/input.css?ver=1.5
192.232.251.94200 OK 257 B URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-font-awesome/css/input.css?ver=1.5
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 7b9e66095a359e4afeefdbcaba24a320
5995b551896ce1daac6a5417eef45cfc07ebfc8c
915fe3fbd1b4fab6fceccc7a4c6d18b92f863105365e931cf64399f9de3f737a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-font-awesome/css/input.css?ver=1.5 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 257
content-type: text/css
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
192.232.251.94200 OK 1.2 kB URL HTTP/2 lawn.bizdemo.xyz/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3224)
Hash 87f4bed252eb77668e3636037c916000
19ac51a9adf3a496fbfc0e6dfb54952ef8fae188
a3b5817302966ca45859092e630e4e0e847f3c20b9ef7b285233aa7ecef5c8bb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 17:45:52 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1229
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/assets/inc/timepicker/jquery-ui-timepicker-addon.min.css?ver=1.6.1
192.232.251.94200 OK 572 B URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/assets/inc/timepicker/jquery-ui-timepicker-addon.min.css?ver=1.6.1
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1746)
Hash b91a8f0cf311374dd124873160f0aa73
1cce4d78901aec40f620eaf3a25eb048b42f083e
f5610baa00f0b6c6c48b75d322baf5dd194c18e0ab3e267aedd0ec1b037d2ea6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/assets/inc/timepicker/jquery-ui-timepicker-addon.min.css?ver=1.6.1 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 572
content-type: text/css
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-admin/css/color-picker.min.css?ver=6.0.1
192.232.251.94200 OK 977 B URL HTTP/2 lawn.bizdemo.xyz/wp-admin/css/color-picker.min.css?ver=6.0.1
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3091)
Hash 6a9302b570b961ad7e7b6dd824e9890a
e82e6c5895ccc165740383f7bc62ee36dcd2a847
1a0e6c95e9d888580ea536b221ee5d204bf841c32b7083858713c8ea2cef34cd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-admin/css/color-picker.min.css?ver=6.0.1 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 20:59:16 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 977
content-type: text/css
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/assets/inc/select2/4/select2.min.css?ver=4.0
192.232.251.94200 OK 3.4 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/assets/inc/select2/4/select2.min.css?ver=4.0
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15195)
Hash f387c46fd49a211193c3c403af8d2fae
c287d5cd1fc3fffe0f7d5a3e6cc0f4a1cbcb6161
4be02b02625c3b37ddd520572cd03207b63ca458178f32660207eae69adf5153
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/assets/inc/select2/4/select2.min.css?ver=4.0 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3367
content-type: text/css
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/assets/inc/datepicker/jquery-ui.min.css?ver=1.11.4
192.232.251.94200 OK 4.0 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/assets/inc/datepicker/jquery-ui.min.css?ver=1.11.4
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (21868)
Hash 239d7631a5a1eff351233e8c0ea0fe58
b4254f2be20a85bc69533809368c21a6d93a418e
c847047b4f82e91d9e4e828cfd08450ff0b96a50c8ae993181dff5f5cc62cb4c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/assets/inc/datepicker/jquery-ui.min.css?ver=1.11.4 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3987
content-type: text/css
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
192.232.251.94200 OK 4.6 kB URL HTTP/2 lawn.bizdemo.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 20:59:18 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4618
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-includes/js/codemirror/codemirror.min.css?ver=5.29.1-alpha-ee20357
192.232.251.94200 OK 5.3 kB URL HTTP/2 lawn.bizdemo.xyz/wp-includes/js/codemirror/codemirror.min.css?ver=5.29.1-alpha-ee20357
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15426)
Hash fcfd45fbaebd086ebdb973a0138b0ff4
471cf50bb87b09037116fbd2564ee245c947ba81
13eed110e097c73c63ba703436842e8ed08aee61a0dae2854024402d93b1c0b1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/codemirror/codemirror.min.css?ver=5.29.1-alpha-ee20357 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 30 Jan 2019 15:57:24 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 5303
content-type: text/css
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-includes/js/codemirror/fakejshint.js?ver=2.9.5
192.232.251.94200 OK 518 B URL HTTP/2 lawn.bizdemo.xyz/wp-includes/js/codemirror/fakejshint.js?ver=2.9.5
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 87c299c96fc6aaaf6a9560e471af3850
678290a6ea50da3c3e374c1efde8dd4cd18f1bd2
bb10881acc8915cf479749a09cf4fc944a6c1456bf5c82ded0dd914c14aa742c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/codemirror/fakejshint.js?ver=2.9.5 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 20:59:20 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 518
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/pro/assets/js/acf-pro-input.min.js?ver=5.7.8
192.232.251.94200 OK 6.8 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/pro/assets/js/acf-pro-input.min.js?ver=5.7.8
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18245), with no line terminators
Hash 4b9bd6965cdbac670747889944ed0ec6
ccea1e68035a9d4ebae4b3bda1dd829bf1b841e5
3cb5e378ddfeb8ae1ec70b3ab259258c28a60971feb6462bcf5b5825a5a12380
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/pro/assets/js/acf-pro-input.min.js?ver=5.7.8 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 6809
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-includes/js/jquery/ui/resizable.min.js?ver=1.13.1
192.232.251.94200 OK 6.6 kB URL HTTP/2 lawn.bizdemo.xyz/wp-includes/js/jquery/ui/resizable.min.js?ver=1.13.1
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18523)
Hash 70044b052af970703b6469739fd7e15d
5ce08a4e016b422e864145928bb807e5fcde3e40
0ce930e9e70c52a0ae3d6a0c8cf6a470ee933b3832d18ef764327e7b97d61c5d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/resizable.min.js?ver=1.13.1 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 17:45:52 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 6621
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1
192.232.251.94200 OK 8.5 kB URL HTTP/2 lawn.bizdemo.xyz/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (25274)
Hash 9d13989fcf19fb84329c4d3a0d4f524a
0383736a9fe3a3fe3f33415cb6f2a38b20dfa8bd
54e5cd62b494cd80fdae58081628b449d08f9a9c7b22865a876bd367bbd865a5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 17:45:52 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 8492
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
192.232.251.94200 OK 8.3 kB URL HTTP/2 lawn.bizdemo.xyz/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 838560e989767f2ef5951b9eeee20352
6bf8419cb4d68d9beced9e4b79b22b347ae16a46
72e6d275c5229613a59aef94523fc6a96330553976aee003d8544d5806fa0c3d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 17:45:52 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 8344
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/assets/css/acf-input.css?ver=5.7.8
192.232.251.94200 OK 15 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/assets/css/acf-input.css?ver=5.7.8
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash f864ddab36636d5da11205c3f0029f9e
8dd94df5e453a74d7144671d0b689b7141f60cc5
076691e2814dc329eabfc617978f029dadd2db6d31cd5bb74b24f0747dc757d9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/assets/css/acf-input.css?ver=5.7.8 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 15082
content-type: text/css
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-includes/js/codemirror/jsonlint.js?ver=1.6.2
192.232.251.94200 OK 5.4 kB URL HTTP/2 lawn.bizdemo.xyz/wp-includes/js/codemirror/jsonlint.js?ver=1.6.2
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1292)
Hash 2251fe16243543c3856e75817fdf7da3
1c70af68081b5f2913610f1685584835e3aeadc5
22ffeed2703123a0685fdbc9270cc16f14c0a2b863ba045e5c0738a28f341f48
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/codemirror/jsonlint.js?ver=1.6.2 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 30 Jan 2019 15:57:24 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 5374
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-includes/js/codemirror/htmlhint-kses.js?ver=6.0.1
192.232.251.94200 OK 485 B URL HTTP/2 lawn.bizdemo.xyz/wp-includes/js/codemirror/htmlhint-kses.js?ver=6.0.1
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 93e309708e43cdb21478892a2593c368
c43c1722216b5eeb32bf4ed688ccb6e050e0ffb3
d3e19736bbeca59ecd8c371c9a66a8132c6fac9517030215774d6ea3ac0ea2a6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/codemirror/htmlhint-kses.js?ver=6.0.1 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 30 Jan 2019 15:57:24 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 485
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-includes/js/codemirror/htmlhint.js?ver=0.9.14-xwp
192.232.251.94200 OK 7.0 kB URL HTTP/2 lawn.bizdemo.xyz/wp-includes/js/codemirror/htmlhint.js?ver=0.9.14-xwp
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type exported SGML document, ASCII text, with very long lines (17595), with escape sequences
Hash d2dba38efcc1e59b637d01d566d19d92
a23f04728ee49b20e2f694def75caf19fc27248b
a9f84a3f9f721008fef308bc7befa08fe63e02c812c9995bd2cb6fb48a381b6f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/codemirror/htmlhint.js?ver=0.9.14-xwp HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 30 Jan 2019 15:57:24 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 7021
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/mode/xml/xml.js?ver=6.0.1
192.232.251.94200 OK 2.9 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/mode/xml/xml.js?ver=6.0.1
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5030)
Hash d542daa7640923e5a251613c2444fb9c
aacfa363ef56abf5424ed25d059b2539a4effb58
4045412f7f6beed5ea62855f195de915582633b6be93d363bcd10827e477b99d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/mode/xml/xml.js?ver=6.0.1 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:11 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2949
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/addon/display/autorefresh.js?ver=6.0.1
192.232.251.94200 OK 441 B URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/addon/display/autorefresh.js?ver=6.0.1
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash bd028b484073d1e05e5815a9f43162fa
4e40723e12959fbaf0e01af8ae997270b367623c
52af75295794403797db3fc82db73037eb2f2e3755d688e3115de3059bf3414e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/addon/display/autorefresh.js?ver=6.0.1 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 441
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/mode/htmlmixed/htmlmixed.js?ver=6.0.1
192.232.251.94200 OK 1.6 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/mode/htmlmixed/htmlmixed.js?ver=6.0.1
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1052)
Hash e32115c8d0ea5db31e44e77b0cf3f7e5
2083ecc6dbf3f33a887fe581f585697b4a37c108
68757cd61d62d346ef3e9f79f177a4e772a66c764aae9a839ef97118eaf10b08
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/mode/htmlmixed/htmlmixed.js?ver=6.0.1 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:11 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1632
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-font-awesome/js/edit_input.js?ver=1.5
192.232.251.94200 OK 483 B URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-font-awesome/js/edit_input.js?ver=1.5
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1152), with no line terminators
Hash 2a8ec3ca2b56a019a22e81a41225186c
6eba0818be70a475d9c8cf749a3b851129badf31
4a2993bfc3f60dd3114541a9631a9e585a1e1ee17e5e67d2383c40666ca35db4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-font-awesome/js/edit_input.js?ver=1.5 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 483
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/addon/selection/mark-selection.js?ver=6.0.1
192.232.251.94200 OK 963 B URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/addon/selection/mark-selection.js?ver=6.0.1
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2403)
Hash a04cb9f370cb2e965b205dc9b3edde1d
d8e0846c59c0d558d0dda5b6c82f83af2b3de7aa
01e401289d56aebac587c343d011c01562fdb7266922c626050adf2bb3abd72e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/addon/selection/mark-selection.js?ver=6.0.1 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 963
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/js/imagesloaded.min.js
192.232.251.94200 OK 2.6 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/js/imagesloaded.min.js
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6832)
Hash 67412b48e95d7d928e1579b298958eb9
5978ac5caa47b27712907cffadf0cd561b8d62da
263b31097a2c2d9a4a5c4ff0dd424f973506c34ec1ccbfb101fc5357e05ca50f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/js/imagesloaded.min.js HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2580
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/js/popper.min.js
192.232.251.94200 OK 8.1 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/js/popper.min.js
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18860)
Hash f05511310555b26778bf5b09b70f4f27
66232ff8d33e8cd4e13c09503eaf69d9773b1376
487e5d8df39e2f26d0ce062405af92589595462bc264101c98709538214dc00a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/js/popper.min.js HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 8053
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/addon/edit/matchbrackets.js?ver=6.0.1
192.232.251.94200 OK 1.5 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/addon/edit/matchbrackets.js?ver=6.0.1
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3502)
Hash 1cbdb7143a5c4ad531860a0dde4d3e22
21ab547d80bd36704b26f4813cf2dad860dde64c
35988e5da85f5b51b189de3976599031d130af1a47633f43d707d573952e1ab3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/addon/edit/matchbrackets.js?ver=6.0.1 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1460
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/js/script.js
192.232.251.94200 OK 1.6 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/js/script.js
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4467), with no line terminators
Hash 013838b52bd68853043127c635e59322
1961e55d4670e1a3981c51f4b9d027fcfbba06eb
ee9a99a9815597ee0675718cc2f03ab225f51a3a39f6a21162cef25da1c06d26
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/js/script.js HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1564
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/js/lightbox.min.js
192.232.251.94200 OK 3.2 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/js/lightbox.min.js
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (8205)
Hash a0802ed4c3be4a2e4a1c662142939371
7d3986a8049f0ea8b4257b5ac169ac8f4b7ea674
1a63613b12d73e7976e5f2619f4b86c282b12525266a7eabc3afe66620ae5e21
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/js/lightbox.min.js HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3183
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/input.js?ver=6.0.1
192.232.251.94200 OK 455 B URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/input.js?ver=6.0.1
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (786), with no line terminators
Hash 16d013e1ab9955f60fe511fdd7110cac
2b6298e1a76fe8c6a37ea972b0a370f4adc6c45d
b37edadb822e739fb7b23a1bac5c58ca6b91ef10e2085b3eeace418b0679fa52
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/input.js?ver=6.0.1 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 455
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/mode/php/php.js?ver=6.0.1
192.232.251.94200 OK 6.5 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/mode/php/php.js?ver=6.0.1
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9284)
Hash ff316baed738a46aae8836920f881d33
ab0745dcb6d07a589db8f1f72e230999075654f0
2e86528647836c486b8410ac6d9182284b9098138df5f3774cf5b1f1d3924782
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/mode/php/php.js?ver=6.0.1 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:11 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 6450
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:%20300,400,400i,600,700,700i,800,900
142.250.74.74200 OK 2.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:%20300,400,400i,600,700,700i,800,900
IP 142.250.74.74:0
File type ASCII text, with very long lines (3451)
Hash bb9469c0969f4dc32c05df0e0aa1993f
0a3b92a41cea4f2670d1254be4cdff42bef30e81
a1b2adf0155af048aaef28aa81cde49f3ccdbcfef8bf1d2e6a64fd6a2a5aedb0
GET /css?family=Open+Sans:%20300,400,400i,600,700,700i,800,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 10:57:43 GMT
date: Sat, 03 Dec 2022 10:57:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/mode/css/css.js?ver=6.0.1
192.232.251.94200 OK 10 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/mode/css/css.js?ver=6.0.1
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type C source, ASCII text, with very long lines (21302)
Hash 422f327848aa7b9569b91de8147625e0
0f9f45e99c94ff1f988879f107d1105efde55ab0
27ffb1f0bf9660d4cf785e6c06725e3de7cda104a2302ba362c04172d4a0e5f2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/mode/css/css.js?ver=6.0.1 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:11 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 9967
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/mode/javascript/javascript.js?ver=6.0.1
192.232.251.94200 OK 7.3 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/mode/javascript/javascript.js?ver=6.0.1
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5174)
Hash 63b7ff0fda33105e319ad93ea774065d
3298d07245f45bcc98b7003ab48272f34e6f10df
036ade05421244bf73942456c0d37ec8f6907a9ff4df8a481c4427a08d7d317d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/mode/javascript/javascript.js?ver=6.0.1 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:11 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 7272
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1
192.232.251.94200 OK 3.7 kB URL HTTP/2 lawn.bizdemo.xyz/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10549)
Hash afa5c7f2959c8186ab6aa4a0d5cace29
65855ea278d5523322fe551682f46fb332d195ea
6ccd4efbdb93e9caa11376c2254a8a6b91e5b9586ab3489d59bac1283254b496
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 17:45:52 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3714
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/assets/js/navigation.js?ver=1.0
192.232.251.94200 OK 859 B URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/assets/js/navigation.js?ver=1.0
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2654), with no line terminators
Hash 41863ede3905cd238bb49dc89e2b9bb2
ff63f0b684e9bc3e1265a83701dc839a0aad4bce
700db91bc9a18965b26f35254e36e291a2f79e6736bc7e37797690e65d81eeb4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/assets/js/navigation.js?ver=1.0 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 859
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/assets/js/skip-link-focus-fix.js?ver=1.0
192.232.251.94200 OK 278 B URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/assets/js/skip-link-focus-fix.js?ver=1.0
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (424), with no line terminators
Hash 111fab7a546e34cf689165be4c2befae
c6cbb6fc596c8ff8f5207cb74e93c4aeedb2957d
3ed9ab87ca11e27439f725cc8ea99d46f500ea053d8490b1431e9abc34ff6a29
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/assets/js/skip-link-focus-fix.js?ver=1.0 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 278
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-includes/js/jquery/jquery.ui.touch-punch.js?ver=0.2.2
192.232.251.94200 OK 585 B URL HTTP/2 lawn.bizdemo.xyz/wp-includes/js/jquery/jquery.ui.touch-punch.js?ver=0.2.2
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (985)
Hash aad37c541dd386b8f576936bc196aba7
a2e597cf53dad5a9272b146e30553cd8555ce1fd
fefa4c5e6856a5fb8b5c90835e6dcb05fb585807355b44a36a26edfecf690a5a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.ui.touch-punch.js?ver=0.2.2 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 30 Jan 2019 15:57:25 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 585
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/assets/inc/timepicker/jquery-ui-timepicker-addon.min.js?ver=1.6.1
192.232.251.94200 OK 13 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/assets/inc/timepicker/jquery-ui-timepicker-addon.min.js?ver=1.6.1
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32003)
Hash a3f9616b1cec8beac03d177287a28c54
0680fa1edc10f7c3939fb421542d6794471b5ede
bd42c1d6e65f553ef37dc78c55c184875983ed8d3e52b1846eb4e6a31a67a35b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/assets/inc/timepicker/jquery-ui-timepicker-addon.min.js?ver=1.6.1 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 13369
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/assets/js/global.js?ver=1.0
192.232.251.94200 OK 1.9 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/assets/js/global.js?ver=1.0
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4818), with no line terminators
Hash 5f90dcaf4045eecab1300491308431b9
6faa9ea68b8212fe6fa317963034815288edadb1
d3ea294d5b5ff76ed67af31cb15e19216e707a234971dcf30fc652cdf7109468
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/assets/js/global.js?ver=1.0 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1900
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/mode/clike/clike.js?ver=6.0.1
192.232.251.94200 OK 11 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/mode/clike/clike.js?ver=6.0.1
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 12d4c83673664f271383e5e4d5b268b5
7ba485b6e851a6ea97348ed687f181e21ef2b29f
8c1344dd3347c7e1239d988aa91d3991654cfe08cf02e7f817163300ebf592f6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/acf-code-field/js/codemirror-5.23.0/mode/clike/clike.js?ver=6.0.1 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:11 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 11413
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/assets/js/jquery.scrollTo.js?ver=2.1.2
192.232.251.94200 OK 1.4 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/assets/js/jquery.scrollTo.js?ver=2.1.2
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3199), with no line terminators
Hash 467081bdb8ce4d1693c026c5caf155d5
9539dd0b1c034a88ab11ddcf41c15c815fa85581
15383b1873e2f4b01d2aa445dc4c75b5d37b9c7011995f559c232f69708bf04e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/assets/js/jquery.scrollTo.js?ver=2.1.2 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1446
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16287
Expires: Sat, 03 Dec 2022 15:29:11 GMT
Date: Sat, 03 Dec 2022 10:57:44 GMT
Connection: keep-alive
lawn.bizdemo.xyz/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
192.232.251.94200 OK 14 kB URL HTTP/2 lawn.bizdemo.xyz/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (36548)
Hash fd78079b5bb7ba132ca4ff2b9a1d7a01
685463955947d5c2bd18ed2fa84bccb2e42eb381
0889031ef8e7431839189876b3f1ce668972c05db3fbc5b63f0d067d520f1bb8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 17:45:52 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 13813
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16287
Expires: Sat, 03 Dec 2022 15:29:11 GMT
Date: Sat, 03 Dec 2022 10:57:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16287
Expires: Sat, 03 Dec 2022 15:29:11 GMT
Date: Sat, 03 Dec 2022 10:57:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16287
Expires: Sat, 03 Dec 2022 15:29:11 GMT
Date: Sat, 03 Dec 2022 10:57:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16287
Expires: Sat, 03 Dec 2022 15:29:11 GMT
Date: Sat, 03 Dec 2022 10:57:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3abdcce275bb9723b4ac1d0c38cc8891
91f0d888c38db0899f106b652e3dcac062648099
ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V_7_ohQr9ENIjOvdvy65ZpJqg2OI9gzRdiuxCTJzl4qwXe2Nmu_tAQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:49:27 GMT
etag: "91f0d888c38db0899f106b652e3dcac062648099"
content-type: image/jpeg
age: 47297
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 00:57:24 GMT
age: 36020
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20049904-a818-4d1c-9585-79edf76dcc61.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20049904-a818-4d1c-9585-79edf76dcc61.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9b77186d0d93f7ccfe729edd9d184af3
458aa485b9abef3b72427d308a172d1c24eceabd
8bed5a8e56e8c43fcbdc807245c2b651d014a06368574e57a25b718399a4a701
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20049904-a818-4d1c-9585-79edf76dcc61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6966
x-amzn-requestid: 2b40c185-e050-4bfd-9b08-bb70e6f89824
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfAb7Ev3oAMFnrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389144c-65301ace20da6f580ed77e82;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 20:53:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xBRZ6xulfveO7b5ZY8ApNbQJ1Sz8LbzEAb3YqxOEaZGYem-ZRaar_Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:56:31 GMT
age: 18073
etag: "458aa485b9abef3b72427d308a172d1c24eceabd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e74254b3fdce7d6b84a71a7aff43789
65c8b4abf957f9b54d99d0f78559e639adb29efb
f278c3cc6734da7188862a8c651c803e7ac1fda82234e191761453cb1359d3ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5354
x-amzn-requestid: 3d58ffea-3433-4c5c-a60b-17f6de3a33e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsnvG44oAMFfyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638427ca-63b375f04189b7ce7d84cd5d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:15:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -AurmlKwF0QgfsWBsV3ZN9ZyDhw1Zo82zUqrpkBbvbCfh0j7evV2Tg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 11:01:04 GMT
age: 86200
etag: "65c8b4abf957f9b54d99d0f78559e639adb29efb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45182367fd4f8b6dd234eef1022acdb1
d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:51:06 GMT
age: 47198
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
192.232.251.94200 OK 5.3 kB URL HTTP/2 lawn.bizdemo.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.1 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 20:59:19 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:44 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 5321
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:44 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.1
192.232.251.94200 OK 6.0 kB URL HTTP/2 lawn.bizdemo.xyz/wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.1
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18142)
Hash b8ec01ed152d9f94651489e750ecda6e
3dba94094a69268410b2f9df9ed4711280e760a9
1450efd6a46aeb2efeae13ac8798daa999282bdfaf41912297b5ba0a1606d601
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.1 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 17:45:52 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 6008
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/js/isotope.pkgd.min.js
192.232.251.94200 OK 15 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/js/isotope.pkgd.min.js
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32047)
Hash 2bacf9f656e5c1131883e8abaa313dc2
d55325527912a6618fbbc5880dece7c11eb6dfb9
5bc83923073c0a27dd00ef631301f42df26cf4b114e2e40f6c3b2d9c62f71bff
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/js/isotope.pkgd.min.js HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 14906
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-admin/js/iris.min.js?ver=1.0.7
192.232.251.94200 OK 9.5 kB URL HTTP/2 lawn.bizdemo.xyz/wp-admin/js/iris.min.js?ver=1.0.7
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (23476)
Hash 0b4a0c0a3bd56a287b5eb01c57c48724
b44bc694a3b43e3b8f954f04115a07d9485d9c3f
69d5ce848b0c81ec3888875b0785c42be0b382a6c94fbd5fbd930fa67e5582a6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-admin/js/iris.min.js?ver=1.0.7 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 20:59:16 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 9501
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/js/owl.carousel.min.js
192.232.251.94200 OK 15 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/js/owl.carousel.min.js
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32012)
Hash ea94bfb22256c906d657a26b1c90b05c
d33be4c782c22b1e6630b0665f283c68a465669c
ace96c6af30f6292392735c759fe6d92dae6fa2957f7d92dda9bf8ee08bfbb17
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/js/owl.carousel.min.js HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 15384
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:57:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:57:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:57:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:57:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:57:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lawn.bizdemo.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 403504
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.227200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lawn.bizdemo.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:29:22 GMT
expires: Fri, 01 Dec 2023 12:29:22 GMT
cache-control: public, max-age=31536000
age: 167303
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/js/bootstrap.min.js
192.232.251.94200 OK 68 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/js/bootstrap.min.js
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 4d0df242f29b9530dba7b911adb54843
cee1bae4187a40f97244c354de799b9e3c1867c9
71770b4711cdda643a994882077ff438f6b5b7bb13dbe73f33ad06a09d107404
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/js/bootstrap.min.js HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:57:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/images/logo.png
192.232.251.94200 OK 25 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/images/logo.png
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 209 x 122, 8-bit/color RGBA, non-interlaced\012- data
Hash 70fc35504541933590bed3e8f03412b1
9e09b8047b3c1c0a54a5479fd71a3c452a6125f2
17bdeee399588353f8fa764d6d5469912644fd88c239a8acb9be9c93e5c25837
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/images/logo.png HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
content-length: 25278
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/uploads/2021/12/lawn-mower.png
192.232.251.94200 OK 24 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/uploads/2021/12/lawn-mower.png
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash d6fa0e3091cd0683bfc85429accdc3a8
8d3715bb82b7d42ac6f5137e6cc222f2b4bf8b2a
67ff8496201ec485ada26b43fcb7adbe51f059c54d0c4deea6713f134c1badb0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/12/lawn-mower.png HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 21:15:40 GMT
accept-ranges: bytes
content-length: 23684
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/uploads/2021/12/grass.png
192.232.251.94200 OK 19 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/uploads/2021/12/grass.png
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash bf108d253bae6f9eac64a6e998d84fdb
45b372e618a59194df8ebf1d10b86fdb494853dd
59f9578301169e90171aea476786bd54eed2e8cf80b35aa8e8fd5c8968c970f5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/12/grass.png HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 21:15:38 GMT
accept-ranges: bytes
content-length: 18791
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
cdn.jsdelivr.net/fontawesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
151.101.193.229200 OK 77 kB URL HTTP/2 cdn.jsdelivr.net/fontawesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 151.101.193.229:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /fontawesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lawn.bizdemo.xyz
Connection: keep-alive
Referer: https://cdn.jsdelivr.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
Alt-Used: 0
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
etag: W/"12d68-1vSMun0Hb7by/Wupk6dbncHsvww"
accept-ranges: bytes
date: Sat, 03 Dec 2022 10:57:45 GMT
age: 2193682
x-served-by: cache-fra-eddf8230101-FRA, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 77160
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/uploads/2021/12/logo-lan-1.png
192.232.251.94200 OK 12 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/uploads/2021/12/logo-lan-1.png
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 261 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 72ab02aada5b4b723e31fb92f2b09a53
0fdbe88927d821db593d3e3986d26be993c36967
2708c5d67d621e1f0e256b0b5c4efc8bb1acd9833af9e6df3e4c9fa479a9dde4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/12/logo-lan-1.png HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 21:15:37 GMT
accept-ranges: bytes
content-length: 11966
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/uploads/2021/12/garden.png
192.232.251.94200 OK 21 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/uploads/2021/12/garden.png
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash e416f3d31f020702a4d938bf39264caf
0df197c5ba1f5d42cbdfa57606ddab47d642c040
8ff86238d330980750007d78281d17123a87a888c03be7288de213d657c19547
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/12/garden.png HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 21:15:42 GMT
accept-ranges: bytes
content-length: 20885
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/uploads/2021/12/gardening.png
192.232.251.94200 OK 24 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/uploads/2021/12/gardening.png
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash fc5481b200a0fa752db11b28231bdb00
f061945b2dadbc1ad7fb25982443ff2ac1b2c763
1cbf0e21a58aed29f9e3df8fe0ae6bf4219e38e66bbdb8e6222013f81af74f64
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/12/gardening.png HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 21:15:40 GMT
accept-ranges: bytes
content-length: 23611
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/
192.232.251.94200 OK 50 kB IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 2fc6621edea201e5e24fbbe79c0e6eb0
6c3eca1c1c1547c8e5917a7a6713878964cd7db4
1472109ebb238d2293fe69b5c45c06ddfeb6f6eed89a55e9f8c7f614ebb85838
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 20:34:42 GMT
accept-ranges: bytes
cache-control: max-age=7200
expires: Sat, 03 Dec 2022 12:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/html
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/uploads/2021/12/close-up-picture-hand-holding-planting-sapling-plant-1000-400x400.jpg
192.232.251.94200 OK 34 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/uploads/2021/12/close-up-picture-hand-holding-planting-sapling-plant-1000-400x400.jpg
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x400, components 3\012- data
Hash 466a7df5a1d4298f6ce9781c6ba63fed
27439bb062a6f5ee6118bc782b1cafddc89f6a5a
f086cc9f31e6e5824f87209d4d8e14de08c11100bc93330a8ad343bd66678eb1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/12/close-up-picture-hand-holding-planting-sapling-plant-1000-400x400.jpg HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 21:15:53 GMT
accept-ranges: bytes
content-length: 33500
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/uploads/2021/12/man-trimming-bough-brush-guy-works-backyard-1000-400x400.jpg
192.232.251.94200 OK 36 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/uploads/2021/12/man-trimming-bough-brush-guy-works-backyard-1000-400x400.jpg
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x400, components 3\012- data
Hash fff6cb894714c2fe60116ebb41c17b3f
25c584e0a0905d7ec65d3e24ea9a226bf78161e8
c6ed6e328885e7f77099626d503152a10a4ae2935f4aae9c1d74b6c34d5985f3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/12/man-trimming-bough-brush-guy-works-backyard-1000-400x400.jpg HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 21:15:54 GMT
accept-ranges: bytes
content-length: 35983
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/uploads/2021/12/plants-gardening-tools-close-up-1080-400x400.jpg
192.232.251.94200 OK 38 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/uploads/2021/12/plants-gardening-tools-close-up-1080-400x400.jpg
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright=Freepik Company S.L. - www.freepik.com], baseline, precision 8, 400x400, components 3\012- data
Hash 2e8747b649eb9a27a17fe3dab5183e1b
e54cd71a234ef47732867e05a4295c71ad859825
7ffedabc676270e74996ec246337824698b67134b6ef31288e2011dcd98980da
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/12/plants-gardening-tools-close-up-1080-400x400.jpg HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 21:16:09 GMT
accept-ranges: bytes
content-length: 37758
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/uploads/2021/12/gardener-with-weedwacker-cutting-grass-garden-1000-400x400.jpg
192.232.251.94200 OK 44 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/uploads/2021/12/gardener-with-weedwacker-cutting-grass-garden-1000-400x400.jpg
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright= ], baseline, precision 8, 400x400, components 3\012- data
Hash 027982c5505a2492d009620b05b6fec7
54f38a56abde97d16834b63a9194960452c599c1
549bbbd161421973fca228994989386ad0e62284dacdcdda9138093b11573532
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/12/gardener-with-weedwacker-cutting-grass-garden-1000-400x400.jpg HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 21:15:55 GMT
accept-ranges: bytes
content-length: 44325
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/uploads/2021/12/man-cutting-grass-with-lawn-mover-back-yard-male-black-apron-guy-repairs-1000-400x400.jpg
192.232.251.94200 OK 49 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/uploads/2021/12/man-cutting-grass-with-lawn-mover-back-yard-male-black-apron-guy-repairs-1000-400x400.jpg
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x400, components 3\012- data
Hash f3c9057b6d927fef2469b4f8988dcf5f
6c728c1eb905e4eeb15c2c485826c3b807bdb2e7
ade0c40ec1a1aae9504a60db55c3d2227dff3f55badb749db74ccd9afa08c2df
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/12/man-cutting-grass-with-lawn-mover-back-yard-male-black-apron-guy-repairs-1000-400x400.jpg HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 21:15:51 GMT
accept-ranges: bytes
content-length: 49403
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/uploads/2021/12/planting-flowers-garden-garden-tools-flowers-900-400x400.jpg
192.232.251.94200 OK 51 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/uploads/2021/12/planting-flowers-garden-garden-tools-flowers-900-400x400.jpg
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x400, components 3\012- data
Hash 691da964d1002d1b70322e5864ae6d68
74a28b0441f96f22be3f12f19d9dd2489736a883
b90471408599f5d2914fc6861881cda2bb432a1556386bce5967dc96c5aa93c3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/12/planting-flowers-garden-garden-tools-flowers-900-400x400.jpg HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 21:16:05 GMT
accept-ranges: bytes
content-length: 51143
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/uploads/2021/12/young-florist-taking-care-flowers-hands-close-up.jpg
192.232.251.94200 OK 74 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/uploads/2021/12/young-florist-taking-care-flowers-hands-close-up.jpg
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1001x1280, components 3\012- data
Hash c71e50e84c47bfabac5bf361050b06bb
b44fb83c8be7524807221b35a419501a6877f8dd
2ada167f52cb476e3b5869aaeb4d572ed6286f227f45883d0342456920644840
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/12/young-florist-taking-care-flowers-hands-close-up.jpg HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 21:15:43 GMT
accept-ranges: bytes
content-length: 74106
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/uploads/2021/12/plants-gardening-tools-close-up-1080.jpg
192.232.251.94200 OK 65 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/uploads/2021/12/plants-gardening-tools-close-up-1080.jpg
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=Freepik Company S.L. - www.freepik.com], baseline, precision 8, 900x946, components 3\012- data
Hash ad23bad8376a576557591cacbdfe7cb0
296326501b543708f0966c837677e05436b95510
f7b6f9acaecb78fc4ef0c454399512f04677b16fbcffaf95c044fddff946a169
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/12/plants-gardening-tools-close-up-1080.jpg HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 21:16:08 GMT
accept-ranges: bytes
content-length: 65374
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:45 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Sat, 03 Dec 2022 10:57:45 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/images/loading.gif
192.232.251.94200 OK 8.5 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/images/loading.gif
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 32 x 32\012- data
Hash 2299ad0b3f63413f026dfec20c205b8f
cf720b50cf8dde0e1a84ce1c6a77788bfc5882d5
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/images/loading.gif HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/css/lightbox.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
content-length: 8476
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:45 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/gif
date: Sat, 03 Dec 2022 10:57:45 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/images/close.png
192.232.251.94200 OK 280 B URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/images/close.png
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 27 x 27, 8-bit colormap, non-interlaced\012- data
Hash d9d2d0b1308cb694aa8116915592e2a9
3ca48361cfe0e41163023d03c26296f375bb3eac
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/images/close.png HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/css/lightbox.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
content-length: 280
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:45 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sat, 03 Dec 2022 10:57:45 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/images/prev.png
192.232.251.94200 OK 1.4 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/images/prev.png
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 50 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash 84b76dee6b27b795e89e3649078a11c2
6640a3432f7ba7aea6129cdf7a5d3eabd47c295c
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/images/prev.png HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/css/lightbox.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
content-length: 1360
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:45 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sat, 03 Dec 2022 10:57:45 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/images/next.png
192.232.251.94200 OK 1.4 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/images/next.png
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 50 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash 31f15875975aab69085470aabbfec802
777e92c050f600b4519299c3d786b8f2f459fea4
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/images/next.png HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/css/lightbox.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
content-length: 1350
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:45 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sat, 03 Dec 2022 10:57:45 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/images/bg.jpg
192.232.251.94200 OK 34 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/images/bg.jpg
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1998, components 3\012- data
Hash 066e4c9389cc76bacdb3d2edbb1d6433
e2d6aff584d9dd74705af8ccf25341bee88d3082
edd0d9e9540ff5aa623159b07d247a430675efa3ea936019723499c1f3767319
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/images/bg.jpg HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/style.css?ver=1659472481
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
content-length: 34246
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:45 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Sat, 03 Dec 2022 10:57:45 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/uploads/2021/12/close-up-sapling-plant-is-growing-1000-1.jpg
192.232.251.94200 OK 75 kB URL HTTP/2 lawn.bizdemo.xyz/wp-content/uploads/2021/12/close-up-sapling-plant-is-growing-1000-1.jpg
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1022x1072, components 3\012- data
Hash 4aa5b65a67d4431f5eefd9c19a7aecdf
5689ff38f66960ba672eb6a2328868ec1de5936c
a83b3d30590a25260a4bd360bbb347799b08095673c21049246de11df3df0af0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/12/close-up-sapling-plant-is-growing-1000-1.jpg HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 21:15:48 GMT
accept-ranges: bytes
content-length: 75331
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:45 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Sat, 03 Dec 2022 10:57:45 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-includes/js/codemirror/esprima.js?ver=4.0.0
192.232.251.94200 OK 0 B URL HTTP/2 lawn.bizdemo.xyz/wp-includes/js/codemirror/esprima.js?ver=4.0.0
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/codemirror/esprima.js?ver=4.0.0 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 20:59:20 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
192.232.251.94200 OK 0 B URL HTTP/2 lawn.bizdemo.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.1 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 18 Nov 2022 03:46:34 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/assets/inc/select2/4/select2.full.min.js?ver=4.0
192.232.251.94200 OK 0 B URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/assets/inc/select2/4/select2.full.min.js?ver=4.0
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/assets/inc/select2/4/select2.full.min.js?ver=4.0 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/css/bootstrap.min.css
192.232.251.94200 OK 0 B URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/css/bootstrap.min.css
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/css/bootstrap.min.css HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-includes/js/codemirror/csslint.js?ver=1.0.5
192.232.251.94200 OK 0 B URL HTTP/2 lawn.bizdemo.xyz/wp-includes/js/codemirror/csslint.js?ver=1.0.5
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/codemirror/csslint.js?ver=1.0.5 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 20:59:20 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/assets/js/acf-input.min.js?ver=5.7.8
192.232.251.94200 OK 0 B URL HTTP/2 lawn.bizdemo.xyz/wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/assets/js/acf-input.min.js?ver=5.7.8
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/homeservicesjackpottheme/npm/advanced-custom-fields-pro/assets/js/acf-input.min.js?ver=5.7.8 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Dec 2022 05:50:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-includes/js/codemirror/codemirror.min.js?ver=5.29.1-alpha-ee20357
192.232.251.94200 OK 0 B URL HTTP/2 lawn.bizdemo.xyz/wp-includes/js/codemirror/codemirror.min.js?ver=5.29.1-alpha-ee20357
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/codemirror/codemirror.min.js?ver=5.29.1-alpha-ee20357 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 30 Jan 2019 15:57:24 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2
lawn.bizdemo.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
192.232.251.94200 OK 0 B URL HTTP/2 lawn.bizdemo.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 192.232.251.94:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: lawn.bizdemo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lawn.bizdemo.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 17:45:52 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 10:57:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Sat, 03 Dec 2022 10:57:43 GMT
server: Apache
X-Firefox-Spdy: h2