dollydixon.com/
23.94.30.18301 Moved Permanently 231 B IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d9ba5cf56d460629b944f019380dad54
d7a339e24d1157772d388b7c08e5b30a8d574e01
b6ec0fdea1ef88dcd5e9a3f626b9cc4304af09fbaa761034bc7647c7dd2d598b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Oct 2022 12:41:00 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
X-Content-Type-Options: nosniff
Location: https://dollydixon.com/
Content-Length: 231
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5494
Expires: Tue, 04 Oct 2022 14:12:34 GMT
Date: Tue, 04 Oct 2022 12:41:00 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 11:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: R4xjwrVrH-zaHGMDSat2FggK2dy94S40oA6NfpsEciHtUEdd0bBZgg==
Age: 3236
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pJfb5UwJ2ryg2QRVba34bHrY9RIlountuYqBrmt_cLndIfeHV96uLA==
age: 25953
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 12:41:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 12:29:33 GMT
Expires: Tue, 04 Oct 2022 13:17:17 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mNcMhtVjNE-RK-dfhBuENFIZLb8gEU6mLPQ355BBrPOHc7xa2urq4g==
Age: 688
dollydixon.com/
23.94.30.18200 OK 21 kB IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2514), with CRLF, LF line terminators
Hash ca9eb73ebec1c6f94b2b385d2a6d52a4
8ed81301a85dda5a523178911bee60844749ca79
463e2170e1d99facb6943b7bed4aece1c5fbe487468fc265c84faa2f91243d9f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:01 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Link: <https://dollydixon.com/wp-json/>; rel="https://api.w.org/", <https://dollydixon.com/wp-json/wp/v2/pages/1170>; rel="alternate"; type="application/json", <https://dollydixon.com/>; rel=shortlink
Set-Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a; path=/; secure; HttpOnly
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 20880
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 16ebfb2aa621547ecf581e26fc828a7d
f78993331f6f5b8af6409a9ad2fc50b77070f68a
0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5071
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:41:01 GMT
Last-Modified: Tue, 04 Oct 2022 11:16:31 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
dollydixon.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6.9
23.94.30.18200 OK 7.8 kB URL HTTP/1.1 dollydixon.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6.9
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (27525)
Hash a3dd1c0cc400319c405dfb62dc6eba57
0f1baa39908b0bc5a6ab8e82e7a51d2a49021019
153da274f7b797b304dffe7762875bc10694ed11975d1ee06e44fa12060df783
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.6.9 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:01 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Feb 2021 18:58:06 GMT
ETag: "c88a-5bbf161d88ccb-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:01 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 7849
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:41:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.215.56.181101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.56.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bnTXVMsv9SwYGG/nlQzpww==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yEv3HTe5VQeICRXXDDI3kyC8Mx4=
dollydixon.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2
23.94.30.18200 OK 730 B URL HTTP/1.1 dollydixon.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
Hash b1529b0b8aa7b641b7874d8d7a03bcff
cb2f76b12e7c00b74e1cda43aeeceaebb1e1d3dd
bcb87fe953090203ad964b5bed39566b9cc4c410fb7c6d831f84128d8f376af2
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:01 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Jan 2021 14:42:03 GMT
ETag: "780-5b8648f42379b-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:01 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 730
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic%7CRubik%3A300%2C400%2C500%2C600%2C700%2C800%2C900%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CPoppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic&ver=1656525107
142.250.74.10200 OK 2.7 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic%7CRubik%3A300%2C400%2C500%2C600%2C700%2C800%2C900%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CPoppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic&ver=1656525107
IP 142.250.74.10:0
Hash 8dcaa0d1c347f5813e8de5b0f3131122
a8ac4495c53c1b1fc31f596765a4ef10062b135e
4c0707c478d309abc30f2b39d4d3bcca3488ee98f2b2f9f726c61b6ace9fd5f4
GET /css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic%7CRubik%3A300%2C400%2C500%2C600%2C700%2C800%2C900%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CPoppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic&ver=1656525107 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dollydixon.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 12:41:01 GMT
date: Tue, 04 Oct 2022 12:41:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dollydixon.com/wp-content/plugins/accesspress-social-login-lite/css/frontend.css?ver=3.4.6
23.94.30.18200 OK 2.1 kB URL HTTP/1.1 dollydixon.com/wp-content/plugins/accesspress-social-login-lite/css/frontend.css?ver=3.4.6
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with CRLF line terminators
Hash 93fec92fc7db8afbdce69a245f736fcf
8357e06a37bb7256eb89c991b309e2d844c23a90
0f8ae798551a490a3e9dd403d568cb6eebf09938f29aafeda89c584feb2c4d38
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/accesspress-social-login-lite/css/frontend.css?ver=3.4.6 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:01 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Jan 2021 20:06:42 GMT
ETag: "476f-5b86918553a5e-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:01 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 2142
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
dollydixon.com/wp-content/plugins/accesspress-social-login-lite/css/font-awesome/fontawesome.css?ver=3.4.6
23.94.30.18200 OK 8.5 kB URL HTTP/1.1 dollydixon.com/wp-content/plugins/accesspress-social-login-lite/css/font-awesome/fontawesome.css?ver=3.4.6
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (317)
Hash 822997cf080d45e20a99bc1046e3e0dd
cdbfdddd5bd7acab8c848d13a8a96d5e149c11ef
0cc8db05b210210c3a2b5b4504bbb6ddbe856c08f8ad1a01c91becd4da4ae98d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/accesspress-social-login-lite/css/font-awesome/fontawesome.css?ver=3.4.6 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:01 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Jan 2021 20:06:42 GMT
ETag: "b425-5b86918553a5e-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:01 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 8476
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
dollydixon.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.3.5
23.94.30.18200 OK 13 kB URL HTTP/1.1 dollydixon.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.3.5
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash 95694c26156eb25eb12f2ba199e1cba3
5af183c533a42e5e23a31c0b1202c34f7be1f6f2
6fb2bee54db95a1965c2fb2e690e42d2a4247fc604e26bc67ca74e172615f05b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.3.5 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:01 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Thu, 31 Dec 2020 01:40:34 GMT
ETag: "eb91-5b7b8b5b5a880-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:01 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 12679
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
dollydixon.com/wp-content/themes/ceris/css/vendors.css?ver=5.6.9
23.94.30.18200 OK 25 kB URL HTTP/1.1 dollydixon.com/wp-content/themes/ceris/css/vendors.css?ver=5.6.9
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (65367), with CRLF line terminators
Hash c1794a434c0101847d564df39a4ded04
3f53032e0d404f0a7a04a7789a3f72978ce42a66
4f70084bbd64f8a91e68967b33b1bc813b72f04d385b6fe3eee38d1359d99c9e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/ceris/css/vendors.css?ver=5.6.9 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:01 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Jun 2020 13:55:54 GMT
ETag: "244d0-5a71a451bee80-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:01 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 24774
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
dollydixon.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
23.94.30.18200 OK 4.2 kB URL HTTP/1.1 dollydixon.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Jan 2021 18:42:01 GMT
ETag: "2bd8-5b867e9748111-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 4169
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/x-javascript
dollydixon.com/wp-content/plugins/accesspress-social-login-lite/js/frontend.js?ver=3.4.6
23.94.30.18200 OK 157 B URL HTTP/1.1 dollydixon.com/wp-content/plugins/accesspress-social-login-lite/js/frontend.js?ver=3.4.6
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with CRLF line terminators
Hash 8e17f9d9f8df09c0d411f7429774a4cb
33dcc37fdfb42782ad2f112d67d6e9f3737b962a
f9bdd5c168ea763bd7be71cd9d02e444295b99c539e7eb12ced9d12be99067bb
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/accesspress-social-login-lite/js/frontend.js?ver=3.4.6 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Jan 2021 20:06:39 GMT
ETag: "c1-5b869181c8f0c-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 157
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/x-javascript
dollydixon.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
23.94.30.18200 OK 31 kB URL HTTP/1.1 dollydixon.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (65451)
Hash b50f63138863c21ee4dd2fd747d0eaee
24e2e53e39b5980f3021ad881f477387610fbfb6
a3810469de465100b039f38a6e39a83c11a1de3b4259b3028b2b85338770100c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.5.1 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Jan 2021 18:42:01 GMT
ETag: "15d98-5b867e9747941-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 30916
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/x-javascript
dollydixon.com/wp-content/themes/ceris/css/style.css?ver=5.6.9
23.94.30.18200 OK 171 kB URL HTTP/1.1 dollydixon.com/wp-content/themes/ceris/css/style.css?ver=5.6.9
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (11666)
Size 171 kB (170751 bytes)
Hash 5c0833beb8679b3fa045df38c5c76a7d
8b5b041fc5e0a3486399cbc7b1ed69e1dc750e31
32d4027e459c155e5a577a69123333083dcc3463cb4d442d48f7daec3edce794
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/ceris/css/style.css?ver=5.6.9 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:01 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Fri, 18 Sep 2020 11:17:26 GMT
ETag: "17cc10-5af94a53fdd80-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:01 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
dollydixon.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2
23.94.30.18200 OK 4.0 kB URL HTTP/1.1 dollydixon.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
Hash 9c3f35d25fc1f08e91d811f18b705309
4ff1be4c211d2e4ad3fa4b83abe9a71405d4e4df
af1ce72f37d8d8f7d80d7f3d81a05a1f0d441967b371237050e7ee38b30438a0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Jan 2021 14:42:03 GMT
ETag: "37c8-5b8648f4233b3-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 3951
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/x-javascript
dollydixon.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6.9
23.94.30.18200 OK 4.7 kB URL HTTP/1.1 dollydixon.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6.9
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (11272)
Hash 9c26256ee738b510ab56c09607a7286f
197327c8d1cd72ce8d335fc0b8b007ddca60191d
cfe161d7b5764e21a1e8ea764f4a0c0da41f1aba16bb8329bd11acbc7a156e4b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.6.9 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Thu, 04 Feb 2021 08:36:15 GMT
ETag: "3795-5ba7e98c91359-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 4662
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/x-javascript
dollydixon.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.3.5
23.94.30.18200 OK 46 kB URL HTTP/1.1 dollydixon.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.3.5
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (42889)
Hash a05d97e9567b08edb5a23df1f0e3bae1
f38aa96185296038a335643361166fece5c695a1
ae9a9f6f099e9ca0d593d54615315e2e43fa0e31ff25f65d9e39f283a088c432
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.3.5 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Thu, 31 Dec 2020 01:40:34 GMT
ETag: "1db7a-5b7b8b5b5a880-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 46106
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/x-javascript
dollydixon.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
23.94.30.18200 OK 6.9 kB URL HTTP/1.1 dollydixon.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (7973)
Hash bf046c412ea0ddd6f255411f942f0397
5dca594e157deca4e9dc8f8654a898e00eec11f6
d1480dd16f60e007a3b43512042b80feeb92eee79dc2e955d296e9e9aec4b849
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.12.1 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Thu, 15 Apr 2021 21:50:10 GMT
ETag: "5133-5c009d8ec7149-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 6865
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/x-javascript
dollydixon.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.12.1
23.94.30.18200 OK 3.9 kB URL HTTP/1.1 dollydixon.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.12.1
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (11738)
Hash 20c17084b198646827e8b2a4e29523c7
d4767c7cff01ed2008b503f38a33aaef0fbbed8b
4a6427301c2021814b243d15d05372dc5b7b107c3a7d0d92a64e7437f8a2c10c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.12.1 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Thu, 15 Apr 2021 21:50:10 GMT
ETag: "2e8b-5c009d8ec6979-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 3909
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/x-javascript
dollydixon.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.12.1
23.94.30.18200 OK 2.7 kB URL HTTP/1.1 dollydixon.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.12.1
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (8481)
Hash ab1512ef4b257572d4be089be443472d
c5561fb7071e151a5e4232012cdc5267553b1bc8
412b2d9f0379fa486e4bd98527c5e43b4e66c1c7afa009a1d2fa8aeb34b32628
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.12.1 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Thu, 04 Feb 2021 08:36:20 GMT
ETag: "21d7-5ba7e990dcc80-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 2717
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/x-javascript
dollydixon.com/wp-includes/js/masonry.min.js?ver=4.2.2
23.94.30.18200 OK 7.4 kB URL HTTP/1.1 dollydixon.com/wp-includes/js/masonry.min.js?ver=4.2.2
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (23966)
Hash d56e5016a4d65d6d654add02bee3f792
9238046ef54c80e04b940f86683ea33cf44d40c1
6f1a28f0ef5ad427f7d99aecc29db61d8eb25190d5eb5e539c524c916d1442f9
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Jun 2020 18:53:27 GMT
ETag: "5e4a-5a7fbb57c37c0-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 7382
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/x-javascript
dollydixon.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
23.94.30.18200 OK 1.8 kB URL HTTP/1.1 dollydixon.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (5477)
Hash 951ae46ca55ec7b0e401e2074bdf8b54
64bbbdc28a351b26cab9c230e134ca8eb4d4f83e
fd5d4c623e9d68551114b2a1303584b6792e592e864d4416145904fe8b9edd91
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Jun 2020 18:53:27 GMT
ETag: "15fd-5a7fbb57c37c0-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 1834
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/x-javascript
dollydixon.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
23.94.30.18200 OK 716 B URL HTTP/1.1 dollydixon.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (1626)
Hash 9d85e1af0990cd88aded996881127353
f066c0f6aa1dabade0eebe90d1e65b5f38347988
ea398ed80ebce514f813d21421b487d8683d471dc0f923f67da1b59e09e29902
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Thu, 18 Aug 2016 18:55:30 GMT
ETag: "71b-53a5d2030ec80-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 716
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/x-javascript
dollydixon.com/wp-content/themes/ceris/js/vendors/throttle-debounce.min.js?ver=5.6.9
23.94.30.18200 OK 462 B URL HTTP/1.1 dollydixon.com/wp-content/themes/ceris/js/vendors/throttle-debounce.min.js?ver=5.6.9
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (479), with CRLF line terminators
Hash e3505d73bda907c5c28310f1bcc683f1
5f67886f8299d493dadd0963bb7158e1f957a843
fa5c40f070b645bb6f26494f89dfb379d0d055a6f78bd5ff3ac8d196c08d3677
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/ceris/js/vendors/throttle-debounce.min.js?ver=5.6.9 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Jun 2020 13:55:54 GMT
ETag: "2e3-5a71a451bee80-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 462
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/x-javascript
dollydixon.com/wp-content/themes/ceris/js/vendors/bootstrap.min.js?ver=5.6.9
23.94.30.18200 OK 9.8 kB URL HTTP/1.1 dollydixon.com/wp-content/themes/ceris/js/vendors/bootstrap.min.js?ver=5.6.9
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (32003), with CRLF line terminators
Hash 9cda0a87ca6f3ee17062c37e3a68935b
1e76d5a64b89d9b007015f884a4527ea4dc52df6
8250b90941986ee4353506f41c7a855c19ed6fbeb7c9dc74f34c50552e4406d2
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/ceris/js/vendors/bootstrap.min.js?ver=5.6.9 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Jun 2020 13:55:54 GMT
ETag: "900a-5a71a451bee80-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 9773
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/x-javascript
dollydixon.com/wp-content/themes/ceris/js/vendors/countdown.min.js?ver=5.6.9
23.94.30.18200 OK 1.7 kB URL HTTP/1.1 dollydixon.com/wp-content/themes/ceris/js/vendors/countdown.min.js?ver=5.6.9
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (3854), with CRLF line terminators
Hash f432156809f614cf8547364f4cb6574c
1eacf803ec35c515301a4b59515c9a435c0e5c32
1dd6e1f43d11f844650c2f3094d9d96de5d4e0b087bb8ffe87bd2edc86d7e9cc
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/ceris/js/vendors/countdown.min.js?ver=5.6.9 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Jun 2020 13:55:54 GMT
ETag: "f92-5a71a451bee80-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 1683
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/x-javascript
dollydixon.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.3.5
23.94.30.18200 OK 85 kB URL HTTP/1.1 dollydixon.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.3.5
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (64270)
Hash 2a48e9606cc7c43774b32cdd1d09a718
a9b5abc56d320feeaea136d88f7fb1bc9b0c13be
555a2f3db8eef0f650de60c07d7046325ae8755cba0767eff7761f3db1dc7541
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.3.5 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Thu, 31 Dec 2020 01:40:34 GMT
ETag: "51e9b-5b7b8b5b5a880-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/x-javascript
dollydixon.com/wp-content/themes/ceris/js/vendors/fotorama.min.js?ver=5.6.9
23.94.30.18200 OK 16 kB URL HTTP/1.1 dollydixon.com/wp-content/themes/ceris/js/vendors/fotorama.min.js?ver=5.6.9
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (32329), with CRLF line terminators
Hash 3d26e7cb2ba444df4b7994e0e27b9c5e
718b0bbc4a832da50c4a635b0cdd50c6c1819b9f
72ea3248b4a4dc47229f9dfccc356a8b8dd1867ed2ca573e6fc21c7a8d629c9e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/ceris/js/vendors/fotorama.min.js?ver=5.6.9 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Jun 2020 13:55:54 GMT
ETag: "9804-5a71a451bee80-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 16164
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/x-javascript
dollydixon.com/wp-content/themes/ceris/js/vendors/magnific-popup.min.js?ver=5.6.9
23.94.30.18200 OK 7.3 kB URL HTTP/1.1 dollydixon.com/wp-content/themes/ceris/js/vendors/magnific-popup.min.js?ver=5.6.9
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (20087), with CRLF line terminators
Hash 0a182b6f18084043d30df4c10df4a449
5b2f5a2f735e94197502b3ec18bbfa1ba7131664
732abdfbc62bfe4621bd155c6c00d8b5103b8ad21e82b18d8420ac09639bfedc
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/ceris/js/vendors/magnific-popup.min.js?ver=5.6.9 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Jun 2020 13:55:54 GMT
ETag: "4efb-5a71a451bee80-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 7348
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/x-javascript
dollydixon.com/wp-content/themes/ceris/js/vendors/flickity.min.js?ver=5.6.9
23.94.30.18200 OK 14 kB URL HTTP/1.1 dollydixon.com/wp-content/themes/ceris/js/vendors/flickity.min.js?ver=5.6.9
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (32026), with CRLF line terminators
Hash 2d7f5a048634d689bad499f69051f4a4
998cb73839671544c743c102b0156b57c4f75635
00605042998511fadbe1dafa61241c4cc00fc37aa3a173bb0044a60556f81cfd
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/ceris/js/vendors/flickity.min.js?ver=5.6.9 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Jun 2020 13:55:54 GMT
ETag: "d3af-5a71a451bee80-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 13620
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/x-javascript
dollydixon.com/wp-content/themes/ceris/js/vendors/theiaStickySidebar.min.js?ver=5.6.9
23.94.30.18200 OK 1.7 kB URL HTTP/1.1 dollydixon.com/wp-content/themes/ceris/js/vendors/theiaStickySidebar.min.js?ver=5.6.9
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type HTML document, ASCII text, with very long lines (4800), with CRLF line terminators
Hash c356b15bb1cd12cc481a27098add19b9
3818374e30b02b6aa787fd0710e268aacb6b2830
5de890c51851a33b8bd5628f158652b208d79112e1a11356b05565c7be533e12
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/ceris/js/vendors/theiaStickySidebar.min.js?ver=5.6.9 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Jun 2020 13:55:54 GMT
ETag: "13de-5a71a451bee80-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 1698
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/x-javascript
dollydixon.com/wp-content/themes/ceris/js/vendors/perfect-scrollbar.min.js?ver=5.6.9
23.94.30.18200 OK 5.4 kB URL HTTP/1.1 dollydixon.com/wp-content/themes/ceris/js/vendors/perfect-scrollbar.min.js?ver=5.6.9
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (18091), with CRLF line terminators
Hash 329f74bc95f936d9d29619a1d9848b94
c07c77bc38b33de898adc7e843516ec88822c6b3
6259b9ab68f6a0f97d75b17f7dba75b62a16960a4e3b3f06a6fd0b4eba752f70
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/ceris/js/vendors/perfect-scrollbar.min.js?ver=5.6.9 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Jun 2020 13:55:54 GMT
ETag: "46fb-5a71a451bee80-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 5414
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/x-javascript
dollydixon.com/wp-content/themes/ceris/js/vendors/owl-carousel.min.js?ver=5.6.9
23.94.30.18200 OK 11 kB URL HTTP/1.1 dollydixon.com/wp-content/themes/ceris/js/vendors/owl-carousel.min.js?ver=5.6.9
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (32012), with CRLF line terminators
Hash 074feb902b8d280408d376204f9aacae
43ef4f74aa681307755f09dc6f4332bcb26b8420
287f2bfd182fea711cf855fe97f7627bce1f40b55ee07022ea49b92d2aea3bd4
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/ceris/js/vendors/owl-carousel.min.js?ver=5.6.9 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Jun 2020 13:55:54 GMT
ETag: "a76c-5a71a451bee80-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 10981
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/x-javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:41:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:41:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:41:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dollydixon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 493614
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
216.58.207.195200 OK 34 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data
Hash 848cd2ecd011428969dc6b90431bc482
6b1a7b562a56bd54510e0f6f95e26babca331a1b
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dollydixon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:08:19 GMT
expires: Tue, 03 Oct 2023 21:08:19 GMT
cache-control: public, max-age=31536000
age: 55963
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dollydixon.com/wp-content/themes/ceris/js/vendors/vticker.min.js?ver=5.6.9
23.94.30.18200 OK 1.6 kB URL HTTP/1.1 dollydixon.com/wp-content/themes/ceris/js/vendors/vticker.min.js?ver=5.6.9
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (535), with CRLF line terminators
Hash fd523070cec05fc4c67097c710ea018a
a304a20ec4cf2055b22e5eb11ebc27e3da5faed3
5bb092f4aa0dee1858c7c72a3d90a47f0d19a3b226e4cb299e7126286f8d991d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/ceris/js/vendors/vticker.min.js?ver=5.6.9 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Jun 2020 13:55:54 GMT
ETag: "11c9-5a71a451bee80-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 1648
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/x-javascript
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dollydixon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 01:31:40 GMT
expires: Mon, 02 Oct 2023 01:31:40 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 212962
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dollydixon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 493614
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dollydixon.com/wp-content/themes/ceris/js/vendors/fitvids.js?ver=5.6.9
23.94.30.18200 OK 1.3 kB URL HTTP/1.1 dollydixon.com/wp-content/themes/ceris/js/vendors/fitvids.js?ver=5.6.9
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type HTML document, ASCII text, with CRLF line terminators
Hash 267682ed174c56d4168c48daa98426a7
d5f27899a0584bb96b2cf0c30fdadf3810c74f41
e2ad1fe62346c598905a3768a4176cbaabf8d01bb36184fce44288731a3ce4f5
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/ceris/js/vendors/fitvids.js?ver=5.6.9 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Jun 2020 13:55:54 GMT
ETag: "cf9-5a71a451bee80-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 1315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/x-javascript
dollydixon.com/wp-includes/js/wp-embed.min.js?ver=5.6.9
23.94.30.18200 OK 765 B URL HTTP/1.1 dollydixon.com/wp-includes/js/wp-embed.min.js?ver=5.6.9
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (1391)
Hash fe875afb236ee8f0d50040fe58d848d4
e6b1b67093b429c95d5b9db07a7eba39e02cf0e5
328a6a072b91134f2802ae25e070f38ff156ceee2c6ec6a6253ae4b27af73b49
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/wp-embed.min.js?ver=5.6.9 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Thu, 04 Feb 2021 08:36:15 GMT
ETag: "592-5ba7e98c5f680-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 765
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/x-javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:41:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dollydixon.com/wp-content/themes/ceris/js/scripts.js?ver=5.6.9
23.94.30.18200 OK 25 kB URL HTTP/1.1 dollydixon.com/wp-content/themes/ceris/js/scripts.js?ver=5.6.9
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
Hash 4d3011fe283677a353b6b69e613b872d
ca7d96c9dd42f900290360021d4c946f4e6fdf9c
fe8f85003aab0328a9218c36cda0af7c291c82fefc0ebcffb1e0e9c120a6be8d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/ceris/js/scripts.js?ver=5.6.9 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Thu, 17 Sep 2020 13:59:48 GMT
ETag: "35175-5af82cc139d00-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 24659
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/x-javascript
dollydixon.com/wp-includes/js/comment-reply.min.js?ver=5.6.9
23.94.30.18200 OK 1.3 kB URL HTTP/1.1 dollydixon.com/wp-includes/js/comment-reply.min.js?ver=5.6.9
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (2949)
Hash 1cf4c3e8e70de8171ff6d4530d1fec31
e45846b00f185fb3e3d16b61d6073c961c2dcf50
bcb5aef7cf39483421bc74866fb39786953559ff5fa9e9d003743b33702d64b7
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/comment-reply.min.js?ver=5.6.9 HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Thu, 15 Apr 2021 21:50:06 GMT
ETag: "ba8-5c009d8af9b98-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 1346
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/x-javascript
dollydixon.com/wp-content/uploads/2021/01/dolly-dixon-e1610187262991.png
23.94.30.18200 OK 4.2 kB URL HTTP/1.1 dollydixon.com/wp-content/uploads/2021/01/dolly-dixon-e1610187262991.png
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type PNG image data, 200 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash cdf8903f88afae5ac52186212d1d39c5
6614eebfb5ccaee6e04615b703fe702817a3a512
5bdb5146aff3b867cfc1df997857ea57b193740a110c9daf9d2c652fd52c80c3
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/01/dolly-dixon-e1610187262991.png HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Sat, 09 Jan 2021 10:14:22 GMT
ETag: "106c-5b874efd462b8"
Accept-Ranges: bytes
Content-Length: 4204
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
dollydixon.com/wp-content/themes/ceris/fonts/mdicon.ttf?1qswia
23.94.30.18200 OK 13 kB URL HTTP/1.1 dollydixon.com/wp-content/themes/ceris/fonts/mdicon.ttf?1qswia
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, mdicon \012- data
Hash 9c8a14365bfdb5a8b4d5ea753757c0c1
3dffda88924d6fcb383e121c8756aaeb7aa3a80a
7c7b0a62b00e52f139ff89ad2ece853ad052f144600af6aad149dbc718d51f21
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/ceris/fonts/mdicon.ttf?1qswia HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/wp-content/themes/ceris/css/style.css?ver=5.6.9
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Jun 2020 13:55:54 GMT
ETag: "5634-5a71a451bee80-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Content-Length: 13177
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/x-font-ttf
dollydixon.com/wp-content/uploads/2022/06/image-2-600x600.jpg
23.94.30.18200 OK 32 kB URL HTTP/1.1 dollydixon.com/wp-content/uploads/2022/06/image-2-600x600.jpg
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x600, components 3\012- data
Hash a090a6fa3245e087b16b82ee0ce146e8
49f0eea2f2ffac54dacd8a12b38853d145fff38b
51241d9e649906beddc4e24b06658d91ac6f71a138bbc176de2cd56fc585df4b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/06/image-2-600x600.jpg HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Sat, 04 Jun 2022 16:55:52 GMT
ETag: "7de7-5e0a21c9c1c57"
Accept-Ranges: bytes
Content-Length: 32231
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
dollydixon.com/wp-content/uploads/2022/03/pexels-pixabay-301926-600x600.jpg
23.94.30.18200 OK 19 kB URL HTTP/1.1 dollydixon.com/wp-content/uploads/2022/03/pexels-pixabay-301926-600x600.jpg
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x600, components 3\012- data
Hash 112069384fd69839999d327ac8dddd7c
3d5de070b22331d384763f28bf10712ec2200647
8f5e8cf29630d23210cbfb37e21f4d720ed350a67870488369adc402c76fe1dd
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/03/pexels-pixabay-301926-600x600.jpg HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Mon, 07 Mar 2022 21:23:49 GMT
ETag: "4acb-5d9a77af43c9b"
Accept-Ranges: bytes
Content-Length: 19147
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
dollydixon.com/wp-content/uploads/2022/04/butterfly-600x600.jpg
23.94.30.18200 OK 26 kB URL HTTP/1.1 dollydixon.com/wp-content/uploads/2022/04/butterfly-600x600.jpg
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x600, components 3\012- data
Hash f513e19cbb757740bb78a8d244bd614d
5a1710d3bce72f2938713a3934905a430c65abaf
75394b2660998efcbe044316dfc780f87d41e532d65b07f174f29d585304a1f2
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/04/butterfly-600x600.jpg HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Apr 2022 06:08:22 GMT
ETag: "65a9-5dc1e6bf70bda"
Accept-Ranges: bytes
Content-Length: 26025
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
dollydixon.com/wp-content/uploads/2022/06/image-2-1600x1200.jpg
23.94.30.18200 OK 87 kB URL HTTP/1.1 dollydixon.com/wp-content/uploads/2022/06/image-2-1600x1200.jpg
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x1200, components 3\012- data
Hash c0f3e1432821c994af64ba9a718771f3
7575aaa568f1ab632bb2b18ce7d5b9754b700647
15c3a771a14610b03f3e0683775b193aa3153640f7deda2d24c07bff1e1db4a6
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/06/image-2-1600x1200.jpg HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Sat, 04 Jun 2022 16:55:53 GMT
ETag: "153c3-5e0a21ca63249"
Accept-Ranges: bytes
Content-Length: 86979
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
dollydixon.com/wp-content/uploads/2022/01/david-hofmann-WBeWjrCiHbY-unsplash-600x600.jpg
23.94.30.18200 OK 14 kB URL HTTP/1.1 dollydixon.com/wp-content/uploads/2022/01/david-hofmann-WBeWjrCiHbY-unsplash-600x600.jpg
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x600, components 3\012- data
Hash 1c2aa91cf74a211f43d4ac0646f76953
d0aa6334441fcc6c094cdd226fde85e270cb496c
ed4cff0ecc96d9b4d03c626c562473734b8c2b7ac017ade57a0b614599af8c2b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/01/david-hofmann-WBeWjrCiHbY-unsplash-600x600.jpg HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Mon, 31 Jan 2022 17:48:38 GMT
ETag: "3633-5d6e464f54dc2"
Accept-Ranges: bytes
Content-Length: 13875
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
dollydixon.com/wp-content/uploads/2022/02/pexels-andrea-piacquadio-783243-1-600x600.jpg
23.94.30.18200 OK 35 kB URL HTTP/1.1 dollydixon.com/wp-content/uploads/2022/02/pexels-andrea-piacquadio-783243-1-600x600.jpg
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x600, components 3\012- data
Hash 682b592928879fd4714c4e2d30faecad
c610b11b1e2691f2a7b12c5925615028c1d7fc33
ea033123453db9746df813fe7c5cc8150a8d7ff5c3ef643f153fbb032d3b6df8
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/02/pexels-andrea-piacquadio-783243-1-600x600.jpg HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Mon, 21 Feb 2022 05:42:10 GMT
ETag: "882a-5d880b1983225"
Accept-Ranges: bytes
Content-Length: 34858
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4655
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 12:41:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4655
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 12:41:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4655
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 12:41:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4655
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 12:41:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4655
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 12:41:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 515e23ff5ef0fc336ac5ec7fd31dfacd
a98da6b6ce993bd8f3b58ba42915cd9c4b45946c
77c186eb00def4a978d1bfd9eac755f70bf465f622991aaf6681227aec3e118a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8508
x-amzn-requestid: 63afa079-f66e-428a-b491-c5859aed2e3b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJFU9EknoAMF1uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63338285-54f784262318d7ca0e560d44;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 23:08:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wueU8yVJPql7JutY2H26gdjyBCPTeyX_sG9c5mNE-PS57lyMGftW2g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 08:27:48 GMT
age: 15195
etag: "a98da6b6ce993bd8f3b58ba42915cd9c4b45946c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 53790
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 53803
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962fb2a2-ad40-48cf-87a7-de082c564a5e.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962fb2a2-ad40-48cf-87a7-de082c564a5e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2287c489794dab0e9ba923a2057988f
2b9f6828a38da81b40dcad033572e48b4c5896db
e853fa2acf2425d14cb9746e8bbd45c8765598d2bb630859086b4668182dbf6c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962fb2a2-ad40-48cf-87a7-de082c564a5e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8534
x-amzn-requestid: 8ae51cd3-697b-47ed-8493-8f83e2bc7469
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuHlXoAMFucg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-165d72034440cf810d42f3bd;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LPt8LUVoKhXjfz-jZHLmnWD15tQgSLRaxl-Bsl0UU83G7wm3jj7_mg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:34 GMT
age: 53789
etag: "2b9f6828a38da81b40dcad033572e48b4c5896db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54b3ef7aa50273b78b59c24511b0c1f9
e2ea2ef6805e391c497e62e101e76a0bdecfce64
296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 44jC1Ww19YUJjZHw9_3cSSR5Y7nw5df412G-RxWFTcbRz1XDKaT3zQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:35 GMT
age: 53788
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 53803
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dollydixon.com/wp-content/uploads/2022/06/image-2-1600x900.jpg
23.94.30.18200 OK 73 kB URL HTTP/1.1 dollydixon.com/wp-content/uploads/2022/06/image-2-1600x900.jpg
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x900, components 3\012- data
Hash 24158713ddcf56f7a50c486e31e2d221
e170b36ee65e21da50043fa8f05e2afc311dc781
9501037e65620bedca33922dca23ca0624ee4ff1a0fb63ee1fedcda7a1706219
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/06/image-2-1600x900.jpg HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Sat, 04 Jun 2022 16:55:53 GMT
ETag: "11dba-5e0a21ca62e61"
Accept-Ranges: bytes
Content-Length: 73146
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
dollydixon.com/wp-content/uploads/2022/02/element5-digital-7MEKVsmm44U-unsplash-valentine-600x600.jpg
23.94.30.18200 OK 52 kB URL HTTP/1.1 dollydixon.com/wp-content/uploads/2022/02/element5-digital-7MEKVsmm44U-unsplash-valentine-600x600.jpg
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x600, components 3\012- data
Hash 8ae332cac257edfaf7aa49651438c331
cdddd37aa7e840bda5271e4a0fff97223e33f0a8
474c8a5c8c3af18b55f69cd825a6e3efd1bef791cfbef756319e74f2c3a05833
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/02/element5-digital-7MEKVsmm44U-unsplash-valentine-600x600.jpg HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:02 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Sun, 06 Feb 2022 18:00:25 GMT
ETag: "cbf7-5d75d4229190f"
Accept-Ranges: bytes
Content-Length: 52215
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:02 GMT
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
dollydixon.com/wp-content/uploads/2021/01/cropped-dolly-dixon-e1610187262991-32x32.png
23.94.30.18200 OK 673 B URL HTTP/1.1 dollydixon.com/wp-content/uploads/2021/01/cropped-dolly-dixon-e1610187262991-32x32.png
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash e9c8d35e14b1a4a5d0fe00b1cfc6cbbb
a5b0e00d3813a6314620df1e1d812fc6faf1585d
f40a4d551732565d55563ddf795cc6e485fa42444cba05ea8ad5a73d88171c1c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/01/cropped-dolly-dixon-e1610187262991-32x32.png HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:03 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Sat, 09 Jan 2021 10:36:36 GMT
ETag: "2a1-5b8753f4aba81"
Accept-Ranges: bytes
Content-Length: 673
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:03 GMT
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
dollydixon.com/wp-content/uploads/2021/01/cropped-dolly-dixon-e1610187262991-192x192.png
23.94.30.18200 OK 5.5 kB URL HTTP/1.1 dollydixon.com/wp-content/uploads/2021/01/cropped-dolly-dixon-e1610187262991-192x192.png
IP 23.94.30.18:0
ASN #36352 AS-COLOCROSSING
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 946d0c257b1559fed938402e31ccc36f
fb83575f15b69ee0f03ecdab5aae157a9e9645a7
42f08a1005fffab2f1bdc19cb872f2e16b593cb1f15539723af3f394c0f7ad03
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/01/cropped-dolly-dixon-e1610187262991-192x192.png HTTP/1.1
Host: dollydixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dollydixon.com/
Connection: keep-alive
Cookie: PHPSESSID=b6f74874d802b7ecc74a66943a4fd67a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:03 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Last-Modified: Sat, 09 Jan 2021 10:36:36 GMT
ETag: "15a7-5b8753f4a4d22"
Accept-Ranges: bytes
Content-Length: 5543
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 12:41:03 GMT
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
secure.gravatar.com/avatar/08d3b900832ffc69ce111c3b6648f2a6?s=50&d=mm&r=g
192.0.73.2200 OK 1.1 kB URL HTTP/2 secure.gravatar.com/avatar/08d3b900832ffc69ce111c3b6648f2a6?s=50&d=mm&r=g
IP 192.0.73.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 50x50, components 3\012- data
Hash e597f08df9d7e7e7c7dc81a9a507fa13
21a18956ee50ff937cbe9e428a63efa52dd25bb8
ec626d1355ef5d84689c88b2ec9e383fa16b0be9c068fe5fc913be061542edbc
GET /avatar/08d3b900832ffc69ce111c3b6648f2a6?s=50&d=mm&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dollydixon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 12:41:03 GMT
content-type: image/jpeg
content-length: 1128
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://www.gravatar.com/avatar/08d3b900832ffc69ce111c3b6648f2a6?s=50&d=mm&r=g>; rel="canonical"
access-control-allow-origin: *
content-disposition: inline; filename="08d3b900832ffc69ce111c3b6648f2a6.png"
expires: Tue, 04 Oct 2022 12:46:03 GMT
cache-control: max-age=300
x-nc: MISS arn 2
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
151.101.85.229200 OK 74 kB URL HTTP/2 cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
IP 151.101.85.229:0
Hash a202e8be93028ad550d0215f2e7f1a0b
acf8aeb56eeab230716e85c1fb0ace194d18b868
20edea5b6d5f4bc378a4242ca50506c71143b2106f6e5a0820ad04f78a11d331
GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dollydixon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 04 Oct 2022 12:41:04 GMT
age: 17033621
x-served-by: cache-fra19156-FRA, cache-bma1678-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 53889
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 849f5b33ea2ba022a00531b0aba4c642
36f76bd448676ae09136bbe0c196e30056da8ee8
fdd737d38e7a68ab24eb2e3478697f8a6b85e999b4ca9b5790bc6dfc93de5195
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:41:04 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "086075CA50D7CAF5450D461EB867CDED6F44893F"
Expires: Tue, 04 Oct 2022 23:00:00 GMT
Last-Modified: Tue, 04 Oct 2022 11:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2696
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754dfd5d18afb4f9-OSL
vsa84.tawk.to/s/?k=633c29e0470d1e7af15f127b&cver=0&pop=false&asver=18&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MDE5MjdhOGE5YTM0ZTM2Yjk3MmU5M2IiLCJ2aWQiOiI5MzIwNDU0N2M1NDU0ZDkyYzZiNjQ5NWQ2YmU1NjE3NjhhYjU5ODBhZDIwMzExNTZmMWRiYjRjY2Y3YzkwNTA2Iiwic2lkIjoiNjMzYzI5ZTA0NzBkMWU3YWYxNWYxMjdiIiwiaWF0IjoxNjY0ODg3MjY0LCJleHAiOjE2NjQ4ODkwNjQsImp0aSI6ImZVLTU4Skl3SFNwRTluUTVSRnNxZCJ9.PgTD8S5EGRpGlXwR-tttBSB9kekBlK_KNS7qBd4OG0cy3LgIBybDYBsnLxZ6SpQARWDVVeBsw-hA6nUIq7lfqQ&EIO=3&transport=websocket&__t=OEZ0vDA
172.67.38.66101 Switching Protocols 118 B URL HTTP/1.1 vsa84.tawk.to/s/?k=633c29e0470d1e7af15f127b&cver=0&pop=false&asver=18&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MDE5MjdhOGE5YTM0ZTM2Yjk3MmU5M2IiLCJ2aWQiOiI5MzIwNDU0N2M1NDU0ZDkyYzZiNjQ5NWQ2YmU1NjE3NjhhYjU5ODBhZDIwMzExNTZmMWRiYjRjY2Y3YzkwNTA2Iiwic2lkIjoiNjMzYzI5ZTA0NzBkMWU3YWYxNWYxMjdiIiwiaWF0IjoxNjY0ODg3MjY0LCJleHAiOjE2NjQ4ODkwNjQsImp0aSI6ImZVLTU4Skl3SFNwRTluUTVSRnNxZCJ9.PgTD8S5EGRpGlXwR-tttBSB9kekBlK_KNS7qBd4OG0cy3LgIBybDYBsnLxZ6SpQARWDVVeBsw-hA6nUIq7lfqQ&EIO=3&transport=websocket&__t=OEZ0vDA
IP 172.67.38.66:0
Hash 642cc7fe433730863a2a4aa42c7d6f3f
c05acfe8ca7107d5e8af44f17f607d5c30a58e79
5faae667f7933f5079f0655f81bed6c70f19b4beb872e07fea3e28f17f2efeab
GET /s/?k=633c29e0470d1e7af15f127b&cver=0&pop=false&asver=18&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MDE5MjdhOGE5YTM0ZTM2Yjk3MmU5M2IiLCJ2aWQiOiI5MzIwNDU0N2M1NDU0ZDkyYzZiNjQ5NWQ2YmU1NjE3NjhhYjU5ODBhZDIwMzExNTZmMWRiYjRjY2Y3YzkwNTA2Iiwic2lkIjoiNjMzYzI5ZTA0NzBkMWU3YWYxNWYxMjdiIiwiaWF0IjoxNjY0ODg3MjY0LCJleHAiOjE2NjQ4ODkwNjQsImp0aSI6ImZVLTU4Skl3SFNwRTluUTVSRnNxZCJ9.PgTD8S5EGRpGlXwR-tttBSB9kekBlK_KNS7qBd4OG0cy3LgIBybDYBsnLxZ6SpQARWDVVeBsw-hA6nUIq7lfqQ&EIO=3&transport=websocket&__t=OEZ0vDA HTTP/1.1
Host: vsa84.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://dollydixon.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CbrP0l1mNZf98wOxatGnsw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 04 Oct 2022 12:41:05 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: aAXm+L4UUXkaV/gfIe4DDfMubrw=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 754dfd5bed0d1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed.tawk.to/601927a8a9a34e36b972e93b/1eth45rn4
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/601927a8a9a34e36b972e93b/1eth45rn4
IP 172.67.38.66:0
GET /601927a8a9a34e36b972e93b/1eth45rn4 HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dollydixon.com
Connection: keep-alive
Referer: https://dollydixon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:41:02 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-63258f417d7"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754dfd4fbb97b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-main.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-main.js
IP 172.67.38.66:0
GET /_s/v4/app/63258f417d7/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dollydixon.com
Connection: keep-alive
Referer: https://dollydixon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:41:03 GMT
content-type: application/javascript
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754dfd5398d3b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-vendor.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-vendor.js
IP 172.67.38.66:0
GET /_s/v4/app/63258f417d7/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dollydixon.com
Connection: keep-alive
Referer: https://dollydixon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:41:03 GMT
content-type: application/javascript
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754dfd53b907b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2