firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 23 Oct 2022 05:52:50 GMT
Expires: Sun, 23 Oct 2022 06:06:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Gvx8LiAbZ_5EoLnvcOzSUrY0xj3Sn5Rxye1h5UVyca7mNBE4UHOsVQ==
Age: 2352
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c19f4a1def760c07cbc4aec1d0d6c050
6ad911a7c02f5e5fdd82fa86cae0453528d53a6d
750bba81910a4bbd78ab484ba03781a36459a0aec147d7c47424e9a9bf152b40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "750BBA81910A4BBD78AB484BA03781A36459A0AEC147D7C47424E9A9BF152B40"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3652
Expires: Sun, 23 Oct 2022 07:32:54 GMT
Date: Sun, 23 Oct 2022 06:32:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cecd3b2e0cd07173ee1fb63b0a744119
774e0935fffd5bb39799c040098e32c3dc88702f
78c2c60f2d752f572f1711e23aa3f82d5e5bce1940064405f6f989886f6315df
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "78C2C60F2D752F572F1711E23AA3F82D5E5BCE1940064405F6F989886F6315DF"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4734
Expires: Sun, 23 Oct 2022 07:50:56 GMT
Date: Sun, 23 Oct 2022 06:32:02 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 0QF8u7Vx4M4nmtea+eiLD26QKHPMphPPkNhvVRiLHBP2FTLWIFX66XdouJNCq68OmIcvQBf4dd4=
x-amz-request-id: 61XFGX5560N5DBJF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 23 Oct 2022 05:37:51 GMT
age: 3251
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 06:32:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 23 Oct 2022 05:43:40 GMT
Expires: Sun, 23 Oct 2022 06:21:36 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Kw2-q3A4g8RqO4Qyd5vI1v1_28fUBZhWZkRuql6l2t8kheO51wrtLQ==
Age: 2902
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fecd12689ba4c6aa556814b7fac0d344
a3005f6333ce5201a73e2857c764a1b0091a91d5
83e0fb564f86df4300e8fc4b5baaf0ed13102c384922d388e02620fb3363a842
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3120
Cache-Control: max-age=95203
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 06:32:02 GMT
Etag: "6353a495-1d7"
Expires: Mon, 24 Oct 2022 08:58:45 GMT
Last-Modified: Sat, 22 Oct 2022 08:06:45 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.162.35.244101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.35.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: d88mf/hbExvrwaWzjodhOg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: c/ztzqHvmR+HxUnbtt5tIVuygQU=
robox360.com/mmio/umarumhahr
67.212.186.82301 Moved Permanently 0 B URL HTTP/1.1 robox360.com/mmio/umarumhahr
IP 67.212.186.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /mmio/umarumhahr HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Date: Sun, 23 Oct 2022 06:32:01 GMT
Server: Apache
X-Powered-By: PHP/7.4.32
X-Redirect-By: WordPress
Location: https://robox360.com/mmio/umarumhahr/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4108
Expires: Sun, 23 Oct 2022 07:40:32 GMT
Date: Sun, 23 Oct 2022 06:32:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4108
Expires: Sun, 23 Oct 2022 07:40:32 GMT
Date: Sun, 23 Oct 2022 06:32:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4108
Expires: Sun, 23 Oct 2022 07:40:32 GMT
Date: Sun, 23 Oct 2022 06:32:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4108
Expires: Sun, 23 Oct 2022 07:40:32 GMT
Date: Sun, 23 Oct 2022 06:32:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa75f7b18-e0d1-4cfe-b763-83c991def199.webp
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa75f7b18-e0d1-4cfe-b763-83c991def199.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bed49abb7a64c9f0717ac283b30bff8b
0f9e4ab8e7ceff21752ea83a243431fc4c78a4e3
ddb5ed6e7b818593ac9819be0a8d376e26ef3b45b417f00ce1d7dbee47465bec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa75f7b18-e0d1-4cfe-b763-83c991def199.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4746
x-amzn-requestid: fa85cf46-7cea-439e-92d5-db3875ff4479
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aIQpNFk5IAMF16Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634cc7d4-245cdd691d0c415d508421ce;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 03:11:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _-h7oz6Zv1P40jltqN71dpyrUJG_HzVJS8gKby0vgdkaNJ4ljXUwCg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 15:25:14 GMT
age: 54410
etag: "0f9e4ab8e7ceff21752ea83a243431fc4c78a4e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50afa8fe-bd4e-4951-bc9f-b9a25aa28c7b.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50afa8fe-bd4e-4951-bc9f-b9a25aa28c7b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 319c9a70bded148097c378aee2e5e7e3
9815cabee697f91758b3d6049b33b6e6372fc69e
511dfb789ee7031302e0b18761854b93b47a7113d7a6a1a8ee16b3f1e425786b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50afa8fe-bd4e-4951-bc9f-b9a25aa28c7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8344
x-amzn-requestid: 563c255f-62bf-4038-92e0-ffb869de9acd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: abRkFHUUIAMFY3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635462e6-34b76ac446e96214580e6fe6;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 21:38:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ODC-cdFkM2mIQFcZjYm_ECZjhrFEewsJxzlZXisEt8l8GYnD4KuKEg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:43:36 GMT
age: 31708
etag: "9815cabee697f91758b3d6049b33b6e6372fc69e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59238334-9f45-421d-9067-ed59fbf8b0b6.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59238334-9f45-421d-9067-ed59fbf8b0b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a47128c87b628846400333388bd8326
b0d44fc160f020dba7782d1ffd3995b93bceb909
77123eae8c61d6ad061d2a0720b608d34ca9ed59e274ecb6824e5fc30a997505
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59238334-9f45-421d-9067-ed59fbf8b0b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10292
x-amzn-requestid: fca5e428-9855-4891-bc80-5ff5a7c29ca0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aDVCRHlRIAMFgdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634acedb-140b0cdc0d2d814e4ee53ef7;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 15:16:43 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uuzjffiuDYZObYZ1pP6_ndGpUxpxM3AVamvctTfVkDIv9fxF-0RZUg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 03:09:44 GMT
age: 12140
etag: "b0d44fc160f020dba7782d1ffd3995b93bceb909"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeb090f5-d3fb-4dcf-bfb4-7490dee6c833.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeb090f5-d3fb-4dcf-bfb4-7490dee6c833.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ebab98ee9ab567348e2c31cccdbc62c2
6c453568c39d65380ebcf7151b5383994b864abe
e9bf601eb67aa9778b326e7568f990352d9bfa574da283e879e62e9a2dddb2fa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeb090f5-d3fb-4dcf-bfb4-7490dee6c833.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6821
x-amzn-requestid: 05d1de38-a072-4392-b1c6-a07f7d67fbf0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMGWZGH-IAMFVzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e50f5-3868ae460a52caa178d8ff2f;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:08:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Q0jfZigs37oi_sofHLQimt37uujfVdoqz2kLm26FgF5i1ziagz3noQ==
via: 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:09:09 GMT
age: 33775
etag: "6c453568c39d65380ebcf7151b5383994b864abe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd337e0f9-4135-4fa1-9843-c609356020a9.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd337e0f9-4135-4fa1-9843-c609356020a9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bcadefe69587d4ab5bf5ff9e71eb5cab
066fb94a6ae38e57d67001cc319eea17f837d511
45b175a2cecee90b2d0efc16c4139686ffcf34bfac9084fe9e5e1c926dc1330c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd337e0f9-4135-4fa1-9843-c609356020a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10036
x-amzn-requestid: b1f0e0b9-6fc6-4b7c-a9b0-55845cdfd2d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: abR9aEvjIAMF22Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63546388-72742b3a1279d76e2e842930;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 21:41:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e-Q7z6QYQB1CGZ57JUJIf6l7Ofu9nGkF-ONfTrXJb6MMegchNYMqWQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:50:36 GMT
etag: "066fb94a6ae38e57d67001cc319eea17f837d511"
content-type: image/jpeg
age: 31288
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F080f3444-90ed-495b-96d4-2db78eb397df.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F080f3444-90ed-495b-96d4-2db78eb397df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c0675dc4be3e7a62f7083f4b34e5959
f6c43d035774306f3622029fb6a2c9d44086a3f8
56153c1a09bbf2a2d0079fe15ee54733460bbce7572d6b1b66972a0e00123b1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F080f3444-90ed-495b-96d4-2db78eb397df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7588
x-amzn-requestid: b6a2786a-7863-49b7-b96f-09b94c44dcdc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: abRm0GRfIAMFVcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635462f8-58ef725d7c9a71fc0c90a86d;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 21:39:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: jtZFCDkxgLwr6JRka5OuVuFcxmZH4sNWrhT_kx1DkFTSN3NQ9NUu0Q==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:43:36 GMT
etag: "f6c43d035774306f3622029fb6a2c9d44086a3f8"
content-type: image/jpeg
age: 31708
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ea20460028066b7fba2f10b51d883192
a73b8263a4477aceeda349c7beff7050de9df38b
f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 06:32:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ea20460028066b7fba2f10b51d883192
a73b8263a4477aceeda349c7beff7050de9df38b
f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 06:32:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
robox360.com/mmio/umarumhahr/
67.212.186.82200 OK 61 kB URL HTTP/1.1 robox360.com/mmio/umarumhahr/
IP 67.212.186.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash e964ec452f351b8272c4e0a6a795ebd8
fd54828edcaa90610e5b1927a618688e7361cbc3
67fee0644a884451f7ce9c677ad9ecdfaf20773adfa09fc55bba991704da2110
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /mmio/umarumhahr/ HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:03 GMT
Server: Apache
X-Powered-By: PHP/7.4.32
Link: <https://robox360.com/index.php?rest_route=/>; rel="https://api.w.org/", <https://robox360.com/index.php?rest_route=/wp/v2/pages/121>; rel="alternate"; type="application/json", <https://robox360.com/>; rel=shortlink
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ea20460028066b7fba2f10b51d883192
a73b8263a4477aceeda349c7beff7050de9df38b
f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 06:32:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ea20460028066b7fba2f10b51d883192
a73b8263a4477aceeda349c7beff7050de9df38b
f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 06:32:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
robox360.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
67.212.186.82200 OK 2.7 kB URL HTTP/1.1 robox360.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
IP 67.212.186.82:0
Hash e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:04 GMT
Server: Apache
Last-Modified: Tue, 15 Mar 2022 05:25:02 GMT
Accept-Ranges: bytes
Content-Length: 2731
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ea20460028066b7fba2f10b51d883192
a73b8263a4477aceeda349c7beff7050de9df38b
f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 06:32:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
robox360.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0
67.212.186.82200 OK 4.9 kB URL HTTP/1.1 robox360.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0
IP 67.212.186.82:0
File type ASCII text, with very long lines (4933), with no line terminators
Hash e372df47bd19e1563b557d7bdb817188
4efdf4050a78bdbd88aa255955b7423105895dd0
4b7693154069c53a16468d09d89c9eba5da6c0dfc69cf4d7eb675e32ba663361
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:04 GMT
Server: Apache
Last-Modified: Tue, 15 Mar 2022 05:26:01 GMT
Accept-Ranges: bytes
Content-Length: 4933
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
robox360.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.3.1
67.212.186.82200 OK 63 kB URL HTTP/1.1 robox360.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.3.1
IP 67.212.186.82:0
File type Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
Hash 979b8b56e801469d95453055366ef54c
cb8a0bb5f00fee130a289ea4dfafc00fa53e1c04
d3322ccb3912f7a9485eb1d75971fd5e1eb49c6575ff5ad985fb5496333e8c8b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.3.1 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:04 GMT
Server: Apache
Last-Modified: Tue, 15 Mar 2022 05:26:24 GMT
Accept-Ranges: bytes
Content-Length: 62755
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
robox360.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
67.212.186.82200 OK 19 kB URL HTTP/1.1 robox360.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 67.212.186.82:0
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:04 GMT
Server: Apache
Last-Modified: Mon, 25 Jul 2022 09:52:23 GMT
Accept-Ranges: bytes
Content-Length: 18617
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
robox360.com/wp-content/themes/metallex/css/effects_style.css?ver=6.0.3
67.212.186.82200 OK 25 kB URL HTTP/1.1 robox360.com/wp-content/themes/metallex/css/effects_style.css?ver=6.0.3
IP 67.212.186.82:0
File type ASCII text, with CRLF line terminators
Hash cf6d8c1ca3d0275c60c1d3f4dfeb47c5
ce3ad3aad2b11ccb3d2382764acc007532aeef30
2021a59182e08e8505532caaabe3e3434876f751075c0a377e997c2dd672bde4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/css/effects_style.css?ver=6.0.3 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:04 GMT
Server: Apache
Last-Modified: Wed, 09 May 2018 15:36:34 GMT
Accept-Ranges: bytes
Content-Length: 24936
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
robox360.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.3.1
67.212.186.82200 OK 18 kB URL HTTP/1.1 robox360.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.3.1
IP 67.212.186.82:0
File type ASCII text, with very long lines (17809), with no line terminators
Hash 1ddf23fcfd1b2941c456ce01da8180a6
156ef5cc77061010e3f4123a47fa415c6391e5ff
dd18a408a35aa5d393458657eb24fb56ab754ece3f88bd78a038e5793d3f6991
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.3.1 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:04 GMT
Server: Apache
Last-Modified: Tue, 15 Mar 2022 05:26:27 GMT
Accept-Ranges: bytes
Content-Length: 17809
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ea20460028066b7fba2f10b51d883192
a73b8263a4477aceeda349c7beff7050de9df38b
f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 06:32:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
robox360.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
67.212.186.82200 OK 89 kB URL HTTP/1.1 robox360.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 67.212.186.82:0
File type ASCII text, with very long lines (43771)
Hash b7915926fe42d76e9c802353ab01dae4
3a8192a4312f25f53de25b100d62829c0f14d67c
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:04 GMT
Server: Apache
Last-Modified: Mon, 25 Jul 2022 09:52:23 GMT
Accept-Ranges: bytes
Content-Length: 88932
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
robox360.com/wp-content/themes/metallex/css/font-awesome.min.css?ver=6.0.3
67.212.186.82200 OK 27 kB URL HTTP/1.1 robox360.com/wp-content/themes/metallex/css/font-awesome.min.css?ver=6.0.3
IP 67.212.186.82:0
File type ASCII text, with very long lines (26548)
Hash 0831cba6a670e405168b84aa20798347
05ea25bc9b3ac48993e1fee322d3bc94b49a6e22
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/css/font-awesome.min.css?ver=6.0.3 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Wed, 02 May 2018 16:55:32 GMT
Accept-Ranges: bytes
Content-Length: 26711
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
robox360.com/wp-content/themes/metallex/css/animate.min.css?ver=6.0.3
67.212.186.82200 OK 53 kB URL HTTP/1.1 robox360.com/wp-content/themes/metallex/css/animate.min.css?ver=6.0.3
IP 67.212.186.82:0
File type ASCII text, with very long lines (52592)
Hash 178b651958ceff556cbc5f355e08bbf1
97afa151569f046b2e01f27c1871646e9cd87caf
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/css/animate.min.css?ver=6.0.3 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Wed, 02 May 2018 16:55:32 GMT
Accept-Ranges: bytes
Content-Length: 52789
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
robox360.com/wp-content/themes/metallex/js/plugins/owl.carousel-2/assets/owl.carousel.css?ver=6.0.3
67.212.186.82200 OK 4.6 kB URL HTTP/1.1 robox360.com/wp-content/themes/metallex/js/plugins/owl.carousel-2/assets/owl.carousel.css?ver=6.0.3
IP 67.212.186.82:0
Hash b51416af9e8adbe3d16f5f2526aba221
097c8d67412f44534449ed4cadc6dd22b025801d
dd7b97c7ad9d7b3eb79bdc728bcbc6a7ab8e3d5db0421fb0dd16d34f3dc88277
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/js/plugins/owl.carousel-2/assets/owl.carousel.css?ver=6.0.3 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Fri, 27 Jun 2014 00:51:42 GMT
Accept-Ranges: bytes
Content-Length: 4614
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
robox360.com/wp-content/themes/metallex/js/plugins/owl.carousel-2/assets/owl.theme.default.min.css?ver=6.0.3
67.212.186.82200 OK 1.1 kB URL HTTP/1.1 robox360.com/wp-content/themes/metallex/js/plugins/owl.carousel-2/assets/owl.theme.default.min.css?ver=6.0.3
IP 67.212.186.82:0
File type ASCII text, with very long lines (1142), with no line terminators
Hash 6c0d1bc8737bd8fb4e293e9d7b42205e
da7a59c23fda1cce4bd4c2277e9529a0dbc9b22d
e6e40fa26713134203caed2e8d9362a8c75f5c337f02e25e00723a258eef66ea
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/js/plugins/owl.carousel-2/assets/owl.theme.default.min.css?ver=6.0.3 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Wed, 29 Jul 2015 13:40:10 GMT
Accept-Ranges: bytes
Content-Length: 1142
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
robox360.com/wp-content/themes/metallex/style.css?ver=2018-06-23
67.212.186.82200 OK 20 kB URL HTTP/1.1 robox360.com/wp-content/themes/metallex/style.css?ver=2018-06-23
IP 67.212.186.82:0
File type ASCII text, with very long lines (417)
Hash 85103c880a0b8e83a2caf82c985b20a5
84a3b4d8f4d53df005338cb69222b604faf5dfb4
8899a695038d5b5140a8c57d3dcb5be2a739bef0c4b4427cb4cc44e7b5c1f612
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/style.css?ver=2018-06-23 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 16:23:24 GMT
Accept-Ranges: bytes
Content-Length: 20467
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
robox360.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0
67.212.186.82200 OK 210 kB URL HTTP/1.1 robox360.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0
IP 67.212.186.82:0
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size 210 kB (209831 bytes)
Hash 9ed8fcb16418ff477a6c93fe33f86563
47be642692139a2ce63cf655cba31767cb7e8074
3f7c8f55c3c421a6f14efb39bf07abb73d1d244f194e133a2453913330e38819
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:04 GMT
Server: Apache
Last-Modified: Tue, 15 Mar 2022 05:25:59 GMT
Accept-Ranges: bytes
Content-Length: 209831
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
robox360.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
67.212.186.82200 OK 90 kB URL HTTP/1.1 robox360.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 67.212.186.82:0
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Mon, 25 Jul 2022 09:52:23 GMT
Accept-Ranges: bytes
Content-Length: 89521
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
robox360.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
67.212.186.82200 OK 11 kB URL HTTP/1.1 robox360.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 67.212.186.82:0
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Mon, 25 Jul 2022 09:52:23 GMT
Accept-Ranges: bytes
Content-Length: 11224
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
robox360.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1
67.212.186.82200 OK 9.5 kB URL HTTP/1.1 robox360.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1
IP 67.212.186.82:0
File type ASCII text, with very long lines (9139)
Hash 87c54edf7dad7dfdfde015f6eee45ff1
96ec1a06ea3093c47e1e2fc4444ada7f4456135d
ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Tue, 15 Mar 2022 05:26:24 GMT
Accept-Ranges: bytes
Content-Length: 9533
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
robox360.com/wp-content/themes/metallex/css/style.css?ver=6.0.3
67.212.186.82200 OK 174 kB URL HTTP/1.1 robox360.com/wp-content/themes/metallex/css/style.css?ver=6.0.3
IP 67.212.186.82:0
File type ASCII text, with CRLF line terminators
Size 174 kB (173950 bytes)
Hash bdf3e14e9335a2c8b2cb27d407ab52a4
0913787533ae2f126f206e352fe4d20b3722275a
0ff48b530d77e50394f0dd5c130bcb5b60751058accb5191ed335b7f57d88702
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/css/style.css?ver=6.0.3 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Mon, 28 May 2018 15:50:54 GMT
Accept-Ranges: bytes
Content-Length: 173950
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
robox360.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1
67.212.186.82200 OK 3.0 kB URL HTTP/1.1 robox360.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1
IP 67.212.186.82:0
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 8bc2109ef48cabf7a26b73d7c3536c5f
0e0dfee3a3975eafc3dd55f190d1deb3c6c55d3b
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Tue, 15 Mar 2022 05:26:24 GMT
Accept-Ranges: bytes
Content-Length: 3037
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
robox360.com/wp-content/plugins/visualcomposer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.2.0
67.212.186.82200 OK 992 B URL HTTP/1.1 robox360.com/wp-content/plugins/visualcomposer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.2.0
IP 67.212.186.82:0
Hash 787fe4f547a6cb7f4ce4934641085910
c2dee88d5bdfef214ce9c56f71a1df51cda0f328
654aaebdea944313257827be97eb196a8218a2cdfc9ba399db23e2cd4c02bd79
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/visualcomposer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.2.0 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Mon, 31 May 2021 05:37:23 GMT
Accept-Ranges: bytes
Content-Length: 992
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
robox360.com/?wordfence_syncAttackData=1666506724.2381
67.212.186.82301 Moved Permanently 276 B URL HTTP/1.1 robox360.com/?wordfence_syncAttackData=1666506724.2381
IP 67.212.186.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9a30ef13cb050542ff80c8c4e33064f1
37c7fa68619eab774b12dddcb7f81124e34505eb
4d958592a8d8a1409c920e9dc861dd283db0a353806f5cf9f47b904280dc3e7d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /?wordfence_syncAttackData=1666506724.2381 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 301 Moved Permanently
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Location: https://solar.robox360.com/?wordfence_syncAttackData=1666506724.2381
Content-Length: 276
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
fonts.googleapis.com/css?family=Lora%3A400%2C400i%2C700%2C700i&ver=1.0.0
142.250.74.10200 OK 7.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Lora%3A400%2C400i%2C700%2C700i&ver=1.0.0
IP 142.250.74.10:0
Hash c2f46fb65552b12807212025adeb5950
d4da832406d6493f0cd98b091ec0c06a76e45958
7373bc6880d7c1f7abe2bba16ccf3c8c3a121f00480a05617efc72da8568ba7a
GET /css?family=Lora%3A400%2C400i%2C700%2C700i&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 23 Oct 2022 06:32:05 GMT
date: Sun, 23 Oct 2022 06:32:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
robox360.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
67.212.186.82200 OK 19 kB URL HTTP/1.1 robox360.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 67.212.186.82:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 57459b58fd7665a5e20b2345463df9c9
71c3b177ad1412d5e0b56d99f18bc345148df88b
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Mon, 25 Jul 2022 09:52:22 GMT
Accept-Ranges: bytes
Content-Length: 19142
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
robox360.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
67.212.186.82200 OK 9.7 kB URL HTTP/1.1 robox360.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
IP 67.212.186.82:0
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash cfb428c02811f0cbe515d5f3dca61de6
e95f8696fbe29a706e66ccf582b36d9bd650ab9f
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Tue, 15 Mar 2022 05:25:02 GMT
Accept-Ranges: bytes
Content-Length: 9720
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
robox360.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1
67.212.186.82200 OK 1.8 kB URL HTTP/1.1 robox360.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1
IP 67.212.186.82:0
File type ASCII text, with very long lines (1668)
Hash d0a6d8547c66b0d7b0172466558d1208
ff93916519c7b9483251f609e4d29f38c30a66e3
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Tue, 15 Mar 2022 05:26:23 GMT
Accept-Ranges: bytes
Content-Length: 1834
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
fonts.googleapis.com/css?family=Alegreya%3A400%2C700&ver=1.0.0
142.250.74.10200 OK 2.7 kB URL HTTP/2 fonts.googleapis.com/css?family=Alegreya%3A400%2C700&ver=1.0.0
IP 142.250.74.10:0
Hash dc4c9a49fb9b48885876852f8e3af9d8
1280eb34d483a88efa584e37932ddf854ebd221d
cef44158f3da68e3d1fa50897c46af8d4c96bcfbf2c31ccc27ce6cb001c5932c
GET /css?family=Alegreya%3A400%2C700&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 23 Oct 2022 06:32:05 GMT
date: Sun, 23 Oct 2022 06:32:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
robox360.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1
67.212.186.82200 OK 2.9 kB URL HTTP/1.1 robox360.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1
IP 67.212.186.82:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash 0fd625c3991a4015814cffdc88e2fc82
d7c2f53e058210ff3ea773297641008bab71a5f3
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Tue, 15 Mar 2022 05:26:24 GMT
Accept-Ranges: bytes
Content-Length: 2938
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
robox360.com/wp-content/themes/metallex/js/bootstrap.min.js?ver=6.0.3
67.212.186.82200 OK 37 kB URL HTTP/1.1 robox360.com/wp-content/themes/metallex/js/bootstrap.min.js?ver=6.0.3
IP 67.212.186.82:0
File type ASCII text, with very long lines (32033)
Hash 5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/js/bootstrap.min.js?ver=6.0.3 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Wed, 02 May 2018 16:55:32 GMT
Accept-Ranges: bytes
Content-Length: 37045
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
robox360.com/wp-content/themes/metallex/js/jquery.touchSwipe.min.js?ver=6.0.3
67.212.186.82200 OK 12 kB URL HTTP/1.1 robox360.com/wp-content/themes/metallex/js/jquery.touchSwipe.min.js?ver=6.0.3
IP 67.212.186.82:0
File type ASCII text, with very long lines (11576), with no line terminators
Hash 91d00123eb72c7cacc3fbdd03d83762b
6b0fcd06196374d8a8f742d5e1663433adbc3b6c
f65f3aeed46b79940849fa2022f2cbdf368288de9046f2b3da075c42f9dde8f6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/js/jquery.touchSwipe.min.js?ver=6.0.3 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Wed, 02 May 2018 16:55:34 GMT
Accept-Ranges: bytes
Content-Length: 11576
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
robox360.com/wp-content/themes/metallex/js/responsive_bootstrap_carousel.js?ver=6.0.3
67.212.186.82200 OK 2.2 kB URL HTTP/1.1 robox360.com/wp-content/themes/metallex/js/responsive_bootstrap_carousel.js?ver=6.0.3
IP 67.212.186.82:0
File type ASCII text, with CRLF line terminators
Hash 00a8c6f078cb746ab8c0dc66959172b5
7e76a016d3c9ce8061763aee671fe36682150e6c
1a807ff68dfedf83082537571aece1a90836251c229cccc33617d9ef666afe6d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/js/responsive_bootstrap_carousel.js?ver=6.0.3 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Wed, 02 May 2018 16:55:34 GMT
Accept-Ranges: bytes
Content-Length: 2161
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
robox360.com/wp-content/plugins/visualcomposer/assets/css/js_composer.min.css?ver=6.2.0
67.212.186.82200 OK 485 kB URL HTTP/1.1 robox360.com/wp-content/plugins/visualcomposer/assets/css/js_composer.min.css?ver=6.2.0
IP 67.212.186.82:0
File type ASCII text, with very long lines (65358)
Size 485 kB (485416 bytes)
Hash 2fcf15b9242ca9cbf091c45419959fdb
52e744ee97e3612e790305643ab5046201831618
f1dbbc4be8d88ae17466b1d7a8fd7bf4f9d9b5ab492719cdea721d82cecb738d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/visualcomposer/assets/css/js_composer.min.css?ver=6.2.0 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Mon, 31 May 2021 05:37:25 GMT
Accept-Ranges: bytes
Content-Length: 485416
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
robox360.com/wp-content/themes/metallex/js/custom.js?ver=6.0.3
67.212.186.82200 OK 5.6 kB URL HTTP/1.1 robox360.com/wp-content/themes/metallex/js/custom.js?ver=6.0.3
IP 67.212.186.82:0
File type ASCII text, with CRLF line terminators
Hash 1d0f6f0dc8c932ea69dd7f40abdd9fdd
3052232de2c21c0ea6ff96dd3b07cdef4b3d77b9
389d947b76739606585ef14b2d3c66bd6759b0bee43e2afb4b0845bd79b6615c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/js/custom.js?ver=6.0.3 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Mon, 09 Jul 2018 19:56:12 GMT
Accept-Ranges: bytes
Content-Length: 5638
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
robox360.com/wp-content/themes/metallex/js/plugins/owl.carousel-2/owl.carousel.min.js?ver=6.0.3
67.212.186.82200 OK 40 kB URL HTTP/1.1 robox360.com/wp-content/themes/metallex/js/plugins/owl.carousel-2/owl.carousel.min.js?ver=6.0.3
IP 67.212.186.82:0
File type ASCII text, with very long lines (32068)
Hash ffaa3c82ad2c6e216e68aca44746e1be
2fa7c468110fa68f1f3df6718daf971871623ee9
83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/js/plugins/owl.carousel-2/owl.carousel.min.js?ver=6.0.3 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Fri, 27 Jun 2014 00:51:42 GMT
Accept-Ranges: bytes
Content-Length: 40401
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
robox360.com/wp-content/themes/metallex/js/scroll.js?ver=6.0.3
67.212.186.82200 OK 434 B URL HTTP/1.1 robox360.com/wp-content/themes/metallex/js/scroll.js?ver=6.0.3
IP 67.212.186.82:0
File type ASCII text, with CRLF line terminators
Hash d3cb594e67701845eef00cdde1fd2eb0
981de890b70af6d303510e7ef793055db9615a56
cf5c9d2e59788d04f1bb031df9a31ed9ee3fa1725efe7dad7e1cf499df73f03d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/js/scroll.js?ver=6.0.3 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Mon, 09 Jul 2018 19:59:22 GMT
Accept-Ranges: bytes
Content-Length: 434
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
robox360.com/wp-content/themes/metallex/js/theme.js?ver=6.0.3
67.212.186.82200 OK 4.6 kB URL HTTP/1.1 robox360.com/wp-content/themes/metallex/js/theme.js?ver=6.0.3
IP 67.212.186.82:0
File type ASCII text, with CRLF line terminators
Hash 17d7d945470e1d7de9b887580123c095
1f16f1113c6214347d00a4f68bff726f58b6e249
c6de03e559a979b17f51e0efc106d9213362c91805234c8774241bfba6f2b0cc
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/js/theme.js?ver=6.0.3 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Mon, 09 Jul 2018 20:00:10 GMT
Accept-Ranges: bytes
Content-Length: 4609
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
robox360.com/wp-admin/js/accordion.min.js?ver=6.0.3
67.212.186.82200 OK 849 B URL HTTP/1.1 robox360.com/wp-admin/js/accordion.min.js?ver=6.0.3
IP 67.212.186.82:0
File type ASCII text, with very long lines (814)
Hash 9d47e5a993950468642eb8b6a87554e6
3eff0f63fbfde3f43660d6b3f4221410f8f23fc5
04ee35a326e4ffa7259f4ac470146bad7a341c6ca03cbc70aa4c4f48ba7a8aef
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-admin/js/accordion.min.js?ver=6.0.3 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Mon, 25 Jul 2022 09:52:22 GMT
Accept-Ranges: bytes
Content-Length: 849
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
robox360.com/wp-content/plugins/visualcomposer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.2.0
67.212.186.82200 OK 36 kB URL HTTP/1.1 robox360.com/wp-content/plugins/visualcomposer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.2.0
IP 67.212.186.82:0
File type ASCII text, with very long lines (32004)
Hash 3a9c9706a7b52f750c71096411cc18bc
30fcae004682838e945414717bb854cba0e27483
322bf3797b194ae22aafa05a366471210116b26feeef7ea074752efff0b7f061
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/visualcomposer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.2.0 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Mon, 31 May 2021 05:37:29 GMT
Accept-Ranges: bytes
Content-Length: 35722
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9f84a11cd39c014fffc187f2a8b0d8df
1875e117dec3fc707db902e87df9ec691b2cc763
bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 06:32:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9f84a11cd39c014fffc187f2a8b0d8df
1875e117dec3fc707db902e87df9ec691b2cc763
bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 06:32:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
216.58.207.195200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://robox360.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:30:59 GMT
expires: Thu, 19 Oct 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 298867
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
robox360.com/wp-content/themes/metallex/js/homepage2.js?ver=6.0.3
67.212.186.82200 OK 680 B URL HTTP/1.1 robox360.com/wp-content/themes/metallex/js/homepage2.js?ver=6.0.3
IP 67.212.186.82:0
File type ASCII text, with CRLF line terminators
Hash bd844dc875ef108d5a9d648d5f551271
f1f20a10a99cc82bbf05c65f0036d026db9a68bd
9a45d59c380d8bbcc92f50d51bcaa3ff2d40e2ed2b1fc1102ecd698dd0407987
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/js/homepage2.js?ver=6.0.3 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Wed, 25 Jul 2018 16:16:06 GMT
Accept-Ranges: bytes
Content-Length: 680
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
robox360.com/wp-content/themes/metallex/js/main.js?ver=6.0.3
67.212.186.82200 OK 3.4 kB URL HTTP/1.1 robox360.com/wp-content/themes/metallex/js/main.js?ver=6.0.3
IP 67.212.186.82:0
Hash 071ecbc45be8c65782bf4871d5f073f9
bbc6a2c5f59f9f90ac49a356b07b87cf64947eee
f689a4fa274b1fe6c27a1cedc9e8922d75d90ba48785b99206389e58874b5b0d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/js/main.js?ver=6.0.3 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Mon, 09 Jul 2018 19:58:26 GMT
Accept-Ranges: bytes
Content-Length: 3447
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
robox360.com/wp-content/themes/metallex/js/jquery.fancybox.pack.js?ver=6.0.3
67.212.186.82200 OK 23 kB URL HTTP/1.1 robox360.com/wp-content/themes/metallex/js/jquery.fancybox.pack.js?ver=6.0.3
IP 67.212.186.82:0
File type ASCII text, with very long lines (645)
Hash 9bd0c25e4dbafee7d093a5eac984f6e1
aa88368db206b9ff246dd07fb7ef790408a6b302
8cea0d85c3d5938b5f908ec05419b09937b1a4e043fca19197a896c98bb3f13a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/js/jquery.fancybox.pack.js?ver=6.0.3 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
Last-Modified: Wed, 02 May 2018 16:55:32 GMT
Accept-Ranges: bytes
Content-Length: 23158
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2
216.58.207.195200 OK 8.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 8668, version 1.0\012- data
Hash a242ba0df3a128a2cab929a8c45d5056
d70e2c70b21cbb66cd883ae56e2dedacefd81c7c
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
GET /s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://robox360.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8668
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:53:37 GMT
expires: Thu, 19 Oct 2023 19:53:37 GMT
cache-control: public, max-age=31536000
age: 297509
last-modified: Wed, 27 Apr 2022 16:07:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9f84a11cd39c014fffc187f2a8b0d8df
1875e117dec3fc707db902e87df9ec691b2cc763
bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 06:32:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
216.58.207.195200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://robox360.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 17 Oct 2022 18:59:14 GMT
expires: Tue, 17 Oct 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 473572
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9f84a11cd39c014fffc187f2a8b0d8df
1875e117dec3fc707db902e87df9ec691b2cc763
bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 06:32:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
216.58.207.195200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://robox360.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:31:00 GMT
expires: Thu, 19 Oct 2023 19:31:00 GMT
cache-control: public, max-age=31536000
age: 298866
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://robox360.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 05:42:51 GMT
expires: Fri, 20 Oct 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 262155
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
robox360.com/wp-content/themes/metallex/js/homepage3.js?ver=6.0.3
67.212.186.82200 OK 712 B URL HTTP/1.1 robox360.com/wp-content/themes/metallex/js/homepage3.js?ver=6.0.3
IP 67.212.186.82:0
File type ASCII text, with CRLF line terminators
Hash dbe82a7408f5b41f9771432f4e171b4f
7a909de2604478161f749c3af2378e4dbbb0e7ec
8a6ecc45836b5a744351f68a3b5d213c82fb7d3192b82a5e3b29b63924f773c8
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/js/homepage3.js?ver=6.0.3 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:06 GMT
Server: Apache
Last-Modified: Wed, 25 Jul 2018 16:16:04 GMT
Accept-Ranges: bytes
Content-Length: 712
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9f84a11cd39c014fffc187f2a8b0d8df
1875e117dec3fc707db902e87df9ec691b2cc763
bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 06:32:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.195200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://robox360.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 21:48:50 GMT
expires: Thu, 19 Oct 2023 21:48:50 GMT
cache-control: public, max-age=31536000
age: 290596
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9f84a11cd39c014fffc187f2a8b0d8df
1875e117dec3fc707db902e87df9ec691b2cc763
bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 06:32:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
robox360.com/wp-content/themes/metallex/js/homepage4.js?ver=6.0.3
67.212.186.82200 OK 1.6 kB URL HTTP/1.1 robox360.com/wp-content/themes/metallex/js/homepage4.js?ver=6.0.3
IP 67.212.186.82:0
File type ASCII text, with CRLF line terminators
Hash 0c193bb6ad914a0b0ed84f8f5bae956a
725ba83cac9e86d9c67c37ed5b37c31fa3854b94
0a77fd2fa0d0e68701f7629091f63f95bfe3bbd9adbb32b60f212e38071a74f1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/js/homepage4.js?ver=6.0.3 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:06 GMT
Server: Apache
Last-Modified: Mon, 09 Jul 2018 19:57:46 GMT
Accept-Ranges: bytes
Content-Length: 1637
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
robox360.com/wp-content/themes/metallex/js/homepage5.js?ver=6.0.3
67.212.186.82200 OK 979 B URL HTTP/1.1 robox360.com/wp-content/themes/metallex/js/homepage5.js?ver=6.0.3
IP 67.212.186.82:0
File type ASCII text, with CRLF line terminators
Hash fc7f7f544af42501cafcb99c563d9fc4
4969b7ec9ff2dab741684dcb1b7ae9c4ff0dd552
35797e576d3d65cbbd01afa98d3b091d2c5857be2eaf2def49985607ad15731a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/js/homepage5.js?ver=6.0.3 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:06 GMT
Server: Apache
Last-Modified: Wed, 25 Jul 2018 16:16:02 GMT
Accept-Ranges: bytes
Content-Length: 979
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
robox360.com/wp-content/plugins/visualcomposer/assets/js/dist/js_composer_front.min.js?ver=6.2.0
67.212.186.82200 OK 21 kB URL HTTP/1.1 robox360.com/wp-content/plugins/visualcomposer/assets/js/dist/js_composer_front.min.js?ver=6.2.0
IP 67.212.186.82:0
File type ASCII text, with very long lines (20378)
Hash 463cf6ebc00dd2045999aadbcb73a74a
52185ae4be6f23dc20aaa58b86c1f98db3f840d9
9be6923457d76debf4c512fac0a2173aaa94748868d26566515ce2a4156d083d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/visualcomposer/assets/js/dist/js_composer_front.min.js?ver=6.2.0 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:06 GMT
Server: Apache
Last-Modified: Mon, 31 May 2021 05:37:23 GMT
Accept-Ranges: bytes
Content-Length: 20597
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
robox360.com/wp-content/themes/metallex/fonts/fontawesome-webfont.woff2?v=4.4.0
67.212.186.82200 OK 64 kB URL HTTP/1.1 robox360.com/wp-content/themes/metallex/fonts/fontawesome-webfont.woff2?v=4.4.0
IP 67.212.186.82:0
File type Web Open Font Format (Version 2), TrueType, length 64464, version 4.262\012- data
Hash 4b5a84aaf1c9485e060c503a0ff8cadb
574ea2698c03ae9477db2ea3baf460ee32f1a7ea
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/fonts/fontawesome-webfont.woff2?v=4.4.0 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://robox360.com/wp-content/themes/metallex/css/font-awesome.min.css?ver=6.0.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:06 GMT
Server: Apache
Last-Modified: Wed, 02 May 2018 16:55:32 GMT
Accept-Ranges: bytes
Content-Length: 64464
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: font/woff2
robox360.com/wp-content/themes/metallex/images/home_page_variation2/offer_bg.jpg
67.212.186.82200 OK 193 kB URL HTTP/1.1 robox360.com/wp-content/themes/metallex/images/home_page_variation2/offer_bg.jpg
IP 67.212.186.82:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x843, components 3\012- data
Size 193 kB (192678 bytes)
Hash 92ccc37b54fde59e6264652411e92d72
9c4c2515f83977823b11f8fe7bdd1c507d2ba642
5c30292a788959ef09551b4cba0f2caeb4a8d76c9d75fdf28d25fb69cab66c2e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/images/home_page_variation2/offer_bg.jpg HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/wp-content/themes/metallex/css/style.css?ver=6.0.3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:06 GMT
Server: Apache
Last-Modified: Wed, 02 May 2018 16:55:16 GMT
Accept-Ranges: bytes
Content-Length: 192678
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
robox360.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.3.1
67.212.186.82200 OK 7.0 kB URL HTTP/1.1 robox360.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.3.1
IP 67.212.186.82:0
File type ASCII text, with very long lines (7043), with no line terminators
Hash 456663a286a204386735fd775542a59e
0a61620b88f4ae0fa7d71e2c7a014ea2c3ab5749
a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.3.1 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:06 GMT
Server: Apache
Last-Modified: Tue, 15 Mar 2022 05:26:24 GMT
Accept-Ranges: bytes
Content-Length: 7043
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/css
robox360.com/wp-content/uploads/2022/03/Robox-Logo-1-WEB.png
67.212.186.82200 OK 3.9 kB URL HTTP/1.1 robox360.com/wp-content/uploads/2022/03/Robox-Logo-1-WEB.png
IP 67.212.186.82:0
File type PNG image data, 150 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 2cb2fd25926a942f4260711249506b57
78af140094af4f094e3979dda4910c3f90f0fa84
4970b34ff90e481d2d21bf8cb6d0d17547df1a36853dd28b7aef6a76b6da971b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/03/Robox-Logo-1-WEB.png HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:06 GMT
Server: Apache
Last-Modified: Thu, 17 Mar 2022 11:09:13 GMT
Accept-Ranges: bytes
Content-Length: 3870
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
robox360.com/wp-content/themes/metallex/images/home_page/tick-icon-top.png
67.212.186.82200 OK 1.2 kB URL HTTP/1.1 robox360.com/wp-content/themes/metallex/images/home_page/tick-icon-top.png
IP 67.212.186.82:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash ddc96be9eccbbbffbada9e7a96f664fc
adf0fd00e547973a790bccaa10defb815595f90a
8fbaf9f18adc68125228d9a0332ae0fec24908f913ebbacb00158eaecdd29406
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/images/home_page/tick-icon-top.png HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:06 GMT
Server: Apache
Last-Modified: Fri, 11 May 2018 14:03:26 GMT
Accept-Ranges: bytes
Content-Length: 1192
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
robox360.com/wp-content/uploads/2018/05/banner_img3-2.jpg
67.212.186.82200 OK 966 kB URL HTTP/1.1 robox360.com/wp-content/uploads/2018/05/banner_img3-2.jpg
IP 67.212.186.82:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x615, components 3\012- data
Size 966 kB (965581 bytes)
Hash 15f58b9be241db7c8c55d5c1f7d74207
c5fcb597eae4ca7405a4e3017630d179c87914d0
9bf532f6a1ea22f02445a85b408c434877dc79954eb0e6acac1f95b6f9c8a20d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2018/05/banner_img3-2.jpg HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:06 GMT
Server: Apache
Last-Modified: Mon, 31 May 2021 06:02:28 GMT
Accept-Ranges: bytes
Content-Length: 965581
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
robox360.com/wp-content/uploads/2018/05/delicate_team.png
67.212.186.82200 OK 2.6 kB URL HTTP/1.1 robox360.com/wp-content/uploads/2018/05/delicate_team.png
IP 67.212.186.82:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 32eefa202f1b6e0ef080117711775177
e547114b081eeeddcca0f30b0b09200132bd6350
1b003b02e48159ab0548e8655338198bae4b5bcfe13aa44eb3b7a2eb49f92645
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2018/05/delicate_team.png HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:06 GMT
Server: Apache
Last-Modified: Mon, 31 May 2021 06:01:44 GMT
Accept-Ranges: bytes
Content-Length: 2645
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
robox360.com/wp-content/uploads/2018/05/delivery_time.png
67.212.186.82200 OK 3.4 kB URL HTTP/1.1 robox360.com/wp-content/uploads/2018/05/delivery_time.png
IP 67.212.186.82:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 028bee8db5ca5eb7639e939afb1b6d9e
4fb8364119707b059205bc0e5618252ba4f07697
e0e78883d6540a104b420d8ed629a58fc35754dc6cd702f8eecb466596d292b9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2018/05/delivery_time.png HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:06 GMT
Server: Apache
Last-Modified: Mon, 31 May 2021 06:01:44 GMT
Accept-Ranges: bytes
Content-Length: 3390
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
robox360.com/wp-content/uploads/2018/05/quality_assurance.png
67.212.186.82200 OK 2.3 kB URL HTTP/1.1 robox360.com/wp-content/uploads/2018/05/quality_assurance.png
IP 67.212.186.82:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 3ccf3c129566ba1277bcdf3d3741b25b
5a9d4121f75f9d045530fe45cb0b86afdffeb293
94f27bff626f3783081e918745ad51226c82d8be135cdc1c3ac2e57c94859c95
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2018/05/quality_assurance.png HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:06 GMT
Server: Apache
Last-Modified: Mon, 31 May 2021 06:01:45 GMT
Accept-Ranges: bytes
Content-Length: 2319
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
robox360.com/wp-content/uploads/2018/05/update_technology.png
67.212.186.82200 OK 3.3 kB URL HTTP/1.1 robox360.com/wp-content/uploads/2018/05/update_technology.png
IP 67.212.186.82:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash f9dbbff283969e6f2f13a079d51add13
f44c91c86edf4083b8bdcc9d6cea644ad01bb1f7
a49f4a5f2fd3817471f46f56e9398e07211e3046c02fda6048dab81edc40c467
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2018/05/update_technology.png HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:06 GMT
Server: Apache
Last-Modified: Mon, 31 May 2021 06:01:45 GMT
Accept-Ranges: bytes
Content-Length: 3279
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
robox360.com/wp-content/uploads/2018/05/1-1.png
67.212.186.82200 OK 932 kB URL HTTP/1.1 robox360.com/wp-content/uploads/2018/05/1-1.png
IP 67.212.186.82:0
File type PNG image data, 1024 x 768, 8-bit/color RGBA, non-interlaced\012- data
Size 932 kB (932199 bytes)
Hash 3efd44ccaf52f9540224ab3aa8ca4239
9282e1e9245bb51b7de14ed09eeba2435dae96d6
7ecfc02319ee48670d30856240b16c838cb5f2c7937ceb7d1a06db42217d111b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2018/05/1-1.png HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:06 GMT
Server: Apache
Last-Modified: Wed, 16 Mar 2022 06:17:52 GMT
Accept-Ranges: bytes
Content-Length: 932199
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
robox360.com/wp-content/uploads/2018/05/Calibration-of-Measuring-Instruments.jpg
67.212.186.82200 OK 116 kB URL HTTP/1.1 robox360.com/wp-content/uploads/2018/05/Calibration-of-Measuring-Instruments.jpg
IP 67.212.186.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1024x768, components 3\012- data
Size 116 kB (115506 bytes)
Hash 2fefd15ce2b170865d5b646f0151bfef
94ff869fada98d25a6834edd326684e468309c84
f977d10309b094ad45d194b29dd580b1653580b2d75e9df87c32a1b95acfad2a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2018/05/Calibration-of-Measuring-Instruments.jpg HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:06 GMT
Server: Apache
Last-Modified: Wed, 19 Jan 2022 12:05:56 GMT
Accept-Ranges: bytes
Content-Length: 115506
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg
robox360.com/wp-content/themes/metallex/assets/js/jquery.meanmenu.min.js?ver=6.0.3
67.212.186.82301 Moved Permanently 0 B URL HTTP/1.1 robox360.com/wp-content/themes/metallex/assets/js/jquery.meanmenu.min.js?ver=6.0.3
IP 67.212.186.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/assets/js/jquery.meanmenu.min.js?ver=6.0.3 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 301 Moved Permanently
Date: Sun, 23 Oct 2022 06:32:05 GMT
Server: Apache
X-Powered-By: PHP/7.4.32
X-Redirect-By: WordPress
Location: https://robox360.com/wp-content/themes/metallex/assets/js/jquery.meanmenu.min.js/?ver=6.0.3
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
robox360.com/wp-content/uploads/2022/01/getting-super-practical-about-your-business-vision_900x520.jpg
67.212.186.82200 OK 62 kB URL HTTP/1.1 robox360.com/wp-content/uploads/2022/01/getting-super-practical-about-your-business-vision_900x520.jpg
IP 67.212.186.82:0
File type JPEG image data, baseline, precision 8, 900x520, components 3\012- data
Hash 217feb02c3b63fb8e1d9889e93e1fedf
5b276d42203533299617f41187c037276dc42547
043dafac3582623d132c26585ffae845787bac36ec296c3c4652cce65e92f44d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/01/getting-super-practical-about-your-business-vision_900x520.jpg HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:06 GMT
Server: Apache
Last-Modified: Wed, 19 Jan 2022 12:43:24 GMT
Accept-Ranges: bytes
Content-Length: 61656
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
robox360.com/wp-content/uploads/2018/05/1-3.png
67.212.186.82200 OK 177 kB URL HTTP/1.1 robox360.com/wp-content/uploads/2018/05/1-3.png
IP 67.212.186.82:0
File type PNG image data, 337 x 253, 8-bit/color RGBA, non-interlaced\012- data
Size 177 kB (176970 bytes)
Hash b5f669e00238c014fb56e920b19f1ce4
176ad1db3521d6bd77110b8e7ef9bb5f2f1ded29
575c81344c699970a70aa3d7742e4569b5c46d6389febace6f1db72086dfa77c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2018/05/1-3.png HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:06 GMT
Server: Apache
Last-Modified: Wed, 23 Mar 2022 08:05:30 GMT
Accept-Ranges: bytes
Content-Length: 176970
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png
robox360.com/wp-content/uploads/2018/05/2.png
67.212.186.82200 OK 1.8 MB URL HTTP/1.1 robox360.com/wp-content/uploads/2018/05/2.png
IP 67.212.186.82:0
File type PNG image data, 1024 x 768, 8-bit/color RGBA, non-interlaced\012- data
Size 1.8 MB (1830431 bytes)
Hash 8ea6b6c671d0ad6be80e4234eb7fa6e8
528cce03e44cd115a268a8a73102fb17686cd19e
9efe774c364bbdd3546df37586f71357bf515a15765726002f64b615fa50632d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2018/05/2.png HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:06 GMT
Server: Apache
Last-Modified: Wed, 16 Mar 2022 06:18:01 GMT
Accept-Ranges: bytes
Content-Length: 1830431
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
robox360.com/wp-content/uploads/2022/03/Robox.png
67.212.186.82200 OK 842 kB URL HTTP/1.1 robox360.com/wp-content/uploads/2022/03/Robox.png
IP 67.212.186.82:0
File type PNG image data, 1024 x 768, 8-bit/color RGBA, non-interlaced\012- data
Size 842 kB (841815 bytes)
Hash 3338483a87dab7d4a3173659d2506707
cdfde9890477f8f2152810d9f83ed1f37b41ae90
0775f48c664af00b2e3822780c4015d0607b62eed9c9e3f40433bb884a18fea1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/03/Robox.png HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:06 GMT
Server: Apache
Last-Modified: Wed, 23 Mar 2022 06:31:54 GMT
Accept-Ranges: bytes
Content-Length: 841815
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png
robox360.com/wp-content/uploads/2018/05/2-1.png
67.212.186.82200 OK 129 kB URL HTTP/1.1 robox360.com/wp-content/uploads/2018/05/2-1.png
IP 67.212.186.82:0
File type PNG image data, 337 x 253, 8-bit/color RGBA, non-interlaced\012- data
Size 129 kB (128747 bytes)
Hash f85af062800bedfe2f2d420f566fab83
ef447060d9e78a511acaa62b0c3c62b89a86f790
f9f79b670256a0ddaaec3eb37a4f1729a205524172c5d04fa5f01eedfb55446e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2018/05/2-1.png HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:06 GMT
Server: Apache
Last-Modified: Wed, 23 Mar 2022 08:03:14 GMT
Accept-Ranges: bytes
Content-Length: 128747
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/png
robox360.com/wp-content/uploads/2018/05/3.png
67.212.186.82200 OK 1.3 MB URL HTTP/1.1 robox360.com/wp-content/uploads/2018/05/3.png
IP 67.212.186.82:0
File type PNG image data, 1024 x 768, 8-bit/color RGBA, non-interlaced\012- data
Size 1.3 MB (1331769 bytes)
Hash 4c67c82a6e07ef887f09fec7ac4c2e93
d265748b0ac6806054e3590c2026e224e8858ca7
79a59d9ee9a817aed6cfd9c51e2177aa3add998bd6eb65be9baea1e8838aab1e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2018/05/3.png HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:06 GMT
Server: Apache
Last-Modified: Wed, 16 Mar 2022 06:18:08 GMT
Accept-Ranges: bytes
Content-Length: 1331769
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
fonts.googleapis.com/css?family=Poppins%3A400%2C400i%2C500%2C500i%2C600%2C600i&ver=1.0.0
142.250.74.10200 OK 233 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A400%2C400i%2C500%2C500i%2C600%2C600i&ver=1.0.0
IP 142.250.74.10:0
Size 233 kB (232598 bytes)
Hash 5f0d326305ee56940a0b67d6bc54bf7b
6cb23e9bf9dda7e078d57ffa4df8358481444e6a
1551efed03e2728c3b4a0950a2a8d23c17c09353b57689ded8a4702fc933ea22
GET /css?family=Poppins%3A400%2C400i%2C500%2C500i%2C600%2C600i&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 23 Oct 2022 06:32:05 GMT
date: Sun, 23 Oct 2022 06:32:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
robox360.com/wp-content/themes/metallex/images/home_page/right_Ar.png
67.212.186.82200 OK 999 B URL HTTP/1.1 robox360.com/wp-content/themes/metallex/images/home_page/right_Ar.png
IP 67.212.186.82:0
File type PNG image data, 15 x 8, 8-bit/color RGBA, non-interlaced\012- data
Hash 1da099abe1d8d295c4d579a2878e3dba
a9ba74fa317eef32115855f3fd715bbe7091f3cc
0f506af3b93a85ba039e3a841d260e319e6f151a15961349cdf5c5642daef8c1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/images/home_page/right_Ar.png HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/wp-content/themes/metallex/css/style.css?ver=6.0.3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:07 GMT
Server: Apache
Last-Modified: Wed, 02 May 2018 16:55:20 GMT
Accept-Ranges: bytes
Content-Length: 999
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/png
robox360.com/wp-content/themes/metallex/images/home_page/close_popup.png
67.212.186.82200 OK 1.2 kB URL HTTP/1.1 robox360.com/wp-content/themes/metallex/images/home_page/close_popup.png
IP 67.212.186.82:0
File type PNG image data, 23 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash bea568b9efba70b7278e6f422e18e911
d516cd048009b9e30a32d3974264942aa0d4bf39
b87a9b410e92c99f3a379ffefd68fc167ab659ee0fc5ec7dec2b5a255ed283ae
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/images/home_page/close_popup.png HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/wp-content/themes/metallex/css/style.css?ver=6.0.3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:07 GMT
Server: Apache
Last-Modified: Wed, 02 May 2018 16:55:20 GMT
Accept-Ranges: bytes
Content-Length: 1207
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png
robox360.com/wp-content/themes/metallex/images/home_page/search_popup_icon.png
67.212.186.82200 OK 1.1 kB URL HTTP/1.1 robox360.com/wp-content/themes/metallex/images/home_page/search_popup_icon.png
IP 67.212.186.82:0
File type PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash b7f3e16a9e3c1a1b38341b316240eda5
a252932e224741d881be74fdbf2a713e760eb623
6cfde6207b477d975076df6e38d9f9c0458b0554c4d6f7fc333014dee81510b8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/images/home_page/search_popup_icon.png HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/wp-content/themes/metallex/css/style.css?ver=6.0.3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:07 GMT
Server: Apache
Last-Modified: Wed, 02 May 2018 16:55:18 GMT
Accept-Ranges: bytes
Content-Length: 1147
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png
robox360.com/wp-content/uploads/2022/01/download-10.jpg
67.212.186.82200 OK 12 kB URL HTTP/1.1 robox360.com/wp-content/uploads/2022/01/download-10.jpg
IP 67.212.186.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 284x177, components 3\012- data
Hash d3f11305fd393ccef8f5e3bc46d320db
adc89bb72b5fc535b7db289e59295f07c06733ef
71d79b5e64a99b1852d3013afb70a3ab631106d4ace5db55e406073209ef3896
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/01/download-10.jpg HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:07 GMT
Server: Apache
Last-Modified: Wed, 19 Jan 2022 12:42:17 GMT
Accept-Ranges: bytes
Content-Length: 11702
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/jpeg
robox360.com/wp-content/uploads/2018/05/project_bg.jpg
67.212.186.82200 OK 1.1 MB URL HTTP/1.1 robox360.com/wp-content/uploads/2018/05/project_bg.jpg
IP 67.212.186.82:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x575, components 3\012- data
Size 1.1 MB (1104587 bytes)
Hash ad73026b2ac7590371c396c4fa270db0
274ed560cb4d46edaba5a5adff3d6a8e534145de
16a9f5d74b1dd4e48dc2c8b978506876444c95b43d8da84d5076cfefd81bedad
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2018/05/project_bg.jpg HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:07 GMT
Server: Apache
Last-Modified: Mon, 31 May 2021 06:02:17 GMT
Accept-Ranges: bytes
Content-Length: 1104587
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/jpeg
robox360.com/wp-content/uploads/2018/05/Milk-Pesturizer-Malmo-scaled.jpg
67.212.186.82200 OK 496 kB URL HTTP/1.1 robox360.com/wp-content/uploads/2018/05/Milk-Pesturizer-Malmo-scaled.jpg
IP 67.212.186.82:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 2560x1920, components 3\012- data
Size 496 kB (496443 bytes)
Hash e17189d50be12c1a35c8d3192ce237dc
0a494e971b5d7b590836ff044edaa35bdd892ca6
aa28b1fc501d8da5967c66693fd79a542f5e441ac5eb326d86fe513b470c9cd1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2018/05/Milk-Pesturizer-Malmo-scaled.jpg HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:06 GMT
Server: Apache
Last-Modified: Wed, 23 Mar 2022 07:33:25 GMT
Accept-Ranges: bytes
Content-Length: 496443
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg
robox360.com/wp-content/uploads/2022/01/Roles-and-responsibilities-of-a-quality-control-inspector-1068x552-1.jpg
67.212.186.82200 OK 110 kB URL HTTP/1.1 robox360.com/wp-content/uploads/2022/01/Roles-and-responsibilities-of-a-quality-control-inspector-1068x552-1.jpg
IP 67.212.186.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1068x552, components 3\012- data
Size 110 kB (110370 bytes)
Hash 62d41d53941c888c8e87ec6f47ecaba0
8b2088d5c3c16643f5d27e689dc3a908066c2929
b977fb776509da05b5b78f0ad32b3fc7c2abfcafad7bc39f321f8778593304da
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/01/Roles-and-responsibilities-of-a-quality-control-inspector-1068x552-1.jpg HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:07 GMT
Server: Apache
Last-Modified: Wed, 19 Jan 2022 13:17:17 GMT
Accept-Ranges: bytes
Content-Length: 110370
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg
fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%2C700%2C700i&ver=1.0.0
142.250.74.10200 OK 104 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%2C700%2C700i&ver=1.0.0
IP 142.250.74.10:0
Size 104 kB (104023 bytes)
Hash a17e75395d43a29d8ebd54fb05a0e6d6
12ff77ed0ba035bf98c075a5ba3e3b271298766d
5a5d047243569aaf121a461d1d91a7b3c155440b0097e6a7fe72090476e43454
GET /css?family=Open+Sans%3A400%2C400i%2C600%2C600i%2C700%2C700i&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 23 Oct 2022 06:32:05 GMT
date: Sun, 23 Oct 2022 06:32:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
robox360.com/wp-content/themes/metallex/assets/js/jquery.meanmenu.min.js/?ver=6.0.3
67.212.186.82200 OK 61 kB URL HTTP/1.1 robox360.com/wp-content/themes/metallex/assets/js/jquery.meanmenu.min.js/?ver=6.0.3
IP 67.212.186.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash f8a58774ebb4734726ac47a2af622756
30ebd64c3950404aace9907692e658af22ab8ee5
632deb92f00d22ba03ce2b6015144007601515bfe8e7785cb311df991c72d7f9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/assets/js/jquery.meanmenu.min.js/?ver=6.0.3 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://robox360.com/mmio/umarumhahr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:06 GMT
Server: Apache
X-Powered-By: PHP/7.4.32
Link: <https://robox360.com/index.php?rest_route=/>; rel="https://api.w.org/", <https://robox360.com/index.php?rest_route=/wp/v2/pages/121>; rel="alternate"; type="application/json", <https://robox360.com/>; rel=shortlink
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
robox360.com/?wc-ajax=get_refreshed_fragments
67.212.186.82301 Moved Permanently 267 B URL HTTP/1.1 robox360.com/?wc-ajax=get_refreshed_fragments
IP 67.212.186.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1b0393a9ba44561789dd6f5a42a4dade
83fd05141f7024cb3a35c4b4b48913b9e6b3eaaa
0dfe3afb0b53d40f04d68a6e77593702d827f8b8374b1a26dad32260de8cb9a6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://robox360.com
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 301 Moved Permanently
Date: Sun, 23 Oct 2022 06:32:08 GMT
Server: Apache
Location: https://solar.robox360.com/?wc-ajax=get_refreshed_fragments
Content-Length: 267
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
robox360.com/wp-content/uploads/2021/06/robox-logo-2-2.png
67.212.186.82200 OK 33 kB URL HTTP/1.1 robox360.com/wp-content/uploads/2021/06/robox-logo-2-2.png
IP 67.212.186.82:0
File type PNG image data, 111 x 110, 8-bit/color RGBA, non-interlaced\012- data
Hash 8c25fe5c17e54038283b4e9514c7ff56
45e07df16a609d7e6d9c2fcbffeb112fbd373b3a
faa1c0c3f115833044e02fd7152ac139e0e35fd05c4a7ee2ea1e624dcb34259f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/06/robox-logo-2-2.png HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:08 GMT
Server: Apache
Last-Modified: Sun, 06 Jun 2021 20:55:01 GMT
Accept-Ranges: bytes
Content-Length: 33270
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/png
solar.robox360.com/?wordfence_syncAttackData=1666506724.2381
67.212.186.82200 OK 147 kB URL HTTP/1.1 solar.robox360.com/?wordfence_syncAttackData=1666506724.2381
IP 67.212.186.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9217)
Size 147 kB (146793 bytes)
Hash 3198a2e8b752fb63e9380514fe3e9614
be06af953d18aa12b7995d450374f63683d2a39b
5261a7a9bfceacb404c0ee2e2e2bd355cdd5b8d5ced04175e7cdf56d4debb5e2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /?wordfence_syncAttackData=1666506724.2381 HTTP/1.1
Host: solar.robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://robox360.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:06 GMT
Server: Apache
X-Powered-By: PHP/7.4.32
Link: <https://solar.robox360.com/wp-json/>; rel="https://api.w.org/", <https://solar.robox360.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json", <https://solar.robox360.com/>; rel=shortlink
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
solar.robox360.com/?wc-ajax=get_refreshed_fragments
67.212.186.82200 OK 8.7 kB URL HTTP/1.1 solar.robox360.com/?wc-ajax=get_refreshed_fragments
IP 67.212.186.82:0
Hash ff5febc92aeaa503ac9c736b83e9ed0e
2a0a57c1fee494f5f26823dc653674ceacf4179c
66abe745640e0222ed07f9ae17ef6c1115bae29c53107486f4709f55177493fa
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
OPTIONS /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: solar.robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Referer: https://robox360.com/
Origin: https://robox360.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:08 GMT
Server: Apache
X-Powered-By: PHP/7.4.32
Link: <https://solar.robox360.com/wp-json/>; rel="https://api.w.org/", <https://solar.robox360.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json", <https://solar.robox360.com/>; rel=shortlink
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
fonts.googleapis.com/css?family=Poppins&ver=1.0.0
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins&ver=1.0.0
IP 142.250.74.10:0
GET /css?family=Poppins&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 23 Oct 2022 06:32:05 GMT
date: Sun, 23 Oct 2022 06:32:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
robox360.com/wp-content/themes/metallex/css/bootstrap.min.css?ver=6.0.3
67.212.186.82200 OK 0 B URL HTTP/1.1 robox360.com/wp-content/themes/metallex/css/bootstrap.min.css?ver=6.0.3
IP 67.212.186.82:0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/metallex/css/bootstrap.min.css?ver=6.0.3 HTTP/1.1
Host: robox360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/mmio/umarumhahr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 06:32:04 GMT
Server: Apache
Last-Modified: Wed, 02 May 2018 16:55:32 GMT
Accept-Ranges: bytes
Content-Length: 121251
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
fonts.googleapis.com/css?family=Raleway%3A400%2C100%2C200%2C300%2C500%2C600%2C700%2C800%2C900&ver=1.0.0
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway%3A400%2C100%2C200%2C300%2C500%2C600%2C700%2C800%2C900&ver=1.0.0
IP 142.250.74.10:0
GET /css?family=Raleway%3A400%2C100%2C200%2C300%2C500%2C600%2C700%2C800%2C900&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 23 Oct 2022 06:32:05 GMT
date: Sun, 23 Oct 2022 06:32:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=PT+Serif&ver=1.0.0
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=PT+Serif&ver=1.0.0
IP 142.250.74.10:0
GET /css?family=PT+Serif&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robox360.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 23 Oct 2022 06:32:05 GMT
date: Sun, 23 Oct 2022 06:32:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2