r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5563
Expires: Fri, 09 Dec 2022 06:01:33 GMT
Date: Fri, 09 Dec 2022 04:28:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3209
Expires: Fri, 09 Dec 2022 05:22:19 GMT
Date: Fri, 09 Dec 2022 04:28:50 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 04:08:17 GMT
content-type: application/json
age: 1233
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2774
Expires: Fri, 09 Dec 2022 05:15:04 GMT
Date: Fri, 09 Dec 2022 04:28:50 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: bo+ZCOLnYTqR+nXA99EvwsujI9k2NJ3TWPc+VTV6pUMsh46WNYnU3tEJ+XIFqrFV9ZuLvQ1XjAA=
x-amz-request-id: F9PA67H3V4XKGRFS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 03:50:06 GMT
age: 2324
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:28:50 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
drmathavanheartcare.com/
301 Moved Permanently 0 B IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 04:28:47 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Redirect-By: WordPress
Content-Security-Policy: upgrade-insecure-requests;
Location: https://drmathavanheartcare.com/
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
X-Server-Cache: true
X-Proxy-Cache: MISS
Set-Cookie: PHPSESSID=d552c42244e8a7ef7fb2f41838dfd342; path=/; HttpOnly
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 04:07:55 GMT
age: 1256
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5785
Cache-Control: max-age=108866
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:28:51 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:43:17 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 103d485457a9291c58f3cef29d31c9c3
d8b0b9847e35dc35741735569dcc0111908c9d54
a07df76740c9c3a89bc8312a2481cabb57298f43b1e2781600e4cfc888737a87
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A07DF76740C9C3A89BC8312A2481CABB57298F43B1E2781600E4CFC888737A87"
Last-Modified: Wed, 07 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7338
Expires: Fri, 09 Dec 2022 06:31:09 GMT
Date: Fri, 09 Dec 2022 04:28:51 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: muBFbeSI33jE6wLMcTkvHQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oytHPduWWXWNUCfkxPPADueNo8A=
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:28:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
200 OK 2.7 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP
Hash 71d14aed527f6eda5e12b7ff8a57eed1
6948214927c5cab1b8224addb46ac1cdbb0c2720
c0aebbcc0364a503f660a95904fbdd94ef5d07a8d62d4de955d67af231b0548b
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 04:28:52 GMT
date: Fri, 09 Dec 2022 04:28:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.9.4
200 OK 12 kB URL HTTP/2 drmathavanheartcare.com/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.9.4
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (38452)
Hash 7d80ab269c5c1158315be2b5b5e7146f
4a6fbcfec2288ee4754e968b6714f795e1c92437
92ebdb13ce8be6030c3a2e7a9915685cd8c2b4a316cc80c08c83844278bd5175
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.9.4 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:17:34 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 11685
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
200 OK 5.3 kB URL HTTP/2 drmathavanheartcare.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 30 Jul 2022 09:39:00 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 5321
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/picker.classic.css?ver=21.2
200 OK 603 B URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/picker.classic.css?ver=21.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1208)
Hash 130de38568e19bc15656a949fd51b5dd
e521556481eb8d1a329b3f5edbd93cfcf850ab72
98e1d518a87ea5eed9aa0b35a764a8287b2a998aec10a7ffeff509870e9077d1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/picker.classic.css?ver=21.2 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:56 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 603
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/ladda.min.css?ver=21.2
200 OK 1.6 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/ladda.min.css?ver=21.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9022)
Hash 7a8ffc891e391d2599e2295109c1eed7
f0e834eb0eb3b93ea22fbe1e29c2a2e9de25a767
79119d0987be4165e5d2fd5e82c2031717ef7480330684b2f08fab5f0c2d23a9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/ladda.min.css?ver=21.2 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:56 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1587
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/picker.classic.date.css?ver=21.2
200 OK 1.4 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/picker.classic.date.css?ver=21.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4370), with no line terminators
Hash ef3f6d40a7b2ee7df68e3770b2b7cddd
41f81370666ba6edac6fc5ec0c5a8d1c4f7ebb3a
bb3db802399d3ac722e92c50e03f6a738a188af6386dd1209c566750fe3c21a0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/picker.classic.date.css?ver=21.2 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:56 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1366
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/bookly-main.css?ver=21.2
200 OK 9.2 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/bookly-main.css?ver=21.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash cb6cca930789ad81f15508df620893d5
ab4c3f42f406a7d4481d9a48dc72a50aa5355497
82c1341fd8ee7d34501395d5a660756b6695d272962bb528cd93d71b031fe5f9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/bookly-main.css?ver=21.2 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:56 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 9249
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/intlTelInput.css?ver=21.2
200 OK 3.2 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/intlTelInput.css?ver=21.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (20761), with no line terminators
Hash 695205ecb44a5906d054040d382055e2
e33ef605b5a11539eac3b101a64920c37bd86eb0
98864a8edd54e970784087c240e7921d4fb245621ba668671a08ff64f9ce3ea4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/intlTelInput.css?ver=21.2 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:56 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3173
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/testimonial-slider-and-showcase/assets/css/wptestimonial.css?ver=2.2.8
200 OK 13 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/testimonial-slider-and-showcase/assets/css/wptestimonial.css?ver=2.2.8
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 77a4e6fdd96341b3252f19f9dfc59846
b45e9f5c29dfd924e17b99c4b72f4978ee88e0c3
98dcf311424368e1df1a15039d58522586186c77cde8ab6051088b0e87b6405a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/testimonial-slider-and-showcase/assets/css/wptestimonial.css?ver=2.2.8 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:15:09 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 13120
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/uploads/elementor/css/post-41.css?ver=1668536603
200 OK 2.9 kB URL HTTP/2 drmathavanheartcare.com/wp-content/uploads/elementor/css/post-41.css?ver=1668536603
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (16530), with no line terminators
Hash beb79b61cfaa9579878129e095a26900
a4616c649c3dafbc5539a79c512e82b432ef6964
f92128ca29cd8daeaf0894437bcd86a0fac30c34ac18c75d145aeb9149d9d045
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-41.css?ver=1668536603 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:23:23 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2865
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/th-advance-product-search/th-icon/style.css?ver=1.1.5
200 OK 1.1 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/th-advance-product-search/th-icon/style.css?ver=1.1.5
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 1d94d653971d7f83813a76ee4df601a5
5b9b39eb84f2497116a0284dc41d87a8f9c89bce
7fbe05685ee7e577418096d1a33cbf50aa76c8e14c5435f1fbe925bab69a0e99
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/th-advance-product-search/th-icon/style.css?ver=1.1.5 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:15:11 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1061
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/uploads/elementor/css/post-319.css?ver=1668536121
200 OK 358 B URL HTTP/2 drmathavanheartcare.com/wp-content/uploads/elementor/css/post-319.css?ver=1668536121
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1101), with no line terminators
Hash 078ade17d53a51fb6cb718f4ed61d178
e95c5fd00797779de68685300ee77db156d41e9f
f5a58ead8156957e11690c1c5ae8f14b983e0f755cb87499b85c15c00d350ca5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-319.css?ver=1668536121 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:15:21 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 358
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.4.2
200 OK 900 B URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.4.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3432)
Hash 1e0ef5b4ebd931aecd01564980628978
e618b92e03a6c4bd4abffed22abb1e835c05a601
1deef467f6db854d82e8c6288086664c7cf60a41b18bb7216d63bb83061ba878
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.4.2 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:15:01 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 900
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/uploads/essential-addons-elementor/eael-41.css?ver=1667400659
200 OK 2.8 kB URL HTTP/2 drmathavanheartcare.com/wp-content/uploads/essential-addons-elementor/eael-41.css?ver=1667400659
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (8511)
Hash b6c947a3fa5e904efa4ef791de8242bc
c93cffea14541737dfa32f2efab371b31e254d0d
e5c6dccf9180c9f9c243e352f65ded93ad17659986426a3f6c1e69bfcb598f3b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/essential-addons-elementor/eael-41.css?ver=1667400659 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 15 Oct 2022 09:58:26 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2833
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
200 OK 4.0 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19233)
Hash 2701214b028ad24fa347df8335b36d12
156bc8a7ad2657f00881890637f07c6052636499
9a6e62615ceeec7a9763e4f9614e4715d04fd87873b23db2b3ead06c996cad27
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:59 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4008
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/uploads/elementor/css/global.css?ver=1668536122
200 OK 6.3 kB URL HTTP/2 drmathavanheartcare.com/wp-content/uploads/elementor/css/global.css?ver=1668536122
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (36070)
Hash 5a65ba5b25f5f3e12c95968d7a556faa
e077594e51ede26aeacf60ab128f848c4c8b99f1
4b2bbbcdbe431409d9da13cfe91fbdc6467c4799866adff629221df1a200f977
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/global.css?ver=1668536122 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:15:22 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 6341
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
200 OK 13 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (57726)
Hash dc63c0a8e2d5857cc7a00a4b5456dabb
ee29df5eb2a4bf3eb805b160551c1afd84b42599
035ef40b1dd3df1eefb2dd3c8c2096425727fb939b06f3aa0bc6ef91dafd5441
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:59 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 12577
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=5.4.2
200 OK 13 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=5.4.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (59158)
Hash e6b67e11736ae36a062b381717f2ea9f
a663a79bc8d42aa58bfea1351cc27e0d0b09c9b2
a07a94d36246d0b3e5b9b18e274e31995d0e23cda955babf5e350e91a879523d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=5.4.2 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:59 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 12862
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/revslider/public/assets/assets/dummy.png
200 OK 68 B URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/revslider/public/assets/assets/dummy.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 2a637d3d825673c0e3462fa4ed9a1c5c
81668d396da22832d75a986407ff10035e0d5899
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/assets/dummy.png HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 28 Aug 2022 02:33:28 GMT
accept-ranges: bytes
content-length: 68
cache-control: max-age=31536000
expires: Sat, 09 Dec 2023 04:28:52 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/th-advance-product-search/assets/js/thaps-search.js?ver=1
200 OK 12 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/th-advance-product-search/assets/js/thaps-search.js?ver=1
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 7a9466558679c736eb0e26e55d698a0f
ba369fb7a711e519cefc7a28007ff3990d16d6f5
9048b76eb3b3e4ff66a0da3beebd64deef993bf1ca642935a1884bf37f486187
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/th-advance-product-search/assets/js/thaps-search.js?ver=1 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:15:11 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 12278
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/picker.date.js?ver=21.2
200 OK 5.0 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/picker.date.js?ver=21.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12685)
Hash 09e0b7c1bb0b0c1b6d1cfe9d6162414a
80881c20da23dcb37c60aa0b009cc9a42e181114
09cc2ffba2db569018999372f5cf02e6f3d48757386e9a613e5373538cffb4b4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/picker.date.js?ver=21.2 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:56 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4989
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/ladda.min.js?ver=21.2
200 OK 1.7 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/ladda.min.js?ver=21.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3607)
Hash 0670f85198107dd57129430f905e9775
53837f9c4f99ff06b6fe6056fbd51f15e86e9362
78ff9d2b555e76f5e28bb3f6953f5641d089c9c9d5d63b5364045e79811f7815
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/ladda.min.js?ver=21.2 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:56 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1705
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/th-advance-product-search/assets/css/thaps-front-style.css?ver=1.1.5
200 OK 1.9 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/th-advance-product-search/assets/css/thaps-front-style.css?ver=1.1.5
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 9778371f296462e795f74769f27bc3a9
da0c9721d4b124748b2236bb7b1d9311af356c28
f49cd7100ad0b6f830d877f9d2e913218741bfd90050629fdb6dc0a8c26c503f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/th-advance-product-search/assets/css/thaps-front-style.css?ver=1.1.5 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:15:11 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1916
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/spin.min.js?ver=21.2
200 OK 2.2 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/spin.min.js?ver=21.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4247)
Hash 994a9291cbba8a125c2de344eccbff91
898c31406134a3a07c69dae29b44e358d827d857
510d6828d366a575692c2b6151fa5fc7c51a2c94073cebd2cf590347cae4d893
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/spin.min.js?ver=21.2 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:56 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2212
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/intlTelInput.min.js?ver=21.2
200 OK 11 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/intlTelInput.min.js?ver=21.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (22399)
Hash e6a20115dd84d8cfa912833ffa93d550
ee40e2ff9bf131a7594bbc1a04b2fe912a5ade33
6489bc93c2645294631b91e78632a87f4f078b1c9b6ae58960cf150219df54ea
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/intlTelInput.min.js?ver=21.2 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:56 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 10582
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
200 OK 309 B URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (483)
Hash 0ea43e394ddaae5fdb710dbbc8869e58
3b0c93adc80720236096201db5cc2751e703996d
85225fffa21a94bfd954393d7471069ab227b98fd8b51cb5ab4af5488168a34e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:59 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 309
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/royal-elementor-addons/assets/css/lib/animations/text-animations.min.css?ver=1.3.53
200 OK 2.1 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/royal-elementor-addons/assets/css/lib/animations/text-animations.min.css?ver=1.3.53
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (14235), with no line terminators
Hash 98c045218709e267d08aa4a5ddf43327
a0eebd5cb3bb462b41773aaa2cc4095ca7d57c98
ac4887af399245a93e4382937cef6208233d90654e374d93ef55baec47ed454f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/royal-elementor-addons/assets/css/lib/animations/text-animations.min.css?ver=1.3.53 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:15:06 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2058
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/uploads/2022/10/Dr-Logo-A-200x112.png
200 OK 12 kB URL HTTP/2 drmathavanheartcare.com/wp-content/uploads/2022/10/Dr-Logo-A-200x112.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 200 x 112, 8-bit/color RGBA, non-interlaced\012- data
Hash 97fa5fac8ec20948d3f3560ce4f3a28b
48a73ce60064565ba2d7fe378e9d94e96ad2525f
0425562b80ad1d46ec8dd2bcd07e7d68ed5da8a7019e02a24d3d4a508d2c7986
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/Dr-Logo-A-200x112.png HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 15 Oct 2022 10:46:12 GMT
accept-ranges: bytes
content-length: 12014
cache-control: max-age=31536000
expires: Sat, 09 Dec 2023 04:28:52 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 4.6 kB URL HTTP/2 drmathavanheartcare.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 30 Jul 2022 09:39:00 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4618
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
200 OK 1.7 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11736)
Hash 0c23e3daeced16658c7a35cf02adbdbb
49cb5407d71e1951893556e7db9cb1dcbc0ca50c
ef2f88a60b4e387b7c977bd1f61a6efda4376539b2eb786537115ec462e8761c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:59 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1652
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/jquery.hammer.min.js?ver=21.2
200 OK 414 B URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/jquery.hammer.min.js?ver=21.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5e969a4415897775483f015c0c15e0fc
3d51a7a1ff14eb2250d296424d5454391f8471cf
5ead375701abdfb5ddbf68acf5911474320cfe5cda2c30d5edd46d3658de1c24
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/jquery.hammer.min.js?ver=21.2 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:56 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 414
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
200 OK 7.5 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 7536, version 1.0\012- data
Hash 04eb8fc57f27498e5ae37523e3bfb2c7
d942ae11706c3f7e511e3c49b0e4574d7ad199c4
f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 28 Aug 2022 02:33:28 GMT
accept-ranges: bytes
content-length: 7536
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: font/woff
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/backend/resources/js/moment.min.js?ver=21.2
200 OK 15 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/backend/resources/js/moment.min.js?ver=21.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32010)
Hash 17e97a0e260d5790bebef3c3f2d88e5d
313ecacf5faead79770e02a982826f95fcdc57d3
dc12f2d38d07dd8498c988ce18cc58ca3943fbbbaeabda385e7747162694ae32
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/backend/resources/js/moment.min.js?ver=21.2 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:57 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 14910
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/testimonial-slider-and-showcase/assets/vendor/swiper/swiper.min.css?ver=2.2.8
200 OK 5.4 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/testimonial-slider-and-showcase/assets/vendor/swiper/swiper.min.css?ver=2.2.8
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (16214), with CRLF line terminators
Hash 306441d90a9f014538bf6c713fd95df7
8ca684ce303ece7004cb7bbf66abe3ad54f06dc2
12c9decbf43d207f0c42232bc509b362b79f83f7c3d768d9dd7f4ad46410fb30
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/testimonial-slider-and-showcase/assets/vendor/swiper/swiper.min.css?ver=2.2.8 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:15:09 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 5366
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/hammer.min.js?ver=21.2
200 OK 7.9 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/hammer.min.js?ver=21.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19579)
Hash 92049a2b3c1b994cb7d3c001bedd7159
29678903f8762326c126bee9423f1aa7e4003b32
226c717b5d7e987ae2f5cabe35397fbd00eada1c8b12a3db527767857b982a93
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/hammer.min.js?ver=21.2 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:56 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 7949
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/testimonial-slider-and-showcase/assets/vendor/fontello/css/tss-font.min.css?ver=2.2.8
200 OK 388 B URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/testimonial-slider-and-showcase/assets/vendor/fontello/css/tss-font.min.css?ver=2.2.8
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (877)
Hash bf59be4091603a06a612755690a69abc
9342810d1f4e1f7e7f8342fedb3901f84489546a
99b5407825b419a2cf85b16df3d492f41039c380351ded87d3ec4ef6928f4d20
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/testimonial-slider-and-showcase/assets/vendor/fontello/css/tss-font.min.css?ver=2.2.8 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:15:09 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 388
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.1
200 OK 3.0 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10019)
Hash c2b5af6052f630a96e450e5e2a3cea52
00ca76a8828a1bbec1534eb10786804fd36492f2
58f6cc2d4fa3e528622102975fb62949dc0170bd47b588a67318d18552a57d59
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.1 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:59 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2997
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6805
Expires: Fri, 09 Dec 2022 06:22:17 GMT
Date: Fri, 09 Dec 2022 04:28:52 GMT
Connection: keep-alive
drmathavanheartcare.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1
200 OK 21 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash 46086c748fc06e0b5a16d8a8180cf5d0
da379087ce4478a00a0f6c40f5a8651e7312a110
08124b8d0bb46166db2dfc5583dec6189494371d8c5c2c1523541e7af57707b4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:59 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6805
Expires: Fri, 09 Dec 2022 06:22:17 GMT
Date: Fri, 09 Dec 2022 04:28:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9cb76c68a8cd472600106cc118067868
6cee6b1828c709f68b995197ca943a5c393f86fb
009d9ba19043b03b5aceeb80b69bf249f19a0a225bdbfef7ab8691669cb64130
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8204
x-amzn-requestid: cf54b5f8-ede8-49d5-aa56-5d9de98e3ab8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjtKfEiToAMFSXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af576-6ddfe35c0b31074d6a07076f;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:06:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UfqFAlLedF6ZkfbGXhyYDcvu0porNJb6LPaeQ8p4dqWqsFD6iRgWLw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 15:12:28 GMT
age: 47784
etag: "6cee6b1828c709f68b995197ca943a5c393f86fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06514ce96ae21cb01f526a5febdcbeb4
ebb97e5b97f394e8c67098f55581d5329ce819a2
4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xi-bshsYa4LlKbJgAt0h-lPnB_5uQbqln5JGBRE8io2Fp1y41cS9xg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:08:48 GMT
age: 1204
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb00a2a503a690cee3e4dd729b5bc9bd
cfb1e5bcab2148a777889680e6e36b9d7e8917ec
7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7960
x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEd8HC0oAMFUag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kTEbkncBnAJmQE8cdAqvDtejiwaetpRBsVcpLXy1h52lO4iUkzmOGA==
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 16:28:48 GMT
age: 43204
etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg
200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 44ed82780732ed682ee46b2df52b3ca2
0b3fe77e142178561b28c93b94b1aea2e1c395a5
383da5ca2927044c69ff1d10b630fe3439ca48f1845031ef1b6607fcd054c54b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4049
x-amzn-requestid: dbde9a26-7609-43b7-a9a5-6e4d2f559989
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwRFHIooAMFVmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-5f5131b8315a458d18cdc70f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6_KiAcPwtB6XJyanlunX6qvT9jdlEgMPMdGHM10HmJwQ2Ue_pDsCXg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 12:37:33 GMT
age: 57079
etag: "0b3fe77e142178561b28c93b94b1aea2e1c395a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45e0c1638ad919bde19731f7987ab064
1e492807c665e6e6b24ec6ce19035fdfc6f23b92
f0d3738ec8406958470c8fd152a02a123d7654c30f974c1df5c4977a380c2d62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10205
x-amzn-requestid: c5704c7a-60c4-402b-8018-5885a8dae971
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F9BIAMF3ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-3e9573d900714e3250f43e17;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mLTL7L808-OguYGrl3FUvwmFmPQjBPRj7PVfgEheFHWg4g4skoBvOg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 00:33:39 GMT
age: 14113
etag: "1e492807c665e6e6b24ec6ce19035fdfc6f23b92"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3cb7655c8fe89a83f0096c51684aa21c
4946fcab2a99d926c45abaecf8f97b6214dee0cd
60a3066f2dcc2f696413ecec56ef1d0c1a9392f6845fac5c4319b8b9e02074fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6637
x-amzn-requestid: a1b14c0b-ceb5-4a3e-9dec-2503a0841bd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZPMEQJoAMF6uQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2d-1aec46bb5d73f0c47c824174;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rft2LEct9jDCAiIawPp0pGAg7S-bDRqXWxzM4H28FFqN2bS6TYwV7A==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:59:55 GMT
age: 23337
etag: "4946fcab2a99d926c45abaecf8f97b6214dee0cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.4
200 OK 5.6 kB URL HTTP/2 drmathavanheartcare.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.4
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (16935), with no line terminators
Hash a78183fdd6c2052aae66fdfa441cd9e3
a0f5511451ded6205fad27309cab6813a281ce47
9efd1dd9d939bf979383f67bc0ab30cc64150f1d08050cd240fc1bb8fcc0b9e3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.4 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:17:34 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 5649
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.30
200 OK 16 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.30
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (12602)
Hash 0bed200600bd2dc624431a37a48f707d
9142ff72a1639e70093ec0b428b61e11c38956cd
8cacd23307ecafb26c353978ff1ea17d15839f9d57f73d9a56c3ee72cb21527c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.30 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 28 Aug 2022 02:33:28 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 16544
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.2
200 OK 2.9 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (8014), with no line terminators
Hash 1c44ef5e10d4a8e0d89d78ad512e2cbc
6b5a049fefb1c791a9f84e9a97c9256ad0fae8ac
7f3df0933239d81fd6c58b50ea4b943db51c48aecd636b249514937c91c03d62
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.2 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:15:01 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2937
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/uploads/essential-addons-elementor/eael-41.js?ver=1667400659
200 OK 0 B URL HTTP/2 drmathavanheartcare.com/wp-content/uploads/essential-addons-elementor/eael-41.js?ver=1667400659
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/essential-addons-elementor/eael-41.js?ver=1667400659 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 15 Oct 2022 09:58:26 GMT
accept-ranges: bytes
content-length: 0
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/royal-elementor-addons/assets/js/modal-popups.min.js?ver=1.3.53
200 OK 3.5 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/royal-elementor-addons/assets/js/modal-popups.min.js?ver=1.3.53
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash 4b58fa90a0eb8dfa178f08c7645b63b3
dd6a146effa834f223bad749ef25c75528af1f72
b13ed6910144472fa7eddaa161b1320179c17d103b04d2c6827169728e046749
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/royal-elementor-addons/assets/js/modal-popups.min.js?ver=1.3.53 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:15:06 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3506
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/royal-elementor-addons/assets/js/lib/parallax/parallax.min.js?ver=1.0
200 OK 6.1 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/royal-elementor-addons/assets/js/lib/parallax/parallax.min.js?ver=1.0
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (17272), with no line terminators
Hash 56860957208482a749cb2632e38278e1
7c31864c466615d5a895ebd3a8e86961b308ba14
ca640b09388f20b12c9b488c74ae1c1c918884c4a095334ccd9513adb57dee99
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/royal-elementor-addons/assets/js/lib/parallax/parallax.min.js?ver=1.0 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:15:06 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 6140
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
200 OK 8.3 kB URL HTTP/2 drmathavanheartcare.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 838560e989767f2ef5951b9eeee20352
6bf8419cb4d68d9beced9e4b79b22b347ae16a46
72e6d275c5229613a59aef94523fc6a96330553976aee003d8544d5806fa0c3d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 02 Nov 2022 05:19:27 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 8344
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-includes/js/underscore.min.js?ver=1.13.4
200 OK 8.3 kB URL HTTP/2 drmathavanheartcare.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18798)
Hash ac9c7baaab74ef2576932d5798161987
fa202113e12b09696788a7024984879bddd29143
c03d52f8f157e9209646e3e696e9845d7d2b3cf3e73c8204f371b7393e738026
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 02 Nov 2022 05:19:26 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 8305
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-includes/js/wp-util.min.js?ver=6.1.1
200 OK 758 B URL HTTP/2 drmathavanheartcare.com/wp-includes/js/wp-util.min.js?ver=6.1.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1391)
Hash 60bc75e3b14030c62d9fd3a3d317d8a8
6d919bbd05a3984a8e5e67b693e6d5d41cc885f9
e22df84be1a3ffe3b54352a4a39e14adb3fac69f2ce755e4c7babbc243c5bb4b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-util.min.js?ver=6.1.1 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 02 Nov 2022 05:19:27 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 758
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/royal-elementor-addons/assets/js/lib/jarallax/jarallax.min.js?ver=1.12.7
200 OK 6.3 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/royal-elementor-addons/assets/js/lib/jarallax/jarallax.min.js?ver=1.12.7
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15255)
Hash e802f3a9154ce1bd7b94779ecf777b14
649250842e6e3c3da0067648e2506f6e6205807a
20b3a2fb017f04ecd28d76b5c4922df9e2b7f8918a5c897d83a65b17305af687
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/royal-elementor-addons/assets/js/lib/jarallax/jarallax.min.js?ver=1.12.7 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:15:06 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 6297
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
200 OK 3.7 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12198), with no line terminators
Hash e2a8decccf4d0a6b925af707a36077a9
26a0febc9c3d91e75410f74b9ec62099ba1cbe90
09e0e638a6f53c0fdcfeeb8ae91f3a404bef47b471324e335e29be14a2aa87f7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:59 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3747
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/testimonial-slider-and-showcase/assets/js/wptestimonial.js?ver=2.2.8
200 OK 8.1 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/testimonial-slider-and-showcase/assets/js/wptestimonial.js?ver=2.2.8
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash f91ed04b99f6452c2e2e8a199dcacbec
638857fae04d5c32cfa426d69aacf3b7746d2eb6
0c5fc0157fcdcc4a05a48846d9484473b37411477027a7ac02fbe450d998360a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/testimonial-slider-and-showcase/assets/js/wptestimonial.js?ver=2.2.8 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:15:09 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 8082
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/testimonial-slider-and-showcase/assets/vendor/isotope/imagesloaded.pkgd.min.js?ver=2.2.8
200 OK 2.1 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/testimonial-slider-and-showcase/assets/vendor/isotope/imagesloaded.pkgd.min.js?ver=2.2.8
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4358), with CRLF line terminators
Hash 17ec3c0fe5b0c31fc35bb714d27f4610
576da431cd3d66fd41e93853f4d79d73a7a4490f
f24b0a9d48c3a4a74bdaf1ce555562a74e7117c1b41c4dfec34836a3c1683278
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/testimonial-slider-and-showcase/assets/vendor/isotope/imagesloaded.pkgd.min.js?ver=2.2.8 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:15:09 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2100
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8
200 OK 374 B URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (754), with no line terminators
Hash ef785f463505633971eae5c08ad626d4
624e22257f386801822229db3a4bbd2e24b25e2f
b2a0dc77f0f79d81698a7e3893e16ecba7b0d980b80a5233656d9b11f1d8160d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:15:16 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 374
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
200 OK 2.3 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4918)
Hash afe0ea20b00c3b25a89a6b2d6a98c6ac
53c0425fb9abdc217a90ec20509996cd2a5f9e1d
f70c2aa0ee7d185b9ded30b1f2037e4fbd828583d61f68eab99fd2f37b36b2a3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:59 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2312
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1
200 OK 736 B URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1801), with no line terminators
Hash ae098a17e8889ff188a7a1ca4545c729
250400844f4e830503e2e9b8642fb00bc337eb62
0f5aecfe5c23d3149b592488ac69726074ee450de920b0e7ecf3071c1acd0771
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:59 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 736
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
200 OK 13 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (32907)
Hash ec532bc72e833d74239248a507033f2d
e682bb6b3a3d8dce061c9974064efa177b286cbc
5225c44ca2b4081202505c1b0a9c16446eda2d51038ac8ed1a5eea1630b0541b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:59 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 13291
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/
200 OK 63 kB IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (50103), with CRLF, LF line terminators
Hash 6856b4f1796a4dc928b7e3b6af3632e2
747637179ab2ac908ff67b1fe0e33db092d75bf7
e212805b11a209233f5539d2a07d2a368ac75c5d54195a07565d8bac196cac1b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:28:51 GMT
server: Apache
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://drmathavanheartcare.com/wp-json/>; rel="https://api.w.org/", <https://drmathavanheartcare.com/wp-json/wp/v2/pages/41>; rel="alternate"; type="application/json", <https://drmathavanheartcare.com/>; rel=shortlink
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: true
x-proxy-cache: MISS
set-cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7; path=/; HttpOnly
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/royal-elementor-addons/assets/js/lib/particles/particles.js?ver=3.0.6
200 OK 12 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/royal-elementor-addons/assets/js/lib/particles/particles.js?ver=3.0.6
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash cad2084d9e90294f0495473f9497fedb
8407540a092da8dbdf99de72beada9d2d070c67c
bf83ef593dc5d9dba350d40e30478f966904a12ee2c5a5d5f7167453148760a3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/royal-elementor-addons/assets/js/lib/particles/particles.js?ver=3.0.6 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:15:06 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 12063
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:28:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://drmathavanheartcare.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:34:15 GMT
expires: Thu, 07 Dec 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 118478
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:28:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://drmathavanheartcare.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 293772
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://drmathavanheartcare.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 07:01:24 GMT
expires: Wed, 06 Dec 2023 07:01:24 GMT
cache-control: public, max-age=31536000
age: 250049
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
200 OK 33 kB URL HTTP/2 fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 32860, version 1.0\012- data
Hash d010a9f2d5c7a0374b3b84706a43d2ec
c1fe465db08785c3f115555d39db23838960cb66
9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536
GET /s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://drmathavanheartcare.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Dec 2022 01:48:55 GMT
expires: Mon, 04 Dec 2023 01:48:55 GMT
cache-control: public, max-age=31536000
age: 441598
last-modified: Mon, 11 Jul 2022 19:12:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://drmathavanheartcare.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:54 GMT
expires: Thu, 07 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 118499
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:28:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
drmathavanheartcare.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
200 OK 78 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://drmathavanheartcare.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:59 GMT
accept-ranges: bytes
content-length: 78196
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:53 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: font/woff2
date: Fri, 09 Dec 2022 04:28:53 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/uploads/2022/07/Medical-Expo1-1024x683.jpg
200 OK 122 kB URL HTTP/2 drmathavanheartcare.com/wp-content/uploads/2022/07/Medical-Expo1-1024x683.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 250x250, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3300, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2016:08:06 21:03:16, GPS-Data], baseline, precision 8, 1024x683, components 3\012- data
Size 122 kB (121840 bytes)
Hash c8080621668ee2f6474a0423d4d2b928
d31f3eebfcdf016a953459c21cef8e49fd5ba0ac
82d5d6f41ecbb0ea70df12d3ade24d73bd8fe616bb34f87ff8e5bd3632340720
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/07/Medical-Expo1-1024x683.jpg HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 30 Jul 2022 09:38:50 GMT
accept-ranges: bytes
content-length: 121840
cache-control: max-age=31536000
expires: Sat, 09 Dec 2023 04:28:53 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Fri, 09 Dec 2022 04:28:53 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/uploads/2022/07/Medical-Expo5-1024x683.jpg
200 OK 134 kB URL HTTP/2 drmathavanheartcare.com/wp-content/uploads/2022/07/Medical-Expo5-1024x683.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 250x250, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3300, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2016:08:06 21:05:09, GPS-Data], baseline, precision 8, 1024x683, components 3\012- data
Size 134 kB (134495 bytes)
Hash 75a15035184086021a262b6da84d7e25
251776d52cf9bff82a1c0f0ed7ad22afe45535b6
ef6166d95a46c10a477067e37af00bf50922357289f31740900ab0ca87cc64fa
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/07/Medical-Expo5-1024x683.jpg HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 30 Jul 2022 09:38:50 GMT
accept-ranges: bytes
content-length: 134495
cache-control: max-age=31536000
expires: Sat, 09 Dec 2023 04:28:53 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Fri, 09 Dec 2022 04:28:53 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/uploads/2022/07/Book_200x100.gif
200 OK 162 kB URL HTTP/2 drmathavanheartcare.com/wp-content/uploads/2022/07/Book_200x100.gif
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 200 x 100\012- data
Size 162 kB (161635 bytes)
Hash 9c18ab8549f444e6e04dfbfd9a97b0c6
a9cce67526e00c30a3a8b37c7d5507dadbbba780
ce190bf18d845371e29395a3ec741e7468ff770b70a7cda74b69480b81023fb3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/07/Book_200x100.gif HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 30 Jul 2022 09:38:50 GMT
accept-ranges: bytes
content-length: 161635
cache-control: max-age=31536000
expires: Sat, 09 Dec 2023 04:28:53 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/gif
date: Fri, 09 Dec 2022 04:28:53 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/testimonial-slider-and-showcase/assets/vendor/fontello/font/tss-font.woff2?40673691
200 OK 2.7 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/testimonial-slider-and-showcase/assets/vendor/fontello/font/tss-font.woff2?40673691
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 2700, version 1.0\012- data
Hash d16f3e5ccb498e0f702851d8b1a07f6a
39e404f09d599985b6cb43a617a7ed82b2166b45
23bbf415c86da0eefd79ea337cdaf96acf4a3ae525408d59592d917d6e1589f9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/testimonial-slider-and-showcase/assets/vendor/fontello/font/tss-font.woff2?40673691 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://drmathavanheartcare.com/wp-content/plugins/testimonial-slider-and-showcase/assets/vendor/fontello/css/tss-font.min.css?ver=2.2.8
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:15:09 GMT
accept-ranges: bytes
content-length: 2700
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:53 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: font/woff2
date: Fri, 09 Dec 2022 04:28:53 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/uploads/2022/10/DrCCC.jpeg
200 OK 255 kB URL HTTP/2 drmathavanheartcare.com/wp-content/uploads/2022/10/DrCCC.jpeg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 989x1280, components 3\012- data
Size 255 kB (255298 bytes)
Hash 1c5e65ee2048cd26a2e66f9bd16770c3
7ba3e5b69c10e0eaebb23875d8f8e076d806ce0f
2d323c222ee22bfa2a99f12a7f6fcd40db92ff53289ad7a283ee6f675f9dd2c1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/DrCCC.jpeg HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:28:53 GMT
server: Apache
content-type: image/jpeg
content-length: 255298
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 15 Oct 2022 10:11:13 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 09 Dec 2023 04:28:53 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: false
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/uploads/2022/07/cropped-Dr_MHC_Logo-Trans-192x192.png
200 OK 27 kB URL HTTP/2 drmathavanheartcare.com/wp-content/uploads/2022/07/cropped-Dr_MHC_Logo-Trans-192x192.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 3e76ba6603945e7693b790d8313458c6
0fd916eb66af03de1afd2598152767a6f209ccd8
6cfe16d51e2e9c4cea925b5070fe972ad62b10e2e9ff508de7695f0a434ce14d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/07/cropped-Dr_MHC_Logo-Trans-192x192.png HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 30 Jul 2022 09:38:50 GMT
accept-ranges: bytes
content-length: 27091
cache-control: max-age=31536000
expires: Sat, 09 Dec 2023 04:28:53 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 09 Dec 2022 04:28:53 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/uploads/2022/07/cropped-Dr_MHC_Logo-Trans-32x32.png
200 OK 1.6 kB URL HTTP/2 drmathavanheartcare.com/wp-content/uploads/2022/07/cropped-Dr_MHC_Logo-Trans-32x32.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 097aeb0742c86c3f0aa0a4e3b9c846c9
29a3b5cd6caa495b1246a60e5f935eaeebf45734
0baf0721c34f2c9e312384abf839eb11a4305c1942e705e01ffb143c42a37999
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/07/cropped-Dr_MHC_Logo-Trans-32x32.png HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 30 Jul 2022 09:38:50 GMT
accept-ranges: bytes
content-length: 1632
cache-control: max-age=31536000
expires: Sat, 09 Dec 2023 04:28:53 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 09 Dec 2022 04:28:53 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.30
200 OK 136 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.30
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (64288)
Size 136 kB (135888 bytes)
Hash 8a14b91777594d5afc1156b0e7f22369
d7b39f2ae94ef6780bd07a77f927bca770586d35
d60ea2ae31fa27794f7f1b0069ae18ff82bc840db385bb7f318f247a9f656de3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.30 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 28 Aug 2022 02:33:28 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/revslider/public/assets/css/openhand.cur
200 OK 326 B URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/revslider/public/assets/css/openhand.cur
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @7x5\012- data
Hash b06c243f534d9c5461d16528156cd5a8
bb22807a7c23dae7d007673b407850438856bbfa
080627fa359156339e79f118fa66a6937f09ff679fe87e8afa473b95c8168d35
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/css/openhand.cur HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.30
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:28:53 GMT
server: Apache
content-length: 326
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 28 Aug 2022 02:33:28 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:53 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: false
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/elementor/assets/js/counter.02cef29c589e742d4c8c.bundle.min.js
200 OK 485 B URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/elementor/assets/js/counter.02cef29c589e742d4c8c.bundle.min.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (872)
Hash 4d1cbaa47eafc86cea85d8bc5a5ffde9
8bf12004cb475e67334637c89e3111b9bc143cbd
2b34e7a64912a8d3ba42a9fd03b3fbad12adbddb2fc0582d6e1998df77818092
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/counter.02cef29c589e742d4c8c.bundle.min.js HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:59 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:53 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 485
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:53 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/uploads/2022/10/front_slider1_Dr.jpg
200 OK 104 kB URL HTTP/2 drmathavanheartcare.com/wp-content/uploads/2022/10/front_slider1_Dr.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1600x600, components 3\012- data
Size 104 kB (104497 bytes)
Hash 4db804394217f01b348e71a0e2eee8e1
244d177bc93d1f8aab9c4a5df74b61cc1e05779b
d964b1d25df0be54443b2c419682ed0f078cc54d9517a6005e54c009c1ceb821
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/front_slider1_Dr.jpg HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 20 Oct 2022 11:26:35 GMT
accept-ranges: bytes
content-length: 104497
cache-control: max-age=31536000
expires: Sat, 09 Dec 2023 04:28:53 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Fri, 09 Dec 2022 04:28:53 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/royal-elementor-addons/assets/js/frontend.min.js?ver=1.3.531
200 OK 166 kB URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/royal-elementor-addons/assets/js/frontend.min.js?ver=1.3.531
IP
ASN #46606 UNIFIEDLAYER-AS-1
Size 166 kB (166370 bytes)
Hash 21adf3f995a7f8d620c4b0e65349fabf
940ee024abfaebb231a503d1a72ae66890006149
365a32bf26b552837a28602ba997b0cb6cb7c7b5c2ac270e129cef7a7cf39af2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/royal-elementor-addons/assets/js/frontend.min.js?ver=1.3.531 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:15:06 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/uploads/2022/10/frontech_slider2.jpg
200 OK 190 kB URL HTTP/2 drmathavanheartcare.com/wp-content/uploads/2022/10/frontech_slider2.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=13, manufacturer=NIKON CORPORATION, model=NIKON D300S, orientation=upper-left, xresolution=200, yresolution=208, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2019:12:05 13:47:40], baseline, precision 8, 1600x600, components 3\012- data
Size 190 kB (190466 bytes)
Hash 6040bbf9539f9164bf97af4bcf6afecc
b82e96092a6afb427037cf37ece921f7c1dd564b
ce13f2aaf41e3ed27460693eefec1a4391768e367a1d2184083f193fc5d9d8e9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/frontech_slider2.jpg HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 20 Oct 2022 11:26:42 GMT
accept-ranges: bytes
content-length: 190466
cache-control: max-age=31536000
expires: Sat, 09 Dec 2023 04:28:53 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Fri, 09 Dec 2022 04:28:53 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e00cf5825452b2f69b0ac859dccb64ab
60aed079c48181cf46cef4d1aaa1c316a7ef7048
3aea2aa14407b6ac9d64d0f35111fec50f51632adfc39047c15bde4afd148a78
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7694
x-amzn-requestid: 0c67138c-1a6d-49ef-bd43-f9a7176679ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c2LZjFjrIAMFUSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63925909-764272151a0a4d284c6cb1bb;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 21:37:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aaEYG20Wueg557qEBq46sSUl3-_HxgZA73s-kPo3GmYgWgrGgFPl_Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:59:58 GMT
age: 23341
etag: "60aed079c48181cf46cef4d1aaa1c316a7ef7048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
200 OK 0 B URL HTTP/2 drmathavanheartcare.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 16 Nov 2022 06:08:27 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-includes/css/dashicons.min.css?ver=6.1.1
200 OK 0 B URL HTTP/2 drmathavanheartcare.com/wp-includes/css/dashicons.min.css?ver=6.1.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dashicons.min.css?ver=6.1.1 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 30 Jul 2022 09:38:58 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
200 OK 0 B URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
IP
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 28 Aug 2022 02:33:28 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/testimonial-slider-and-showcase/assets/vendor/swiper/swiper.min.js?ver=2.2.8
200 OK 0 B URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/testimonial-slider-and-showcase/assets/vendor/swiper/swiper.min.js?ver=2.2.8
IP
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/testimonial-slider-and-showcase/assets/vendor/swiper/swiper.min.js?ver=2.2.8 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:15:09 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/picker.js?ver=21.2
200 OK 0 B URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/picker.js?ver=21.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/picker.js?ver=21.2 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:56 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3766
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
200 OK 0 B URL HTTP/2 drmathavanheartcare.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 02 Nov 2022 05:19:27 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/royal-elementor-addons/assets/css/frontend.min.css?ver=1.3.531
200 OK 0 B URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/royal-elementor-addons/assets/css/frontend.min.css?ver=1.3.531
IP
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/royal-elementor-addons/assets/css/frontend.min.css?ver=1.3.531 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:15:06 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/bookly.min.js?ver=21.2
200 OK 0 B URL HTTP/2 drmathavanheartcare.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/bookly.min.js?ver=21.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/bookly.min.js?ver=21.2 HTTP/1.1
Host: drmathavanheartcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://drmathavanheartcare.com/
Cookie: PHPSESSID=90f15b57043a734fdbed8afcf2cedfb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 15 Nov 2022 18:14:56 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Fri, 09 Dec 2022 10:28:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Fri, 09 Dec 2022 04:28:52 GMT
server: Apache
X-Firefox-Spdy: h2
162.241.118.152
93.184.220.29
23.36.77.32
0.0.0.0