www.cd9es62kbfgq26rbe220.msl-afteburner.link/
185.149.120.9301 Moved Permanently 568 B URL HTTP/1.1 www.cd9es62kbfgq26rbe220.msl-afteburner.link/
IP 185.149.120.9:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (564), with no line terminators
Hash 2761b98db33884ab29711096ab315edb
8cea6e53464aea178b72e06a906205d040f14ca5
9f7a07f69d9b9a5af186a79159ccea18935ab4103128ca967e3f3f8ae45fb3ee
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Date: Wed, 08 Feb 2023 06:27:13 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Content-Type: text/html; charset=utf8
Content-Length: 568
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21037
Expires: Wed, 08 Feb 2023 12:17:50 GMT
Date: Wed, 08 Feb 2023 06:27:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4836
Expires: Wed, 08 Feb 2023 07:47:49 GMT
Date: Wed, 08 Feb 2023 06:27:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 05:36:36 GMT
content-type: application/json
age: 3037
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12527
Expires: Wed, 08 Feb 2023 09:56:00 GMT
Date: Wed, 08 Feb 2023 06:27:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ouIDvYOg21vI21G99jVIQl006S/5UJIQQo7h+nsnjvVjWjI0gxpQc4tUw6BAXilLm0XxcRIeiyE=
x-amz-request-id: FEJ4126R4T7G4KJF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 05:35:49 GMT
age: 3084
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 06:27:13 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c78be0ce7d8917941a4922072d3d068e
ee27366ffb22f36d0ae0b5076c2f1df22797ecb2
a647f19fdcf868bf6ba42a352a083aba14a62fd08c89d5fcc1af75024cd8ce5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A647F19FDCF868BF6BA42A352A083ABA14A62FD08C89D5FCC1AF75024CD8CE5A"
Last-Modified: Wed, 08 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 08 Feb 2023 12:27:13 GMT
Date: Wed, 08 Feb 2023 06:27:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 06:14:52 GMT
age: 741
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3861
Expires: Wed, 08 Feb 2023 07:31:35 GMT
Date: Wed, 08 Feb 2023 06:27:14 GMT
Connection: keep-alive
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/mikey-v.jpg
185.149.120.9200 OK 9.5 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/mikey-v.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 200x200, components 3\012- data
Hash 01b8bf478131eef0fc4166aa36b14cdc
ccb7e8d82f1ad8da7dbe3c44dd48d538a10818af
f5358dee07e73d297270844d71e4691b8e53aaa60904d33b766f4a9d7105c89f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/mikey-v.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 9542
last-modified: Tue, 31 Jan 2023 16:18:30 GMT
etag: "63d93f56-2546"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/18-wood-floor-refinishing-540x360.jpg
185.149.120.9200 OK 33 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/18-wood-floor-refinishing-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash 69ea33debd3b21390b4efe5ef716975a
0403cf1b722f6b909c368b56ea5141918fe058bd
a24b7f16a4ec1316a90b5532449f4a35602bcc44fb6602be7e55ec9ee23e79f9
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/18-wood-floor-refinishing-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 32792
last-modified: Tue, 31 Jan 2023 16:18:04 GMT
etag: "63d93f3c-8018"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/maps/api/js?sensor=false&libraries=places&key=AIzaSyAoqe7ax5RSfFjHfZTdxOVIvkzxkN0RDHM&ver=1
185.149.120.9200 OK 173 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/maps/api/js?sensor=false&libraries=places&key=AIzaSyAoqe7ax5RSfFjHfZTdxOVIvkzxkN0RDHM&ver=1
IP 185.149.120.9:0
File type ASCII text, with very long lines (2472)
Size 173 kB (172855 bytes)
Hash ce81ad81d952459c293ffe3ed2aaed9e
b3bdb4c2c6aadf35e1fe6a2058a545064933b217
a8a6326e47e0dca230743db639d96673ec73138cb11121edd8f76edd97bfa5a1
Analyzer Verdict Alert quad9 Sinkholed
GET /maps/api/js?sensor=false&libraries=places&key=AIzaSyAoqe7ax5RSfFjHfZTdxOVIvkzxkN0RDHM&ver=1 HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-length: 172855
last-modified: Tue, 31 Jan 2023 16:17:16 GMT
etag: "2a337-5f391aa44db00"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/user_large_square.png
185.149.120.9200 OK 3.1 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/user_large_square.png
IP 185.149.120.9:0
File type PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 7e4e0dfd903fa0adf9b3bd0010c9fe39
ca5411d5805accb1d1b7eee71351a5336f97d527
c66801ca18e12d074098e272eebb017aed856863357bdf584d566c7136bd437e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/user_large_square.png HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/png
content-length: 3099
last-modified: Tue, 31 Jan 2023 16:18:22 GMT
etag: "63d93f4e-c1b"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/eva-m.jpg
185.149.120.9200 OK 9.9 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/eva-m.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 200x200, components 3\012- data
Hash 0699d8157e52257c39577bd5bcabc22f
37937f93059160abadf6e6d211341f053e39f7d5
85da308755736a0d9207a6584887a28f8e66f7312c997288ee73d1be46c2e84b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/eva-m.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 9920
last-modified: Tue, 31 Jan 2023 16:18:14 GMT
etag: "63d93f46-26c0"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/hannah-p.jpg
185.149.120.9200 OK 27 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/hannah-p.jpg
IP 185.149.120.9:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Windows), datetime=2017:07:19 10:27:00], baseline, precision 8, 156x156, components 3\012- data
Hash 9940c5c1de017eecbe5e85f2a442b6bd
909588430c25c4de9618fe1b2a8b256d7096efd6
5ea5de94db1a65c64b0692184c0fed0935945412d53a0024759b856fa1ffb4e4
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/hannah-p.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 26786
last-modified: Tue, 31 Jan 2023 16:18:08 GMT
etag: "63d93f40-68a2"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/06/ha-k.jpg
185.149.120.9200 OK 17 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/06/ha-k.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, manufacturer=Canon, model=Canon EOS 5D Mark III, software=Adobe Photoshop Lightroom 6.8 (Macintosh), datetime=2017:03:03 15:16:19], baseline, precision 8, 115x134, components 3\012- data
Hash bd69221092290dc97861b745258b7944
f88303e27148b29b5af24c38ef3ac4d26e140a77
557ac26eae19b1c6b7ac9bf7e2ec867e095de7338db43253dba3cb89dd3a19d2
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/06/ha-k.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 17334
last-modified: Tue, 31 Jan 2023 16:18:00 GMT
etag: "63d93f38-43b6"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/e2e6481efff490802831363d4398bd3c-540x360.jpg
185.149.120.9200 OK 32 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/e2e6481efff490802831363d4398bd3c-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash c39f55102161a65188c580fcd05364e3
c82a44abb358a3710500d30db44d68a7e8e056ea
86b729826e1aa26805fd1727232c96e06190ad010f8dd5bf7334acb4d8ce76af
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/e2e6481efff490802831363d4398bd3c-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 31678
last-modified: Tue, 31 Jan 2023 16:18:04 GMT
etag: "63d93f3c-7bbe"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/413bc0_0abe036b50d1464290feed076f90cc99-540x360.jpg
185.149.120.9200 OK 28 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/413bc0_0abe036b50d1464290feed076f90cc99-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash 1aa7e08cfd36f7abea983b6d9b8bb297
7816273bd0ac875a15652296aec7654c5df8901e
bea12266152fbccc7d95433e1151af3c49ebf2792b44014a538335bb457d30ce
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/413bc0_0abe036b50d1464290feed076f90cc99-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 28488
last-modified: Tue, 31 Jan 2023 16:18:36 GMT
etag: "63d93f5c-6f48"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/new-baseboard-540x360.jpg
185.149.120.9200 OK 26 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/new-baseboard-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash 83db88435738cb23d77559b81fabe50d
c0af2d446df4640bca23fde07a90a508ef084530
a8f48820aa805544c5d93f88a66690ae96187aff61c20e0acd86abbd2959c399
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/new-baseboard-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 25891
last-modified: Tue, 31 Jan 2023 16:18:04 GMT
etag: "63d93f3c-6523"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/413bc0_045d4e39e38b43c8a940aea41318efba-540x360.jpg
185.149.120.9200 OK 35 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/413bc0_045d4e39e38b43c8a940aea41318efba-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash d85d6096c4cf104000c5df15a198bf37
7307aab4c711d99012cf6cbf9aef64615c13588a
eca72c6efcf0638f07328f7e512d58ef95095f451df175c838388630b3b3ba94
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/413bc0_045d4e39e38b43c8a940aea41318efba-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 35412
last-modified: Tue, 31 Jan 2023 16:18:08 GMT
etag: "63d93f40-8a54"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/dark-540x360.jpg
185.149.120.9200 OK 19 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/dark-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash 645be2c8d8ef252cf0078bfe08ff5c8d
739ca9670993cff6ebef69f60de2e65de2a176cb
fab046bd9c1d50665393b24d37bf9fa01c26edc8f72493a3d1030f618498ebe0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/dark-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 19381
last-modified: Tue, 31 Jan 2023 16:18:06 GMT
etag: "63d93f3e-4bb5"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/select-and-better-540x360.jpg
185.149.120.9200 OK 29 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/select-and-better-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash 8600a9947e1299ed758f47d773392846
172a2f145d0ab774f5bbd2bc130478fa22845614
381bae48d3d0c63ed8afd9a2334445276f91a80f5a2bfacc3f86c3b78a116916
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/select-and-better-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 29285
last-modified: Tue, 31 Jan 2023 16:18:10 GMT
etag: "63d93f42-7265"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/commercial-540x360.jpg
185.149.120.9200 OK 36 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/commercial-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash 47194ca56dc28d1abb82c929c230846e
cff868b256c9d11f41c4c4b82b7ef679d084c424
40ddcb9bcfca956b8d09b5bfd97f60537f2598f2aaabab8a38f78cd532c1ec1e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/commercial-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 35874
last-modified: Tue, 31 Jan 2023 16:18:40 GMT
etag: "63d93f60-8c22"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/oak-540x360.jpg
185.149.120.9200 OK 29 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/oak-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash 4bf8c8344358e0a8ebf1f768312461ca
31d081e782cbf5a66d9883bd363fc3f1f58f0b34
b7d6d778fd008810daa7ce1cbc628a149bd60a5d5172d493c5ad924e20febe03
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/oak-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 28875
last-modified: Tue, 31 Jan 2023 16:18:14 GMT
etag: "63d93f46-70cb"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/design1-540x360.jpg
185.149.120.9200 OK 39 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/design1-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash a6a05016a0180b31bd591b05a3ceadcb
95fa5fafbcd79d58788b042d557ea644500f49fb
6923bb32a2648cdec38e7c95bb1276638ac28f1e8d906b18c69ebd16978e6cb2
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/design1-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 39239
last-modified: Tue, 31 Jan 2023 16:18:06 GMT
etag: "63d93f3e-9947"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/baseboard-540x360.jpg
185.149.120.9200 OK 37 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/baseboard-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash b42529f63f55e7ab9ada5fbb9037ef11
be63cc7a05f89413acca12b707a0df354c064d55
e9e21d2e6d95588187d74d60dc89e14eeac3b3ff5b348c69eb28aeb8ac8bbe67
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/baseboard-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 36658
last-modified: Tue, 31 Jan 2023 16:18:12 GMT
etag: "63d93f44-8f32"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/06/hardwood-floor-installation-chicago.jpg
185.149.120.9200 OK 77 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/06/hardwood-floor-installation-chicago.jpg
IP 185.149.120.9:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=14, height=459, bps=0, PhotometricIntepretation=RGB, description=Laying hardwood parquet concept. Hammer and level on the floor., orientation=upper-left, width=612], baseline, precision 8, 612x408, components 3\012- data
Hash a039428b18ab739071311b40549ecf6e
713c475f2ee0d47ec351b67c49c054008d92f409
80fd0f481289d5876a639e8302b5a5b18932b2d054ac851b9e259eb6195f3a07
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/06/hardwood-floor-installation-chicago.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 76657
last-modified: Tue, 31 Jan 2023 16:17:52 GMT
etag: "63d93f30-12b71"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/clean-540x360.jpg
185.149.120.9200 OK 21 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/clean-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash 09ddb458177abd96ffcda53c143dcde4
75f82917cc4eec81f62cbae1ce7ecc051db6869a
36bbdc270ee9cbb80adbb2ef73be6cbf38c21e36ff8f536e7cb647bb95d02ffc
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/clean-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 21335
last-modified: Tue, 31 Jan 2023 16:18:42 GMT
etag: "63d93f62-5357"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/06/hardwood-floor-repairs-chicago.jpg
185.149.120.9200 OK 46 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/06/hardwood-floor-repairs-chicago.jpg
IP 185.149.120.9:0
File type JPEG image data, progressive, precision 8, 612x408, components 3\012- data
Hash 0c69ad1f76a8f6fe86a69d5e20685845
cf4f8bd04b0f113f8864a8356c62993904ba692b
66fdec2be1e468ab8c458fce7d75eca55bc521780636496ff3006928a2df4e60
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/06/hardwood-floor-repairs-chicago.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 45971
last-modified: Tue, 31 Jan 2023 16:17:54 GMT
etag: "63d93f32-b393"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/floor-design-540x360.jpg
185.149.120.9200 OK 43 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/floor-design-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash 0b2df26c2cf7008ddc25a59a86322142
aa46cdef0bda3e39ad0b64ce0b928d370263ea09
d3e9315f0dd8a06d3cfcf9cd2da9bbdf6f8dfd71b8f4c3b560c6e24abd796f5c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/floor-design-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 43233
last-modified: Tue, 31 Jan 2023 16:18:04 GMT
etag: "63d93f3c-a8e1"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/solid-hardwood-540x360.jpg
185.149.120.9200 OK 38 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/solid-hardwood-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash e9201912bf740050603200b7a9926943
5e233e34208e49c1183caa88664adeaeef60b1df
89333689470b93b8c6c031e3e59ead6fc674d5775af455e97ade5c00d9c4824b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/solid-hardwood-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 38065
last-modified: Tue, 31 Jan 2023 16:18:44 GMT
etag: "63d93f64-94b1"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/hardwood-gallery-2-540x360.jpg
185.149.120.9200 OK 26 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/hardwood-gallery-2-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash 19f2e7fa781eda33a21c0230d0072d40
f3969662d91c806ea00411778d17e3a6b58d8ec8
a6c2d11e04a22dc7f6eb8fffaf98826163453369d9c1c1b3057d2323a4f9176c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/hardwood-gallery-2-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 26406
last-modified: Tue, 31 Jan 2023 16:18:20 GMT
etag: "63d93f4c-6726"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/stain-samples-540x360.jpg
185.149.120.9200 OK 30 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/stain-samples-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash 8b86fc2d7e012db512be5f07a780d8a1
e33856468defb58f1676858ce72d1085a602d69c
92f181fca27fbff568f87a38ac085b7ed80e3f4fe39ecf8404610e3048e47f7e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/stain-samples-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 30301
last-modified: Tue, 31 Jan 2023 16:18:12 GMT
etag: "63d93f44-765d"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/design2-540x360.jpg
185.149.120.9200 OK 44 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/design2-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash a8da48ae089e794da7baa6df325aac45
e24bce51f173965fd602258c61f94161c845ff45
f6857fcbefb097623ae34097c6209c62b5c5461947b758523a233ed0496b95b4
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/design2-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 44518
last-modified: Tue, 31 Jan 2023 16:18:18 GMT
etag: "63d93f4a-ade6"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/before-after-540x360.jpg
185.149.120.9200 OK 25 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/before-after-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash 6a9c5f70ea045d0d20254d55df621d98
f487303046e82f3436aa03a9369055049ecf309c
4e4b572d9411dced844266b12b0cb5827c5dd72b713e1a745233d6008f459e7b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/before-after-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 25258
last-modified: Tue, 31 Jan 2023 16:18:34 GMT
etag: "63d93f5a-62aa"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/chicago-540x360.jpg
185.149.120.9200 OK 30 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/chicago-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash 3e744c5ff8fc689118db2e98d1508a51
910ed8f91d66bae77837b7f183176ee0e40a2459
94857d8cef54d07e8f88e580ff6a138e0622f35fc88bc9484403cd1949b4cb4c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/chicago-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 29998
last-modified: Tue, 31 Jan 2023 16:18:10 GMT
etag: "63d93f42-752e"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/hardwood1-540x360.jpg
185.149.120.9200 OK 44 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/hardwood1-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash bb80b1275971873d870a654915700b24
502c73dac0dbc6e08e62cb5dd9940e5ebf8a2aa5
00a21481157da408d1761885d00bf16a39ce5585e6bcbba0752f9346641d1504
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/hardwood1-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 44140
last-modified: Tue, 31 Jan 2023 16:18:10 GMT
etag: "63d93f42-ac6c"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/413bc0_59c7ae2b4b7f43ccb7662d8b24b0ef00-540x360.jpg
185.149.120.9200 OK 20 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/413bc0_59c7ae2b4b7f43ccb7662d8b24b0ef00-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash a665517d34243452b88ee24246aa6e70
d03c684793be07472d119e9418828bc7bfc2c8f2
72cb75b7a95a6b6cc78363bbc7af3383c8abeb925ba51093d93051fa188699b2
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/413bc0_59c7ae2b4b7f43ccb7662d8b24b0ef00-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 20241
last-modified: Tue, 31 Jan 2023 16:18:44 GMT
etag: "63d93f64-4f11"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.148.77.40101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.77.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ACncckgBw/rfhLWbmXdQlA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UfqX1qwBHrswxYqQZUnHV6G8Cdk=
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/413bc0_7a70bb4109d448a59bf6593f6d787284-540x360.jpg
185.149.120.9200 OK 31 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/413bc0_7a70bb4109d448a59bf6593f6d787284-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash a938d27313f5ecdd886b6febb1ba43c6
8968a2338f825489cd23eec3391e55d86e5f6971
2fd8329b25b9606a18e70deb53bfb086c2d426173b9e51d44e9623c9f34f9e75
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/413bc0_7a70bb4109d448a59bf6593f6d787284-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 31327
last-modified: Tue, 31 Jan 2023 16:18:20 GMT
etag: "63d93f4c-7a5f"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/06/people-love-us-on-yelp250x250.png
185.149.120.9200 OK 29 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/06/people-love-us-on-yelp250x250.png
IP 185.149.120.9:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 831a570da109302b20399894d8732b3b
ea7a2b39dd1348bb3cd8fa229ade3e8133e6b3cf
6449338350673f4c3e6e5ab622a30a56f531af258122d59eb44d1eaedb81ac42
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/06/people-love-us-on-yelp250x250.png HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/png
content-length: 29256
last-modified: Tue, 31 Jan 2023 16:18:00 GMT
etag: "63d93f38-7248"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/06/CP_WoodFloor_webfooter_round.png
185.149.120.9200 OK 49 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/06/CP_WoodFloor_webfooter_round.png
IP 185.149.120.9:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 39657bf738b9efb082a2067e9bf27648
2b646a38450413375ea322e78049d0eeab7bb201
16a5cf16b3c88e4b0fed495942bcfa190dc3ed0f634a0cf75b400362991818a7
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/06/CP_WoodFloor_webfooter_round.png HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/png
content-length: 48855
last-modified: Tue, 31 Jan 2023 16:17:50 GMT
etag: "63d93f2e-bed7"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/stunning-540x360.jpg
185.149.120.9200 OK 24 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/stunning-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash fa60c6e0f021a7b6c25bdec907534043
237c1eee95f39982503f3e642e1a7d327ed4c1db
d20ac42fd31965b99d416d524453da40e45738080356cb216cf5c255ed163bc9
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/stunning-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 24383
last-modified: Tue, 31 Jan 2023 16:18:20 GMT
etag: "63d93f4c-5f3f"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/413bc0_cc6fa6f883f647259469da988fc07060-540x360.jpg
185.149.120.9200 OK 25 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/413bc0_cc6fa6f883f647259469da988fc07060-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash 7a7bdbb9a9693b74a2c7efa5af41386d
ab9893227a97ab0f4c1bdbe3c9fbd74ec8695ad3
8db38cf573d3a18b921d481cbfa232d816bd7d0ca2dbd999eb110b77931cd366
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/413bc0_cc6fa6f883f647259469da988fc07060-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 24912
last-modified: Tue, 31 Jan 2023 16:18:04 GMT
etag: "63d93f3c-6150"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/413bc0_116ec122822f4580b9be85cf72258dbb-540x360.jpg
185.149.120.9200 OK 24 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/413bc0_116ec122822f4580b9be85cf72258dbb-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash 29afd0ca7f7e6d16bfe1e30f8b1179af
435184778d451ca7d1cef6aaf5a4abfc1aae2d49
56e4e2c4dd4fbee066726b5255e1adc61a6f4531cb7db5513413e02d2d41a829
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/413bc0_116ec122822f4580b9be85cf72258dbb-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 24461
last-modified: Tue, 31 Jan 2023 16:18:06 GMT
etag: "63d93f3e-5f8d"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/stained-oak-stairs-540x360.jpg
185.149.120.9200 OK 33 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/stained-oak-stairs-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash 58029d4d59bfcd1542acfd261b6f8b54
778a5d3f568d4acb68c3924557b38035bf73391d
17b4d87c7890a355bd8723054027ddf83bf52d508a27ba96c49a49ea66f3468d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/stained-oak-stairs-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 33130
last-modified: Tue, 31 Jan 2023 16:18:04 GMT
etag: "63d93f3c-816a"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/413bc0_c9f27221fba44508bf897bcda1f7f981-540x360.jpg
185.149.120.9200 OK 21 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/413bc0_c9f27221fba44508bf897bcda1f7f981-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash 4494b7e9dc06df28d3416bfc4678d65d
646e3f24beb06af5129c2793edbe6e8e18d2a6fd
66c3c739c6d6f60605c865309d068498558821df7632556c94e8f6db393bfeb7
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/413bc0_c9f27221fba44508bf897bcda1f7f981-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 21324
last-modified: Tue, 31 Jan 2023 16:18:30 GMT
etag: "63d93f56-534c"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/06/john-s.jpg
185.149.120.9200 OK 13 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/06/john-s.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 200x223, components 3\012- data
Hash 272eb31909e4335658db706fc35f7a22
b155f7f32c8164545d32e50acd8a3da8bbdb74f7
d79411c8902419429ffb860957a96ec8152961641fd21799b66e3bf099e9984b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/06/john-s.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 12828
last-modified: Tue, 31 Jan 2023 16:17:52 GMT
etag: "63d93f30-321c"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/stairs-ballusters-540x360.jpg
185.149.120.9200 OK 36 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/stairs-ballusters-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash 6a092a5d6763ecb58bcbcbb85e41b0a8
f4f4c2b283409669c625530cc3fdfea0ca8b7bbc
6ba17d97f4955fabd3467beabfdef7a30b6c870c318909d7cae1503929e2ced1
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/stairs-ballusters-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 36059
last-modified: Tue, 31 Jan 2023 16:18:18 GMT
etag: "63d93f4a-8cdb"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/christiana-h.jpg
185.149.120.9200 OK 13 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/christiana-h.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 250x250, components 3\012- data
Hash ce4e34f9b81ba749e810e63ae9a9d6ce
5c41adb2fa87f23c68796b4da359503031ebbf9c
3da1c399fcbaeaf824a21f0947c5b89dc9e72e4e6f2b9802f22f07589bad1949
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/christiana-h.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 13345
last-modified: Tue, 31 Jan 2023 16:18:30 GMT
etag: "63d93f56-3421"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/oaks-stairs-540x360.jpg
185.149.120.9200 OK 27 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/oaks-stairs-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash 0c2335d43b08bf1bef9d08b23816c977
1f76fd273bca463659ba1c296253ae29eae96c3f
9d09d93d47d9efb7fa5efae6bd08e010aae8e51ddd2db53349555213628f93d0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/oaks-stairs-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 26745
last-modified: Tue, 31 Jan 2023 16:18:06 GMT
etag: "63d93f3e-6879"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/embossed-540x360.jpg
185.149.120.9200 OK 30 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/embossed-540x360.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 540x360, components 3\012- data
Hash a91dd5ed2e6cf7e9dade429aeaf2802d
15498162e4b9b25747091633f80eb63445eb4ba6
5b7f1a46e0651b5a461de60b05bfc1798867c5c3fcf2d8eebdb132b30debbadd
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/embossed-540x360.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 29945
last-modified: Tue, 31 Jan 2023 16:18:16 GMT
etag: "63d93f48-74f9"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/06/hardwood-floor-sanding-refinishing-chicago.jpg
185.149.120.9200 OK 29 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/06/hardwood-floor-sanding-refinishing-chicago.jpg
IP 185.149.120.9:0
File type JPEG image data, progressive, precision 8, 612x408, components 3\012- data
Hash a260b6203a43f0dd8eb1e6a4a7ce4c9e
b5f5bb430ec09148e68163ea4e4971b8ba0c2505
fb3b7393988dfc32cefb576a2684cbe362738e1275d2063c215ec592c5fe78ba
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/06/hardwood-floor-sanding-refinishing-chicago.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 29062
last-modified: Tue, 31 Jan 2023 16:17:58 GMT
etag: "63d93f36-7186"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/06/Johnny-Outline-GrayBG-1280x2002.jpg
185.149.120.9200 OK 196 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/06/Johnny-Outline-GrayBG-1280x2002.jpg
IP 185.149.120.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 1280x2002, components 3\012- data
Size 196 kB (196278 bytes)
Hash ec4dfaf866b33b06614c8b855cbb3170
3eb6ea3ba4b5ab6df6167da522f1c0efb945277a
cbd2577116bfcb6284324cda39d110870d239aea9fae0b97790164422b74e1e6
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/06/Johnny-Outline-GrayBG-1280x2002.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 196278
last-modified: Tue, 31 Jan 2023 16:17:56 GMT
etag: "63d93f34-2feb6"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:27:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/themes/Total/assets/css/wpex-responsive.css?ver=4.2.1
185.149.120.9200 OK 3.7 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/themes/Total/assets/css/wpex-responsive.css?ver=4.2.1
IP 185.149.120.9:0
File type ASCII text, with very long lines (17817)
Hash 4f406998c1402516bdbad537261f0bda
b8e136a180c13d9f7e7eda2b79c9300b02fc9ec7
4e8a6aa08796742f908a66dbe99cf359f573b38c7a020f1c9c703de8ceae3a0b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Total/assets/css/wpex-responsive.css?ver=4.2.1 HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: text/css
last-modified: Tue, 31 Jan 2023 16:17:32 GMT
etag: W/"63d93f1c-4654"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/themes/ftl/css/main.prod.css?ver=1502684984
185.149.120.9200 OK 83 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/themes/ftl/css/main.prod.css?ver=1502684984
IP 185.149.120.9:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash cdef5408b87c60a4fb8ccfd0c4fd5a05
1d7ef545778b88319d3456e97c34d6098a1426b6
166d24788cda1be9af6dc6c527b60f23bd0e2ab58fda7b15c61cfcc51579e35d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/ftl/css/main.prod.css?ver=1502684984 HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: text/css
last-modified: Tue, 31 Jan 2023 16:17:26 GMT
etag: W/"63d93f16-100f9"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/intercom-bg.png
185.149.120.9200 OK 27 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/intercom-bg.png
IP 185.149.120.9:0
File type PNG image data, 352 x 390, 8-bit colormap, non-interlaced\012- data
Hash 455d21f370cfa03f6b11f822562eab85
8a42ae3707026f3b45148da2281ee0f6af7e9a99
980d45e36dbd7fc5e6f1d30977b13b639d7db90a100e7c9ac355856f6b04b1a5
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/intercom-bg.png HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/png
content-length: 26975
last-modified: Tue, 31 Jan 2023 16:18:24 GMT
etag: "63d93f50-695f"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/themes/ftl/fonts/aktivgrotesk-light-webfont.woff2
185.149.120.9200 OK 32 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/themes/ftl/fonts/aktivgrotesk-light-webfont.woff2
IP 185.149.120.9:0
File type Web Open Font Format (Version 2), TrueType, length 31784, version 1.852\012- data
Hash 22438b013fcbdc7f345466b1f31a108b
b200d52fd750ff95cd96da47ddffb7137b448a8e
f05faa87dfd12956607b425f9ef5118e1606a882f7a5cb5446281573cc23a947
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/ftl/fonts/aktivgrotesk-light-webfont.woff2 HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/themes/ftl/css/main.prod.css?ver=1502684984
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: application/octet-stream
content-length: 31784
last-modified: Tue, 31 Jan 2023 16:17:26 GMT
etag: "63d93f16-7c28"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:27:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:27:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/themes/Total/assets/css/wpex-visual-composer.css?ver=4.2.1
185.149.120.9200 OK 3.3 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/themes/Total/assets/css/wpex-visual-composer.css?ver=4.2.1
IP 185.149.120.9:0
File type ASCII text, with very long lines (16261)
Hash 6dc00e1450ed0d582285390e1c62e590
6714cb083d049d9dcf69bfaa8df467d0fbec77df
e0bd4020619513c0675cf0da23bf011ed07124836dfa5d4296500b3de3357d9d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Total/assets/css/wpex-visual-composer.css?ver=4.2.1 HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: text/css
last-modified: Tue, 31 Jan 2023 16:17:32 GMT
etag: W/"63d93f1c-4048"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/06/floors-to-love-hardwood-flooring-logo-dark.svg
185.149.120.9200 OK 38 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/06/floors-to-love-hardwood-flooring-logo-dark.svg
IP 185.149.120.9:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (710)
Hash 1b8d1bd7cec60590294556889863ed6e
7a7c16051894b3f55524164ca288b0769eb53807
af0820b2804d1daf97e77c11ed25f8f5b825f513c72cf5dd4a0547efcae4988f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads/2017/06/floors-to-love-hardwood-flooring-logo-dark.svg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/svg+xml
last-modified: Tue, 31 Jan 2023 16:17:54 GMT
etag: W/"63d93f32-4ee9"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf_.ttf
142.250.74.35200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf_.ttf
IP 142.250.74.35:0
File type TrueType Font data, 17 tables, 1st "GDEF", 8 names, Microsoft, language 0x409\012- data
Hash bfd9c675eedc561abe5d0561ed346260
8274aacf3d4d2da9e63f2ee5427bf429367f5107
5607a5e2d45fef4901e3f58fb74b00d7724094efcb9aa7fdfd447eb88d475876
GET /s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf_.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24775
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 03:51:42 GMT
expires: Sat, 03 Feb 2024 03:51:42 GMT
cache-control: public, max-age=31536000
age: 441332
last-modified: Tue, 26 Apr 2022 16:08:32 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
216.58.211.10200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 216.58.211.10:0
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 08 Feb 2023 06:27:14 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/css.css?family=Merriweather%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic&subset=latin&ver=4.9.22
185.149.120.9200 OK 25 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/css.css?family=Merriweather%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic&subset=latin&ver=4.9.22
IP 185.149.120.9:0
Hash 8af564bb63417c6abd1d6d6a04351356
c1f7ecb5f5457d09b519ce95091b28756b36ea6b
9c6a0daf4ba61fdc7fd344c2b5bf41241e65f7a2866a45c745d91c1587171e63
Analyzer Verdict Alert quad9 Sinkholed
GET /css.css?family=Merriweather%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic&subset=latin&ver=4.9.22 HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: text/css
last-modified: Tue, 31 Jan 2023 16:17:06 GMT
etag: W/"63d93f02-58a"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/06/mountainous-living.jpg
185.149.120.9200 OK 499 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/06/mountainous-living.jpg
IP 185.149.120.9:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x1080, components 3\012- data
Size 499 kB (498765 bytes)
Hash 9a87fe7779fcdb07e6abd7d2027eac00
f4534303e21b04d2d47ef6fec6c636f9e3c15249
750990eff60d3fe303843a0f2dffa4b9bde0dd0cfeeaf461d63032ae7d5116eb
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/06/mountainous-living.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 498765
last-modified: Tue, 31 Jan 2023 16:17:52 GMT
etag: "63d93f30-79c4d"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvk.ttf
142.250.74.35200 OK 40 kB URL HTTP/2 fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvk.ttf
IP 142.250.74.35:0
File type TrueType Font data, 17 tables, 1st "GDEF", 8 names, Microsoft, language 0x409\012- data
Hash 45266611f6ea99d3cd5653b3b6f31f17
964058da0291b6ccc290438bbfbef8e72af4b4f7
3d1571fd68a2e961e8ba49c0cd1bb9e9eec05b5b37766fa8e60a31b025869287
GET /s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvk.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40008
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 05:05:13 GMT
expires: Wed, 07 Feb 2024 05:05:13 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:47:57 GMT
content-type: font/ttf
age: 91321
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:27:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:27:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/06/field-tall.jpg
185.149.120.9200 OK 291 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/06/field-tall.jpg
IP 185.149.120.9:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=19, height=1200, bps=242, PhotometricIntepretation=RGB, description=Best_Nature_www.laba.ws, orientation=upper-left, width=1920], baseline, precision 8, 1920x1000, components 3\012- data
Size 291 kB (291098 bytes)
Hash ade02d702d9d07bdc01180627ea65570
afcbbb314558389eebf915f66980597f6cf14e93
8144560957bea86264c311c73678c4e89b3e161f3030be54090de7c00c1a832b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/06/field-tall.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 291098
last-modified: Tue, 31 Jan 2023 16:17:56 GMT
etag: "63d93f34-4711a"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/06/cherry-red-hardwood.jpg
185.149.120.9200 OK 425 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/06/cherry-red-hardwood.jpg
IP 185.149.120.9:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=\302\251 2009 Bozena Zuchowska], progressive, precision 8, 1920x720, components 3\012- data
Size 425 kB (424605 bytes)
Hash 5ea7efd4fb0681256dfed06ef8c8198d
e0237305d125af61c56172333a1c4b945c57ee4c
5195f92f8ef42296323e205f3d35e9f8e3fc86663a7530bdfffef0e8d1704630
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/06/cherry-red-hardwood.jpg HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: image/jpeg
content-length: 424605
last-modified: Tue, 31 Jan 2023 16:17:54 GMT
etag: "63d93f32-67a9d"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
cdn.mouseflow.com/projects/f7245c16-951d-4282-a693-8da34d31d0c5.js
151.139.128.10301 Moved Permanently 0 B URL HTTP/2 cdn.mouseflow.com/projects/f7245c16-951d-4282-a693-8da34d31d0c5.js
IP 151.139.128.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /projects/f7245c16-951d-4282-a693-8da34d31d0c5.js HTTP/1.1
Host: cdn.mouseflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 08 Feb 2023 06:27:15 GMT
accept-ranges: bytes
content-length: 0
location: https://cdn.mouseflow.com/projects/f7245c16-951d-4282-a693-8da34d31d0c5_eu.js
cache-control: max-age=86400
x-hw: 1675837635.cds210.sk1.hn,1675837635.cds257.sk1.c
x-hw-loc: https://cdn.mouseflow.com/projects/f7245c16-951d-4282-a693-8da34d31d0c5.js
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/favicon.png
185.149.120.9200 OK 925 B URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/uploads/2017/07/favicon.png
IP 185.149.120.9:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ec49dd76cc09c80d528659c1ac73aa4
6478621e9fe18b65085171c4aa20469207d814f2
629742e992c67cb5b2663578ecc972b131435ab73f971689f4775b084fb4ff81
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/07/favicon.png HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:15 GMT
content-type: image/png
content-length: 925
last-modified: Tue, 31 Jan 2023 16:18:10 GMT
etag: "63d93f42-39d"
expires: Thu, 09 Feb 2023 06:27:15 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
cdn.mouseflow.com/projects/f7245c16-951d-4282-a693-8da34d31d0c5_eu.js
151.139.128.10200 OK 56 kB URL HTTP/2 cdn.mouseflow.com/projects/f7245c16-951d-4282-a693-8da34d31d0c5_eu.js
IP 151.139.128.10:0
File type ASCII text, with very long lines (59947), with CRLF line terminators
Hash 6568f1784f3d99d74aa37dc34f26704b
54d766bddb68e4f5bcb034318dd85837203daee6
0d98cf4532ea11212928d8794611be4a1cd7f195147ca7997fdd0cc4d3e21b88
GET /projects/f7245c16-951d-4282-a693-8da34d31d0c5_eu.js HTTP/1.1
Host: cdn.mouseflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 06:27:15 GMT
cache-control: max-age=86400
content-encoding: gzip
content-length: 55781
content-type: application/javascript; charset=utf-8
last-modified: Tue, 24 Jan 2023 08:00:57 GMT
accept-ranges: bytes
etag: "2cc5d1fdc92fd91:0"
server:
x-hw: 1675837635.cds210.sk1.hn,1675837635.cds245.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-json/contact-form-7/v1/contact-forms/5/refill
185.149.120.9404 Not Found 60 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-json/contact-form-7/v1/contact-forms/5/refill
IP 185.149.120.9:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (590)
Hash 76a05d65b51d73ee651cd26d41fa9f82
364aa7b4901975cd09ab7126929d00e81db9c980
375695f3321ab616bc2087904d9265961c2e07d1400489b8d4680fdcdcb891bc
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-json/contact-form-7/v1/contact-forms/5/refill HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3158
Expires: Wed, 08 Feb 2023 07:19:53 GMT
Date: Wed, 08 Feb 2023 06:27:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3158
Expires: Wed, 08 Feb 2023 07:19:53 GMT
Date: Wed, 08 Feb 2023 06:27:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3158
Expires: Wed, 08 Feb 2023 07:19:53 GMT
Date: Wed, 08 Feb 2023 06:27:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3158
Expires: Wed, 08 Feb 2023 07:19:53 GMT
Date: Wed, 08 Feb 2023 06:27:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8a3fa4f1ec82d501942f9db3de2cb7d
b91c2aea7f2fb26131c8929b254c5596a1bb25ff
9d246eeab8ba04c775a03fd960c8859934a0accb737e845e89aba40bc573fdaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6342
x-amzn-requestid: b2b61a71-5326-4fc6-baba-7baad29cf7c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkbHfDIAMF5AQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c482-5cc4028d01d05305637af317;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: iIQAy6CQSvnvQ79UJ6ifJbs-0kEqUYe8OyCqPb2HSKxoDoLykOyaLg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:52:28 GMT
age: 30887
etag: "b91c2aea7f2fb26131c8929b254c5596a1bb25ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e2b00c2-f304-42e8-b98d-20fe408448f0.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e2b00c2-f304-42e8-b98d-20fe408448f0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c65144dcdaf688643761916851b151c0
1419c4eefac8032e8cfaf2d65dd4a57bff5b25a1
974b5a62f2d051b2dd2c609f7bd08a4ef339dab0d31bccaa0f9898893c3ba6b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e2b00c2-f304-42e8-b98d-20fe408448f0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3379
x-amzn-requestid: 6f8c97bc-c1f9-4681-9544-f2863dc7f782
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f5aSYH47oAMF-ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e070db-4a730cd079f03c8b1cf77997;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 03:15:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Qnk0MflT4eIxNuooDKhm0uauKq1dYj1iG9O_prtNU8c0IoAwODZxig==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 03:28:45 GMT
age: 10710
etag: "1419c4eefac8032e8cfaf2d65dd4a57bff5b25a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f31c82179856e39ee5fc43d7f0b685
5b37f807a19ffc80c0b9334e6d24d5bb717496ce
c099c91c6f2125a8a89ee6e9dc0e37e2c2c9914adadb2c8b77795063baa62037
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6805
x-amzn-requestid: ef7a879d-25be-42b0-a5c5-df6ad8f1482c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_R2FFv5IAMFZ7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c9c0-2f8fa7ef41b70de04cfb5ac6;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:59:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JxJrYYY7fMm_DCBcuC4OEdR62HL5VMvJbt_a6TWp4QfqN0qxgFgj-A==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:06:50 GMT
etag: "5b37f807a19ffc80c0b9334e6d24d5bb717496ce"
content-type: image/jpeg
age: 30025
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/themes/Total/assets/css/wpex-visual-composer-extend.css?ver=4.2.1
185.149.120.9200 OK 14 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/themes/Total/assets/css/wpex-visual-composer-extend.css?ver=4.2.1
IP 185.149.120.9:0
File type ASCII text, with very long lines (30780)
Hash 9085105ce2dcdc6ade13045453482e93
064fa1c66d0da53ca940190fdafec0ebd0557b27
c3a996aa463bed201d48a7fee480910835a83c2c9b293be9155521c2716b3b68
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Total/assets/css/wpex-visual-composer-extend.css?ver=4.2.1 HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: text/css
last-modified: Tue, 31 Jan 2023 16:17:32 GMT
etag: W/"63d93f1c-78fe"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-admin/admin-ajax.php
185.149.120.9404 Not Found 5.2 kB URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-admin/admin-ajax.php
IP 185.149.120.9:0
Hash f380b24d4b45ebe271a03b8f87fa4189
29dc0e3030118aae3a43c273a3516fdf0a7ea7c7
bac6c55c8b30dd8d710fe5c258c022090a5ae5fb7d9344ef073a4e4ee7d4d113
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 304
Origin: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:15 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash be9f475292d4b5b0502d4381ccdf455b
ecb943b48c822b086ea699d802f8f1bb5ee26651
ed22a5102709dc7a067107a6c0cde26931f7781065de9cee49e22de6b9086e31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8703
x-amzn-requestid: 6456aa7d-11f7-4066-a833-9ac5312c0c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7JGLTIAMFqdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c513-0679a75676cdc19251c81bdd;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oDXgginig1GJvV9QIPvDGVumNDnOrBbrGRZSqyJ_NDRUX4XP5jxHxQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:03:47 GMT
age: 30208
etag: "ecb943b48c822b086ea699d802f8f1bb5ee26651"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png
142.250.74.3200 OK 1.6 kB URL HTTP/2 maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png
IP 142.250.74.3:0
File type PNG image data, 120 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash f28a13545ca7be5cd9ea31bdd9ea7f8e
f4f45a59720b9d637b1e7e0ed5783ee84887287f
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
GET /mapfiles/api-3/images/powered-by-google-on-white3.png HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 1616
date: Wed, 08 Feb 2023 06:27:15 GMT
expires: Wed, 08 Feb 2023 06:27:15 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png
142.250.74.3200 OK 3.4 kB URL HTTP/2 maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png
IP 142.250.74.3:0
File type PNG image data, 34 x 280, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e9dd969ceb057a228067a1c539127f9
fb2da26959858054157960bb7f8e6c145648eaac
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
GET /mapfiles/api-3/images/autocomplete-icons.png HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 3351
date: Wed, 08 Feb 2023 06:27:15 GMT
expires: Wed, 08 Feb 2023 06:27:15 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jphardwoodflooring.com/?wordfence_lh=1&hid=67DAB0E4CBDA1FA6DCDEB544E327C442&r=0.5481345500400369
173.248.187.16200 OK 0 B URL HTTP/2 jphardwoodflooring.com/?wordfence_lh=1&hid=67DAB0E4CBDA1FA6DCDEB544E327C442&r=0.5481345500400369
IP 173.248.187.16:0
ASN #30475 WEHOSTWEBSITES-COM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?wordfence_lh=1&hid=67DAB0E4CBDA1FA6DCDEB544E327C442&r=0.5481345500400369 HTTP/1.1
Host: jphardwoodflooring.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-powered-by: PHP/7.1.33
x-ua-compatible: IE=edge
link: <https://jphardwoodflooring.com/wp-json/>; rel="https://api.w.org/", <https://jphardwoodflooring.com/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: d54_front,d54_URL.6666cd76f96956469e7be39d750cc7d9,d54_F,d54_Po.6,d54_PGS,d54_
content-type: text/javascript;charset=UTF-8
x-robots-tag: noindex
content-length: 0
date: Wed, 08 Feb 2023 06:27:16 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb0e725719ac378134b01b6473a6581
a8a1780c88e8ae219048bed28ecfbd8019d9af35
187d4e83edc0af857334f84bd6853234193d4654d06c43367f39b4e125defe08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6679
x-amzn-requestid: 97c19ad5-c127-4dc1-b529-1eca84645316
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f59MzHgloAMFwow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a8b8-79d6b8d31b69153d4929b7b7;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:14:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x_tr-xummuF51PvAM4y3DgvLWuJOwxgquKO8baQfcoN6ta5M3ll7ug==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:41:46 GMT
age: 81936
etag: "a8a1780c88e8ae219048bed28ecfbd8019d9af35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/themes/Total/assets/lib/ilightbox/minimal/ilightbox-minimal-skin.css?ver=4.2.1
185.149.120.9200 OK 0 B URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/themes/Total/assets/lib/ilightbox/minimal/ilightbox-minimal-skin.css?ver=4.2.1
IP 185.149.120.9:0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Total/assets/lib/ilightbox/minimal/ilightbox-minimal-skin.css?ver=4.2.1 HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: text/css
last-modified: Tue, 31 Jan 2023 16:17:36 GMT
etag: W/"63d93f20-1c77"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/themes/ftl/js/bundle.prod.js?ver=1503428858
185.149.120.9200 OK 0 B URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/themes/ftl/js/bundle.prod.js?ver=1503428858
IP 185.149.120.9:0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/ftl/js/bundle.prod.js?ver=1503428858 HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 16:17:24 GMT
etag: W/"63d93f14-4ce"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/
185.149.120.9200 OK 0 B URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/
IP 185.149.120.9:0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq; Domain=.msl-afteburner.link; HttpOnly; Path=/; Expires=Thu, 08-Feb-2024 06:27:13 GMT
date: Wed, 08 Feb 2023 06:27:13 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.3
185.149.120.9200 OK 0 B URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.3
IP 185.149.120.9:0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.3 HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 16:19:10 GMT
etag: W/"63d93f7e-38f9"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/themes/Total/style.css?ver=4.2.1
185.149.120.9200 OK 0 B URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/themes/Total/style.css?ver=4.2.1
IP 185.149.120.9:0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Total/style.css?ver=4.2.1 HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: text/css
last-modified: Tue, 31 Jan 2023 16:17:28 GMT
etag: W/"63d93f18-38408"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/themes/ftl/style.css?ver=4.2.1
185.149.120.9200 OK 0 B URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/themes/ftl/style.css?ver=4.2.1
IP 185.149.120.9:0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/ftl/style.css?ver=4.2.1 HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: text/css
last-modified: Tue, 31 Jan 2023 16:17:22 GMT
etag: W/"63d93f12-eb"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.1.1
185.149.120.9200 OK 0 B URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.1.1
IP 185.149.120.9:0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.1.1 HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 16:18:46 GMT
etag: W/"63d93f66-49dc"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.1.1
185.149.120.9200 OK 0 B URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.1.1
IP 185.149.120.9:0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.1.1 HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 16:18:52 GMT
etag: W/"63d93f6c-1f6c"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=5.1.1
185.149.120.9200 OK 0 B URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=5.1.1
IP 185.149.120.9:0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=5.1.1 HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: text/css
last-modified: Tue, 31 Jan 2023 16:18:54 GMT
etag: W/"63d93f6e-ce95"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-includes/js/jquery/jquery.js?ver=1.12.4
185.149.120.9200 OK 0 B URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 185.149.120.9:0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 16:19:12 GMT
etag: W/"63d93f80-17a6a"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=5.1.1
185.149.120.9200 OK 0 B URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=5.1.1
IP 185.149.120.9:0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=5.1.1 HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 16:18:54 GMT
etag: W/"63d93f6e-3147"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/themes/Total/assets/js/wpex.min.js?ver=4.2.1
185.149.120.9200 OK 0 B URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-content/themes/Total/assets/js/wpex.min.js?ver=4.2.1
IP 185.149.120.9:0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Total/assets/js/wpex.min.js?ver=4.2.1 HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 16:17:30 GMT
etag: W/"63d93f1a-6e770"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp/wp-slimstat/tags/4.7.8.3/wp-slimstat.min.js
185.149.120.9200 OK 0 B URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp/wp-slimstat/tags/4.7.8.3/wp-slimstat.min.js
IP 185.149.120.9:0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp/wp-slimstat/tags/4.7.8.3/wp-slimstat.min.js HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 16:17:18 GMT
etag: W/"63d93f0e-272b"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-includes/js/wp-embed.min.js?ver=4.9.22
185.149.120.9200 OK 0 B URL HTTP/2 www.cd9es62kbfgq26rbe220.msl-afteburner.link/wp-includes/js/wp-embed.min.js?ver=4.9.22
IP 185.149.120.9:0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/wp-embed.min.js?ver=4.9.22 HTTP/1.1
Host: www.cd9es62kbfgq26rbe220.msl-afteburner.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cd9es62kbfgq26rbe220.msl-afteburner.link/
Cookie: __ddg1_=DoJinbEhJeIYpByOf1Eq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 06:27:14 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 16:19:12 GMT
etag: W/"63d93f80-56f"
expires: Thu, 09 Feb 2023 06:27:14 GMT
cache-control: max-age=86400
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2