162.0.209.97302 Found 0 B URL User Request GET HTTP/2 IP 162.0.209.97:443
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /rm/ HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: /
content-type: text/html; charset=UTF-8
content-length: 0
date: Fri, 02 Jun 2023 11:49:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/themes/astra/assets/css/minified/main.min-rtl.css?ver=3.9.1
162.0.209.97200 OK 7.7 kB URL GET HTTP/2 nooranbeauty.com/wp-content/themes/astra/assets/css/minified/main.min-rtl.css?ver=3.9.1
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (38408)
Hash 9909b6a9f8da3be553aff854054e087e
59911dd75dc0601a59407230fd5a71f442c4fa26
a42e8567c2e91c05abbe55d3422f7f070a665dfa66cdb63bb7317c58ef6d24ae
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/css/minified/main.min-rtl.css?ver=3.9.1 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:54 GMT
content-type: text/css
last-modified: Mon, 25 Jul 2022 23:06:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7686
date: Fri, 02 Jun 2023 11:49:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/themes/astra/assets/css/minified/menu-animation.min.css?ver=3.9.1
162.0.209.97200 OK 339 B URL GET HTTP/2 nooranbeauty.com/wp-content/themes/astra/assets/css/minified/menu-animation.min.css?ver=3.9.1
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (3412), with no line terminators
Hash 730e0907dfd019baf0c555a21f373670
6bef5d7aab1206ca5095e6f589c47c9912873ac7
b6e169ac07a49b2c9d2b726bb3c384097badcc093dc6322c9a2ba066ae8e06a8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/css/minified/menu-animation.min.css?ver=3.9.1 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:54 GMT
content-type: text/css
last-modified: Mon, 25 Jul 2022 23:06:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 339
date: Fri, 02 Jun 2023 11:49:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.2.2
162.0.209.97200 OK 12 kB URL GET HTTP/2 nooranbeauty.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.2.2
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash c095929959af32d70c02e11c6a4d4d19
219390e07f99ffb430d55cb496aa8e96b3b9592b
61837609c4841282f94f89de7e2d082542ade38015258a246472ba4737eb3d1e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.2.2 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:54 GMT
content-type: text/css
last-modified: Fri, 19 May 2023 20:29:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11725
date: Fri, 02 Jun 2023 11:49:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0
162.0.209.97200 OK 1.1 kB URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (4933), with no line terminators
Hash e372df47bd19e1563b557d7bdb817188
4efdf4050a78bdbd88aa255955b7423105895dd0
4b7693154069c53a16468d09d89c9eba5da6c0dfc69cf4d7eb675e32ba663361
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:54 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 13:32:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1109
date: Fri, 02 Jun 2023 11:49:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style-rtl.css?ver=8.0.0
162.0.209.97200 OK 21 kB URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style-rtl.css?ver=8.0.0
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash e337875201bd203b647ddd8d650c8417
b91569dd8439b68558a0e4a259072188113aae86
cc3a3bc40cf41c0c71dc6c0a5117179c77517209fa4e721c5ed5a548dd8502ad
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style-rtl.css?ver=8.0.0 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:54 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 13:32:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 20821
date: Fri, 02 Jun 2023 11:49:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout-grid.min-rtl.css?ver=3.9.1
162.0.209.97200 OK 1.8 kB URL GET HTTP/2 nooranbeauty.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout-grid.min-rtl.css?ver=3.9.1
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (16344), with no line terminators
Hash 8f7b2904d29ad4bb078a117ff756b41b
c8fece10a626979711d8d4876ada76fc38cff6d8
eb1e0e33d902d2fe701927037cb84fdfa411d731d80799fb698188f024ea3505
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout-grid.min-rtl.css?ver=3.9.1 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:54 GMT
content-type: text/css
last-modified: Mon, 25 Jul 2022 23:06:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1790
date: Fri, 02 Jun 2023 11:49:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/elementor/assets/css/frontend-lite-rtl.min.css?ver=3.6.8
162.0.209.97200 OK 13 kB URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/elementor/assets/css/frontend-lite-rtl.min.css?ver=3.6.8
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65497)
Hash c9a4688d1c00d9af7c2f68434543079c
388d9a1b1f2f8a68aa6c7afcd84b1c968c214fc2
b3a8b4078e987fb5aa567bb975d2498ad525543361cebb2feeb76b522edb568b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-lite-rtl.min.css?ver=3.6.8 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:54 GMT
content-type: text/css
last-modified: Tue, 16 Aug 2022 00:16:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12888
date: Fri, 02 Jun 2023 11:49:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/uploads/elementor/css/post-840.css?ver=1684525731
162.0.209.97200 OK 310 B URL GET HTTP/2 nooranbeauty.com/wp-content/uploads/elementor/css/post-840.css?ver=1684525731
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (1119), with no line terminators
Hash ba53c29d5c98a31261a774f3472df15b
66f9e65ae630ee2750d1c34afad4d8bbc0d752b4
46f4ae1cdd8251356c14adc29b6887957cb667db9b8c1bff24ec64b48f520954
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-840.css?ver=1684525731 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:54 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 13:33:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 310
date: Fri, 02 Jun 2023 11:49:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-grid.min-rtl.css?ver=3.9.1
162.0.209.97200 OK 15 kB URL GET HTTP/2 nooranbeauty.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-grid.min-rtl.css?ver=3.9.1
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65526), with no line terminators
Hash 2874c0ec5b27ce92a0ac332a12199937
5a448b15fcd7124d378f3d18660dd58d274d1b0b
0ac44ef9b77a6bfc763b4880132bc23911c81cbef639a101be06ac3b11d7e425
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-grid.min-rtl.css?ver=3.9.1 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:54 GMT
content-type: text/css
last-modified: Mon, 25 Jul 2022 23:06:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15112
date: Fri, 02 Jun 2023 11:49:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
162.0.209.97200 OK 3.6 kB URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (19082)
Hash 50be31853049e4b4a10c277d5f95eb75
ac2dffc0c65ad6b209fedf2169d0c50eb4119a3e
b651d87ef113cba0c8ec8a33bfdb694171effeba56b20be12e3c77fc15f6ae9f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:54 GMT
content-type: text/css
last-modified: Tue, 16 Aug 2022 00:16:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3603
date: Fri, 02 Jun 2023 11:49:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/elementor-pro/assets/css/frontend-rtl.min.css?ver=3.0.8
162.0.209.97200 OK 22 kB URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/elementor-pro/assets/css/frontend-rtl.min.css?ver=3.0.8
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65493)
Hash 3f2c0d7f9f017fd0f205af8415237753
80f72b689ab284c410cce6b4813fb15b7472438d
0afba381644a4424945f2812ff51cbb38fcb5ff9e75fccaa648feffdcbc5a5ce
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/css/frontend-rtl.min.css?ver=3.0.8 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: text/css
last-modified: Tue, 19 Jul 2022 14:44:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 21657
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.6.8
162.0.209.97200 OK 12 kB URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.6.8
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (59158)
Hash 74bab4578692993514e7f882cc15c218
b6293bcfd851f963edbe859498570c4c0c7eaae4
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.6.8 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: text/css
last-modified: Tue, 16 Aug 2022 00:16:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12380
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.6.8
162.0.209.97200 OK 4.0 kB URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.6.8
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (26516)
Hash c55205bce667f5d812354fd1353e7389
f22de0af271eba636a022c873c94fbcd81b4c89a
c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.6.8 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: text/css
last-modified: Tue, 16 Aug 2022 00:16:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3987
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/uploads/elementor/css/post-2455.css?ver=1684525732
162.0.209.97200 OK 2.6 kB URL GET HTTP/2 nooranbeauty.com/wp-content/uploads/elementor/css/post-2455.css?ver=1684525732
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (37149), with no line terminators
Hash b8e713f84fb7fcd5a17c05fc4b98c0fd
e92319b3b1770b329599676e32f7c2500ca14a7e
8eaa19c0ba229fd2c8edaa4b5bc0941d49325f6b032652d3b347b68407957c92
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-2455.css?ver=1684525732 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: text/css
last-modified: Fri, 19 May 2023 19:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2623
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
162.0.209.97200 OK 12 kB URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (57726)
Hash eeb705d0bdccfd645d3bbd46dd1fbab3
066def290f42ed8c00860e573cc880bd46e9ced4
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: text/css
last-modified: Tue, 16 Aug 2022 00:16:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12133
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
162.0.209.97200 OK 286 B URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (483)
Hash 9eb2d3c87feb6bb2ffa63b70532b1477
38f226335a05ab0e30497bc7419eb5e243a9e26c
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: text/css
last-modified: Tue, 16 Aug 2022 00:16:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 286
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
162.0.209.97200 OK 4.6 kB URL GET HTTP/2 nooranbeauty.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (13326)
Hash 5cfa2b481de6e87c2190a0e3538515d8
0fccf3c8ab2c10b4dcc7970e64ce997ab1622f68
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: application/javascript
last-modified: Fri, 19 May 2023 20:29:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4603
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.6.8
162.0.209.97200 OK 4.0 kB URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.6.8
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (14869)
Hash 7a5dea0a705cc2f4cd87dbaaa6666bc6
678bc6f750f13adb29bbc158eb0d9cd813b736fa
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.6.8 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: application/javascript
last-modified: Tue, 16 Aug 2022 00:16:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4035
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/uploads/2020/06/plants-store-logo-green.svg
162.0.209.97200 OK 406 B URL GET HTTP/2 nooranbeauty.com/wp-content/uploads/2020/06/plants-store-logo-green.svg
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (1021), with no line terminators
Hash 6aa25e5c61ec7d2158476170bfdbb758
4359ea8256837826581739596cdafefc257958f9
845e60726a52682d5d947c1460e482b0888772c3b3afc29f2b6dfb2f97d48dd7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/06/plants-store-logo-green.svg HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: image/svg+xml
last-modified: Fri, 19 May 2023 19:48:29 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 406
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A400%2C600%2C500&display=fallback&ver=3.9.1
142.250.74.138200 OK 1.3 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Poppins%3A400%2C600%2C500&display=fallback&ver=3.9.1
IP 142.250.74.138:443
Requested by https://nooranbeauty.com/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type gzip compressed data, max compression\012- data
Hash 82d03f58f2dae7cec8a1bd1fd0a0d444
f212637742396206a3f66d551848e6704cc243f2
868195807f27ccbd077da0d699700bfff48673f83174e9ed555362d8d3dcd555
GET /css?family=Poppins%3A400%2C600%2C500&display=fallback&ver=3.9.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Jun 2023 11:49:54 GMT
date: Fri, 02 Jun 2023 11:49:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.1
162.0.209.97200 OK 3.8 kB URL GET HTTP/2 nooranbeauty.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.1
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (16772), with no line terminators
Hash 7faea271a00b7c96647ec195689eec0c
788e2feab573e328ece321274ab9fa45a20d06d7
0bfa78534c298411845229e6dee89bfd935ed71c8aa64add2b06f8c31c5daf6d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.1 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: application/javascript
last-modified: Mon, 25 Jul 2022 23:06:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3792
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.9.1
162.0.209.97200 OK 747 B URL GET HTTP/2 nooranbeauty.com/wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.9.1
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (2928), with no line terminators
Hash 8ee91edf712dabf984ae1a839c96611e
cfc231a9813a1dd78a73126e6afe17ffbe9c8ac4
519b13dc8da11713eb75d921d74cd5aa7ac25feb544195312ff79e6b43e13c7e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.9.1 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: application/javascript
last-modified: Mon, 25 Jul 2022 23:06:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 747
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.0
162.0.209.97200 OK 3.2 kB URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.0
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (9115)
Hash a5451283952efd5df49466bbeace6911
dce405842471c303c3d8fd6fa3c084aa56a71029
f4e38e5ef16efe51836cf7142412b8e1aa8b73ce89afed23be0cf77dfd8e095d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.0 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 13:32:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3245
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.8.0
162.0.209.97200 OK 974 B URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.8.0
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 4e544022235ced14996464116a9ed9b2
31ee19d95973124b812a22c5ff5944d5b5bf8147
4ef2d5b0ef62523af87f3e13d8061449b2ddbfce07064f26b1305084abbf18f1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.8.0 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 13:32:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 974
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.2.2
142.250.74.138200 OK 2.5 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.2.2
IP 142.250.74.138:443
Requested by https://nooranbeauty.com/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type gzip compressed data, max compression\012- data
Hash c40ee88ec9e9feabb66dcf357d32170a
0a4058c7feb4ee4ccd33ef30ea06643ae207aa65
b404f7bfa111ec6fcb67bb0dc243e6c367d8a3b0b0095f3c90a1f0bdf6376abe
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.2.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Jun 2023 11:49:54 GMT
date: Fri, 02 Jun 2023 11:49:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.0
162.0.209.97200 OK 677 B URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.0
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (2139), with no line terminators
Hash b72c1cbb1530a011a27bd9800f26765a
27b825c5d8255f33b8427a059d4545ebd65e1746
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.0 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 13:32:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 677
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.0
162.0.209.97200 OK 934 B URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.0
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (2938), with no line terminators
Hash 0fd625c3991a4015814cffdc88e2fc82
d7c2f53e058210ff3ea773297641008bab71a5f3
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.0 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 13:32:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 934
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.8
162.0.209.97200 OK 2.0 kB URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.8
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (4918)
Hash 530dffbfb4c3efd2c496617d77fb2448
1197e6ba4ac2dace2a8a63c5283ed0b590610152
08c70fae8c5a06e27f90b3b8bac23c07318fe3ead7cebd2a7ac2e56a7a6c00e0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.8 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: application/javascript
last-modified: Tue, 16 Aug 2022 00:16:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2044
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.8
162.0.209.97200 OK 10 kB URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.8
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (32569)
Hash 93702100295d778c25763497cca6523f
f03bbd609b28c89875882a1741ea27c6018f2d59
dcf3add9ee30897e196931db9947cd4fa29f8b9244b49938f1590ed6fabe4002
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.8 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: application/javascript
last-modified: Tue, 16 Aug 2022 00:16:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10380
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.0.8
162.0.209.97200 OK 1.8 kB URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.0.8
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (6595), with no line terminators
Hash e16a8821e5f099c3a619889ea7cf0399
a38e0c736aaf0b019b29b63b00e68c1381502217
a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.0.8 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: application/javascript
last-modified: Tue, 19 Jul 2022 14:44:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1767
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
162.0.209.97200 OK 2.9 kB URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (12198), with no line terminators
Hash 3819c3569da71daec283a75483735f7e
ecd40a5cc6f0b76200c454ca880210dc301cfab8
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: application/javascript
last-modified: Tue, 16 Aug 2022 00:16:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2867
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
162.0.209.97200 OK 30 kB URL GET HTTP/2 nooranbeauty.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65447)
Hash 0e850a69bc7fd0acc2e92ce6eee87959
8be6d9e7f7a61ccf0b8eac8a8144d770b608a19c
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.4 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: application/javascript
last-modified: Fri, 19 May 2023 20:29:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30376
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
162.0.209.97200 OK 6.8 kB URL GET HTTP/2 nooranbeauty.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash c4e68a0f3463c0bd3c39eab38815e881
0ce58644e9f3c5063a11453ff287c5ec096465a7
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: application/javascript
last-modified: Fri, 19 May 2023 20:29:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6801
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.8
162.0.209.97200 OK 12 kB URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.8
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (40438)
Hash ab2ed7a7a595bde264a98935f0f50c7e
9cb6ee07b4f060ca17df0700fe98ad73df60af09
37209a2b751204dc01191986b6ef47f27463285de8a341729c514d70a19a90fe
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.8 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: application/javascript
last-modified: Tue, 16 Aug 2022 00:16:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11709
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-includes/js/underscore.min.js?ver=1.13.4
162.0.209.97200 OK 7.2 kB URL GET HTTP/2 nooranbeauty.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (18798)
Hash f88d5720bb454ed5d204cbdb56901f6b
f1952292fde4b15936e9aac16b2b9896684db95b
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 01:21:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7179
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-includes/js/wp-util.min.js?ver=6.2.2
162.0.209.97200 OK 690 B URL GET HTTP/2 nooranbeauty.com/wp-includes/js/wp-util.min.js?ver=6.2.2
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (1391)
Hash 19d386c9004e54941c1cc61d357efa5d
0a77594006c8d86fdcc0adbc2b9aecaef3869586
3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-util.min.js?ver=6.2.2 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 01:21:29 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 690
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/wpforms/assets/js/integrations/elementor/frontend.min.js?ver=1.6.3.1
162.0.209.97200 OK 330 B URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/wpforms/assets/js/integrations/elementor/frontend.min.js?ver=1.6.3.1
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (705), with no line terminators
Hash 697fde09408821cbcce53628e4107b71
a0ac5da86ef699334743f5945a52f3285994229d
f3d3e4b6c0772fd114f620c3e15f30f184234ac2c0d1b9b3a69a44e3a26eface
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wpforms/assets/js/integrations/elementor/frontend.min.js?ver=1.6.3.1 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: application/javascript
last-modified: Tue, 19 Jul 2022 14:58:55 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 330
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.0.8
162.0.209.97200 OK 40 kB URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.0.8
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (39674), with LF, NEL line terminators
Hash e71f6d182864733bc290541e1a64da22
a54a675018c8a906a8507da35e3383b4aa3589bf
02d3489302b68bdef976f97b6ad4d3b26b248db0feacf05a15c4a0ef6e447f2c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.0.8 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: application/javascript
last-modified: Tue, 19 Jul 2022 14:44:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 40393
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
162.0.209.97200 OK 32 kB URL User Request GET HTTP/2 IP 162.0.209.97:443
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (62077), with CRLF, LF line terminators
Hash f7fa03e615fafa2e647d3043a954a45a
29da31d95771e165825b223fa7a3dfcd12a9bacd
3d099ed9b5d034d7b6f1b76dace769ceb189e44da4de555ee8003c8cb97000c2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
link: <https://nooranbeauty.com/wp-json/>; rel="https://api.w.org/", <https://nooranbeauty.com/wp-json/wp/v2/pages/2455>; rel="alternate"; type="application/json", <https://nooranbeauty.com/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Jun 2023 11:49:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
142.250.74.163200 OK 7.7 kB URL GET HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 142.250.74.163:443
Requested by https://nooranbeauty.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nooranbeauty.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 20:49:31 GMT
expires: Sun, 26 May 2024 20:49:31 GMT
cache-control: public, max-age=31536000
age: 486025
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
142.250.74.163200 OK 8.0 kB URL GET HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 142.250.74.163:443
Requested by https://nooranbeauty.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nooranbeauty.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 21:33:35 GMT
expires: Wed, 29 May 2024 21:33:35 GMT
cache-control: public, max-age=31536000
age: 224181
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.163200 OK 7.9 kB URL GET HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.163:443
Requested by https://nooranbeauty.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nooranbeauty.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 20:44:47 GMT
expires: Sun, 26 May 2024 20:44:47 GMT
cache-control: public, max-age=31536000
age: 486309
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/uploads/2020/07/hero-bg.jpg
162.0.209.97200 OK 51 kB URL GET HTTP/2 nooranbeauty.com/wp-content/uploads/2020/07/hero-bg.jpg
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Hash 03a1be91bd129717239ca2c57b1677c0
34637a41c931426a4c52404073fbba935ecafda2
ae8d4046e775c26dea98f43a4522497400b9efcea07652e226725dbfb40af37a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/07/hero-bg.jpg HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/wp-content/uploads/elementor/css/post-2455.css?ver=1684525732
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: image/jpeg
last-modified: Tue, 19 Jul 2022 14:23:12 GMT
accept-ranges: bytes
content-length: 51232
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/uploads/2019/01/plant6-free-img.jpg
162.0.209.97200 OK 27 kB URL GET HTTP/2 nooranbeauty.com/wp-content/uploads/2019/01/plant6-free-img.jpg
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x1000, components 3\012- data
Hash a20d167c48e3fd0602d0d1738c6b593b
42ccd9eefe57e1eb99ec0f6dd31640aced3d6f77
57a6188c9f52af6626123d4ddb4e8fee918b7493d847d9baf32cdfd6357608c2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/plant6-free-img.jpg HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/wp-content/uploads/elementor/css/post-2455.css?ver=1684525732
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: image/jpeg
last-modified: Fri, 19 May 2023 19:48:26 GMT
accept-ranges: bytes
content-length: 27243
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/uploads/2019/01/cactus2-free-img.jpg
162.0.209.97200 OK 12 kB URL GET HTTP/2 nooranbeauty.com/wp-content/uploads/2019/01/cactus2-free-img.jpg
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x1000, components 3\012- data
Hash 4bfbf1bb8fa6941529dcd0f25a22e42a
42560fe47ac70c6765d6f74f80aa4e6b47a09e06
581f61cfe43fe7f1d76eece3127b35d39433455ce216becd578d925f8bb98a86
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/cactus2-free-img.jpg HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/wp-content/uploads/elementor/css/post-2455.css?ver=1684525732
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: image/jpeg
last-modified: Fri, 19 May 2023 19:48:23 GMT
accept-ranges: bytes
content-length: 12495
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
54.230.111.30 200 B URL js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
IP 54.230.111.30:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 93afeeb17bc37e711759584dbfc50d47
bbbc9e5d68854172c90b993064df560996a2a433
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
GET /v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 200
last-modified: Tue, 23 May 2023 20:52:13 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Fri, 02 Jun 2023 11:38:34 GMT
cache-control: max-age=31536000
etag: "93afeeb17bc37e711759584dbfc50d47"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zxUtnVGhkf40DbxypFXwYZp8A9D21rN3l6Orp67lY14gm3Jmtueo_w==
age: 713
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/uploads/2019/01/plant4-free-img.jpg
162.0.209.97200 OK 29 kB URL GET HTTP/2 nooranbeauty.com/wp-content/uploads/2019/01/plant4-free-img.jpg
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x1000, components 3\012- data
Hash ec0421ae746c0350d37fd094a61c18db
0a63dbb90589ada745f4d2924fabcc925cd14e1f
b1f7c9e49a1a245232cb14722ff6ad305e4cff53e49b80d6768342b271a777df
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/plant4-free-img.jpg HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/wp-content/uploads/elementor/css/post-2455.css?ver=1684525732
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: image/jpeg
last-modified: Fri, 19 May 2023 19:48:26 GMT
accept-ranges: bytes
content-length: 29386
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/uploads/2019/01/user1-free-img.jpg
162.0.209.97200 OK 25 kB URL GET HTTP/2 nooranbeauty.com/wp-content/uploads/2019/01/user1-free-img.jpg
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x500, components 3\012- data
Hash e955c1c7a042a644302b2552aa287b80
08fd54d379becdc25ed543b3a27176647dd4698a
80749ba652ce9dc5dce81a2a59074724ca6f8bff19af52c61b17501ac37e0ddd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/user1-free-img.jpg HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/wp-content/uploads/elementor/css/post-2455.css?ver=1684525732
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: image/jpeg
last-modified: Fri, 19 May 2023 19:48:26 GMT
accept-ranges: bytes
content-length: 25048
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
54.230.111.30200 OK 631 B URL GET HTTP/2 js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
IP 54.230.111.30:443
Requested by https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html#url=https%3A%2F%2Fnooranbeauty.com%2F&title=%D9%86%D9%88%D8%B1%D8%A7%D9%86%20%D8%A8%D9%8A%D9%88%D8%AA%D9%8A%20%E2%80%93%20%D9%85%D9%86%20%D8%A7%D9%84%D8%B7%D8%A8%D9%8A%D8%B9%D8%A9%20%D8%AC%D9%85%D8%A7%D9%84%D9%83%20%D8%B7%D8%A8%D9%8A%D8%B9%D9%8A&referrer=&muid=NA&sid=NA&version=6&preview=false
Certificate IssuerDigiCert Inc
Subjecta.stripecdn.com
Fingerprint8D:4E:81:A5:A0:EE:4E:D9:37:C3:ED:32:33:2E:D5:FB:AF:2A:68:90
ValidityFri, 12 May 2023 00:00:00 GMT - Sun, 13 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (526)
Hash f8f6a4584135f737b26927596ce6e0a7
609ea9e9c46563fb1dc78a7967c926394e73ffab
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
GET /v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 631
last-modified: Thu, 25 May 2023 20:16:52 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
date: Fri, 02 Jun 2023 11:38:08 GMT
cache-control: max-age=31536000
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lU7qeLG1YWx5n-CGbKYSVZYw9bhIrp1TvSmsrKEsJSzPqlvgH6LYZA==
age: 711
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/uploads/2019/01/user3-free-img.jpg
162.0.209.97200 OK 22 kB URL GET HTTP/2 nooranbeauty.com/wp-content/uploads/2019/01/user3-free-img.jpg
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x500, components 3\012- data
Hash e2a97a6f16a56280c8b252329eafc4f7
0ea67f9023b63ef7b340dd9988346264bcc62493
55cb7a6abf89d37fea2590a404ddedc6054f9cc45034c8169ff819452ed42532
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/user3-free-img.jpg HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/wp-content/uploads/elementor/css/post-2455.css?ver=1684525732
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: image/jpeg
last-modified: Fri, 19 May 2023 19:48:27 GMT
accept-ranges: bytes
content-length: 22173
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/woocommerce/assets/fonts/star.woff
162.0.209.97200 OK 1.3 kB URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/woocommerce/assets/fonts/star.woff
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type Web Open Font Format, CFF, length 1304, version 1.0\012- data
Hash 335cbf607c55aa32fd06809d1f9eb127
e70dd0cd93614997e251f26477ea815435981e19
d87af7a2528beb59a990e0414df87b4e4115f77f3a4a750f6616ff189b70345a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/fonts/star.woff HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-grid.min-rtl.css?ver=3.9.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:56 GMT
content-type: font/woff
last-modified: Mon, 15 Aug 2022 13:32:01 GMT
accept-ranges: bytes
content-length: 1304
date: Fri, 02 Jun 2023 11:49:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
m.stripe.network/inner.html
151.101.192.176 527 B URL m.stripe.network/inner.html
IP 151.101.192.176:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (930), with no line terminators
Hash fc2e029628f163bb59adc6fa5a31161c
0f4547ae510d1bf36e3630d41bdab29d64c03d64
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
GET /inner.html HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=300, public
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Jun 2023 11:49:56 GMT
via: 1.1 varnish
age: 251
x-request-id: a8b85f52-35c0-465b-81d0-f14348de3986
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 155
x-timer: S1685706596.475177,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 527
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/uploads/2020/07/CTA-bg.jpg
162.0.209.97200 OK 56 kB URL GET HTTP/2 nooranbeauty.com/wp-content/uploads/2020/07/CTA-bg.jpg
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Hash 50955a09ef735104a17d0a2a391fae42
fac50cd4fc0b6c34afce95225970091afcd63c3a
f66e1cc1ff04ab7fd03a76c7402bf30935d4519dc63e77b2f090d62baa9b57de
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/07/CTA-bg.jpg HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/wp-content/uploads/elementor/css/post-2455.css?ver=1684525732
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: image/jpeg
last-modified: Tue, 19 Jul 2022 14:23:12 GMT
accept-ranges: bytes
content-length: 56118
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/uploads/2020/01/testimonial-2.jpg
162.0.209.97200 OK 172 kB URL GET HTTP/2 nooranbeauty.com/wp-content/uploads/2020/01/testimonial-2.jpg
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x500, components 3\012- data
Size 172 kB (171919 bytes)
Hash 46fbdb5f0ea5ee2a1198dd4187975dd2
f647eca323f8312bb354dffe1399d0008e1e9a67
a42907a7137789d2a3aa56bc45f3f49bc2e0653bb87d8b5dfaaaaabcff622d46
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/01/testimonial-2.jpg HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/wp-content/uploads/elementor/css/post-2455.css?ver=1684525732
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: image/jpeg
last-modified: Fri, 19 May 2023 19:48:29 GMT
accept-ranges: bytes
content-length: 171919
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
162.0.209.97200 OK 78 kB URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:56 GMT
content-type: font/woff2
last-modified: Tue, 16 Aug 2022 00:16:41 GMT
accept-ranges: bytes
content-length: 78196
date: Fri, 02 Jun 2023 11:49:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
162.0.209.97200 OK 599 B URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (1320)
Hash 083ce337e105ea4d7912d4971b806d16
122eb6a00622b1a47d718398144556d42ceb4dc7
614e57d8baf22e4620facc881d1ce45b2f001481387ef37febbbaa4a4125980c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:56 GMT
content-type: application/javascript
last-modified: Tue, 16 Aug 2022 00:16:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 599
date: Fri, 02 Jun 2023 11:49:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
m.stripe.network/out-4.5.42.js
151.101.192.176200 OK 16 kB URL GET HTTP/2 m.stripe.network/out-4.5.42.js
IP 151.101.192.176:443
Requested by https://m.stripe.network/inner.html#url=https%3A%2F%2Fnooranbeauty.com%2F&title=%D9%86%D9%88%D8%B1%D8%A7%D9%86%20%D8%A8%D9%8A%D9%88%D8%AA%D9%8A%20%E2%80%93%20%D9%85%D9%86%20%D8%A7%D9%84%D8%B7%D8%A8%D9%8A%D8%B9%D8%A9%20%D8%AC%D9%85%D8%A7%D9%84%D9%83%20%D8%B7%D8%A8%D9%8A%D8%B9%D9%8A&referrer=&muid=NA&sid=NA&version=6&preview=false
Certificate IssuerDigiCert Inc
Subjecta.stripecdn.com
Fingerprint8D:4E:81:A5:A0:EE:4E:D9:37:C3:ED:32:33:2E:D5:FB:AF:2A:68:90
ValidityFri, 12 May 2023 00:00:00 GMT - Sun, 13 Aug 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash 21df7244385e5c0bdf32da01d0dad6c0
1aa31ee7aa6e7d5a6247b9dc1f1c52a33061c16e
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
GET /out-4.5.42.js HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.stripe.network/inner.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=300, public
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Jun 2023 11:49:56 GMT
via: 1.1 varnish
age: 287
x-request-id: b357e141-6830-498f-8847-99af3bfe0e30
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 172
x-timer: S1685706597.632272,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 16031
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/uploads/2022/07/cropped-Nooran-Faveicon-512-192x192.png
162.0.209.97200 OK 27 kB URL GET HTTP/2 nooranbeauty.com/wp-content/uploads/2022/07/cropped-Nooran-Faveicon-512-192x192.png
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 8f9fb4f13fa2d838b8ce43cc5bf8f3c3
e3c150b049a02daab22c6dff36829c73517e9664
2fbb9cef9877ef60f50c9e2d1f4ed4d77701013f38f17b5a417787804dfdf4c8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/07/cropped-Nooran-Faveicon-512-192x192.png HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:56 GMT
content-type: image/png
last-modified: Tue, 19 Jul 2022 15:57:58 GMT
accept-ranges: bytes
content-length: 27136
date: Fri, 02 Jun 2023 11:49:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/uploads/2022/07/cropped-Nooran-Faveicon-512-32x32.png
162.0.209.97200 OK 2.2 kB URL GET HTTP/2 nooranbeauty.com/wp-content/uploads/2022/07/cropped-Nooran-Faveicon-512-32x32.png
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 1ddc5ef4db896b7f4e1f4b82d46efcec
b6b5e1829444064f3eb6cdf0011338aecb3e82df
a633ba0edcecf6317e12e36b59065c84855cba26b47001c52314ee98ca31272d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/07/cropped-Nooran-Faveicon-512-32x32.png HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:56 GMT
content-type: image/png
last-modified: Tue, 19 Jul 2022 15:57:58 GMT
accept-ranges: bytes
content-length: 2231
date: Fri, 02 Jun 2023 11:49:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/?wc-ajax=get_refreshed_fragments
162.0.209.97200 OK 1.5 kB URL POST HTTP/2 nooranbeauty.com/?wc-ajax=get_refreshed_fragments
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type JSON data\012- HTML document, ASCII text, with very long lines (1500), with no line terminators
Hash 2a7718151c5a639665700f8433498e86
31cd136a722565cf540e2b777c534381beabdee1
306d4d9a0a5d3bdfad75048f60037d0af7f0c8ca740599aab6230c0bf2932e76
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://nooranbeauty.com
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://nooranbeauty.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
content-type: application/json; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1500
date: Fri, 02 Jun 2023 11:49:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
m.stripe.com/6
35.84.226.15200 OK 156 B IP 35.84.226.15:443
Requested by https://m.stripe.network/inner.html#url=https%3A%2F%2Fnooranbeauty.com%2F&title=%D9%86%D9%88%D8%B1%D8%A7%D9%86%20%D8%A8%D9%8A%D9%88%D8%AA%D9%8A%20%E2%80%93%20%D9%85%D9%86%20%D8%A7%D9%84%D8%B7%D8%A8%D9%8A%D8%B9%D8%A9%20%D8%AC%D9%85%D8%A7%D9%84%D9%83%20%D8%B7%D8%A8%D9%8A%D8%B9%D9%8A&referrer=&muid=NA&sid=NA&version=6&preview=false
Certificate IssuerDigiCert Inc
Subjectm.stripe.com
Fingerprint9D:72:C7:74:70:0F:4F:78:09:D4:E5:38:66:43:43:B6:8D:7F:BD:AC
ValidityTue, 28 Mar 2023 00:00:00 GMT - Wed, 26 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 55cc98f6ee3158d4d1d985624ebe9795
6d12671f719af468378a93977440ab0bef8f976e
0f6ec69238f003da2951b2c9d26ad544437c3cd539cee735f170e0726e9ce6ae
POST /6 HTTP/1.1
Host: m.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2868
Origin: https://m.stripe.network
DNT: 1
Connection: keep-alive
Referer: https://m.stripe.network/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 11:49:57 GMT
content-length: 156
set-cookie: m=0cfee983-8cbb-46d5-b17e-49bcf8eb764256f412;Expires=Sun, 01-Jun-2025 11:49:57 GMT;Secure;HttpOnly; SameSite=None
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1685706597414261
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-bg-intended-route-color: blue
x-stripe-client-envoy-start-time-us: 1685706597413709
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen-grid.min-rtl.css?ver=3.9.1
162.0.209.97200 OK 5.7 kB URL GET HTTP/2 nooranbeauty.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen-grid.min-rtl.css?ver=3.9.1
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (5741), with no line terminators
Hash e44bf3145d35ea035efcd58f0bb94d95
1cc21bfa090ba357c724e63cfbe0fb1a90c0b6f0
f575fb99240eda0cf27d04e8ae749cb8458e73d098a058a648e311b71046e379
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen-grid.min-rtl.css?ver=3.9.1 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: text/css
last-modified: Mon, 25 Jul 2022 23:06:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 775
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
m.stripe.network/inner.html
151.101.192.176200 OK 930 B URL GET HTTP/2 m.stripe.network/inner.html
IP 151.101.192.176:443
Requested by https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html#url=https%3A%2F%2Fnooranbeauty.com%2F&title=%D9%86%D9%88%D8%B1%D8%A7%D9%86%20%D8%A8%D9%8A%D9%88%D8%AA%D9%8A%20%E2%80%93%20%D9%85%D9%86%20%D8%A7%D9%84%D8%B7%D8%A8%D9%8A%D8%B9%D8%A9%20%D8%AC%D9%85%D8%A7%D9%84%D9%83%20%D8%B7%D8%A8%D9%8A%D8%B9%D9%8A&referrer=&muid=NA&sid=NA&version=6&preview=false
Certificate IssuerDigiCert Inc
Subjecta.stripecdn.com
Fingerprint8D:4E:81:A5:A0:EE:4E:D9:37:C3:ED:32:33:2E:D5:FB:AF:2A:68:90
ValidityFri, 12 May 2023 00:00:00 GMT - Sun, 13 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (950), with no line terminators
Hash 709989cf22f7742eb35359982343e4c3
cc04f01001c0b0d27b4f5555e2d56f2e85511917
fbd4b19350d4534b3395e6bd10b8fe50476ca79c7adda65cf10ca52abb2b7ff2
GET /inner.html HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=300, public
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Jun 2023 11:49:56 GMT
via: 1.1 varnish
age: 251
x-request-id: a8b85f52-35c0-465b-81d0-f14348de3986
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 155
x-timer: S1685706596.475177,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 527
X-Firefox-Spdy: h2
js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
54.230.111.30200 OK 200 B URL GET HTTP/2 js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
IP 54.230.111.30:443
Requested by https://nooranbeauty.com/
Certificate IssuerDigiCert Inc
Subjecta.stripecdn.com
Fingerprint8D:4E:81:A5:A0:EE:4E:D9:37:C3:ED:32:33:2E:D5:FB:AF:2A:68:90
ValidityFri, 12 May 2023 00:00:00 GMT - Sun, 13 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 5b6f862fa254d124a67b7854019887d6
ee30c88b9a4ab2877225288aefcf471f6decd1c4
187e2186836cc37432836005e6dc1fff96e80122e8154a15f38aaa7a3a27401d
GET /v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 200
last-modified: Tue, 23 May 2023 20:52:13 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Fri, 02 Jun 2023 11:38:34 GMT
cache-control: max-age=31536000
etag: "93afeeb17bc37e711759584dbfc50d47"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zxUtnVGhkf40DbxypFXwYZp8A9D21rN3l6Orp67lY14gm3Jmtueo_w==
age: 713
X-Firefox-Spdy: h2
js.stripe.com/v3/?ver=1.4.6
54.230.111.30200 OK 484 kB URL GET HTTP/2 js.stripe.com/v3/?ver=1.4.6
IP 54.230.111.30:443
Requested by https://nooranbeauty.com/
Certificate IssuerDigiCert Inc
Subjecta.stripecdn.com
Fingerprint8D:4E:81:A5:A0:EE:4E:D9:37:C3:ED:32:33:2E:D5:FB:AF:2A:68:90
ValidityFri, 12 May 2023 00:00:00 GMT - Sun, 13 Aug 2023 23:59:59 GMT
Size 484 kB (484111 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/?ver=1.4.6 HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Thu, 01 Jun 2023 21:26:20 GMT
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-encoding: br
date: Fri, 02 Jun 2023 11:49:16 GMT
cache-control: max-age=60
etag: W/"a60298f1ddb71aa9244cdffc6cb3c34f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nO3p81QJZ3qfLkbNMzcuhxqOFPfqIr8CR7B6tI85o7EcOUVGlx3uig==
age: 41
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/elementor/assets/css/widget-icon-box-rtl.min.css
162.0.209.97200 OK 13 kB URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/elementor/assets/css/widget-icon-box-rtl.min.css
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (12953)
Hash 16087df92711da4ab5ec319c779b557c
21b3af00cf6a0ab19957bc93fe52645ccaebfd06
c260df4f6e1f49c13b19f1d5b07dc248c97a10cae358e6a25e27324479cc3e88
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/widget-icon-box-rtl.min.css HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: text/css
last-modified: Tue, 16 Aug 2022 00:16:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 762
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nooranbeauty.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.0
162.0.209.97200 OK 1.8 kB URL GET HTTP/2 nooranbeauty.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.0
IP 162.0.209.97:443
Requested by https://nooranbeauty.com/
Certificate IssuerSectigo Limited
Subjectnooranbeauty.com
FingerprintB4:36:72:B4:42:DC:C8:C9:47:8C:01:93:A1:F4:07:5B:51:4A:34:1B
ValidityTue, 16 May 2023 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (1874), with no line terminators
Hash 931d33f6b82ced6a70163e2c9f6abdb9
7c0497f8d9f52424df5118fcf8e5304c01a31bda
24fa70f8eb8f495def974bc7f0f5ccdabecfa00cb17e267ae611e630d4e50b80
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.0 HTTP/1.1
Host: nooranbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nooranbeauty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Jun 2023 11:49:55 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 13:32:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 899
date: Fri, 02 Jun 2023 11:49:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2