r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3569
Expires: Thu, 24 Nov 2022 14:47:14 GMT
Date: Thu, 24 Nov 2022 13:47:45 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3742
Cache-Control: max-age=164748
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:47:45 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:33:33 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3033
Expires: Thu, 24 Nov 2022 14:38:18 GMT
Date: Thu, 24 Nov 2022 13:47:45 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 13:17:17 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1828
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: IYoWZZTOUChqsU59mqKI9YNC3Jl+AU1opjbUJW26beTc1pk5RYwkAjlLXQ7w+Ndm8Wy3WWiiIyk=
x-amz-request-id: MSCJ1W6TR2V9M481
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 13:43:25 GMT
age: 260
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 13:47:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ifsydney.au/
111.118.215.51301 Moved Permanently 0 B IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 24 Nov 2022 13:47:31 GMT
Server: nginx/1.17.6
Content-Type: text/html; charset=UTF-8
Content-Length: 0
X-Redirect-By: WordPress
Location: https://ifsydney.au/
X-Server-Cache: true
X-Proxy-Cache: HIT
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 13:08:53 GMT
cache-control: public,max-age=3600
age: 2332
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5867
Cache-Control: max-age=161811
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:47:45 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:44:36 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611ea10e03263fbff61245dba126f15c
3fd44c77a17fcfbf0021e76f61954609b624b368
a067656d97c5105ead30b54f676925c94d2167fc3a7d655c57d88f106b840240
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A067656D97C5105EAD30B54F676925C94D2167FC3A7D655C57D88F106B840240"
Last-Modified: Thu, 24 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21584
Expires: Thu, 24 Nov 2022 19:47:30 GMT
Date: Thu, 24 Nov 2022 13:47:46 GMT
Connection: keep-alive
push.services.mozilla.com/
44.237.163.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.163.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2TkQgl1kyRMub5fsK/w9vA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9N/tc74JxCVQigN2rzys5QRpWu8=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:47:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:47:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:47:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:47:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:47:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:47:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?key=AIzaSyC7ueS4Fj7A4gySYDcS-5pBfdNPwXIAtGA&libraries=places&ver=6.1.1
142.250.74.74200 OK 56 kB URL HTTP/2 maps.googleapis.com/maps/api/js?key=AIzaSyC7ueS4Fj7A4gySYDcS-5pBfdNPwXIAtGA&libraries=places&ver=6.1.1
IP 142.250.74.74:0
File type ASCII text, with very long lines (2459)
Hash 326a0bea313287cdea560819e1cbf3c1
c2123c4736b61401ff1f80561c5ea1e180e3f3e9
92e7b346d551fb8b4557a1c40858e3db1237bbb14ba9149e38fa00c5b9606634
GET /maps/api/js?key=AIzaSyC7ueS4Fj7A4gySYDcS-5pBfdNPwXIAtGA&libraries=places&ver=6.1.1 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Thu, 24 Nov 2022 13:47:47 GMT
expires: Thu, 24 Nov 2022 14:17:47 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 55564
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=25
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ifsydney.au/wp-includes/css/classic-themes.min.css?ver=1
111.118.215.51200 OK 189 B URL HTTP/2 ifsydney.au/wp-includes/css/classic-themes.min.css?ver=1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 03:52:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 189
content-type: text/css
date: Thu, 24 Nov 2022 13:47:46 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
111.118.215.51200 OK 5.3 kB URL HTTP/2 ifsydney.au/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:45 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5321
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:46 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/plugins//listingpro-lead-form/assets/css/bootstrap-datetimepicker.min.css?ver=6.1.1
111.118.215.51200 OK 1.6 kB URL HTTP/2 ifsydney.au/wp-content/plugins//listingpro-lead-form/assets/css/bootstrap-datetimepicker.min.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (7655), with CRLF line terminators
Hash b2ee624bf7151a758ef4ad1b104a337e
0a49ee5bba3b0913d2399ea205b100eebf5fd4ad
b9646abc270913bf7cbfb689445e9d9cc319805c24b5b57a16d6747b52e52268
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins//listingpro-lead-form/assets/css/bootstrap-datetimepicker.min.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1568
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/lib/Magnific-Popup-master/magnific-popup.css?ver=6.1.1
111.118.215.51200 OK 2.0 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/lib/Magnific-Popup-master/magnific-popup.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (5964), with no line terminators
Hash e3b9b7a0efa32e3e4054845b22456b43
1b27599f3fe5408647619671295fdd769a750733
213cfad62a884f9931b6b55d764ff1b8590ee058a0768c6d123856165952bc6b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/lib/Magnific-Popup-master/magnific-popup.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1985
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18340
Expires: Thu, 24 Nov 2022 18:53:27 GMT
Date: Thu, 24 Nov 2022 13:47:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18340
Expires: Thu, 24 Nov 2022 18:53:27 GMT
Date: Thu, 24 Nov 2022 13:47:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18340
Expires: Thu, 24 Nov 2022 18:53:27 GMT
Date: Thu, 24 Nov 2022 13:47:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18340
Expires: Thu, 24 Nov 2022 18:53:27 GMT
Date: Thu, 24 Nov 2022 13:47:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YJuHCuUgkLuFFiQUlrPWgv9grHznufMTU08hi4ZMpQTBmou6BGWrhQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:52 GMT
age: 57595
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64d79191f005c9876b952c5f948aa0f7
1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DYBcunpyI0FBJsJGh1kKpFI3X8kzCkO3mCxzUtWnaMKBT-Bv-zkq3Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:59:18 GMT
age: 56909
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 31399
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F707b8d34-3bd2-4793-9e17-c60d0b285f84.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F707b8d34-3bd2-4793-9e17-c60d0b285f84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dc118bae963b381ce5450890130ecf15
9355a16a81b11e024dd2c5c0024aba1121fff925
cb5bc2cc49e05c133434eeb725690b3e32a0d3c6b75074582f941eee3bf7e1c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F707b8d34-3bd2-4793-9e17-c60d0b285f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9828
x-amzn-requestid: bf2f8429-416d-40d4-a237-7593ee26c27a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEv0KHywIAMFvtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e934d-349e1dcc595b1be906a83577;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bQcpPUgu6eN6PQeLMGWwBlf01iHj77_aXHjKmh8SH7HsWlUX6kipDg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:15:49 GMT
age: 55918
etag: "9355a16a81b11e024dd2c5c0024aba1121fff925"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:08:16 GMT
age: 56371
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:10:24 GMT
age: 23843
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/lib/popup/css/component.css?ver=6.1.1
111.118.215.51200 OK 2.6 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/lib/popup/css/component.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (16038), with no line terminators
Hash 555183685f44c121ac0e6277052b8731
144696d1b0741ae7d3d4c02951e894509396429d
a274f8e681a584eb6f3b3b2308d2423bd2de47012504a0db76ce8117be93815d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/lib/popup/css/component.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2647
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/lib/font-awesome/css/font-awesome.min.css?ver=6.1.1
111.118.215.51200 OK 7.1 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/lib/font-awesome/css/font-awesome.min.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (30837)
Hash 82a55032c4b614390aea6ef6870d3e90
bb21577feea531540a8d4f27ac3730ffac111e1b
4f068500ef9ef0dbffa5b76ac10f1970a7a9de8ff033f84228971a140eb20069
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/lib/font-awesome/css/font-awesome.min.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7114
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/lib/jquerym.menu/css/jquery.mmenu.all.css?ver=6.1.1
111.118.215.51200 OK 12 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/lib/jquerym.menu/css/jquery.mmenu.all.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (8902)
Hash d12256a4793ca80e81a827e2f87dc189
5a61a1403115e3fd8bd3e081301690db46e610c4
5dec902a19439b9da5da8f151b7c41eda470a35c79358e75294ae8f8efe6cb24
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/lib/jquerym.menu/css/jquery.mmenu.all.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12003
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/css/mapbox.css?ver=6.1.1
111.118.215.51200 OK 14 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/css/mapbox.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (30021), with no line terminators
Hash 3be1780753a2daf123fbc1fbf50e146e
751f7bd4da9323acecb2ba5e9a6f7e30b83780f3
348739cd2c0f096470e4c1b51e378939b32f8e76883637b9d9fd12fe7fe1fd5f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/css/mapbox.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13595
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/css/city-autocomplete.css?ver=6.1.1
111.118.215.51200 OK 465 B URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/css/city-autocomplete.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 07336eb718c073ff84fdc474d6de9237
de8968a764eb48d2ecbe1c1a8fd0535898ce438e
6a62e9458fd2e28485cb058fbf14d9b6b2465bd10550b000d4a185122f5832db
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/css/city-autocomplete.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 465
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/css/select2.css?ver=6.1.1
111.118.215.51200 OK 3.3 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/css/select2.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (14770), with no line terminators
Hash ce50cac73318a7d06b12762104297c31
09d236e45724888820d6fe2284f81255920efa9f
ba1e9f93bef06f525df4a7a1da08116fd040125a3b4e596a562fe930fd9fc0f5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/css/select2.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3264
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/lib/slick/slick-theme.css?ver=6.1.1
111.118.215.51200 OK 910 B URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/lib/slick/slick-theme.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (2373), with no line terminators
Hash 5ce4e234cddb40e01bfb15fe1ffb06f5
7e31ed2c45aecfa73dfebd790940e49487e335d4
b5c9448a77256f980c591b6a51a459acae79df2c94080afba10e59f0e164f2cd
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/lib/slick/slick-theme.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 910
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/lib/countdown/flipclock.css?ver=6.1.1
111.118.215.51200 OK 2.0 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/lib/countdown/flipclock.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF, CR line terminators
Hash 72c2accc9ca2929a2a81357f1be0fe30
84de10eafff250a2cf73fe8abc804a5c8106661b
2d875d6981e42ca558aa14c356443677893eb6dc6f5da355a90349b315dfb0aa
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/lib/countdown/flipclock.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2009
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/lib/bootstrap/css/bootstrap-slider.css?ver=6.1.1
111.118.215.51200 OK 2.7 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/lib/bootstrap/css/bootstrap-slider.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 0ba97a67c7b5c18cdd5c1b12924b51ff
fbc9e31f5fd95cc48a727f52adf28b0f6d25b6ed
f3558a051a0be67b4fbf927d96f8e8926bd428fb70a072ea2a9f8182b9e5534a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/lib/bootstrap/css/bootstrap-slider.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2654
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/css/colors-new.css?ver=6.1.1
111.118.215.51200 OK 2.7 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/css/colors-new.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash a1518b4763ec286739c23471641259c7
c8cd9b39a04d9e2751c40ff86d8fd37fbc070ddb
a2d5ef34f104fafee492c99af70db4e972934b792446f20477afe3d5bfb2092d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/css/colors-new.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2743
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/uploads/elementor/css/post-163.css?ver=1660045432
111.118.215.51200 OK 423 B URL HTTP/2 ifsydney.au/wp-content/uploads/elementor/css/post-163.css?ver=1660045432
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1278), with no line terminators
Hash 1610ff0ab58f011d2d90b6edff9e6cc6
581fe57b159d00bfa4093023d1312722c95681ff
3d24cd220cde91cee90be1bea92e440a227fb00e16a085ad8406579b48f43df6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-163.css?ver=1660045432 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 09 Aug 2022 11:43:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 423
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/css/font.css?ver=6.1.1
111.118.215.51200 OK 3.0 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/css/font.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (9330), with no line terminators
Hash ab2df5fd7d25482834b6df48c46badc9
db93f507b0386508d379c060772c36fe39a06dbc
c85698f8c138bbf82bd2de5905db5c6ef899dc9537e851a616f4095c5176f0bb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/css/font.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2954
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/style.css?ver=6.1.1
111.118.215.51200 OK 2.8 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/style.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 43a124b94e4120e888e27f39f5d92324
d96ea6529e5ee63da61690dab8f906b89b17215c
001811961467d143762d105d19cc255ae98a65174ff163c75bbfb0d63a460a0e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/style.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2825
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/uploads/elementor/css/post-17.css?ver=1661864854
111.118.215.51200 OK 278 B URL HTTP/2 ifsydney.au/wp-content/uploads/elementor/css/post-17.css?ver=1661864854
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (691), with no line terminators
Hash 5b6bff516fdfd506e4ec06e92828783c
41adfb3e65aa2e4e27604b1c7fe1ea94faf0e882
f8a774160b877d8d251c17dcbad83d1286dd99440a28e1869e97ca3d27ab0196
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-17.css?ver=1661864854 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 13:07:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 278
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
111.118.215.51200 OK 4.0 kB URL HTTP/2 ifsydney.au/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (19082)
Hash 1a51c193793d105fc6aaddfc3bc05349
238e509973276daa145be273af1aba0fbb3801bf
69e8578f795564941f826ab314ab57c83da7fb6ca7d9221c8df5f1e9081ae6e3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3978
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/css/morris.css?ver=6.1.1
111.118.215.51200 OK 428 B URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/css/morris.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 5bb189e573860a42c27f879c38acea73
e67fe72d7d39dc3b0014a52c6881a2514b4b3277
2d944017ebf1704bea5530f12781a1683078ba4321e9fe674c06919fc6414369
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/css/morris.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 428
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/uploads/elementor/css/global.css?ver=1660045432
111.118.215.51200 OK 1.1 kB URL HTTP/2 ifsydney.au/wp-content/uploads/elementor/css/global.css?ver=1660045432
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (6501)
Hash a6578447e2f02034108abf4759d73db6
b2c9b5581d1563b22b33d472b9bdd696dd254abe
f87c97d6179a82837636255779853c4339b7010b8baeb9cfd3f9f3a37c9d96d5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/global.css?ver=1660045432 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 09 Aug 2022 11:43:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1084
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/js/approve-review.js?ver=6.1.1
111.118.215.51200 OK 417 B URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/js/approve-review.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash e886aeff3fa8d390bbb319c2e2bd305c
fbefc38554a125cc1bdcc49fbeb77089fd33304b
ce3570c04bcb59e03ddbf5932174e3e6071d9dc408ec302594dc866ddc2471e5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/js/approve-review.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 417
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/js/needlogin-ajax.js?ver=6.1.1
111.118.215.51200 OK 1.7 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/js/needlogin-ajax.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 7b2220a3f584e30cfaeb1f62f2d6e4d7
387c829f30a8d1abcfb636210f6faba10504fa0a
34a93f1bd3676c18d6cec612330d67d8d2754bda72c1a2616129bfd62d17c946
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/js/needlogin-ajax.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 05 Sep 2022 19:24:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1737
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/lib/slick/slick.css?ver=6.1.1
111.118.215.51200 OK 570 B URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/lib/slick/slick.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash f57b0c104bb45592fa1faddd81243d43
0e63ce4d3421daf6525a5d02dca54c79fd86c4c7
37cde4a2345b65a8d9926a3e2ebe5444203eb005d2ae48c9b30d6ca5f7b3fb0c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/lib/slick/slick.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 570
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/css/common.loading.css?ver=6.1.1
111.118.215.51200 OK 310 B URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/css/common.loading.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 02b2daa528f55f7c976bdfe8a0152b37
e9b93cfa6668b820d3542dabbfd187f8f4dac5a6
499c8ee090c82833680b02036bcb2870a54e6fa5ddd0b8449173432b0d52ea50
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/css/common.loading.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 310
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
111.118.215.51200 OK 4.6 kB URL HTTP/2 ifsydney.au/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4618
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/images/content-loader.gif
111.118.215.51200 OK 18 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/images/content-loader.gif
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type GIF image data, version 89a, 640 x 640\012- data
Hash 35e2887bbe858cd18b7670667970157c
11284622710718cec1d48562f76610b6df99c709
fcb29b2c86fc2ed9f60bac1978d630533d808ebda3740ac9f6066910f1946776
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/images/content-loader.gif HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
content-length: 17933
content-type: image/gif
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/uploads/2022/08/ifs_logo.au_-1-e1661864237364.png
111.118.215.51200 OK 6.0 kB URL HTTP/2 ifsydney.au/wp-content/uploads/2022/08/ifs_logo.au_-1-e1661864237364.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 188 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 538ffbe4065bb94ac13ab229134e0a0d
48ff80f1e5c55040cbcfa5d46be8d79eb93a7763
d62db0f371c7d084402e4d159d19f8d8c78a888fb7e8c30835a928520075280d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/ifs_logo.au_-1-e1661864237364.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 12:57:17 GMT
accept-ranges: bytes
content-length: 6048
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/js/login.js?ver=6.1.1
111.118.215.51200 OK 3.7 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/js/login.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 427f06c3dd278f9030a2f2cefed6aa98
3f9b0dde6423863707bc53e390c3cf5122f553c9
13f1f8ea389f890e7d0d33688c49c1a56013ed192160dfef01602a75ba913c46
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/js/login.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3741
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/css/dynamic-css.css?ver=6.1.1
111.118.215.51200 OK 13 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/css/dynamic-css.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type assembler source, ASCII text, with very long lines (666), with CRLF line terminators
Hash 379cfe1fed0bc78c99208684cc617a99
4d6b514417cc8880a5e173230cd5a171ab15f53f
cc19cbe91de967b3321140041a270cb6003f80e93ea8f806289239f7ad06fbce
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/css/dynamic-css.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 04:56:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13072
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/js/single-ajax.js?ver=6.1.1
111.118.215.51200 OK 12 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/js/single-ajax.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 17c37874a8f94060c91a871ee6cabec5
568b49c58fd0c01eb8f6b8cee32580f8848863c9
239f1079ed59a5ad6bd32d69950e515ff71f430d78aebb3982dffcb3182fa581
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/js/single-ajax.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 11621
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/images/search-load.gif
111.118.215.51200 OK 52 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/images/search-load.gif
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type GIF image data, version 89a, 70 x 70\012- data
Hash 4dc5546a461e2931d15554d6236c4618
5db28621f1c391b79a0ab5b1b41a28be549258c4
bfa13ae32bac00873f31c1f07bd71ff302d4c0860c27286bbf4d76f620fa0c85
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/images/search-load.gif HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
content-length: 51662
content-type: image/gif
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/plugins/listingpro-plugin/assets/js/main.js?ver=6.1.1
111.118.215.51200 OK 2.0 kB URL HTTP/2 ifsydney.au/wp-content/plugins/listingpro-plugin/assets/js/main.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with very long lines (463), with CRLF line terminators
Hash 8941132538a7d74d6b1dcdf893ed9d57
781aea0b6ba37ebd4f26897a0d3201095de30ba6
532bd92449f1cd7c607b31f20d0b70eac0734e4ad3dc1a8e55709840fa589839
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/listingpro-plugin/assets/js/main.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2037
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/css/colors.css?ver=6.1.1
111.118.215.51200 OK 2.9 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/css/colors.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (8687), with no line terminators
Hash 79919d633cee20cd0ffd39d059e25960
34ece39a0c98f7a017818440c36edb27332cef99
9bdd00fed5b9e4656bf9316dfb1c61990912d59fe3152bd06d8fb1af9556171e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/css/colors.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2911
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/js/home-map.js?ver=6.1.1
111.118.215.51200 OK 3.6 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/js/home-map.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (477)
Hash dd1159cd33a9618c16595271978c0086
df2cc785b29b1728eafd9c73267b5ea13db5d427
13a1cb2f24b28cea364a34b66e474dc82f18968ab799c458e995eb49fe020eb0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/js/home-map.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3598
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/js/review-submit.js?ver=6.1.1
111.118.215.51200 OK 4.6 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/js/review-submit.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 58a4cc4a28885352b67ee696d0a801b3
3d16ffb25bebe7b4484869802a0941c65b9b62da
290e67ca86cc0f6101cf6c5f6dbebfad7a974befcc8a2c540ad7bba061317e84
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/js/review-submit.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4622
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/plugins/listingpro-plugin/assets/js/child-term.js?ver=6.1.1
111.118.215.51200 OK 6.6 kB URL HTTP/2 ifsydney.au/wp-content/plugins/listingpro-plugin/assets/js/child-term.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (319)
Hash 745db7a9b0465b510fe1caf06abc5b9c
bd214907b4edf9466e6e00ef6de93e7adc04c5f3
67cae14776c6c2af0b5d20a5e78b92a53fd15299c6db15ab53f619b78d6a3792
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/listingpro-plugin/assets/js/child-term.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6560
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/lib/chosen/chosen.css?ver=6.1.1
111.118.215.51200 OK 14 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/lib/chosen/chosen.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (17729), with CRLF line terminators
Hash 346cf625a538cb51a694d87ce1160993
5e32ca03ef2496f44e2ccb12207cc315214d90c0
9a50ae7d45eb162b77819923198ab10b7a2fdc61ad9de957e9e97895e1fd79ae
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/lib/chosen/chosen.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 14311
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/list/wp-content/uploads/2022/08/icons8-workstation-64.png
111.118.215.51200 OK 840 B URL HTTP/2 ifsydney.au/list/wp-content/uploads/2022/08/icons8-workstation-64.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 3f7a7d9fe74db85eb6a7f2734db0cac4
e5c27bf9b8bd7164f553251b87269ceff9a32792
47dd720168a77fd48f5b2e7abc93894af7a81cdb402f87fbead4d95803e9be38
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /list/wp-content/uploads/2022/08/icons8-workstation-64.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Aug 2022 13:35:45 GMT
accept-ranges: bytes
content-length: 840
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/js/leafleft-google.js?ver=6.1.1
111.118.215.51200 OK 1.4 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/js/leafleft-google.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 97230f46f746f504dc23ec573c982acc
7a8b7e951361659d2a6878c057eef215a57c7a6a
c2b38151bfb189b112870ff0a9fc62428954b084e82fc894ba43c4b76d1364fa
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/js/leafleft-google.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1435
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/list/wp-content/uploads/2022/08/icons8-taxi-64.png
111.118.215.51200 OK 1.7 kB URL HTTP/2 ifsydney.au/list/wp-content/uploads/2022/08/icons8-taxi-64.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash f2f718284517a0d3c184de4ae355efe8
640cbff165dcbb7a4e06fa20a6b0f385b69e9e4a
d17f7992a0068610a347d7ae424086221a7a6f7deb36fe51daa99b2571fc259a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /list/wp-content/uploads/2022/08/icons8-taxi-64.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Aug 2022 13:45:30 GMT
accept-ranges: bytes
content-length: 1714
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/list/wp-content/uploads/2022/08/icons8-page-not-found-64.png
111.118.215.51200 OK 1.9 kB URL HTTP/2 ifsydney.au/list/wp-content/uploads/2022/08/icons8-page-not-found-64.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 332b59638b3b5229df1d601ae884f6a6
bc9918745ac0e25b76ead2a373f22d206600fcdd
9c34fae1c2ff117fd680f056a7478d7d8fb68231ad05fd3fdcb7018b7f95018d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /list/wp-content/uploads/2022/08/icons8-page-not-found-64.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 06 Aug 2022 13:34:56 GMT
accept-ranges: bytes
content-length: 1862
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/images/banner-arrow.png
111.118.215.51200 OK 2.2 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/images/banner-arrow.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 50 x 51, 8-bit/color RGBA, non-interlaced\012- data
Hash 5bcc6d4663695d9eccdec26b3d3f7dbf
03ff197314fbba4d4af3edd4f9d4ea31eb90e900
8c8f3299c6c9bc0f923a8aa2adf119fbb47ef93c83abfb9873da32f775951641
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/images/banner-arrow.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
content-length: 2213
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/list/wp-content/uploads/2022/08/icons8-truck-64.png
111.118.215.51200 OK 1.6 kB URL HTTP/2 ifsydney.au/list/wp-content/uploads/2022/08/icons8-truck-64.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 1041f31bc84833d2c2cbc50287f75b89
1a3a38b7c30a8b34db9690f5ba51f336f641bf0f
14bf8b34428c6b507d9fd7a059f67708be4a178b8c6e7645b59b5dd25c4f526f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /list/wp-content/uploads/2022/08/icons8-truck-64.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Aug 2022 13:40:33 GMT
accept-ranges: bytes
content-length: 1577
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/list/wp-content/uploads/2022/08/icons8-aeroplane-67.png
111.118.215.51200 OK 1.9 kB URL HTTP/2 ifsydney.au/list/wp-content/uploads/2022/08/icons8-aeroplane-67.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 67 x 67, 8-bit/color RGBA, non-interlaced\012- data
Hash af939139a6c3672f4024106a246ede03
7ed09dd597737f2586f0c685af9ae52513bc3281
8ebf1c6fad8a6288e82c50fee875ceb5b16850b52c7c5f39743e117c0413b8bb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /list/wp-content/uploads/2022/08/icons8-aeroplane-67.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Aug 2022 13:48:20 GMT
accept-ranges: bytes
content-length: 1946
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/list/wp-content/uploads/2022/08/icons8-ingredients-64.png
111.118.215.51200 OK 1.9 kB URL HTTP/2 ifsydney.au/list/wp-content/uploads/2022/08/icons8-ingredients-64.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash a897e8e592bc882178c46591d7581d0b
c4af4bc1cfb7e48d3d2e3ae25f4380bfe71a2edf
6cce99199318ffb4bde1571aa241fbb73da8a5ee7d1457be7a06c6b77dae9bf2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /list/wp-content/uploads/2022/08/icons8-ingredients-64.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Aug 2022 13:25:27 GMT
accept-ranges: bytes
content-length: 1864
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/list/wp-content/uploads/2022/08/icons8-fiat-500-64.png
111.118.215.51200 OK 2.1 kB URL HTTP/2 ifsydney.au/list/wp-content/uploads/2022/08/icons8-fiat-500-64.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 4e47b2346cb3c12980df2ca1cb383d00
ffdc7c0f9bc71ec5b04b895d36537c357763d234
c5346b89c5043a4fe96a8894d1081ec260542cc11a53053e44fbddc3f258246a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /list/wp-content/uploads/2022/08/icons8-fiat-500-64.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Aug 2022 12:41:29 GMT
accept-ranges: bytes
content-length: 2134
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/list/wp-content/uploads/2022/08/icons8-exercise-64.png
111.118.215.51200 OK 1.9 kB URL HTTP/2 ifsydney.au/list/wp-content/uploads/2022/08/icons8-exercise-64.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 6be8db226031ce80ec41cba7639e7f8a
b2642d22f36e149ccf5e44f3d1be1112f479e69f
f4332acf5e90558e9f7f7417cd9aaafb84e3d7c8fd4ec66564a342202882cd5c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /list/wp-content/uploads/2022/08/icons8-exercise-64.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Aug 2022 13:31:11 GMT
accept-ranges: bytes
content-length: 1904
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Quicksand:300,400,500,600,700%7COpen%20Sans:300,400,500,600,700,800,300italic,400italic,500italic,600italic,700italic,800italic&subset=latin&display=swap&ver=1667883420
142.250.74.10200 OK 1.6 kB URL HTTP/2 fonts.googleapis.com/css?family=Quicksand:300,400,500,600,700%7COpen%20Sans:300,400,500,600,700,800,300italic,400italic,500italic,600italic,700italic,800italic&subset=latin&display=swap&ver=1667883420
IP 142.250.74.10:0
File type ASCII text, with very long lines (634)
Hash 2a8355ac403c68043b07170378494fea
97693af9bbb7bea142812c3a2e338d5bf7782ab4
2f871cff5b0438eb77f060704fc323624fc46a7f33428d009861489f12aacf2f
GET /css?family=Quicksand:300,400,500,600,700%7COpen%20Sans:300,400,500,600,700,800,300italic,400italic,500italic,600italic,700italic,800italic&subset=latin&display=swap&ver=1667883420 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 13:47:47 GMT
date: Thu, 24 Nov 2022 13:47:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/js/lp-gps.js?ver=6.1.1
111.118.215.51200 OK 693 B URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/js/lp-gps.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 30e72311179f947502e841789e8015a9
3f9c7be47afcf94686c97af2184098c54f5d8c7e
92fa5e4bc5004f849c952627f20b2cc333980ba447a6e5291733d87bc29e49d0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/js/lp-gps.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 693
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/js/singlepostmap-new.js?ver=6.1.1
111.118.215.51200 OK 1.4 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/js/singlepostmap-new.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (840)
Hash eee93a212a3e115806979b02e1493f6c
a4f92006326f5d0f98154d08966e1124f3521cd5
358d468ffce5a53f3bceca7c0b87a363ca03daea280d9ca44077a99e64a60117
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/js/singlepostmap-new.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1444
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/list/wp-content/uploads/2022/08/icons8-insect-50.png
111.118.215.51200 OK 2.4 kB URL HTTP/2 ifsydney.au/list/wp-content/uploads/2022/08/icons8-insect-50.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 7eb5f048f5915b2fb02549f25e59796f
b72387dd75aa3090c4b6f32dbbd768281da64a0d
bb17e472ac1cd44e304620ae2512a06bbe7a288dd584f5579440f9a0e5bac2e8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /list/wp-content/uploads/2022/08/icons8-insect-50.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Aug 2022 13:39:09 GMT
accept-ranges: bytes
content-length: 2351
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/plugins/listingpro-plugin/assets/js/auto-places.js?ver=6.1.1
111.118.215.51200 OK 1.4 kB URL HTTP/2 ifsydney.au/wp-content/plugins/listingpro-plugin/assets/js/auto-places.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash eb0319e2f0a3117a8828164167381028
4c4b00da258648f9ab96b8221a63d0ee797f5e6b
f63f7075dedd67609525dd1632744c097e85fb56b9395050dbab035b10c14c18
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/listingpro-plugin/assets/js/auto-places.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1441
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
111.118.215.51200 OK 20 kB URL HTTP/2 ifsydney.au/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (47826)
Hash 598bb055016832ad949e3bb41f99b9ba
08dfa39d255dba52711e0966681c796af4660272
0e808b489455447965455f396a4c335dad6cb87cab2e3a0696f4e0e36b38b04b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Nov 2022 21:01:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Thu, 24 Nov 2022 13:47:46 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/js/chosen.jquery.min.js?ver=6.1.1
111.118.215.51200 OK 8.5 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/js/chosen.jquery.min.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (26845), with CRLF line terminators
Hash 51a820bd9583f25806e0e5685f2746b5
a1afe276d40e3559b9148bdb7bbec7d992b46a7d
7e3a8f826f9db39ee1c70bc3eaf1bb5a7da05d5f58c6f07d563c1b691815acff
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/js/chosen.jquery.min.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8530
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/list/wp-content/uploads/2022/08/icons8-gift-64.png
111.118.215.51200 OK 1.5 kB URL HTTP/2 ifsydney.au/list/wp-content/uploads/2022/08/icons8-gift-64.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 59640bc92965b6f007e56ad8b4832086
3dc4aef7951eb328f1bac037633b145857f8ef88
87ede9bc690d8abfda3c4c1af65f94f70927ec566dbac4adc28d4c5ed71e1f37
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /list/wp-content/uploads/2022/08/icons8-gift-64.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Aug 2022 13:20:09 GMT
accept-ranges: bytes
content-length: 1545
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/list/wp-content/uploads/2022/08/icons8-money-box-64-1.png
111.118.215.51200 OK 4.0 kB URL HTTP/2 ifsydney.au/list/wp-content/uploads/2022/08/icons8-money-box-64-1.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 04af13f782ec219c00cc1e2d4746429d
2cba972d5b13856c4e55a80b02a5b18341cbc2fb
b88e71362ba8659ca0a66f29eced728f616a6ab69a3250647559633099a8b48b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /list/wp-content/uploads/2022/08/icons8-money-box-64-1.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 03 Aug 2022 15:45:44 GMT
accept-ranges: bytes
content-length: 3977
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/list/wp-content/uploads/2022/08/icons8-ballroom-dance-50.png
111.118.215.51200 OK 1.8 kB URL HTTP/2 ifsydney.au/list/wp-content/uploads/2022/08/icons8-ballroom-dance-50.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 59f1bfffade27a11b7c8749d1b650781
f1067f84ae347eecc32c501a094343d9ff1134d9
054735d7ca775be93192b0c2cf116b79d42e955eb649d8566adc41e26bfe1431
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /list/wp-content/uploads/2022/08/icons8-ballroom-dance-50.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Aug 2022 13:18:05 GMT
accept-ranges: bytes
content-length: 1754
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/uploads/2022/08/icons8-decoration-64.png
111.118.215.51200 OK 3.8 kB URL HTTP/2 ifsydney.au/wp-content/uploads/2022/08/icons8-decoration-64.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 0a2eea04cd008d1e275ac495c5a5ef0f
47c971234d3203cbff51f62057cafa97421252a2
9ea1b9934c0e793f0701f15aa2d7242bf11d4f95e83c58557206bf39c7833409
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/icons8-decoration-64.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 12:45:17 GMT
accept-ranges: bytes
content-length: 3761
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/list/wp-content/uploads/2022/08/icons8-photographer-64.png
111.118.215.51200 OK 2.5 kB URL HTTP/2 ifsydney.au/list/wp-content/uploads/2022/08/icons8-photographer-64.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 7407850801119a9ba28ba968c974dc66
eafb046702b604ec060a7ec4da2442ecd51132ff
319497ca9409db0fbcb923e8ca930bd442dfc3d2fac7e935592fd74e2d0e1e10
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /list/wp-content/uploads/2022/08/icons8-photographer-64.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Aug 2022 13:22:19 GMT
accept-ranges: bytes
content-length: 2532
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/list/wp-content/uploads/2022/08/icons8-two-hearts-50.png
111.118.215.51200 OK 1.9 kB URL HTTP/2 ifsydney.au/list/wp-content/uploads/2022/08/icons8-two-hearts-50.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 94526b436d324933dc77f5743e6a8115
b08f9c505b7b5936e9abffdcfbaf62f9b6c1362b
aabbc01355bbbe80e6ad442842a47980946b4323a1247ef50bbfc852af02d8f5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /list/wp-content/uploads/2022/08/icons8-two-hearts-50.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Aug 2022 13:38:06 GMT
accept-ranges: bytes
content-length: 1850
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/list/wp-content/uploads/2022/08/icons8-graduation-cap-64.png
111.118.215.51200 OK 3.0 kB URL HTTP/2 ifsydney.au/list/wp-content/uploads/2022/08/icons8-graduation-cap-64.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 9d3b7db7c4383b357ea65f33fd579ac3
8a40f70530b8ea9eba03573d81a55b2ac72961a8
21fb0fc0059282b0331e42ddac399343d54912b4e98b6fa86569eb9966fbbb49
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /list/wp-content/uploads/2022/08/icons8-graduation-cap-64.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Aug 2022 12:40:04 GMT
accept-ranges: bytes
content-length: 3020
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/lib/bootstrap/js/bootstrap.min.js?ver=6.1.1
111.118.215.51200 OK 14 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/lib/bootstrap/js/bootstrap.min.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (32033)
Hash ad7339964f395566ac9d75903d96b9de
ea5756ab8d399418e0f862a8ff1249df3f77790f
3adfc0a685bd6eee9638948b1085d3db733c75caff8409b7582e356671588491
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/lib/bootstrap/js/bootstrap.min.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 14394
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/list/wp-content/uploads/2022/08/icons8-firework-60.png
111.118.215.51200 OK 2.6 kB URL HTTP/2 ifsydney.au/list/wp-content/uploads/2022/08/icons8-firework-60.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 241b623619ce6b416c3c57f1dd49edcd
1db0fefcd487bef5db10a587ad236485819e242f
f4db6ff7061f3074ba9f090786b48b2b1798a87076fbb44baef092b8e6ab8e79
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /list/wp-content/uploads/2022/08/icons8-firework-60.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Aug 2022 13:05:42 GMT
accept-ranges: bytes
content-length: 2552
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/
111.118.215.51200 OK 63 kB IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (20745)
Hash a6538f0114ac53fd1826f8ca04dc0353
04d60d840965d26baa917a4049174a3b7a2a4215
15a47171553789efd544d1f5cd97c623bbbc14b9f75e69d8564798bb8c7aa08e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 24 Nov 2022 13:47:46 GMT
server: Apache
content-type: text/html; charset=UTF-8
link: <https://ifsydney.au/wp-json/>; rel="https://api.w.org/", <https://ifsydney.au/wp-json/wp/v2/pages/17>; rel="alternate"; type="application/json", <https://ifsydney.au/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
x-server-cache: true
x-proxy-cache: EXPIRED
X-Firefox-Spdy: h2
ifsydney.au/wp-content/uploads/2022/08/icons8-panel-and-foot-outlet-64.png
111.118.215.51200 OK 3.0 kB URL HTTP/2 ifsydney.au/wp-content/uploads/2022/08/icons8-panel-and-foot-outlet-64.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash e951880e260c4d05dbf831e73cecef2f
b2c81c1fae86cee1b81d77d9af4e39522e6206ab
145c4a22ef1b85d8305f1de76ebc795eecd1562fd2575616d28aa025c7af9825
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/icons8-panel-and-foot-outlet-64.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 13:28:55 GMT
accept-ranges: bytes
content-length: 2986
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/list/wp-content/uploads/2022/08/icons8-law-64.png
111.118.215.51200 OK 3.1 kB URL HTTP/2 ifsydney.au/list/wp-content/uploads/2022/08/icons8-law-64.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash b56d66afa0b5ebcc7714d5715e989768
8d2cc492ee290d6a858b667ba02596c8d4bee428
cae8131de18a4e1df3a1ca9af55a3de3f7d8bad394ccd3b1425bc94883654977
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /list/wp-content/uploads/2022/08/icons8-law-64.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Aug 2022 12:37:28 GMT
accept-ranges: bytes
content-length: 3051
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/list/wp-content/uploads/2022/08/icons8-baby-stroller-64.png
111.118.215.51200 OK 1.4 kB URL HTTP/2 ifsydney.au/list/wp-content/uploads/2022/08/icons8-baby-stroller-64.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 248c9558fae7638daa96c5fd90b0f8e7
4bc696b5f123d4de84759dc6f795db25feadd413
257c7ec1694187e1a16195f969ffbfbb611de3dd4fcbe5bff76e602edbd7a30e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /list/wp-content/uploads/2022/08/icons8-baby-stroller-64.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Aug 2022 12:43:01 GMT
accept-ranges: bytes
content-length: 1389
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/list/wp-content/uploads/2022/08/icons8-dress-60.png
111.118.215.51200 OK 2.7 kB URL HTTP/2 ifsydney.au/list/wp-content/uploads/2022/08/icons8-dress-60.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash ead7f0f8c24020f8b985febae2d31556
d3f02170c53acb45ac509ad73d7a668a47e2327d
c0dfaf33b21ef2ade81e5b031f5d053289a8ca5ecc1152a46e64c9482678c50b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /list/wp-content/uploads/2022/08/icons8-dress-60.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Aug 2022 13:02:04 GMT
accept-ranges: bytes
content-length: 2722
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/list/wp-content/uploads/2022/08/icons8-gardener-64.png
111.118.215.51200 OK 3.2 kB URL HTTP/2 ifsydney.au/list/wp-content/uploads/2022/08/icons8-gardener-64.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 51fee4f5dbd043010d6e9765cdd564fc
ad7dbd65e7a57634c962b16b1deed2228587ca71
906076785068003856427051175a6c11529ac5fe3cafca87f5f7759bde424e9b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /list/wp-content/uploads/2022/08/icons8-gardener-64.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Aug 2022 13:24:00 GMT
accept-ranges: bytes
content-length: 3211
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/js/drop-pin.js?ver=6.1.1
111.118.215.51200 OK 1.4 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/js/drop-pin.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 25761610d266d6e164f758f257e6de04
51131557678f7ecead042143c41a2e2d81d6f174
e42450e1f0da955906db3895685b2422475647ac939c3ef7dd90c5490237deb7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/js/drop-pin.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1363
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/list/wp-content/uploads/2022/08/icons8-cleaner-51.png
111.118.215.51200 OK 2.7 kB URL HTTP/2 ifsydney.au/list/wp-content/uploads/2022/08/icons8-cleaner-51.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 51 x 51, 8-bit/color RGBA, non-interlaced\012- data
Hash 874b680c653a35e6109bce6226419d09
06d3b6dcb6501d8e282e94f6bb5b6c3ac66187d2
b6affd3ba1f551cdf28b61adafda8dc73558ed25bec20f4b22618055ee2734e3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /list/wp-content/uploads/2022/08/icons8-cleaner-51.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Aug 2022 12:45:35 GMT
accept-ranges: bytes
content-length: 2723
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/list/wp-content/uploads/2022/08/icons8-cleaner-64.png
111.118.215.51200 OK 2.7 kB URL HTTP/2 ifsydney.au/list/wp-content/uploads/2022/08/icons8-cleaner-64.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 89619b07ac3e75f1051c28de95cd97aa
895e7c1e62dd04240970fc1cf316f8fd87090830
082085ad48c2de747ea034b2878b145af1466d2c331137af2eb48f541558fdc3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /list/wp-content/uploads/2022/08/icons8-cleaner-64.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Aug 2022 13:33:08 GMT
accept-ranges: bytes
content-length: 2738
content-type: image/png
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.8
111.118.215.51200 OK 2.3 kB URL HTTP/2 ifsydney.au/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.8
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (4918)
Hash a32a79c1a0040098845978b5a121d363
f0732a0750088d3702539d11d81b5f0675d63bb9
7055209b02508e8437ea17579d97d819058b08bae540e42ea0360baf659ca9a3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.8 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2310
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/plugins/listingpro-plugin/assets/js/submit-listing.js?ver=6.1.1
111.118.215.51200 OK 5.8 kB URL HTTP/2 ifsydney.au/wp-content/plugins/listingpro-plugin/assets/js/submit-listing.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 2ab8c9559d7d1235066b5aa434ea9ae4
c3b0cb1af70c80e633042c7b229cc3f2fcb2a12d
3667d4fb2cf3bc13010fe7d11cd2ca79cc734d1652420f713cd974fcbb4dc970
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/listingpro-plugin/assets/js/submit-listing.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Nov 2022 22:11:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5828
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/images/ellipsis.gif
111.118.215.51200 OK 65 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/images/ellipsis.gif
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type GIF image data, version 89a, 120 x 120\012- data
Hash 168ec86779a3ba92f7d45c94119370c8
2ff1130643e47afbb1baf0ae1ba22692b042ba94
4ed05bfa7d46d9b1403c78d586521ece75b5fb0c8b5d85f7cadf1e9a081e3674
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/images/ellipsis.gif HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
content-length: 65080
content-type: image/gif
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/js/lp-iconcolor.js?ver=6.1.1
111.118.215.51200 OK 948 B URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/js/lp-iconcolor.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 621963033110ce086256f1eccbc1db06
408dfe4207476bccd2e47b4ca8cc4df3bac79f0a
a2afba2e49f3a15bea63a8ea7fd0e4f6b783ad1831c9ab0ffe94b73eee4b5895
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/js/lp-iconcolor.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 948
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Quicksand&ver=6.1.1
142.250.74.10200 OK 729 B URL HTTP/2 fonts.googleapis.com/css?family=Quicksand&ver=6.1.1
IP 142.250.74.10:0
File type ASCII text, with very long lines (619)
Hash 8489ff44fbe3a8749ecfd918010a0cbb
3b5e967dbdba7c45445539695d6bddec1103be03
359bf8bc61e1961eebaecce5da3313780f86bdfef3abbf7f253e7735beafa921
GET /css?family=Quicksand&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 13:47:47 GMT
date: Thu, 24 Nov 2022 13:47:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/lib/chosen/chosen.jquery.js?ver=6.1.1
111.118.215.51200 OK 8.6 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/lib/chosen/chosen.jquery.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (27360), with no line terminators
Hash ed7f3b7fb8c8eba484cce3fb2394d68a
7c144bc63c7908f171a48003cc337e5c2ffc8626
3d40310cfe832b32b85f88c0d77510b93db23d26fbfd087ef31b441c679ebb37
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/lib/chosen/chosen.jquery.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8626
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/lib/countdown/flipclock.min.js?ver=6.1.1
111.118.215.51200 OK 6.7 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/lib/countdown/flipclock.min.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (21010), with CRLF, CR line terminators
Hash 78b6aed5d9695e0a666455b7a65b667e
14994435331127c4009caf1f05890b58ccc99139
5afadbc8809aa0965e32b8ecfb84e3ae6c015618ddbbf192a27e841d7329aa04
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/lib/countdown/flipclock.min.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6734
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/lib/bootstrap/js/bootstrap-slider.js?ver=6.1.1
111.118.215.51200 OK 19 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/lib/bootstrap/js/bootstrap-slider.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash dc47cae39881875eb8e9dfbdab68d874
213ceb38081778f191aa5f90b108287ff8e96196
4423b6805895e2e23a2a3be91980157234e7006a9effc4ffdadccc3ea5c24c0b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/lib/bootstrap/js/bootstrap-slider.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 18723
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/js/leaflet.markercluster.js?ver=6.1.1
111.118.215.51200 OK 9.8 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/js/leaflet.markercluster.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (28074)
Hash 97a516195a7b0c17c6b9a728fcb16c8d
f1f749e79797fd9309c4366f4d2fed2f8a88cbcd
b1ae293a4193c45851b0c19aedf8dff33dff3ab0c6acc015692940b9d148da31
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/js/leaflet.markercluster.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9837
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.8
111.118.215.51200 OK 13 kB URL HTTP/2 ifsydney.au/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.8
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (32569)
Hash f945e7637926fa039726457d4eb7a002
89b089a3bc6ad1c694767e6b7e010af426c996c7
3b9fa51c382d217c0bda3f87bde7e490708a0ba6e5c8f695edd95c74ec8a8926
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.8 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13190
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Rock+Salt&ver=6.1.1
142.250.74.10200 OK 11 kB URL HTTP/2 fonts.googleapis.com/css?family=Rock+Salt&ver=6.1.1
IP 142.250.74.10:0
File type ASCII text, with very long lines (1224)
Hash 5488b83dfa7cca4bfc9eb386c2801dfa
479e363484f03a57cc68a43655124c531c1fd4ef
7f674cf79300081c0dde9609862f73c0dc3e2d86370039d7d63007762d73ee3e
GET /css?family=Rock+Salt&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 13:47:47 GMT
date: Thu, 24 Nov 2022 13:47:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/js/2co.min.js?ver=6.1.1
111.118.215.51200 OK 13 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/js/2co.min.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (32008)
Hash 53829de816710e4bfca36df3a5d2005f
81c5abc02c538e0c25722acb243180b00084ec8b
22fd7f2f57a1025068a568ee3f42c160c4f4b0eac3c7eb93ac80003f0cd3cbae
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/js/2co.min.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12961
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
111.118.215.51200 OK 8.3 kB URL HTTP/2 ifsydney.au/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 838560e989767f2ef5951b9eeee20352
6bf8419cb4d68d9beced9e4b79b22b347ae16a46
72e6d275c5229613a59aef94523fc6a96330553976aee003d8544d5806fa0c3d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 03:52:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8344
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/plugins/listingpro-lead-form/assets/js/bootstrap-datetimepicker.min.js?ver=6.1.1
111.118.215.51200 OK 12 kB URL HTTP/2 ifsydney.au/wp-content/plugins/listingpro-lead-form/assets/js/bootstrap-datetimepicker.min.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with very long lines (32010), with CRLF line terminators
Hash f62430a6ea70395b6599677984429413
3168ef9046a2dcfe0cb976ed57716b91d78eb687
ee48a9663a6ffbb33ac305bdcc761672dd2a2174dcfc0b4dd98d0f0fc0ea8899
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/listingpro-lead-form/assets/js/bootstrap-datetimepicker.min.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 11517
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-includes/js/wp-util.min.js?ver=6.1.1
111.118.215.51200 OK 758 B URL HTTP/2 ifsydney.au/wp-includes/js/wp-util.min.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1391)
Hash 60bc75e3b14030c62d9fd3a3d317d8a8
6d919bbd05a3984a8e5e67b693e6d5d41cc885f9
e22df84be1a3ffe3b54352a4a39e14adb3fac69f2ce755e4c7babbc243c5bb4b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-util.min.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 03:52:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 758
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.5.5
111.118.215.51200 OK 374 B URL HTTP/2 ifsydney.au/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.5.5
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (754), with no line terminators
Hash ef785f463505633971eae5c08ad626d4
624e22257f386801822229db3a4bbd2e24b25e2f
b2a0dc77f0f79d81698a7e3893e16ecba7b0d980b80a5233656d9b11f1d8160d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.5.5 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 374
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
111.118.215.51200 OK 3.7 kB URL HTTP/2 ifsydney.au/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (12198), with no line terminators
Hash e2a8decccf4d0a6b925af707a36077a9
26a0febc9c3d91e75410f74b9ec62099ba1cbe90
09e0e638a6f53c0fdcfeeb8ae91f3a404bef47b471324e335e29be14a2aa87f7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3747
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-includes/js/underscore.min.js?ver=1.13.4
111.118.215.51200 OK 8.3 kB URL HTTP/2 ifsydney.au/wp-includes/js/underscore.min.js?ver=1.13.4
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (18798)
Hash ac9c7baaab74ef2576932d5798161987
fa202113e12b09696788a7024984879bddd29143
c03d52f8f157e9209646e3e696e9845d7d2b3cf3e73c8204f371b7393e738026
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 03:52:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8305
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.8
111.118.215.51200 OK 16 kB URL HTTP/2 ifsydney.au/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.8
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (40438)
Hash 73c5c95f6330c8de3cb756e16f81137d
cab12f7aeccdff16b469525110cc86872e42a7c8
216c1abc124be562cbde00021c29d9378ba5815c426aba275d62d6298fac1070
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.8 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 16149
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:47:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:47:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:47:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:47:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:47:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
216.58.207.195200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 25672, version 1.0\012- data
Hash fe3e5be2baa0126122ba9367ebab73c8
40bec99106dfab5f3721ed725483eb618a9016cd
8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e
GET /s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ifsydney.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25672
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 21:16:17 GMT
expires: Tue, 21 Nov 2023 21:16:17 GMT
cache-control: public, max-age=31536000
age: 232292
last-modified: Mon, 18 Jul 2022 19:12:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ifsydney.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:42:51 GMT
expires: Fri, 24 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 29098
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ifsydney.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 68040
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:47:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3f0e66215ba610c1bc15af806424b5a2
c2110843f8c3259a2909736d529d059f49c11c88
8f07a5cb98affdf2edc03ea51d81d87047c81cfb87d5888848c2ba27c204cbb1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2786
Cache-Control: max-age=163755
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:47:49 GMT
Etag: "637f47ce-118"
Expires: Sat, 26 Nov 2022 11:17:04 GMT
Last-Modified: Thu, 24 Nov 2022 10:30:38 GMT
Server: ECS (amb/6B7A)
X-Cache: HIT
Content-Length: 280
classic.listingprowp.com/wp-content/uploads/2017/01/home-banner.jpg
144.208.75.227200 OK 140 kB URL HTTP/2 classic.listingprowp.com/wp-content/uploads/2017/01/home-banner.jpg
IP 144.208.75.227:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x680, components 3\012- data
Size 140 kB (139858 bytes)
Hash 7dc2ed0579bd43c2b3b0a3c86d9f9ad0
38346f5f39ec53cf85fb68fb4b7bd340cc018033
4e523be0d18545c30b0f7dfe307350f1ccfd0c3e3f6702e378cd695cdf910552
GET /wp-content/uploads/2017/01/home-banner.jpg HTTP/1.1
Host: classic.listingprowp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 24 Nov 2021 08:25:04 GMT
accept-ranges: bytes
content-length: 139858
content-type: image/jpeg
date: Thu, 24 Nov 2022 13:47:49 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:47:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:47:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ifsydney.au/wp-content/themes/listingpro/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
111.118.215.51200 OK 77 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ifsydney.au/wp-content/themes/listingpro/assets/lib/font-awesome/css/font-awesome.min.css?ver=6.1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
content-length: 77160
content-type: font/woff2
date: Thu, 24 Nov 2022 13:47:49 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/js/main-new.js?ver=6.1.1
111.118.215.51200 OK 49 kB URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/js/main-new.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (412), with CRLF line terminators
Hash aab05d8a58fc5cbdcc7bbd2157a52c3d
cd3d1e7dd765649d585a27f9cd5429ba44dcba6d
f70af2e6a8f63a4589030a7a868197ae5e97af5b6fd68b7e54657997c3e44219
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/js/main-new.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/uploads/2022/08/ifs_logo_transparent-e1660402148548.png
111.118.215.51200 OK 26 kB URL HTTP/2 ifsydney.au/wp-content/uploads/2022/08/ifs_logo_transparent-e1660402148548.png
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 500 x 129, 8-bit/color RGBA, non-interlaced\012- data
Hash 8e18b9ef7e2fe9383c41ada52f339db9
44d2db77e02e0c9696f4dc89270a1d3e77e1644b
5118f02e575cf0d0d3f4d860c1563ed44d034907c216981d6f3e044afb87b876
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/ifs_logo_transparent-e1660402148548.png HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 13 Aug 2022 14:49:08 GMT
accept-ranges: bytes
content-length: 25563
content-type: image/png
date: Thu, 24 Nov 2022 13:47:50 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0856fdb55f19f03a1bec38b3d6e0ac77
89accd230fba95fe0049678070817b36ead015fa
17c6e6f9bb8f4261fff2dc2a43ed994986418761624b8afead768e89927594f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5070
x-amzn-requestid: d86d95ad-9b78-4047-82e7-04e83a97e330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwViF1GIAMF_PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9423-10809ba1634776171cf79cb8;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:03 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rrs7G6Wto6iY0rT6KsKwKAOPJjehXqD0jHZrR_eaiqpepQILFr7Dtw==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:07 GMT
age: 57527
etag: "89accd230fba95fe0049678070817b36ead015fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/lib/jquerym.menu/js/jquery.mmenu.min.all.js?ver=6.1.1
111.118.215.51200 OK 0 B URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/lib/jquerym.menu/js/jquery.mmenu.min.all.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/lib/jquerym.menu/js/jquery.mmenu.min.all.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/plugins/listingpro-lead-form/assets/js/moment.js?ver=6.1.1
111.118.215.51200 OK 0 B URL HTTP/2 ifsydney.au/wp-content/plugins/listingpro-lead-form/assets/js/moment.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/listingpro-lead-form/assets/js/moment.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/js/search-ajax.js?ver=6.1.1
111.118.215.51200 OK 0 B URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/js/search-ajax.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/js/search-ajax.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.8
111.118.215.51200 OK 0 B URL HTTP/2 ifsydney.au/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.8
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.8 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/js/checkout.js?ver=6.1.1
111.118.215.51200 OK 0 B URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/js/checkout.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/js/checkout.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/js/main.js?ver=6.1.1
111.118.215.51200 OK 0 B URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/js/main.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/js/main.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ipapi.co/json
104.26.8.44200 OK 0 B IP 104.26.8.44:0
GET /json HTTP/1.1
Host: ipapi.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ifsydney.au
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 13:47:49 GMT
content-type: application/json
allow: OPTIONS, HEAD, POST, GET, OPTIONS
x-frame-options: DENY
vary: Host, Origin
access-control-allow-origin: https://ifsydney.au
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B6imZXrH%2FgO4QOqy35scakIUBICDWPnTMJ2DIkU6IIrUo6v1y9YLfwsMXJL2aGtycVW8BltrbRBgSf5SFanwDxd21OymQPuedU1%2BS6M%2Bo0qoRIA1JsVjpui%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f29942fbbeb527-OSL
content-encoding: br
X-Firefox-Spdy: h2
ifsydney.au/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
111.118.215.51200 OK 0 B URL HTTP/2 ifsydney.au/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 03:52:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/lib/icon8/styles.min.css?ver=6.1.1
111.118.215.51200 OK 0 B URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/lib/icon8/styles.min.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/lib/icon8/styles.min.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/css/prettyphoto.css?ver=6.1.1
111.118.215.51200 OK 0 B URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/css/prettyphoto.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/css/prettyphoto.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/js/jquery-ui.js?ver=6.1.1
111.118.215.51200 OK 0 B URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/js/jquery-ui.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/js/jquery-ui.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/css/responsive.css?ver=6.1.1
111.118.215.51200 OK 0 B URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/css/responsive.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/css/responsive.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 12 Aug 2022 05:11:14 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/css/main.css?ver=6.1.1
111.118.215.51200 OK 0 B URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/css/main.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/css/main.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/js/mapbox.js?ver=6.1.1
111.118.215.51200 OK 0 B URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/js/mapbox.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/js/mapbox.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/js/raphael-min.js?ver=6.1.1
111.118.215.51200 OK 0 B URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/js/raphael-min.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/js/raphael-min.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/js/morris.js?ver=6.1.1
111.118.215.51200 OK 0 B URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/js/morris.js?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/js/morris.js?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/lib/bootstrap/css/bootstrap.min.css?ver=6.1.1
111.118.215.51200 OK 0 B URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/lib/bootstrap/css/bootstrap.min.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/lib/bootstrap/css/bootstrap.min.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
ifsydney.au/wp-content/themes/listingpro/assets/css/main-new.css?ver=6.1.1
111.118.215.51200 OK 0 B URL HTTP/2 ifsydney.au/wp-content/themes/listingpro/assets/css/main-new.css?ver=6.1.1
IP 111.118.215.51:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/listingpro/assets/css/main-new.css?ver=6.1.1 HTTP/1.1
Host: ifsydney.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Thu, 24 Nov 2022 13:47:47 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.10:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ifsydney.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 13:47:47 GMT
date: Thu, 24 Nov 2022 13:47:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2