r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5199
Expires: Tue, 04 Oct 2022 01:37:00 GMT
Date: Tue, 04 Oct 2022 00:10:21 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 252e2295b59a127ac18219b0679c1e0d
b7f54cee36ae5b677fdb902be7d8d119804c6ec4
193a67e9a2c60a2ef38c995da0910b30108e9bcf4ca50d450f6cc5e1f73a1f35
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "193A67E9A2C60A2EF38C995DA0910B30108E9BCF4CA50D450F6CC5E1F73A1F35"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11023
Expires: Tue, 04 Oct 2022 03:14:04 GMT
Date: Tue, 04 Oct 2022 00:10:21 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c932f86d1f74b55218411a648e4afe14
8e6e5ba75a8d85b26f89b2a45288542d92ded3f0
3d69135e21c6d1784f2fc3f9ea309ff70d346df0f5a1e48b2540a3bf060e316f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3D69135E21C6D1784F2FC3F9EA309FF70D346DF0F5A1E48B2540A3BF060E316F"
Last-Modified: Sun, 02 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21422
Expires: Tue, 04 Oct 2022 06:07:23 GMT
Date: Tue, 04 Oct 2022 00:10:21 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
200 OK 42 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 724ffd71c380c46c039249ba818eedd9
32f4365f35e1ca619a4649245c661e7c6446d08d
5273b89d6c0911f8cc9d33667d7fd5f4dbcd2c2d66e0755a2e543664fc21dde5
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: KA2ay16ZdzYxA5KSUxC0lElHqNwPkOoUaKdznd5qxscOWDicDamGig==
content-encoding: gzip
via: 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 23:57:32 GMT
content-type: application/json
content-length: 41606
age: 769
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain
IP
File type PEM certificate\012- , ASCII text
Hash 48ca0beea419a9039591cf1aee5179e0
9e92629f505fcc07aab51221e8fe62197a23e307
630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Wed, 11 May 2022 19:51:39 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 03:24:18 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iggZNUKO0qw6VlnMYvcefjNiFtrjRHloVXO3aqtBRRB_o7-aId4J2A==
age: 74764
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 23:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eQUj-UyuSHSLKkVd_-NNkd0NJrmBrAD07h73LMPVyv25f1drKwJaaQ==
Age: 1397
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 00:10:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
detectportal.firefox.com/success.txt?ipv4
200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Mon, 03 Oct 2022 15:06:54 GMT
Age: 32607
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
ocsp.digicert.com/
200 OK 471 B IP
Hash ee0c3ad84c2ff07972a79d2646b14a6c
cf666144113016cef9a674e4e7400cdb123180eb
fae76656f84415c6c3131e8b9bf7de17bb290f629f68589df9a876b74fe8d0cf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2669
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:10:21 GMT
Last-Modified: Mon, 03 Oct 2022 23:25:52 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 03 Oct 2022 23:29:33 GMT
Expires: Tue, 04 Oct 2022 00:19:02 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WrOrmKbEVRd85_hCtRXIZPXU3xgGJ5yVJ83zGtL1XrUI7JKEQ0dWow==
Age: 2448
ocsp.digicert.com/
200 OK 471 B IP
Hash 321fa9a78e31dcb66601ac5890bfba73
c325580db79bde6fd00d2d0c7e3f675e4c0046bb
83029b324b4c36522ae47eef9614c124b0ad2994de412d7ea82f990ad8ae9d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 70
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:10:22 GMT
Last-Modified: Tue, 04 Oct 2022 00:09:12 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
dkhomedesign.com/qi/vttpniaeerroomne
301 Moved Permanently 0 B URL HTTP/2 dkhomedesign.com/qi/vttpniaeerroomne
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /qi/vttpniaeerroomne HTTP/1.1
Host: dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
x-powered-by: PHP/7.3.33
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-transform, no-cache, no-store, must-revalidate
x-redirect-by: WordPress
location: https://www.dkhomedesign.com/qi/vttpniaeerroomne
content-length: 0
date: Tue, 04 Oct 2022 00:10:22 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Tue, 04 Oct 2022 00:10:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oQ61Cz1LI9ugTN4lw7IFUA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: h+ee8NDn5oQbLIEUOR5spDwHWec=
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221664841664930%22
200 OK 4.7 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221664841664930%22
IP
File type JSON data\012- , ASCII text, with very long lines (22383), with no line terminators
Hash 8131eda67125dfbe03ff82d6f4b3dc3a
6ccf8cc05cf1aa51a9668988d6083ce9107e1e6e
ec21fc59c6b28e8c14174c9706bf57928dcbf8a7ee35d582c679ea083003d4e6
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221664841664930%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600, max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 00:02:10 GMT
Expires: Tue, 04 Oct 2022 01:02:10 GMT
Last-Modified: Tue, 04 Oct 2022 00:01:04 GMT
X-Content-Type-Options: nosniff
Content-Encoding: br
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sJy7TfccG7FKoC6LsUQKW8W8KntuVqs7jv6cj1EZJVDJ7t7GSCmqOw==
Age: 492
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1664498243168&_since=%221653914271178%22
200 OK 13 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1664498243168&_since=%221653914271178%22
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash df1dc25bfcebc3293e9563e46f60f657
c7185ca340769f86354e364bf4e9086d48a70449
2b62745f4aeae88ef4397f79711fa60fb55149ae36dc331783d485354dafd55e
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1664498243168&_since=%221653914271178%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 30 Sep 2022 00:37:23 GMT
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Tue, 04 Oct 2022 00:10:10 GMT
Cache-Control: max-age=3600
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gPUHwE8etRzJKJWXHKOxNhc2Rh86E7-hYUDwZJTX4g4EypC7SHAaqA==
Age: 1105
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: W4y6jOZtvIlhDyv5zRN7SVsroVEvfS5-K36WOf34dMKTD9WERpEMDA==
age: 67315
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 23:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8BW1dVV7lIEN6LDtX0sGOIziMg_Tbj-02xme6NAcl5kgROzsQmFUYQ==
Age: 1398
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin
200 OK 796 kB URL HTTP/1.1 firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin
IP
Size 796 kB (795699 bytes)
Hash 9b95765b0e26af76116a95a966d61354
3f7c1b40fc999b83f3696f455402e49ab484b027
34f969c8e082310785ec4262e2d5b58c919d4de856ffc64b3467507f83ac9571
GET /staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 795699
Connection: keep-alive
Last-Modified: Mon, 27 Jun 2022 12:39:11 GMT
x-amz-version-id: 9np1boOrxtHVWzMczpbX1a.N_ewQWHDF
Accept-Ranges: bytes
Server: AmazonS3
Date: Mon, 03 Oct 2022 04:15:16 GMT
ETag: "9b95765b0e26af76116a95a966d61354"
X-Cache: Hit from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7vThtgS8A5sjX87omaHUduYrfSHS-Rk7AsvtkvCtGCPYgOuWrcn5uQ==
Age: 71707
cdnjs.cloudflare.com/ajax/libs/jqueryui-touch-punch/0.2.3/jquery.ui.touch-punch.min.js
200 OK 493 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jqueryui-touch-punch/0.2.3/jquery.ui.touch-punch.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (1090)
Hash 645e0b72010312d088ce2a4aae116320
b9a4a5d3b6bfc9c6fa21ab0cebb01bcf901741e0
04712044fe28efcb6c4cfcb816527f2dbcd416bf4591d37aad91b9a6bf816adf
GET /ajax/libs/jqueryui-touch-punch/0.2.3/jquery.ui.touch-punch.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 00:10:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 493
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-50b"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 959962
expires: Sun, 24 Sep 2023 00:10:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60JCyRo1M7dRPi9kWLOcBy1PmWrE8GYMs95HSZmkVVxg1TwNbSSrSuY%2FBZLnRZeDmZPNqj4P%2FVONZoDb0uEg7d%2FqTqTNWEecbNC7uzjsQMMpS0WIb4vsoXWHO7yCAPATA%2FaMlHk4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7549b1b5786ab4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.13
200 OK 5.7 kB URL HTTP/2 www.dkhomedesign.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.13
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (41045), with no line terminators
Hash 5ea88d0fe7c942cae60483d0b4b5e944
1e5322b5ac81e14d7322a3def744f4b0ad783dbc
86feebc56d2aae8f6a2c32b1d4aa3c789094fbe927e8fa6082312f92b994d706
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.3.13 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:22 GMT
content-type: text/css
last-modified: Wed, 10 Jun 2020 22:59:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5725
date: Tue, 04 Oct 2022 00:10:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:10:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:10:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:10:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
200 OK 68 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
IP
File type ASCII text, with very long lines (32073)
Hash 33411bb179575dfc40cc62c61899664f
d03c06d5893d632e1a7f826a6ffd9768ba885e11
274befc7b39609fed270e69335bc92b3d8251545594636eb408d5d93e0ae1a4f
GET /ajax/libs/jqueryui/1.12.1/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 67948
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 20:20:12 GMT
expires: Sun, 01 Oct 2023 20:20:12 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 186611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1664841664930&_since=%221654732864402%22
200 OK 12 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1664841664930&_since=%221654732864402%22
IP
File type JSON data\012- , ASCII text, with very long lines (58918), with no line terminators
Hash bf797f1c12f4c97b84a1db110e6c9631
8aaabe0750b31d2a7394c54ebfbfc9d5aa7a933c
0bf40e761d9808fd1603815b08d7b797ca7a9a25cefe0a0b0ed6941c8cbf2f0d
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1664841664930&_since=%221654732864402%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 00:05:37 GMT
Last-Modified: Tue, 04 Oct 2022 00:01:04 GMT
X-Content-Type-Options: nosniff
Content-Encoding: br
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: E5Dsy-udlNcchNyFPXPujXv9er4DPhjCbzheTurLUas52Cb6ii4zVw==
Age: 286
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:10:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans
200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans
IP
Hash ce6c3d4f07cdaa1e5ba9f10e2d373d87
1ed3159497898acf9389f1c82cfda8c8446575b4
eec00d1bfd2708494aaa6a73443e53c39c5f7ad11c9d898646317856b01c26a6
GET /css?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 00:10:23 GMT
date: Tue, 04 Oct 2022 00:10:23 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.5.14
200 OK 7.4 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.5.14
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (65536), with no line terminators
Hash bbc6c817dfd23b76b87a702f8d27fd47
0b21faaae17ae0186e1785301087b5a9b2352257
7cd393712956ed26420ac8222422d9b34ba63728bba06e6b81fb85c67d67aea7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.5.14 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:22 GMT
content-type: text/css
last-modified: Fri, 11 Mar 2022 00:09:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7355
date: Tue, 04 Oct 2022 00:10:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/clean-login/content/style.css?ver=5.3.13
200 OK 1.3 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/clean-login/content/style.css?ver=5.3.13
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
Hash cb2f108804e9438576fde41c63b0c75f
a1aea0620e92e4488e753a077b37d276d4b9080e
c3ee8f48e355bab669e8fa955c3a5d0c14d0a39edc03ab9bacaf6dde06ab501a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/clean-login/content/style.css?ver=5.3.13 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:22 GMT
content-type: text/css
last-modified: Fri, 21 Feb 2020 05:01:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1324
date: Tue, 04 Oct 2022 00:10:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.1
200 OK 560 B URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.1
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
Hash 920582a075eda4376723e906bef30918
bd1bcd9fd7f9f7208370d79c3b854cf886bc964d
3e504beaa0ad616c50bfc2caae28cdc274d7c87de5a5c49002d8cb178c288463
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.1 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:22 GMT
content-type: text/css
last-modified: Thu, 20 Feb 2020 04:17:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 560
date: Tue, 04 Oct 2022 00:10:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/form-forms/Style/intlTelInput.css?ver=5.3.13
200 OK 2.5 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/form-forms/Style/intlTelInput.css?ver=5.3.13
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (22126)
Hash 21b7e9f72ca45922fc8f848a0d2c15cd
5ad74d29c87ff59c55e0dc65959c5c000d05252d
f4a7695ec9c092299e11a8dd536664d07558cb9ac7a5306cc74cf3c056ac3fbb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/form-forms/Style/intlTelInput.css?ver=5.3.13 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:22 GMT
content-type: text/css
last-modified: Thu, 20 Feb 2020 09:57:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2532
date: Tue, 04 Oct 2022 00:10:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/form-forms/Style/countrySelect.min.css?ver=5.3.13
200 OK 1.7 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/form-forms/Style/countrySelect.min.css?ver=5.3.13
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (15249), with no line terminators
Hash 6d0b3885d5a072ca3e90accce33e39ee
d73c81a28fc75739f944e461827e457d1f8762c5
3b9bc998140314b506bc3ed54c1862ca62380bdfe9c85f065968abb2071ee9ec
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/form-forms/Style/countrySelect.min.css?ver=5.3.13 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:22 GMT
content-type: text/css
last-modified: Thu, 20 Feb 2020 09:57:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1693
date: Tue, 04 Oct 2022 00:10:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/form-forms/Style/rw-jquery-ui.css?ver=5.3.13
200 OK 5.4 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/form-forms/Style/rw-jquery-ui.css?ver=5.3.13
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (551), with CRLF line terminators
Hash 8b0636031045618745af02a3f6c426c9
06673da1c71b74f8ab68c6adbcbb3916cf452525
bd343bb7784eb362376f93be6e1c6d52cb73bf4cb43f9765a1b62a0173c50f78
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/form-forms/Style/rw-jquery-ui.css?ver=5.3.13 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:22 GMT
content-type: text/css
last-modified: Thu, 20 Feb 2020 09:57:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5414
date: Tue, 04 Oct 2022 00:10:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/form-forms/Style/richwebicons.css?ver=5.3.13
200 OK 6.6 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/form-forms/Style/richwebicons.css?ver=5.3.13
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (412), with CRLF line terminators
Hash c8665244f1107fa68ae292927cf90fd2
5a74ec3bb4549b2c3125e35fbec3e641391fdb5b
dc5d6c3bdfd5907827b77781125c9a0cb8769f92069dde62a20bbc3cebdd3eca
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/form-forms/Style/richwebicons.css?ver=5.3.13 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:22 GMT
content-type: text/css
last-modified: Thu, 20 Feb 2020 09:57:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6623
date: Tue, 04 Oct 2022 00:10:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/multilanguage-add-on-for-visual-composer/public/css/visual-composer-multilanguage-public.css?ver=2.0
200 OK 173 B URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/multilanguage-add-on-for-visual-composer/public/css/visual-composer-multilanguage-public.css?ver=2.0
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
Hash 58f48656a5e6c214522899cac9b5ac8f
75e4bd6c4951f6a17f87cab2b84f5927825da6c8
900a2bc40d6c1346ecdaac026404a61ecfd152c901c4876d4e7558f3af215bd4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/multilanguage-add-on-for-visual-composer/public/css/visual-composer-multilanguage-public.css?ver=2.0 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:22 GMT
content-type: text/css
last-modified: Thu, 20 Feb 2020 07:06:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 173
date: Tue, 04 Oct 2022 00:10:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.7.2
200 OK 9.2 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.7.2
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Hash ca1bf7af523e8f67174471206052065b
b1c7b802424c420557f0d2402d18f5102597bb5a
1180fc8cf713f1ce658d42c93be46ed41c0a948c9d3104c0bbf1f121fdc19ce4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.7.2 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:22 GMT
content-type: text/css
last-modified: Thu, 20 Feb 2020 04:17:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9182
date: Tue, 04 Oct 2022 00:10:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.4.7
200 OK 6.6 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.4.7
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (30308)
Hash 9b1435dc320688f2b06d5d8c4e173873
041db3952285b0f4bcd857e16a01263972433fa9
d75fc8c0967104517c22bf4e95294cfc641d4c6ce3107777eebec9c2db637566
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.4.7 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: text/css
last-modified: Thu, 20 Feb 2020 04:17:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6647
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/simple-contact-info-widget/css/hover-min.css?ver=5.3.13
200 OK 6.5 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/simple-contact-info-widget/css/hover-min.css?ver=5.3.13
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (65297)
Hash d28a7829a5e97b10d2a76fe4231989f1
996c451710a8753fe2c2aa46d592ef229137fe8a
09cb22fb0e99ded7265ab9b8720a77216187a390086d91976b51a53c83935612
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/simple-contact-info-widget/css/hover-min.css?ver=5.3.13 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: text/css
last-modified: Thu, 20 Feb 2020 06:37:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6500
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.9.5
200 OK 2.3 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.9.5
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type Unicode text, UTF-8 text, with very long lines (17637), with no line terminators
Hash 178aebe426e549bb14ad51a38d5e0dd9
3119c09f543d8e9e844cd6182c6f08efc248b1a0
1c1085668ee16d698c1bb6eca000ceed18177a1d24415d889b9cd81211c64074
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.9.5 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: text/css
last-modified: Fri, 11 Mar 2022 00:09:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2258
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.9.5
200 OK 8.4 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.9.5
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type Unicode text, UTF-8 text, with very long lines (62655), with no line terminators
Hash 209876ec74870f09ecd468aafc9242c9
6b1fa3224d33aae8e70e0146d1ce8be5073fd3f6
38dd9b413d80f3493a3e67a1b6a6e471b74679076e7502cbd03c525765e4025e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.9.5 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: text/css
last-modified: Fri, 11 Mar 2022 00:09:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8369
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/easy-login-woocommerce/assets/css/xoo-el-style.css?ver=1.3
200 OK 1.4 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/easy-login-woocommerce/assets/css/xoo-el-style.css?ver=1.3
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with CRLF line terminators
Hash c52fcecf0a22ca8c721cb1fede904aa2
fb4731d8542b7fbcacf44e6bc5fcef09f15c2860
3a7966f8309a6a5a8d513638b76b5a32ebaa74b98376e35343bedb9076d8a579
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/easy-login-woocommerce/assets/css/xoo-el-style.css?ver=1.3 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: text/css
last-modified: Fri, 21 Feb 2020 05:32:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1365
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/easy-login-woocommerce/assets/css/xoo-el-fonts.css?ver=1.3
200 OK 439 B URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/easy-login-woocommerce/assets/css/xoo-el-fonts.css?ver=1.3
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with CRLF line terminators
Hash 3a5ab7b05bc174f570beed95f3109db0
7d7d3749fab378a2c3610b5f9907760a8bd2afbc
bc21ba1a296faa978246f5229e8fd248813200c51ff5063029fc78ef9f97ba97
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/easy-login-woocommerce/assets/css/xoo-el-fonts.css?ver=1.3 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: text/css
last-modified: Fri, 21 Feb 2020 05:32:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 439
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/easy-login-woocommerce/xoo-form-fields-fw/assets/css/xoo-aff-style.css?ver=1.1
200 OK 764 B URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/easy-login-woocommerce/xoo-form-fields-fw/assets/css/xoo-aff-style.css?ver=1.1
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with CRLF line terminators
Hash 46c0fb8af73c828b20181dabf1e327bf
954af47f383c4e6f4593ae33c42682f11d01bd0f
ba0de6db026a4e6d09b26067bc95062cc64f701dd61c283515c3437854c48340
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/easy-login-woocommerce/xoo-form-fields-fw/assets/css/xoo-aff-style.css?ver=1.1 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: text/css
last-modified: Fri, 21 Feb 2020 05:32:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 764
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/themes/betheme/style.css?ver=20.9.4
200 OK 188 B URL HTTP/2 www.dkhomedesign.com/wp-content/themes/betheme/style.css?ver=20.9.4
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
Hash b34c4bf5aaba3a65f304076552584732
ec6751f4bc90cc808bfdad9f8bfa88c4d0ec591a
126719f5ea64b584ccc6649151841a79c2a48f2ebf3b33c474f3f6c68c0a983b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/betheme/style.css?ver=20.9.4 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: text/css
last-modified: Sat, 02 Jun 2018 18:26:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 188
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 22:29:48 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: x7iR8WuzmTBCuXT_5I1Fw4wWOjXt0klm7fmnYbj094pmmhUT-CJu9Q==
age: 6036
X-Firefox-Spdy: h2
detectportal.firefox.com/success.txt?ipv4
200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Mon, 03 Oct 2022 15:06:54 GMT
Age: 32609
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
www.dkhomedesign.com/wp-content/themes/betheme/css/base.css?ver=20.9.4
200 OK 12 kB URL HTTP/2 www.dkhomedesign.com/wp-content/themes/betheme/css/base.css?ver=20.9.4
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (474)
Hash dca962952c446a98c8eaffeead20d33a
83611bac39361fc033cec1f0af3a01d6dc3bebea
334d05c716b192859c8d0ad1080b87464da16e7bf31f504f9606c8d9072e195e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/betheme/css/base.css?ver=20.9.4 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: text/css
last-modified: Sat, 02 Jun 2018 11:11:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11607
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/themes/betheme/assets/animations/animations.min.css?ver=20.9.4
200 OK 4.4 kB URL HTTP/2 www.dkhomedesign.com/wp-content/themes/betheme/assets/animations/animations.min.css?ver=20.9.4
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (58508), with no line terminators
Hash 5c5fe8aa13d58b843d84f4a6e2e83632
2c3ee79ef50ac467448065b88a6eb1d4f1d38f41
edf9e107f9c9afea6091fb4a95408ff3318e4e03b2cbe446935a048d6b3522f1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/betheme/assets/animations/animations.min.css?ver=20.9.4 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: text/css
last-modified: Sat, 02 Jun 2018 11:11:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4426
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=20.9.4
200 OK 3.1 kB URL HTTP/2 www.dkhomedesign.com/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=20.9.4
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (365)
Hash 794b64ff62ab674216c6b08e2372fa65
95c0f228e76b833c0cd10df06e2e359b70a39541
f12ff73af3f74a446e369081d40846d80f57c3fd635fd2031d8e6a39112b1afd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=20.9.4 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: text/css
last-modified: Sat, 02 Jun 2018 11:11:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3066
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=20.9.4
200 OK 1.9 kB URL HTTP/2 www.dkhomedesign.com/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=20.9.4
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
Hash ec9c4823adb01a097d655f555adca9af
f50a073e8be2d675bf6c5af96f50a8f048a2ed15
8295f041024bf84f41a8c3292c995448dc00824bca9c70a1307255587492b7ee
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=20.9.4 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: text/css
last-modified: Sat, 02 Jun 2018 11:11:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1907
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1664576981597&_since=%221654636467710%22
200 OK 4.5 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1664576981597&_since=%221654636467710%22
IP
File type ASCII text, with very long lines (31812), with no line terminators
Hash 0a8cfe2efc6b0b24150c549ab477643e
ea11b76b989c1cca396d75cb40774bbd014ef689
86f672ecf608509aa0e411d8b80f9e4bb5c1e877040957d56a53ae69897d5ecd
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1664576981597&_since=%221654636467710%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 30 Sep 2022 22:29:41 GMT
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Mon, 03 Oct 2022 23:26:01 GMT
Cache-Control: max-age=3600
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: S94Iph0nwutA3zGUsM9aRAU3Vyhw2B8X6i3ImPbwawwaIlj4ZyaaxQ==
Age: 3080
www.dkhomedesign.com/wp-content/themes/betheme/css/responsive.css?ver=20.9.4
200 OK 9.4 kB URL HTTP/2 www.dkhomedesign.com/wp-content/themes/betheme/css/responsive.css?ver=20.9.4
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (612)
Hash fd0c0e9198cd15453028e405288cb6a5
1bd308f5989efd8d89ca2a0109101ed6a49c5b82
cdc2e8053588e14606806e29b8be1dc157df25ee14e114c7aa12f7cc9b71af4b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/betheme/css/responsive.css?ver=20.9.4 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: text/css
last-modified: Sat, 02 Jun 2018 11:11:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9384
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/ajax-search-lite/css/style.basic.css?ver=4.8
200 OK 3.6 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/ajax-search-lite/css/style.basic.css?ver=4.8
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type Unicode text, UTF-8 text, with very long lines (22232), with no line terminators
Hash 9a0dbb4a81576d21fe23edc5859f3ae1
ea3a839a123b449841309427da2006903684f739
97f2a526407462720908f45313e9d95268de4ded136dc5a42f9f9910e5ed60bb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/ajax-search-lite/css/style.basic.css?ver=4.8 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: text/css
last-modified: Sat, 22 Feb 2020 09:23:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3640
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/ajax-search-lite/css/style-simple-red.css?ver=4.8
200 OK 1.4 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/ajax-search-lite/css/style-simple-red.css?ver=4.8
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (10689), with no line terminators
Hash 5c0434265cdf292df7e882e46006ea91
e579250fe95a7b80c8521e20566132e3519fa97d
4da33c3c4dfe694b7009eeae6669b4f5894d86432ffce2d012821a4ef7706584
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/ajax-search-lite/css/style-simple-red.css?ver=4.8 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: text/css
last-modified: Sat, 22 Feb 2020 09:23:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1441
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22
200 OK 5.9 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22
IP
File type JSON data\012- , ASCII text, with very long lines (20423), with no line terminators
Hash 10baf28aac846a3698df02337eaf7cee
6b67e052ee8a728c5481a6a6b54d6a0a4833638b
21c252701f27eb5480fb536f519278dcde70168b69c9cb6e225a01116a171a87
GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 01 Sep 2022 14:54:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Mon, 03 Oct 2022 23:35:34 GMT
Cache-Control: max-age=3600
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VJUbems0Z8ERhypRIJRvzKrXx0kjTXSsWtI7XngK2NgWoAeU_aEgTA==
Age: 2252
www.dkhomedesign.com/wp-content/plugins/creame-whatsapp-me/public/css/whatsappme.min.css?ver=3.2.1
200 OK 6.1 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/creame-whatsapp-me/public/css/whatsappme.min.css?ver=3.2.1
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (16453), with no line terminators
Hash fa93dc448f1e767851b10685e648d4de
318a5bae0bf02b5c5bbacbd214907aea192ca69c
ef55ab7f05fbf22487c4be9463144b2354c6e6b0e63bcce9d7720ecdc479d8c7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/creame-whatsapp-me/public/css/whatsappme.min.css?ver=3.2.1 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: text/css
last-modified: Thu, 20 Feb 2020 09:44:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6111
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/themes/betheme/css/woocommerce.css?ver=20.9.4
200 OK 6.1 kB URL HTTP/2 www.dkhomedesign.com/wp-content/themes/betheme/css/woocommerce.css?ver=20.9.4
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type Unicode text, UTF-8 text, with very long lines (423)
Hash 6510763015d2731122d85437ccb57554
1566662fa6b92741b61f8546f710d972e5d1c0f1
fca1054c4a5f51e8f78cb03a543990eedb629fb09e3adc67f9046b4726b3b63b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/betheme/css/woocommerce.css?ver=20.9.4 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: text/css
last-modified: Sat, 02 Jun 2018 11:11:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6111
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/ajax-search-for-woocommerce/assets/css/style.min.css?ver=1.6.2
200 OK 3.9 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/ajax-search-for-woocommerce/assets/css/style.min.css?ver=1.6.2
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (21846), with no line terminators
Hash 309ea58aab5c72e375a34d6bd6a91ab0
74616d9e708bab6399255a65e863f5b25802cdaf
6ad574162a9eb4f207178dd34851058004dee7af61a7789b1c72e8504e4a5c8d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/ajax-search-for-woocommerce/assets/css/style.min.css?ver=1.6.2 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: text/css
last-modified: Sat, 22 Feb 2020 09:19:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3859
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22
200 OK 780 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22
IP
File type JSON data\012- , ASCII text, with very long lines (1393), with no line terminators
Hash 7cc9023d283eac5c86c23ef7d8d53612
18ebd937973c42f4252969afbacab560993826e7
08e9a89b6e7d1515b92b073c37ae0f41e50d4df90247356043d03d9dbef29324
GET /v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 08 Aug 2022 02:06:49 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Mon, 03 Oct 2022 23:35:34 GMT
Cache-Control: max-age=3600
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MjQak3HvZCMgvMVIbX9xwd4A71AU5EyQdBs6ulm1o5uxR-8IiuU5TA==
Age: 2166
www.dkhomedesign.com/qi/vttpniaeerroomne
404 Not Found 69 kB URL HTTP/2 www.dkhomedesign.com/qi/vttpniaeerroomne
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (50373), with CRLF, LF line terminators
Hash 3672bfc88a2d039c30147bf11104f518
f2c8458d9177147b04890f7323bf497ad5fdfecc
add85f3838fcba09df40cb480758542f1e83d6429ca17f25751d837fec96773f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /qi/vttpniaeerroomne HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/7.3.33
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-transform, no-cache, no-store, must-revalidate
link: <https://www.dkhomedesign.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 00:10:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
200 OK 3.8 kB URL HTTP/2 www.dkhomedesign.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (9961)
Hash db9367e43daab3b0fc5b049f0f29a44e
fb3f36447f004809f6faa54507bf5d4544eba6b3
32716cdbd029056d015cbcc1ab653d5500267bcfa5a80704c7da086e175ceb90
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:35:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3824
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
200 OK 1.7 kB URL HTTP/2 www.dkhomedesign.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (3706)
Hash 5aef6e4712f9ce4cbe5290af0de0b18b
77b6c1df6c97b6adcf07c0a1ffed59da048190fa
01d267bb04a59a09f053b9117b4d7b008b6990dc69119a80f49b4c9b12510204
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:35:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1659
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/form-forms/Scripts/Rich-Web-Forms-Widget.js?ver=5.3.13
200 OK 1.2 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/form-forms/Scripts/Rich-Web-Forms-Widget.js?ver=5.3.13
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with CRLF line terminators
Hash cd4fdcfaf209b18c46c941bd232b5307
083877ec09e4a890d9fd16fdbe8b038e269c93a6
cf4394e1f3f3d57475b75596291c76e5da4ee279f3e156dccffaf1ef4d687e67
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/form-forms/Scripts/Rich-Web-Forms-Widget.js?ver=5.3.13 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:35:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1236
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/form-forms/Scripts/intlTelInput.min.js?ver=5.3.13
200 OK 8.6 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/form-forms/Scripts/intlTelInput.min.js?ver=5.3.13
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type Unicode text, UTF-8 text, with very long lines (21397)
Hash 087a7c4ab2821c2c7295ce5def568cec
6c1064f059294d43d2b0f5edbb1a626c9cf66e00
8f6becfae3478d2dd74f87e4f30a0492c3803ec374161cd55b48e3ee70a09461
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/form-forms/Scripts/intlTelInput.min.js?ver=5.3.13 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:35:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8588
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/themes/betheme/css/layout.css?ver=20.9.4
200 OK 19 kB URL HTTP/2 www.dkhomedesign.com/wp-content/themes/betheme/css/layout.css?ver=20.9.4
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (401)
Hash 668f26ce75877c1b430dde6aabd57b27
57e46ca772c8a9d77a7c8b8d083b08eaecd152da
51d40bcad72e47e5238d69be8c9b3e505bb8fb524be8d78585ca1656195c29d4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/betheme/css/layout.css?ver=20.9.4 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: text/css
last-modified: Sat, 02 Jun 2018 11:11:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18835
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10454
Expires: Tue, 04 Oct 2022 03:04:37 GMT
Date: Tue, 04 Oct 2022 00:10:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10454
Expires: Tue, 04 Oct 2022 03:04:37 GMT
Date: Tue, 04 Oct 2022 00:10:23 GMT
Connection: keep-alive
www.dkhomedesign.com/wp-content/themes/betheme/css/shortcodes.css?ver=20.9.4
200 OK 21 kB URL HTTP/2 www.dkhomedesign.com/wp-content/themes/betheme/css/shortcodes.css?ver=20.9.4
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (404)
Hash 07a35f1137af1dba3741b6a018d757d6
5ee73f726ef168b5e760e1f9a418d69a1e20b2a4
267270b9c4b1f89f6c555ba2bd8cc03fdb121496ce25ac756467e586445a122b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/betheme/css/shortcodes.css?ver=20.9.4 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: text/css
last-modified: Sat, 02 Jun 2018 11:11:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 21436
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/form-forms/Scripts/countrySelect.min.js?ver=5.3.13
200 OK 6.8 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/form-forms/Scripts/countrySelect.min.js?ver=5.3.13
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (18070)
Hash 64de45aaff8ae565596de5c0635659ef
875d1905b7f8ab813f096d5b4360d93c3b5b8a15
3dc0f690cb5bfd9732910a95091cc6c38a46b76b92f6e79828dcc815fb144063
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/form-forms/Scripts/countrySelect.min.js?ver=5.3.13 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Tue, 02 Aug 2022 07:16:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6848
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10454
Expires: Tue, 04 Oct 2022 03:04:37 GMT
Date: Tue, 04 Oct 2022 00:10:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10454
Expires: Tue, 04 Oct 2022 03:04:37 GMT
Date: Tue, 04 Oct 2022 00:10:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22
200 OK 3.3 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22
IP
File type JSON data\012- , ASCII text, with very long lines (8682), with no line terminators
Hash a3d031972a53ce7c0335f6110586ec9c
4c32da8a240101524c01ec333cc53a07f1d2ebff
e93d587a4c0e1168b7c65a904f99bcdf262a8f0d70dcc716a95e9288c2a03e86
GET /v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 08 Aug 2022 02:07:26 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Wed, 28 Sep 2022 05:56:48 GMT
Cache-Control: max-age=2592000
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nMQjTXfnph7pK_vBSZna751c9SYc0fwgJqADfDOItn8beAjYLMMpPQ==
Age: 498150
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54b3ef7aa50273b78b59c24511b0c1f9
e2ea2ef6805e391c497e62e101e76a0bdecfce64
296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 44jC1Ww19YUJjZHw9_3cSSR5Y7nw5df412G-RxWFTcbRz1XDKaT3zQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:35 GMT
age: 8748
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TVz3oiy-Z2r9lGFDgsnGNxotvvAPeOaa7LMzqs432QjZpZo-PNt1-g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 70052
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d0984d7-fe4f-4f96-9f0f-17e0197a5cb6.jpeg
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d0984d7-fe4f-4f96-9f0f-17e0197a5cb6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78caa2bb8e856110416bc85ed2420d20
1d90e98d3666fc8618130eac15972d3a08addf16
5175905bdbcd0a325ff666148a77503f14d1922d826ad14a9c3d09846d77dff5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d0984d7-fe4f-4f96-9f0f-17e0197a5cb6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5857
x-amzn-requestid: 51f3a938-30f6-418e-970b-439bdfbb7c2b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHIAIAMF6PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-6d97d5ff3c3589ee1e900a3b;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OModa8qHXEimXsJhr1DiYifYbFLgI-yMvAaKZA2SsRyU1N5CWwoVOg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:16:34 GMT
age: 6829
etag: "1d90e98d3666fc8618130eac15972d3a08addf16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f5624b4-8e2a-461e-a32a-38d6b5a3a8d2.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f5624b4-8e2a-461e-a32a-38d6b5a3a8d2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae824db4a95391149198a4b6b8556c70
db07d58d8feff4ea01866d095e5264ee5c8e1ca3
19e96d204813247697e1858daf9e07d6c4cafd9ab1175a3bf39a7f07f6991521
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f5624b4-8e2a-461e-a32a-38d6b5a3a8d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11101
x-amzn-requestid: f98e84d9-1e66-4436-b793-219a777f2ba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqcvE8JoAMFQ2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5784-25bd2b234c1093de70074c92;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: becOxfqUowywFrxzDSeK7F1lFdDVTSHIF1TLC5k5aSlLPpsR6F8gjw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:42:37 GMT
age: 5266
etag: "db07d58d8feff4ea01866d095e5264ee5c8e1ca3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 8750
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f385d19-576b-44dc-833a-4146626070e5.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f385d19-576b-44dc-833a-4146626070e5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23ba112cb712c07d19994e82fbaa17c0
0aba06667d4cb108fddaf2c54c4ae628f56018e3
f8095524c5ade5bb5e12a6a5d23e34eab6dd61acf658664f83a0c39821fd3a33
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f385d19-576b-44dc-833a-4146626070e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12252
x-amzn-requestid: 41962b0e-db82-4872-9a9c-7bf2d5a0fb13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuGLWIAMFpbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-708b71f71a538c1112b60863;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: h8hoQIIPDGIJLufbH91cBAhn47zKq29mLI7QphvI4A7w6HhTrRzk_w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:17:07 GMT
age: 6796
etag: "0aba06667d4cb108fddaf2c54c4ae628f56018e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22
200 OK 3.4 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22
IP
File type JSON data\012- , ASCII text, with very long lines (14029), with no line terminators
Hash 28bf4850d0381c6e4a223d862f122b2d
aaaf470779861678a2cd105303b37cdefc93302f
3d9c1eac8a6567be6c86a852c60704f8387d24603ea87b2b61d9d3bc6e33be0a
GET /v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 22 Aug 2022 20:25:49 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Mon, 03 Oct 2022 23:15:00 GMT
Cache-Control: max-age=3600
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PT6fHTgtCkep70MYKCh4R8qpDSEzHCQeO1w7le5buF_ZCom_9EZG9w==
Age: 3414
www.dkhomedesign.com/wp-content/plugins/multilanguage-add-on-for-visual-composer/public/js/visual-composer-multilanguage-public.js?ver=2.0
200 OK 2.0 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/multilanguage-add-on-for-visual-composer/public/js/visual-composer-multilanguage-public.js?ver=2.0
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document, ASCII text, with very long lines (315)
Hash 0a5533625675533b09c540d2367af147
4bce16e597b7173cab97eb6d17ecf736444adb47
d66a9b027573a7b4a6319f5fc8e92bbf8ea97cd01b1337db814fd9e5214d4c3b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/multilanguage-add-on-for-visual-composer/public/js/visual-composer-multilanguage-public.js?ver=2.0 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:35:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1992
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22
200 OK 1.5 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22
IP
File type JSON data\012- , ASCII text, with very long lines (3678), with no line terminators
Hash b04cf0ed51c313e015c9a38d708ab85c
6349138561e746bf58aadeeec521a0887fe368c9
cb3369616c55267e326d97a82ad86e4d5574967e4a843e8d21a6b0eb6e3e3346
GET /v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 03 Aug 2022 17:26:35 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Sun, 02 Oct 2022 02:57:14 GMT
Cache-Control: max-age=259200
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Z76aYhLUExfAixbz4JWnvHoQ6MBbw6-8EVBH0aFi2-85W0HpSbZ1MA==
Age: 229690
www.dkhomedesign.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.7.2
200 OK 37 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.7.2
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (27287), with CRLF line terminators
Hash 77540c21c24e1b5f23a55a9117c4c0e3
f1806422585866be0b324606b63ec4a50f6cc9d5
a9dbcdd23bbcd2e006608e43051adfddf87869b9b4a76fcf0c698980d8ad23a4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.7.2 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:34:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 37078
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
200 OK 682 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP
File type JSON data\012- , ASCII text, with very long lines (682), with no line terminators
Hash 4e767b65980ef55063cce1d7f423c58e
f6f9756deac632f187752ff6708a2e3a71a04ebc
132e8f66a926b19d6a3ff32ca5bf385272b3b9be5e748cd21b9bb02a13a661e9
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 682
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 26 Sep 2022 16:36:56 GMT
X-Content-Type-Options: nosniff
Date: Mon, 03 Oct 2022 23:42:24 GMT
Cache-Control: no-cache, no-store, max-age=3600
ETag: "1664210216116"
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bIRig83L2h6_3wyUwpcaGvkUmtLW5iBv4-1VL7kwkR-CmW6JFeUorw==
Age: 1680
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22
200 OK 900 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22
IP
File type JSON data\012- , ASCII text, with very long lines (1710), with no line terminators
Hash 7b0f15820fbc79772d69b103cb111800
92ccda464b19ef35736c03edd82b578661361212
7c9d70c6fbae326155f72c8d40252871c3067597192f4d604cc2b46dfd4b2527
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 30 Jun 2022 10:44:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Mon, 03 Oct 2022 15:57:46 GMT
Cache-Control: max-age=259200
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VugQHtd4vQ4SgZKjhLJb1r37R1uDHUhSjy1UtyDK6AaVvVnvd84SDQ==
Age: 29605
www.dkhomedesign.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.7.2
200 OK 17 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.7.2
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (64569), with CRLF line terminators
Hash 307a3e1d3f29fd0ce95c3afec27db862
1b9138ce479d15a82b258ae13b2605ee438915a0
add064fac6ac2198a3d69172c2b75f4fc8771720269ccbbab6732ad7c6ac5ea6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.7.2 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:34:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 17280
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
200 OK 3.3 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (9174)
Hash a4ab7e1f853bb9f8de8a3fc6b3334d30
518bb1472e162b714da7f3b81ac1af2e7c85b508
e909207b1285f4b714ba5384e76efc8205314226065954d275675d45e7dc653b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:34:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3285
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.9.5
200 OK 907 B URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.9.5
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document, ASCII text, with very long lines (2752), with no line terminators
Hash 46d625f969644a8d7f8d9407700b28bd
9e68381ea033d6f97d038249a55096732d8a994a
5f2f8bfbad7f63a319d0b1b6d06265280a74820f92ee0bf3178d1f9f49d8a535
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.9.5 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:34:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 907
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/easy-login-woocommerce/library/smooth-scrollbar/smooth-scrollbar.js?ver=5.3.13
200 OK 15 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/easy-login-woocommerce/library/smooth-scrollbar/smooth-scrollbar.js?ver=5.3.13
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (46475), with no line terminators
Hash d290b5b894fd2561cc48c8415db02346
488a46a80d1326bdfcdcd84c33c1c7e2c9ed4a3f
8b4cb5a3fac2feae1e9149195614ad3b0fc837f48519fa8ebee2f3b96d58cec0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/easy-login-woocommerce/library/smooth-scrollbar/smooth-scrollbar.js?ver=5.3.13 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:35:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15166
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.4.7
200 OK 289 B URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.4.7
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
Hash 8212fde4f269b85010b49648b26dcdee
c3c413be8f1e0b457a70ddf888c561093d621473
48b570c469e1641d7571d0d515ee80c924b7824bdf1bfe55249f6b0d5351849d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.4.7 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:35:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 289
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.13
200 OK 4.2 kB URL HTTP/2 www.dkhomedesign.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.13
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (10927)
Hash 9f9eca53dcaa64f115bd6480ffee748d
a3579a8c17e64784e984fd71f588105a4f17504e
ccb5fe6579fd4f0b06a50a127265b3f22d79bfdb0ac5a9166fae95d9662a4afe
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.3.13 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:37:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4249
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/quick-call-button/assets/css/quick-call-button.css?ver=1.2.1
200 OK 874 B URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/quick-call-button/assets/css/quick-call-button.css?ver=1.2.1
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (7247), with no line terminators
Hash 4229180eac3dfbe8aab2f2ae44e4ade7
a5bbd831ce173c726fbef9bb6022e512ac36b47c
7ee533d2c003b470bb8996a846a5cfe4f137f4cf369ecc1622f2fa17abca97e0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/quick-call-button/assets/css/quick-call-button.css?ver=1.2.1 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: text/css
last-modified: Thu, 20 Feb 2020 09:59:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 874
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.1
200 OK 3.8 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.1
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
Hash 6563404e225db2e1d4c49d0db8ce9f2b
ae24c71c21cfedfea01ba2b5ab3f4afa98efbca1
929e3ae39590c798dcdd6d866fdc849561139e50eb888d92fc37cb62e1457c71
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.1 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:35:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3789
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
200 OK 10 kB URL HTTP/2 www.dkhomedesign.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (35949)
Hash ee5118299d4e3d559476ae003532bebe
3ff975de58700dedcd5c17f169ca37976ccf0740
a58b1ba0d95da7ed6b8308950549dcceeb5034179c129d6fb4ba4f9329c3d7ea
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:35:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10387
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
200 OK 896 B URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (1682)
Hash 63530fb2052756cea4ba3538b3be7a74
c8013fa437b42e7b1f78419487a05ab8243b71a2
2a305c981c3eef1e3a441d9a57040caac41eaf3961d396daf874ffa548458f97
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:34:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 896
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.9.5
200 OK 655 B URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.9.5
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (1987), with no line terminators
Hash b43fbb521dc24dfaa9749755dc182542
df5548af9a241aa4fe140afc364fa48e4cb8daa2
36abe8472f94d9a45131b21b67840f9b8704447203ff54ee9ce6c6a2b452f927
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.9.5 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:34:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 655
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.5.0/css/all.css?ver=5.3.13
200 OK 12 kB URL HTTP/2 use.fontawesome.com/releases/v5.5.0/css/all.css?ver=5.3.13
IP
File type ASCII text, with very long lines (51030)
Hash 328950103406f43ec4d8752009e0e779
8db2c0015e9a450c2412c88cfb28820c8a92da13
0c411371a62d45069f1e5d9269f8486a085c1992b2e8ae1550277aa79f2c9222
GET /releases/v5.5.0/css/all.css?ver=5.3.13 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 00:10:22 GMT
content-type: text/css
x-amz-id-2: r1gqnSu/BHdFwncmbWX1Cot7y2f/xR9RMDMj/Rzcr65ayYiOcM3se80vPGN7gG567l9zge3gHCk=
x-amz-request-id: WVGNT4NSDXDHMVQJ
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 272579
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wpg%2BmD69%2FxaWRcqUP4G0%2F0pDs1VS1q2z7Fuv5S5u7A0WBiYl%2Fvz7rxeLHGVc%2FgSLG9XB6BUILcknf3eDdwnm3xVo%2B9G8GAjA60DR8AzZGaHpzzaaf%2FF%2B72UgsijJirQWlU9o2%2Fj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7549b1b54af673e3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/easy-login-woocommerce/xoo-form-fields-fw/assets/js/xoo-aff-js.js?ver=1.1
200 OK 1.1 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/easy-login-woocommerce/xoo-form-fields-fw/assets/js/xoo-aff-js.js?ver=1.1
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with CRLF line terminators
Hash 24c4dc0f8e32c1d2e8f22675bff9bc5f
2719d23bb1dd52a8303929b6043a93e84bf6285c
9917c70b6d98cb7b82e66fb06e666a9d7d91dad4096764ad28fc0d9a7befd230
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/easy-login-woocommerce/xoo-form-fields-fw/assets/js/xoo-aff-js.js?ver=1.1 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:35:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1069
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/easy-login-woocommerce/assets/js/xoo-el-js.js?ver=1.3
200 OK 3.5 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/easy-login-woocommerce/assets/js/xoo-el-js.js?ver=1.3
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (1787), with CRLF line terminators
Hash 590da2fe546680add727249b88d08d2b
6560d3b182f43af8b05183ca8a92f01c14b536d1
f46653e4427b95f72d36420c0971e7991bef657e9d4553eefb286701a3d99d6d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/easy-login-woocommerce/assets/js/xoo-el-js.js?ver=1.3 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Tue, 02 Aug 2022 07:16:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3528
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
200 OK 2.4 kB URL HTTP/2 www.dkhomedesign.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (6605)
Hash e0f19dc4b7f9322083590ebd9398bc2b
069aebeb51479fb242474ddf095e5253b03b59e1
36946d392d8f689d0b6c7a4f65c85a86ae38afdca9f24362ce4eeb0a77726368
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:35:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2386
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4
200 OK 904 B URL HTTP/2 www.dkhomedesign.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (2929)
Hash e7c7d4e2f1dc531010f4a8ba3681d0c5
488334db9ee22c77cf5496dbca481778520b01ac
38f4368016476be4d663e77bfa1efc604e9384b809e256da06e1d331d1239d07
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:35:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 904
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22
200 OK 1.1 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22
IP
File type JSON data\012- , ASCII text, with very long lines (2194), with no line terminators
Hash 4286df03a653e5b403e88a8d28933306
8f974648aef7d271443707ce3a6eba8d9a117872
16e99009a0917eedd380140055d06b29d6709bd469d694d078c013f7c104367a
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 13 Jul 2022 21:25:10 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Mon, 03 Oct 2022 23:47:17 GMT
Cache-Control: max-age=3600
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wPWFzOSt9lkMQg4kwP8HqvPYG8zI-jx8y1L5vH-Gp7Glh2HBfqfv3w==
Age: 1549
www.dkhomedesign.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4
200 OK 6.2 kB URL HTTP/2 www.dkhomedesign.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document, ASCII text, with very long lines (24609)
Hash f198815e616d578ed69c65c99437ed39
701228e81260ea25c10e1eb6d1748d0a1b743cb5
ff8e03b86a9a90af06031031359c71b4e724975759608d3c7ae46fc63ceb2a9e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:35:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6199
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4
200 OK 3.7 kB URL HTTP/2 www.dkhomedesign.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (11801)
Hash fb05ec1efaadd71a3b7b57726408d2fd
758f230effbffd3d7b8ccecc0e928cea81c2b635
b4ac458025d54b0bf0a7a8c812737c41cac6368ab57dd7b9848d76ad87a221f9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:35:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3701
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4
200 OK 2.5 kB URL HTTP/2 www.dkhomedesign.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (8341)
Hash 20343d98d0b89ad402aebfad02a9b0d5
bdebcbfd5bc0188cdc6b9b7da103d7f83e4d4de5
7a61479d68c8ec5c0e10f19b3b4a4597c2b8d95f52ba723172b0aad1e8ab5db1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:35:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2532
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:10:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:10:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 20028, version 1.0\012- data
Hash 2bfde17b9a1384ce64af78db1b87a82f
8effd23e482511e249c3f8e91cdc503729b93598
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
GET /s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dkhomedesign.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 17:16:50 GMT
expires: Wed, 27 Sep 2023 17:16:50 GMT
cache-control: public, max-age=31536000
age: 543214
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:10:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:10:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 19780, version 1.0\012- data
Hash 03717344e4dbb2de44988b281bb7430b
0cd3f7724bd0a5bf2460e1a85e35ccfbd5e85c05
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
GET /s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dkhomedesign.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 17:37:09 GMT
expires: Wed, 27 Sep 2023 17:37:09 GMT
cache-control: public, max-age=31536000
age: 541995
last-modified: Tue, 26 Apr 2022 15:48:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 19740, version 1.0\012- data
Hash 101cf2a65d64322878605fa8472bb025
6dffc15e38c321e4bb567b4bd8107a2e8d97c61d
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
GET /s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dkhomedesign.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 17:14:55 GMT
expires: Wed, 27 Sep 2023 17:14:55 GMT
cache-control: public, max-age=31536000
age: 543329
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.5.0/webfonts/fa-regular-400.woff2
200 OK 15 kB URL HTTP/2 use.fontawesome.com/releases/v5.5.0/webfonts/fa-regular-400.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 14844, version 1.0\012- data
Hash bdadb6ce95c5a2e7b673940721450d3c
f1e8cb035436d638da83d4696248cec831dcbe7a
92ba7bfaa43a35c94353e96860d99376313ee9b5fce6124d4e64067280f9a841
GET /releases/v5.5.0/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dkhomedesign.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 00:10:24 GMT
content-type: font/woff2
content-length: 14844
x-amz-id-2: 9iZBXfiyu0u1iICqECFhUJuXSY1DrykksEHjit2MCg6N7/iFsqAvGObQrvdZZh9PjGiXJ4wejag=
x-amz-request-id: A022SMSYG00YA1CR
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:43:51 GMT
etag: "bdadb6ce95c5a2e7b673940721450d3c"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 148
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCbbanFXY4ge7OaL5IezDDTrfLQvsYqYe70AMi16RSuCEnG8eD4GDkzD%2FxqJ4L4L%2FRRQ8oejshezLon92tpqfaaASJNo%2BkqE%2FheaV6twC2Vn57fU2Rz6zb8SkLIxYh6bHVy3fY4s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7549b1bd9d488e2d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 19752, version 1.0\012- data
Hash d62145d4db9cd1736127dbac7665f41b
2687b5ba8ddbafc800abd1208069edcefc0ca8f2
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
GET /s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dkhomedesign.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 17:22:57 GMT
expires: Wed, 27 Sep 2023 17:22:57 GMT
cache-control: public, max-age=31536000
age: 542847
last-modified: Tue, 26 Apr 2022 15:46:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dkhomedesign.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 18:53:39 GMT
expires: Tue, 03 Oct 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 19005
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/themes/betheme/js/plugins.js?ver=20.9.4
200 OK 53 kB URL HTTP/2 www.dkhomedesign.com/wp-content/themes/betheme/js/plugins.js?ver=20.9.4
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (32011)
Hash 66e190d16db1302cbf8992b79a4249c1
df82994954ec67979ebc24e1526e4f2ea386cc32
50ad8edcadefb1288f4fc679339c79c887cd4de470c739ca88f690ebfb7fd5e7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/betheme/js/plugins.js?ver=20.9.4 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:34:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 52732
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/ajax-search-lite/js/min/jquery.ajaxsearchlite.min.js?ver=4.8
200 OK 24 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/ajax-search-lite/js/min/jquery.ajaxsearchlite.min.js?ver=4.8
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (57957)
Hash d5ebeb103fbca922482d1a1981a8560f
16fac2658617f11ddae2bf9449bd9ad4e34e7dd8
01e0cdd774ca792971ec8b4c0a8d25228fd21ab20d321438720ecb4d49a454ca
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/ajax-search-lite/js/min/jquery.ajaxsearchlite.min.js?ver=4.8 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:34:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 24192
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/creame-whatsapp-me/public/js/whatsappme.min.js?ver=3.2.1
200 OK 1.6 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/creame-whatsapp-me/public/js/whatsappme.min.js?ver=3.2.1
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (4818), with no line terminators
Hash 5193aaacfcfe74fb89202b0865ab5555
37671352aa0a48899fd73fc4fa3b061a7a8fe127
b0b0a959d94348473b06114e3f925e41d62ab9164a35b7047fe4b991bcf3d131
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/creame-whatsapp-me/public/js/whatsappme.min.js?ver=3.2.1 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:35:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1626
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-includes/js/wp-embed.min.js?ver=5.3.13
200 OK 640 B URL HTTP/2 www.dkhomedesign.com/wp-includes/js/wp-embed.min.js?ver=5.3.13
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (1393), with no line terminators
Hash ca6e0757516afb693e1493936c4bb40f
25fafc61efa61573bb0cc5e4a9bfcfdef8bc66c9
b4c3b98a9ce3c7b719cc6025ee28165da33581272b5877d6366e183144d5b428
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-embed.min.js?ver=5.3.13 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:35:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 640
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/quick-call-button/assets/js/drag-quick-call-button.js?ver=1.2.1
200 OK 152 B URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/quick-call-button/assets/js/drag-quick-call-button.js?ver=1.2.1
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (359), with no line terminators
Hash c18792ade03f3d4b5684a07289299bf2
cba84e5cc578afb4425ece7bfec6007923c1cb7d
32ff646cda0448dfed4fdb2496a1127084707abdebbeb772d6b7d706d465466d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/quick-call-button/assets/js/drag-quick-call-button.js?ver=1.2.1 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:34:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 152
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/themes/betheme/js/menu.js?ver=20.9.4
200 OK 788 B URL HTTP/2 www.dkhomedesign.com/wp-content/themes/betheme/js/menu.js?ver=20.9.4
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
Hash 01f788e2a4b0d0f3c2e3483fcec8e2d5
f6abd9ccc1a8f499d60786fccebf5d59b4073637
6303f895667a9420016b544bcb97d06066b5ec5551ed207ab56c7afd91a7c0f1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/betheme/js/menu.js?ver=20.9.4 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:34:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 788
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:10:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.dkhomedesign.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=20.9.4
200 OK 548 B URL HTTP/2 www.dkhomedesign.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=20.9.4
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (1725)
Hash ba8906451562ada7f6d0441c665943ac
a31f4e2f268ea0bb159e35645ad4e9213b7dca94
2e71a1b4a734edcc192a988380aa5997306c20286a0314474831c930d2eeb385
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/betheme/assets/animations/animations.min.js?ver=20.9.4 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:34:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 548
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=20.9.4
200 OK 12 kB URL HTTP/2 www.dkhomedesign.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=20.9.4
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (634)
Hash d6017c85644d9ac840f9a3d8bbbe434f
bfba1ab4738342c4e9c60fa3f1ad4d322cd4e10b
1b076e8c185e2f941fc723c6d888c5750e7a024c50d6c76561eb7591221f8cf5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=20.9.4 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:34:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12402
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/themes/betheme/js/parallax/translate3d.js?ver=20.9.4
200 OK 1.6 kB URL HTTP/2 www.dkhomedesign.com/wp-content/themes/betheme/js/parallax/translate3d.js?ver=20.9.4
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
Hash c98ac92e6f7e5b9e156367b41982af8c
593e166ffb2d13a4ed410919f4fb336f832e3f03
030932096ad0180bb644d94dafa44c3c7e1a9bcf5db073448c824d718c19dc8d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/betheme/js/parallax/translate3d.js?ver=20.9.4 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:34:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1581
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/themes/betheme/js/scripts.js?ver=20.9.4
200 OK 14 kB URL HTTP/2 www.dkhomedesign.com/wp-content/themes/betheme/js/scripts.js?ver=20.9.4
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
Hash 7b89edc98514e23829522332d96ab53a
13465a64e496833dfd3c763d4bda5aee44ab4a40
a9a2903040f66e161d48adf6393e1c4b3f7ea3a864ec3ed980f204e9d78d1bfb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/betheme/js/scripts.js?ver=20.9.4 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 05:34:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14171
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/themes/betheme/images/box_shadow.png
200 OK 108 B URL HTTP/2 www.dkhomedesign.com/wp-content/themes/betheme/images/box_shadow.png
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type PNG image data, 5 x 3, 2-bit colormap, non-interlaced\012- data
Hash 449d9ef55c135a86ebd8ec91c7f170e6
acbb68ea104cfdd08081c66ce8a151e4668ef313
3f10d52942270b9e2da36af3915028bd73dfab3703bc13f060234cb0aa5bae2f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/betheme/images/box_shadow.png HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/wp-content/themes/betheme/css/shortcodes.css?ver=20.9.4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:23 GMT
content-type: image/png
last-modified: Sat, 02 Jun 2018 11:11:10 GMT
accept-ranges: bytes
content-length: 108
date: Tue, 04 Oct 2022 00:10:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=3.9.5
200 OK 944 B URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=3.9.5
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type ASCII text, with very long lines (6758), with no line terminators
Hash 0a28db2029034c85fb7443a4c0a72eff
f57daabd412e81693f3fc8af28b9947d6db9a655
bfc5d397b04ea4885ce26c8933a0b1fdd98892ab9f2141f7b3f3b65bef865222
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=3.9.5 HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:24 GMT
content-type: text/css
last-modified: Fri, 11 Mar 2022 00:09:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 944
date: Tue, 04 Oct 2022 00:10:24 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/themes/betheme/images/box_shadow_button.png
200 OK 108 B URL HTTP/2 www.dkhomedesign.com/wp-content/themes/betheme/images/box_shadow_button.png
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type PNG image data, 5 x 4, 2-bit colormap, non-interlaced\012- data
Hash 7d1900d531808efae7e76b9ec79df374
6e2519c8ad9a65df2868819dcafc600eda9a8313
0d05c180f2f588df2bde7a1846219a9d3383d161828c056c265c6890d676552b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/betheme/images/box_shadow_button.png HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/wp-content/themes/betheme/css/base.css?ver=20.9.4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:24 GMT
content-type: image/png
last-modified: Sat, 02 Jun 2018 11:11:10 GMT
accept-ranges: bytes
content-length: 108
date: Tue, 04 Oct 2022 00:10:24 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/plugins/creame-whatsapp-me/public/images/background.webp
200 OK 34 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/creame-whatsapp-me/public/images/background.webp
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 591x1157, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7ad8d1a2b51e1c6b1bb0e36bd9531e20
91d4f2baa148af38fe9838ba6e68442ec502bcae
fe3162b6819ddadfff1e067ab2d98c5e371b4c430babbaefcf31d2ae3a0a61eb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/creame-whatsapp-me/public/images/background.webp HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/wp-content/plugins/creame-whatsapp-me/public/css/whatsappme.min.css?ver=3.2.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:24 GMT
content-type: image/webp
last-modified: Thu, 20 Feb 2020 09:44:23 GMT
accept-ranges: bytes
content-length: 33814
date: Tue, 04 Oct 2022 00:10:24 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/uploads/2020/02/Logo-KDD-1.png
301 Moved Permanently 707 B URL HTTP/1.1 www.dkhomedesign.com/wp-content/uploads/2020/02/Logo-KDD-1.png
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/02/Logo-KDD-1.png HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Tue, 04 Oct 2022 00:10:24 GMT
server: LiteSpeed
location: https://www.dkhomedesign.com/wp-content/uploads/2020/02/Logo-KDD-1.png
www.dkhomedesign.com/wp-content/plugins/easy-login-woocommerce/assets/fonts/Easy-Login.ttf?oy4gsz
200 OK 1.7 kB URL HTTP/2 www.dkhomedesign.com/wp-content/plugins/easy-login-woocommerce/assets/fonts/Easy-Login.ttf?oy4gsz
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, Easy-Login \012- data
Hash d051295ba1c448c99af5456f37d734d4
898ef9eb3a284527700b7065df28eb68d1623ff5
52ed56d4fa9ba84c77e25b9982ae8f611173e1d01e395077c59e3017a82d6d56
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/easy-login-woocommerce/assets/fonts/Easy-Login.ttf?oy4gsz HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/wp-content/plugins/easy-login-woocommerce/assets/css/xoo-el-fonts.css?ver=1.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:24 GMT
content-type: font/ttf
last-modified: Fri, 21 Feb 2020 05:32:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1743
date: Tue, 04 Oct 2022 00:10:24 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/?wc-ajax=get_refreshed_fragments
200 OK 225 B URL HTTP/2 www.dkhomedesign.com/?wc-ajax=get_refreshed_fragments
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type JSON data\012- , ASCII text, with very long lines (484), with no line terminators
Hash 7985686242bc4ce776ea91779bf2facf
38f29f9815d52fc709c5c0a12c2f01f69696e09e
7bded0ecc4ab1b297fc3846097c00f4b4b2bc6745a7b9a68d2c8319dd43410d9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://www.dkhomedesign.com
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.3.33
x-pingback: https://www.dkhomedesign.com/xmlrpc.php
access-control-allow-origin: https://www.dkhomedesign.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
content-type: application/json; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-transform, no-cache, no-store, must-revalidate
content-length: 225
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 00:10:25 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/uploads/2020/02/cropped-Logo-KDD-192x192.png
200 OK 61 kB URL HTTP/2 www.dkhomedesign.com/wp-content/uploads/2020/02/cropped-Logo-KDD-192x192.png
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 4eb1209e07c9d0504af3b3d0142b9299
2d25615d25e99c4a6abf0591339ae79fb4936a1d
cabae24beeb0e3595b58be8058bf9c319c8faac09c89b64060c5bea3ff6d5ccc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/02/cropped-Logo-KDD-192x192.png HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:25 GMT
content-type: image/png
last-modified: Thu, 20 Feb 2020 09:31:31 GMT
accept-ranges: bytes
content-length: 61105
date: Tue, 04 Oct 2022 00:10:25 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/uploads/2020/02/cropped-Logo-KDD-32x32.png
200 OK 2.3 kB URL HTTP/2 www.dkhomedesign.com/wp-content/uploads/2020/02/cropped-Logo-KDD-32x32.png
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash e4d361090cdae908da951a24088d7313
36672b98f5a2f54b89641d193c1eb0c4596cf00b
ffce11c158b04210e3f5b896db2c4a4e51df196b8a4a1647d590dc40a9daa0b8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/02/cropped-Logo-KDD-32x32.png HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/qi/vttpniaeerroomne
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:25 GMT
content-type: image/png
last-modified: Thu, 20 Feb 2020 09:31:31 GMT
accept-ranges: bytes
content-length: 2256
date: Tue, 04 Oct 2022 00:10:25 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.dkhomedesign.com/wp-content/uploads/2020/02/Logo-KDD-1.png
200 OK 594 kB URL HTTP/2 www.dkhomedesign.com/wp-content/uploads/2020/02/Logo-KDD-1.png
IP
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type PNG image data, 600 x 741, 8-bit/color RGBA, non-interlaced\012- data
Size 594 kB (593936 bytes)
Hash 83714a7f8c58289e9bc12783eaa20bf0
e81943d8d37e972da7ef51dbe908ae6b6da035d5
876d68bbb1cb2bd308870d0bf6fa4fe1db610228c45b2f1d030f8519fcd96180
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/02/Logo-KDD-1.png HTTP/1.1
Host: www.dkhomedesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 00:10:24 GMT
content-type: image/png
last-modified: Fri, 21 Feb 2020 05:41:01 GMT
accept-ranges: bytes
content-length: 593936
date: Tue, 04 Oct 2022 00:10:24 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
widget-v4.tidiochat.com//tururu.mp3
206 Partial Content 7.2 kB URL HTTP/2 widget-v4.tidiochat.com//tururu.mp3
IP
File type MPEG ADTS, layer III, v1, 64 kbps, 44.1 kHz, Monaural\012- data
Hash 5061b4d134a7b4d5d744f9a127b757a8
c5e240ac60d3914cb3836ba6652105c67720b845
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
GET //tururu.mp3 HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Tue, 04 Oct 2022 00:10:26 GMT
content-type: audio/mpeg
content-length: 7224
last-modified: Tue, 13 Sep 2022 07:44:17 GMT
etag: "632034d1-1c38"
expires: Thu, 29 Sep 2022 02:08:19 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 1634527
content-range: bytes 0-7223/7224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2B769g%2BPgxvRwqcKAy4oy%2BZUmYJwAV%2Bd3GvF%2FDi6Txb4ZVjfUerEkPcy2sod0Wugog9V5a1jqcphjVaczHqdbUDpyx7bI1ERMcvJi%2F8fuu73daaIrvnqEBgDR%2BtCwA56Xjqk1EmYfT5G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7549b1ce6952b515-OSL
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 4962c1591390b4ecdef121e696f5daec
233b63765ca24086d27e9cc515c6627fbe2d334d
afc612bc2115c06c667df4418a33623d28396ce9d40c7ff680a0c17571ab58cc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 00:10:27 GMT
Last-Modified: Mon, 03 Oct 2022 23:49:05 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ayzFQLtWc_4N793bdP9dQ3f9fDAwYK9LYjrh9IVKWVHo4HK6uax42w==
Age: 1282
fonts.googleapis.com/css?family=Merriweather%3A1%2C300%2C400%2C400italic%2C700&ver=5.3.13
200 OK 90 kB URL HTTP/2 fonts.googleapis.com/css?family=Merriweather%3A1%2C300%2C400%2C400italic%2C700&ver=5.3.13
IP
Hash aeed401a0a68545cb050c7720bc55df7
16d70e831cad115f7b1e58272e770ab2210d83c2
392238a87f0b1f013994a91af3797cb6105351792d8aec75f84e80850f1f1e28
GET /css?family=Merriweather%3A1%2C300%2C400%2C400italic%2C700&ver=5.3.13 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 00:10:23 GMT
date: Tue, 04 Oct 2022 00:10:23 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
code.tidio.co/uok7tytnaj8o77kjhbzv1jget40tybhh.js
302 Found 199 kB URL HTTP/2 code.tidio.co/uok7tytnaj8o77kjhbzv1jget40tybhh.js
IP
Size 199 kB (198609 bytes)
Hash e98fd69f1091383428caa5451fbb4064
523b00110c439d337dc2fa27aac808490ef73c6e
eac60211ce0efbccaa3db37a303f5c676144bb3f4e45d08755f555705751f3a8
GET /uok7tytnaj8o77kjhbzv1jget40tybhh.js HTTP/1.1
Host: code.tidio.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 04 Oct 2022 00:10:26 GMT
content-type: text/html
location: https://widget-v4.tidiochat.com/1_117_0/static/js/render.d26cfa992228f00f13af.js
cache-control: private, no-cache, no-store, must-revalidate
widget-cache-status: HIT
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6OmXf3DF6JjAxbEBfHKzTtp64oktCX0ND3Wmpb3DFWTvpR3sJw9WMx8v%2Fkuh9JJzb57hMfo6GJrptuZH4T1tgZtYLb%2B0iHSHUoXT5%2BroCPXHn1atN%2FZLzw3Ml0SFbA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7549b1cccc190b31-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 571fa6022136b8ac5eaa803d53773aae
8eb8098a2124ab2a7e496ca1005f06909260d854
21ae909b72bac34e81d21dccb1172fcb24190e4564c2ab9b2fbbd2d3e631066f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3508
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:10:28 GMT
Last-Modified: Mon, 03 Oct 2022 23:12:00 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
twemoji.maxcdn.com/v/13.0.1/72x72/1f44b.png
200 OK 1.8 kB URL HTTP/2 twemoji.maxcdn.com/v/13.0.1/72x72/1f44b.png
IP
File type gzip compressed data, max compression\012- data
Hash 701c2cfc025df651eb61904396f780de
36c833c0d5a049d08e575ac087d5e80492a0e0e5
0f8b7c73fed43a274a2514cd02c466a1935f045f3e1de808d82ea3f91a8af530
GET /v/13.0.1/72x72/1f44b.png HTTP/1.1
Host: twemoji.maxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkhomedesign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 00:10:28 GMT
content-type: image/png
content-length: 1285
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 31 Mar 2022 03:24:17 GMT
access-control-allow-origin: *
etag: "62451ee1-505"
expires: Thu, 03 Nov 2022 00:10:28 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: 0816:A226:22BECA6:23D3613:6336D042
vary: Accept-Encoding
x-fastly-request-id: 2f5782e6184f7843cc71e6f6e146695543d59fb7
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
IP
GET /releases/v5.5.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dkhomedesign.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 00:10:24 GMT
content-type: font/woff2
content-length: 73852
x-amz-id-2: VS1EWr7lj5R2fAod94OGzaOOBh6feimg8uSvBZiOdPLx0Kyl65Vhsbj/0RJ2MOIZo69uULbDraE=
x-amz-request-id: A02CM0HY5550VHSB
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:43:51 GMT
etag: "fb493903265cad425ccdf8e04fc2de61"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 148
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4k121le%2BmzGsLpyaDYPv%2FrmH6DTnZiJ84D%2FwFnf%2FGHUljTLaj3wjSn4Ow%2FVOSA2%2B59kszQsLZQ5gtK04ssZSHwyRmvPFLzwWnFXMvcpgJxtzKz9guFOTCI5P4kJWJZgaSNJr8drG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7549b1bd9d4b8e2d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
103.138.188.110
104.17.24.14
142.250.74.10
23.36.76.226
93.184.220.29