r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2165
Expires: Wed, 23 Nov 2022 04:27:29 GMT
Date: Wed, 23 Nov 2022 03:51:24 GMT
Connection: keep-alive
rudra-world.xyz/
162.213.251.190301 Moved Permanently 707 B IP 162.213.251.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 23 Nov 2022 03:51:23 GMT
server: LiteSpeed
location: https://rudra-world.xyz/
x-turbo-charged-by: LiteSpeed
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b59d95402dfb464c176610284ba13f65
1a6c62fb0d48654dd204b66161bb03fefe60f71a
40cfd59b890ec5a3570603d28d90bd7e5c506babd52c2ece93e09f1c7b2a6880
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5851
Cache-Control: max-age=116242
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 03:51:24 GMT
Etag: "637ca4f3-1d7"
Expires: Thu, 24 Nov 2022 12:08:46 GMT
Last-Modified: Tue, 22 Nov 2022 10:31:15 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2956
Expires: Wed, 23 Nov 2022 04:40:40 GMT
Date: Wed, 23 Nov 2022 03:51:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 03:09:21 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2523
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: SFsb08kqMZSjP4EsyqlXqgIr12EUvnScyXDSUnv0MqFdjZDwz8u4LN/dNd+ZTFNT3vAQd7JzVN0=
x-amz-request-id: H9XS7T5BZX4AH5B8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 03:39:50 GMT
age: 694
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 03:51:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 03:08:53 GMT
cache-control: public,max-age=3600
age: 2551
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8a181d95550cfdf3b1fc4deb71631e40
37866f7293c41fbfb817e321754cae5c5bf59f93
6aa3d2763181cc48d2ad0ce7d227f3cb3324045c3f7858ccdbae675768dcec55
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3404
Cache-Control: max-age=108735
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 03:51:24 GMT
Etag: "637c912f-1d7"
Expires: Thu, 24 Nov 2022 10:03:39 GMT
Last-Modified: Tue, 22 Nov 2022 09:06:55 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash b30dfa8bcb6ba086c802c9d678059a28
5ed8503ffcdddb94b56a1409c95fdcaa05d7f32d
621f770efbd622909e5be532e683186c488fe74354b94a0fe875004e1bb27111
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 03:51:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 14:39:47 GMT
Expires: Mon, 28 Nov 2022 14:39:46 GMT
Etag: "5ed8503ffcdddb94b56a1409c95fdcaa05d7f32d"
Cache-Control: max-age=470301,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e6f239fd2cb4e8-OSL
push.services.mozilla.com/
52.38.139.17101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.139.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HPDuZFnRao6kxR625QciSw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 79keJ0iJlGDaLWgMAmyJtnIUTJI=
rudra-world.xyz/
162.213.251.190301 Moved Permanently 0 B IP 162.213.251.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
x-ua-compatible: IE=edge
x-redirect-by: WordPress
location: https://www.rudra-world.xyz/
x-litespeed-cache: miss
content-length: 0
date: Wed, 23 Nov 2022 03:51:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/
162.213.251.190200 OK 18 kB IP 162.213.251.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9698)
Hash 66da8cc51cba609b799659e699fdb6e5
c4dbdcb0d3d63250d70f150586db8c7c3acf9afd
f7a3e983101abfb68ae954b23e8a90986d610000f79d21db205b335e8256d326
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
x-ua-compatible: IE=edge
link: <https://www.rudra-world.xyz/wp-json/>; rel="https://api.w.org/", <https://www.rudra-world.xyz/wp-json/wp/v2/pages/360>; rel="alternate"; type="application/json", <https://www.rudra-world.xyz/>; rel=shortlink
etag: "364-1669132028;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 17667
date: Wed, 23 Nov 2022 03:51:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17844
Expires: Wed, 23 Nov 2022 08:48:50 GMT
Date: Wed, 23 Nov 2022 03:51:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17844
Expires: Wed, 23 Nov 2022 08:48:50 GMT
Date: Wed, 23 Nov 2022 03:51:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17844
Expires: Wed, 23 Nov 2022 08:48:50 GMT
Date: Wed, 23 Nov 2022 03:51:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 309227dc1b5f9193c6be8f5a010fa348
dff12e88a784a954012f257d3689862c52251d01
2d52b83ff0a58c41bf2e38abf8fce13eb87b5ecfce144ff0edc1bfadd254b452
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8081
x-amzn-requestid: cafd3337-7bb8-4e2d-91d4-a33439a32b80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcAMEwgoAMFl-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4067-6074dcae15d9194513916d48;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0qleUIXFjvOqr3SeTpnFnVnhacI-ps0Fc33zsWp3eynFDhYOasUpPw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:56:48 GMT
age: 21278
etag: "dff12e88a784a954012f257d3689862c52251d01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d2c986e076309d51d199332caebb07a
343a5bfba0f8fec28f9345f276b44f44c6eaf6a6
64e6fba6a45c70c1db6040a2273472774c00257bef373cc45b6ca00cb819681a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9138
x-amzn-requestid: 524e565e-a9fb-45f9-b786-d64cf26a3cdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcAAHG8IAMFhwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4066-3689e70e6212e9e77dc134f4;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cwu__NPGaU0zyAG0H1yZhmjGsFzvNmzsGv6Zt9hrF5gwSysEio2MjA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:09:16 GMT
age: 20530
etag: "343a5bfba0f8fec28f9345f276b44f44c6eaf6a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb526d16fc4a304286cf261dc5d8abea
0aed946d28abc21cb11657e6f864b561a0c68fba
551520b0344d58c1b4ddc9dfb452da2acf43080871a7037f4530eec48fb86362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 03:51:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc29cc891-05a6-43aa-910c-6255241c5cdb.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc29cc891-05a6-43aa-910c-6255241c5cdb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1387520c00b2ce57c6e49fd89afbfe83
5404be7e1fff033a5cccc15164d77b7e96a48a81
2f0fe787a2b2da38cf134a08dc4addf281e6f96761df33780b1a74d037573d58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc29cc891-05a6-43aa-910c-6255241c5cdb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12244
x-amzn-requestid: a01b2328-438f-4d94-94e2-77d5a44d4d65
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1jGjGqsoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63787ef6-094db925714fac2c71bc2679;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 07:00:06 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: q-ciGssIUXEi_5vn91CqzSGSBlnrszvDBewZYBdFrywPvpWHSWH0lQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:56:30 GMT
age: 17696
etag: "5404be7e1fff033a5cccc15164d77b7e96a48a81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: _j5ykGwKHIQEFLyuJK_OMvs-CsCvkUQhZc_YD8gAtbyOECQ894zvjw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 05:19:29 GMT
age: 81117
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb450e2a1-222f-4dfe-850a-f862cd102c3e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb450e2a1-222f-4dfe-850a-f862cd102c3e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 21fc9852ed2db17695d7038195b9283f
cda806d600c9e63e50d8ec42549fb107e4915068
55a7098369eb94f4333a1079ed6ad570121b7c76eeafb35022224b86d9b7edbb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb450e2a1-222f-4dfe-850a-f862cd102c3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6910
x-amzn-requestid: 0d4fa715-c66a-4bcb-985c-f2c2ea71b3a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-pvrF-xoAMFSMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c2330-67041f796d1906cc51e31b73;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 01:17:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mpgJn1_loQQQ8CMtSWPy1hYUI5IyYpb2OdU1ycqP-v6AGNlMq4PG-g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:56:30 GMT
age: 17696
etag: "cda806d600c9e63e50d8ec42549fb107e4915068"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02321462-ee42-483c-b25f-8e011f1a5f17.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02321462-ee42-483c-b25f-8e011f1a5f17.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3aa134e9259a4f258a832e223bcd5825
3648297257e246e7ec4541fef1ee549523c04f02
3abcd9f270d477b813f145b6c6ccc6c881c705a05976627762db58c4a1f4b76a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02321462-ee42-483c-b25f-8e011f1a5f17.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8128
x-amzn-requestid: 0ba11562-ea07-4058-8d6e-ac079ce63ab0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCNLcEtgoAMFVVg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8f15-3079e77022f090b112ae1804;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:10:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ymhH-B1HNHKAFHs6-zOa97ehcX4h1lV0ZLgVMoKNIdWfMpYQzy3g4w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 03:26:08 GMT
age: 1518
etag: "3648297257e246e7ec4541fef1ee549523c04f02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
162.213.251.190200 OK 982 B URL HTTP/2 www.rudra-world.xyz/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
IP 162.213.251.190:0
File type ASCII text, with very long lines (4186), with no line terminators
Hash 24f4d7f425e792ab35adaab50816e54a
9e25bf79b674ddb7ba09ad7f118c50ec473c02c8
1c78bfb4d523785a4ebd37bb1f79f214f9bdb16673f7cc50805f7f1a26ad7f83
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: text/css
last-modified: Sat, 08 Jun 2019 06:15:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 982
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
162.213.251.190200 OK 2.4 kB URL HTTP/2 www.rudra-world.xyz/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
IP 162.213.251.190:0
File type ASCII text, with very long lines (11256), with no line terminators
Hash ce94f62588d05264ac0148712111cb11
518bcd922f54169aeb199c0ccbc5877165ac218e
84ab658a69c39f424be0b27f61d612447d01606fce33beb962cbea53627d8c81
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: text/css
last-modified: Wed, 30 Sep 2020 01:23:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2394
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb526d16fc4a304286cf261dc5d8abea
0aed946d28abc21cb11657e6f864b561a0c68fba
551520b0344d58c1b4ddc9dfb452da2acf43080871a7037f4530eec48fb86362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 03:51:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.rudra-world.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
162.213.251.190200 OK 12 kB URL HTTP/2 www.rudra-world.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 162.213.251.190:0
File type ASCII text, with very long lines (47826)
Hash c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: text/css
last-modified: Tue, 15 Nov 2022 22:40:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-includes/css/classic-themes.min.css?ver=1
162.213.251.190200 OK 217 B URL HTTP/2 www.rudra-world.xyz/wp-includes/css/classic-themes.min.css?ver=1
IP 162.213.251.190:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 10:06:43 GMT
accept-ranges: bytes
content-length: 217
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
162.213.251.190200 OK 3.6 kB URL HTTP/2 www.rudra-world.xyz/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 162.213.251.190:0
File type ASCII text, with very long lines (19233)
Hash af3bdf44d09914e8adb51fec560d8816
84bb225e096bab405868dd504e62133ba75cf1c1
4325dab21d3eb9efb8e285a0926be743f27e46446ccf5f9be65bb4b60c024152
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: text/css
last-modified: Mon, 01 Aug 2022 04:11:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3629
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.2.3
162.213.251.190200 OK 4.4 kB URL HTTP/2 www.rudra-world.xyz/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.2.3
IP 162.213.251.190:0
File type ASCII text, with very long lines (19566), with no line terminators
Hash 2d5ee762c862c69de948064cf56eac57
87da0c2d24a2d927cbad2b431a25cd8a6ccad28e
4e7bb4f4efa9bca7be4485835e70c9c9dfd265930382dbb0f442c0a77cf3c6df
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/generatepress/assets/css/main.min.css?ver=3.2.3 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: text/css
last-modified: Tue, 25 Oct 2022 20:14:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4419
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/uploads/elementor/css/post-98.css?ver=1668393846
162.213.251.190200 OK 348 B URL HTTP/2 www.rudra-world.xyz/wp-content/uploads/elementor/css/post-98.css?ver=1668393846
IP 162.213.251.190:0
File type ASCII text, with very long lines (1219), with no line terminators
Hash 1aed9b1989b4af27d70bc5a925aac0e3
68f12f915d5d95f2b56aea1bd86d5c1e0ed22177
ac73ec47cfe0fa91c1a2e27eeefe265740cf231d882a203779c19875d1cf9832
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-98.css?ver=1668393846 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: text/css
last-modified: Mon, 14 Nov 2022 02:44:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 348
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1
162.213.251.190200 OK 12 kB URL HTTP/2 www.rudra-world.xyz/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1
IP 162.213.251.190:0
File type ASCII text, with very long lines (65497)
Hash eae4534b9e0b15aaf7ad9f3111688549
4bde4256711207e4a95c1376f0b453cd660a63d8
b9adb98eaf24ecee30ef9b280527781e217f6e3829b8e22e5a42f7f14819cfec
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: text/css
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12400
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.3
162.213.251.190200 OK 1.5 kB URL HTTP/2 www.rudra-world.xyz/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.3
IP 162.213.251.190:0
File type ASCII text, with very long lines (11487)
Hash 603f32a51547bfe69b0ee558107a1361
748709d66aae83768d0ea81e25ca3ba5ddf110f5
d588c5aef1f101936d641f2e6f732ec238dec4f197e3ccd28eeba6e737c4a447
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.3 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: text/css
last-modified: Sat, 01 Oct 2022 07:37:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1533
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/uploads/elementor/css/global.css?ver=1668393846
162.213.251.190200 OK 2.6 kB URL HTTP/2 www.rudra-world.xyz/wp-content/uploads/elementor/css/global.css?ver=1668393846
IP 162.213.251.190:0
File type ASCII text, with very long lines (14692)
Hash 428a308ca6877084f59a6fcd2f036a62
268dd987edc318edf7a2b13e29ee7adf4212bbc0
723c50022abba77045d8aaa9444867137fe0a62070dc7df392a0a2fc5176d00f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/global.css?ver=1668393846 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: text/css
last-modified: Mon, 14 Nov 2022 02:44:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2644
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1
162.213.251.190200 OK 16 kB URL HTTP/2 www.rudra-world.xyz/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1
IP 162.213.251.190:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 689ebe98eda70de6e971dd03b18f0328
218ed8ee8e28b44f8492660c2c750f47ae0b3447
945844c773bb0f2ed5f1fb8d2f5ff8a4b9471860df265eda71fa679ff98ea80f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: text/css
last-modified: Sat, 05 Nov 2022 08:25:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15569
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
162.213.251.190200 OK 4.6 kB URL HTTP/2 www.rudra-world.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 162.213.251.190:0
File type ASCII text, with very long lines (11126)
Hash a5ffc5f13084a2c13c864ba30fea34aa
0ddd15b8c844e0a39734a45668f772907913901a
18846359c368facb0a297df866b58c9d9c1ac2cb6c4bb1222e8b9b195b2c201e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:23 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4564
date: Wed, 23 Nov 2022 03:51:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.16
162.213.251.190200 OK 1.9 kB URL HTTP/2 www.rudra-world.xyz/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.16
IP 162.213.251.190:0
File type ASCII text, with very long lines (6296), with no line terminators
Hash 4c6f23b547b42133cff228cd0f78c2fc
fa4a51c20cb8baf411a29530658daa672d748078
95f74cc2bfeed8abe1da2f7e7b228a3b4abf78a6f8fc6cef253ff15722195c24
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.16 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: application/javascript
last-modified: Wed, 16 Nov 2022 16:13:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1927
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.2.3
162.213.251.190200 OK 1.5 kB URL HTTP/2 www.rudra-world.xyz/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.2.3
IP 162.213.251.190:0
File type ASCII text, with very long lines (6940), with no line terminators
Hash 9f2ba716b62228936b407eb14616468d
3e6fdc1529ffbc22334002cf070c9772a7b940b3
42b857e52375be7af6a8d0ce4dbf4a082b7d04949b9fe4b5ebcaee94e6e7f9e2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.2.3 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: application/javascript
last-modified: Tue, 26 Oct 2021 23:13:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1509
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
162.213.251.190200 OK 6.9 kB URL HTTP/2 www.rudra-world.xyz/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
IP 162.213.251.190:0
File type ASCII text, with very long lines (25115)
Hash e8d8c6e4997a420abc51e5fa8c1caa8b
39ae930f057de725cff8549eed82f31f8d0816c1
730b8265b47a7f9bf014b64fb5c27f9f1cff1051dbf53e60ceb3cc16def732cc
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 07:37:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6935
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.3
162.213.251.190200 OK 2.2 kB URL HTTP/2 www.rudra-world.xyz/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.3
IP 162.213.251.190:0
File type ASCII text, with very long lines (5141)
Hash 7ad05073b4b51b0acb0a888a202f47b2
6710c9d580aac82c1688f2af6e7f8a234c9ce629
efb5483c7f34f51ed50a87fe3ea32272ac329e2eb4173e408eeb92f256a0de3c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.3 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 07:37:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2190
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/uploads/elementor/css/post-360.css?ver=1668393846
162.213.251.190200 OK 1.2 kB URL HTTP/2 www.rudra-world.xyz/wp-content/uploads/elementor/css/post-360.css?ver=1668393846
IP 162.213.251.190:0
File type ASCII text, with very long lines (7736)
Hash c5350436df757578367596abbaefc5be
f6788cc7abb7e2d14307cd95c6a495bf802c144e
b1420e5327d887b444862f56cff244f6df8c82580cb443736440c4c87aa3e152
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-360.css?ver=1668393846 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: text/css
last-modified: Mon, 14 Nov 2022 02:44:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1164
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
162.213.251.190200 OK 284 B URL HTTP/2 www.rudra-world.xyz/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP 162.213.251.190:0
File type ASCII text, with very long lines (489)
Hash dc279c928e2924b07a4a7575f8070ee8
0196756cacdb61ef40483af7ea982b699b0933de
80b6d9e3f0304f4199350c6015fd96084646c2a0121332bcb5a46d3956b7df5c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 284
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css?ver=11.5.1
162.213.251.190200 OK 7.8 kB URL HTTP/2 www.rudra-world.xyz/wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css?ver=11.5.1
IP 162.213.251.190:0
File type ASCII text, with very long lines (12105)
Hash 9eb74d6046300023686419f6305d4d8c
c4dbb5662f53ced3d0df73c1e2ff63cf1a19c060
02a590bc43301c6b37705d9d778644d6c885dfa367f0f9bad85915042c78f9e3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css?ver=11.5.1 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: text/css
last-modified: Sat, 05 Nov 2022 08:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7765
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
162.213.251.190200 OK 2.0 kB URL HTTP/2 www.rudra-world.xyz/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
IP 162.213.251.190:0
File type ASCII text, with very long lines (4918)
Hash 918938b0ee6977d6506f2e0fa248bd66
292ba27818bec580f76945b53fee4ff6cddcb2c2
a1da723cfdb1f8ea57aa7278637d07a83f39ff410dfbba24d8205882a110444e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2044
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
162.213.251.190200 OK 12 kB URL HTTP/2 www.rudra-world.xyz/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
IP 162.213.251.190:0
File type Unicode text, UTF-8 text, with very long lines (32907)
Hash 7dfc58a7415cd7b31fc0e2fe1e03c8eb
a4e2ca5ab6bc32fda5ee768f12ee3759e855aa6a
bb9ed748e92d792389a911772c1334f85a6c9927a4978cbfbf7ccf48f226daf9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 12177
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
162.213.251.190200 OK 1.6 kB URL HTTP/2 www.rudra-world.xyz/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP 162.213.251.190:0
File type ASCII text, with very long lines (4875)
Hash 06a8ac0e71976bc143cfa7861a31169d
def6031fe13259bf17752661832d815e37068bf2
e6f42d97e7299522bbb002364128fdf72cd22263ca72c5edc41dcd8f4672cd33
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1575
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
162.213.251.190200 OK 3.7 kB URL HTTP/2 www.rudra-world.xyz/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP 162.213.251.190:0
Hash f7acc55c5b34188d3e66c5f2ecf3ba80
802270f7a221e406af63d622d364b119d912c15b
826c4e13764f5bf1bd0a17f2e693d943f8605df1024815f67f43694f4338b713
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 10:06:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3717
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.3
162.213.251.190200 OK 5.5 kB URL HTTP/2 www.rudra-world.xyz/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.3
IP 162.213.251.190:0
File type ASCII text, with very long lines (21374)
Hash 572e4b71b250e508ab15c8a34b337f98
e56f5fdd90bc72fab3f83a7d2c71faf10da4b74f
a49eb532f641eb23ecbf0191a9c532e34190e9b5f2eeb5e004f55b04ba7d94cd
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.3 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 07:37:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5506
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
162.213.251.190200 OK 2.9 kB URL HTTP/2 www.rudra-world.xyz/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 162.213.251.190:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash 869caa171b68cbec9fee5abbfb944ee8
f237e485e41f88b77384cfdb880f9d5a8f46eac8
25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: application/javascript
last-modified: Wed, 11 Jan 2017 21:35:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2867
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
162.213.251.190200 OK 6.8 kB URL HTTP/2 www.rudra-world.xyz/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 162.213.251.190:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 3d0ff0f6731d9cef860af9a5a0e3ce62
13aed444304d782039e261475c8b4450b83e743e
e8d05db77732c71843ced6f386ea82eb32243ac36e7ca3e071cb7f53e2ffbce5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 10:06:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6800
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
162.213.251.190200 OK 30 kB URL HTTP/2 www.rudra-world.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 162.213.251.190:0
File type ASCII text, with very long lines (65447)
Hash 3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 10:06:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css
162.213.251.190200 OK 3.3 kB URL HTTP/2 www.rudra-world.xyz/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css
IP 162.213.251.190:0
File type Unicode text, UTF-8 text, with very long lines (29357)
Hash cc2c14f0edcecba4e110bdca410fe13e
78d59db6a8ac33d32f3765f5a6d1c4bdf9f48b56
147d33cda54a36fca0a41cbe70af43105fba4d510383b08af7a1ab0cb3212364
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: text/css
last-modified: Sat, 01 Oct 2022 07:37:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3343
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
162.213.251.190200 OK 286 B URL HTTP/2 www.rudra-world.xyz/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 162.213.251.190:0
File type ASCII text, with very long lines (483)
Hash 8828fa3c5bdcfa66615714a2b8c9d807
4f556d0b005ac7754af607418df445f8cf98e8b1
16950dcce60bc3ee2613b60439c99e7ed74d10245f59fe6f68346b7e72dd95e7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 286
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
162.213.251.190200 OK 2.4 kB URL HTTP/2 www.rudra-world.xyz/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 162.213.251.190:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 4e773d7cec56bacab6d2db420be6f262
c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2354
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
162.213.251.190200 OK 6.3 kB URL HTTP/2 www.rudra-world.xyz/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 162.213.251.190:0
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash fecbc00e8af71d8cfb678cd811c7cb2e
44e5dd77f62cb5c67271442b75cdff10d45f2f8d
d6f03fb4728d0c23251451df8d66b5107d3c87458dc624aacfbad437e99d01f1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 10:06:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6335
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.3
162.213.251.190200 OK 5.3 kB URL HTTP/2 www.rudra-world.xyz/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.3
IP 162.213.251.190:0
File type ASCII text, with very long lines (24339)
Hash e9661504567726c97f03debdd9dc4c93
f955558a8e79cee84da0eb450bc5082e0bc84801
d161cbf2b30aacfc2f41a6c34d13ae93726ab269a539bdcf84f623bff74c5d24
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.3 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 07:37:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5290
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
162.213.251.190200 OK 4.6 kB URL HTTP/2 www.rudra-world.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 162.213.251.190:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
162.213.251.190200 OK 12 kB URL HTTP/2 www.rudra-world.xyz/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
IP 162.213.251.190:0
File type ASCII text, with very long lines (40474)
Hash cf45d3e8044770ba8eabf3833e30fdbe
90f787b69fa2f83b87c28f3caa67985b04b333bd
c83321c916d9ca392150cf727108c0927ce9394be70e9b08920cff666f823fb4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11702
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
162.213.251.190200 OK 12 kB URL HTTP/2 www.rudra-world.xyz/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 162.213.251.190:0
File type ASCII text, with very long lines (57726)
Hash f463afd8661ddc733305df1f0cbdaff2
77262f0209e75e340eb7014aba9cd8d69966032f
c4b6541be58a0ca61549cd4562850315077880c459c019f01e835cf2d7b764de
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:26 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12133
date: Wed, 23 Nov 2022 03:51:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 03:51:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pixel.wp.com/g.gif?v=ext&blog=212100034&post=360&tz=0&srv=www.rudra-world.xyz&j=1%3A11.5.1&host=www.rudra-world.xyz&ref=&fcp=0&rand=0.7717653759856978
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&blog=212100034&post=360&tz=0&srv=www.rudra-world.xyz&j=1%3A11.5.1&host=www.rudra-world.xyz&ref=&fcp=0&rand=0.7717653759856978
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=212100034&post=360&tz=0&srv=www.rudra-world.xyz&j=1%3A11.5.1&host=www.rudra-world.xyz&ref=&fcp=0&rand=0.7717653759856978 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 03:51:27 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rudra-world.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 18:53:49 GMT
expires: Thu, 16 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 550658
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 03:51:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 03:51:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 03:51:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 03:51:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
216.58.207.195200 OK 33 kB URL HTTP/2 fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 32860, version 1.0\012- data
Hash d010a9f2d5c7a0374b3b84706a43d2ec
c1fe465db08785c3f115555d39db23838960cb66
9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536
GET /s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rudra-world.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Nov 2022 15:39:48 GMT
expires: Sat, 18 Nov 2023 15:39:48 GMT
cache-control: public, max-age=31536000
age: 389499
last-modified: Mon, 11 Jul 2022 19:12:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rudra-world.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 14:07:32 GMT
expires: Thu, 16 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 567835
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Hash b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rudra-world.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:40:23 GMT
expires: Thu, 16 Nov 2023 19:40:23 GMT
cache-control: public, max-age=31536000
age: 547864
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rudra-world.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:34:08 GMT
expires: Thu, 16 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 548239
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 03:51:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.rudra-world.xyz/wp-content/uploads/2022/11/pexels-martin-pechy-2078271-scaled.jpg
162.213.251.190301 Moved Permanently 707 B URL HTTP/1.1 www.rudra-world.xyz/wp-content/uploads/2022/11/pexels-martin-pechy-2078271-scaled.jpg
IP 162.213.251.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/pexels-martin-pechy-2078271-scaled.jpg HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 23 Nov 2022 03:51:27 GMT
server: LiteSpeed
location: https://www.rudra-world.xyz/wp-content/uploads/2022/11/pexels-martin-pechy-2078271-scaled.jpg
x-turbo-charged-by: LiteSpeed
www.rudra-world.xyz/wp-content/uploads/2022/11/pexels-vincent-simon-10016528-1-scaled.jpg
162.213.251.190301 Moved Permanently 707 B URL HTTP/1.1 www.rudra-world.xyz/wp-content/uploads/2022/11/pexels-vincent-simon-10016528-1-scaled.jpg
IP 162.213.251.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/pexels-vincent-simon-10016528-1-scaled.jpg HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 23 Nov 2022 03:51:27 GMT
server: LiteSpeed
location: https://www.rudra-world.xyz/wp-content/uploads/2022/11/pexels-vincent-simon-10016528-1-scaled.jpg
x-turbo-charged-by: LiteSpeed
www.rudra-world.xyz/wp-content/uploads/2022/11/pexels-sebastian-ervi-1763075-1-scaled.jpg
162.213.251.190301 Moved Permanently 707 B URL HTTP/1.1 www.rudra-world.xyz/wp-content/uploads/2022/11/pexels-sebastian-ervi-1763075-1-scaled.jpg
IP 162.213.251.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/pexels-sebastian-ervi-1763075-1-scaled.jpg HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 23 Nov 2022 03:51:27 GMT
server: LiteSpeed
location: https://www.rudra-world.xyz/wp-content/uploads/2022/11/pexels-sebastian-ervi-1763075-1-scaled.jpg
x-turbo-charged-by: LiteSpeed
www.rudra-world.xyz/wp-content/uploads/2022/11/pexels-mauricio-mascaro-1376124-scaled.jpg
162.213.251.190301 Moved Permanently 707 B URL HTTP/1.1 www.rudra-world.xyz/wp-content/uploads/2022/11/pexels-mauricio-mascaro-1376124-scaled.jpg
IP 162.213.251.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/pexels-mauricio-mascaro-1376124-scaled.jpg HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 23 Nov 2022 03:51:27 GMT
server: LiteSpeed
location: https://www.rudra-world.xyz/wp-content/uploads/2022/11/pexels-mauricio-mascaro-1376124-scaled.jpg
x-turbo-charged-by: LiteSpeed
www.rudra-world.xyz/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
162.213.251.190200 OK 77 kB URL HTTP/2 www.rudra-world.xyz/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP 162.213.251.190:0
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.rudra-world.xyz/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:27 GMT
content-type: font/woff2
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-length: 76764
date: Wed, 23 Nov 2022 03:51:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/uploads/2022/11/Akshay-Event-Maker-300x300.png
162.213.251.190200 OK 24 kB URL HTTP/2 www.rudra-world.xyz/wp-content/uploads/2022/11/Akshay-Event-Maker-300x300.png
IP 162.213.251.190:0
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 912eed10766b89161938fb5dcbb0a4ed
994252c4803fcda9847377637dc511a9cef25c65
c99c2738015864e597501e081abfa6c1a6c747500f18b782de84911c89fb2b95
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/Akshay-Event-Maker-300x300.png HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:27 GMT
content-type: image/png
last-modified: Tue, 08 Nov 2022 09:24:10 GMT
accept-ranges: bytes
content-length: 24475
date: Wed, 23 Nov 2022 03:51:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/uploads/2022/11/pexels-melike-benli-10651679-1-768x512.jpg
162.213.251.190200 OK 77 kB URL HTTP/2 www.rudra-world.xyz/wp-content/uploads/2022/11/pexels-melike-benli-10651679-1-768x512.jpg
IP 162.213.251.190:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 768x512, components 3\012- data
Hash 51131010f188ede78e5d2940d4242a36
e52dcf52c2226af4047020c17cbd4053ff69d2bb
987c410ddc0d286a4a7ce84499b543ebcb3dc30c8bec9754b888acf1cd46be91
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/pexels-melike-benli-10651679-1-768x512.jpg HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:27 GMT
content-type: image/jpeg
last-modified: Tue, 08 Nov 2022 10:09:51 GMT
accept-ranges: bytes
content-length: 77058
date: Wed, 23 Nov 2022 03:51:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js
162.213.251.190200 OK 1.2 kB URL HTTP/2 www.rudra-world.xyz/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js
IP 162.213.251.190:0
File type ASCII text, with very long lines (3262)
Hash dac702dde8b43281aff61bcc8c0b99cf
31eabd2f6cbd85a142e08e9d3f92298c661be81f
97f0a230a99c3d85a29780624bccbdee07d41083d2045250acdc61541ba5693a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:27 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 07:37:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1173
date: Wed, 23 Nov 2022 03:51:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
162.213.251.190200 OK 599 B URL HTTP/2 www.rudra-world.xyz/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP 162.213.251.190:0
File type ASCII text, with very long lines (1320)
Hash b59e163b50b8e62a7e08b4ce88241b48
4f45b1e9e0270133c35c43a1a33d5b2d292b8693
73ba293d6c6c5c89f37eb310eead199d2a7268ada96c881f41ec8ca5b7f693bb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:27 GMT
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 599
date: Wed, 23 Nov 2022 03:51:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/favicon.ico
162.213.251.190404 Not Found 1.2 kB URL HTTP/2 www.rudra-world.xyz/favicon.ico
IP 162.213.251.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Wed, 23 Nov 2022 03:51:28 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/uploads/2022/11/pexels-mauricio-mascaro-1376124-scaled.jpg
162.213.251.190200 OK 295 kB URL HTTP/2 www.rudra-world.xyz/wp-content/uploads/2022/11/pexels-mauricio-mascaro-1376124-scaled.jpg
IP 162.213.251.190:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 2560x1707, components 3\012- data
Size 295 kB (295080 bytes)
Hash b99254582e2b06a511437d85380b2968
1916c222ed62ff4b4888fd51c644c9bb864d5b53
2780591817692dad9748131a42689c1b00b77ddc7eb235e31f7872ca080e2e04
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/pexels-mauricio-mascaro-1376124-scaled.jpg HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:27 GMT
content-type: image/jpeg
last-modified: Tue, 08 Nov 2022 09:41:53 GMT
accept-ranges: bytes
content-length: 295080
date: Wed, 23 Nov 2022 03:51:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/uploads/2022/11/pexels-sebastian-ervi-1763075-1-scaled.jpg
162.213.251.190200 OK 430 kB URL HTTP/2 www.rudra-world.xyz/wp-content/uploads/2022/11/pexels-sebastian-ervi-1763075-1-scaled.jpg
IP 162.213.251.190:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 2560x1829, components 3\012- data
Size 430 kB (429538 bytes)
Hash 8ab7d269a2828b43ebc1483ec4226825
175cb3c74f5aa6c419e4d04a77e30474107dd5ba
608161bfb6e1ee3a56be05c262f8e8dad19851d44de5272c2fccf9c91cf04ffd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/pexels-sebastian-ervi-1763075-1-scaled.jpg HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:27 GMT
content-type: image/jpeg
last-modified: Tue, 08 Nov 2022 09:00:47 GMT
accept-ranges: bytes
content-length: 429538
date: Wed, 23 Nov 2022 03:51:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/uploads/2022/11/pexels-martin-pechy-2078271-scaled.jpg
162.213.251.190200 OK 596 kB URL HTTP/2 www.rudra-world.xyz/wp-content/uploads/2022/11/pexels-martin-pechy-2078271-scaled.jpg
IP 162.213.251.190:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1707x2560, components 3\012- data
Size 596 kB (595911 bytes)
Hash 3f62d9ff5e7d60d851d5042d4d50e790
b527c3429bb8ea7904a4a5fdf4b830a298cf20a7
25cb0aac6ab4e117f943e4c98a4f135711620495451b6c7628a758e8e0cc5c98
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/pexels-martin-pechy-2078271-scaled.jpg HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:27 GMT
content-type: image/jpeg
last-modified: Wed, 09 Nov 2022 03:39:27 GMT
accept-ranges: bytes
content-length: 595911
date: Wed, 23 Nov 2022 03:51:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.rudra-world.xyz/wp-content/uploads/2022/11/pexels-vincent-simon-10016528-1-scaled.jpg
162.213.251.190200 OK 764 kB URL HTTP/2 www.rudra-world.xyz/wp-content/uploads/2022/11/pexels-vincent-simon-10016528-1-scaled.jpg
IP 162.213.251.190:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 2560x1760, components 3\012- data
Size 764 kB (763802 bytes)
Hash 7d4fd956baa01efd0ee15406078d5ee4
5cd5892bf814c1b64f90e3619f2b645a80de83e8
1cdd08da361093c3fa7ea42c151e6a9fcd5f5e8f7b79a8a6942f5557f756368a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/pexels-vincent-simon-10016528-1-scaled.jpg HTTP/1.1
Host: www.rudra-world.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 03:51:27 GMT
content-type: image/jpeg
last-modified: Tue, 08 Nov 2022 09:08:32 GMT
accept-ranges: bytes
content-length: 763802
date: Wed, 23 Nov 2022 03:51:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e8d7af3a5d030774447a0f71c7824f0
663cace8681891ad55943dd0273493aa9474d102
22068df04672281e392caa485259df103d591ab247c3eb5e0ccba10ffd8a9ef0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9766
x-amzn-requestid: ca8b7a9f-3c1a-419d-953e-2944bf820e5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcR_Hd4IAMFWUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d40d9-4ca5e9b2476a47cd199b9cba;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:36:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RZqqB_Aaam7hYpdAB2fbx-i3iQth9M-OgA25IgCB5Uz0swqVi3-bVg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:48:19 GMT
age: 21794
etag: "663cace8681891ad55943dd0273493aa9474d102"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stats.wp.com/e-202247.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /e-202247.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 03:51:26 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 13 Nov 2023 09:17:34 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.10:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rudra-world.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Nov 2022 03:51:26 GMT
date: Wed, 23 Nov 2022 03:51:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2