r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfd491ebe7381221b3674c2c8bf9e566
d2ac5badf17f348c28a52e9db10e6eb80e5a231a
34a026664386054b0b73c36cd1ddfce023551ee41963df0e38248bac1e1eb56c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4713
Expires: Sun, 26 Mar 2023 06:40:58 GMT
Date: Sun, 26 Mar 2023 05:22:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2871
Expires: Sun, 26 Mar 2023 06:10:16 GMT
Date: Sun, 26 Mar 2023 05:22:25 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 26 Mar 2023 05:15:32 GMT
content-type: application/json
age: 413
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1313ee2f06606d09c45b06ff9e8e1001
285ca89d1d3ea45d35832bc6d9827f834b3bfe21
63463447d29550c3734f621be02ec85290fbdf4612f79f9fad7e94f7e066dcb0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63463447D29550C3734F621BE02EC85290FBDF4612F79F9FAD7E94F7E066DCB0"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3370
Expires: Sun, 26 Mar 2023 06:18:35 GMT
Date: Sun, 26 Mar 2023 05:22:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: I//sUwPAYhxDy75nwpYEZxa6lA61dPKq8PqmWhRURF+oSPR0u0jrLb0VI8yQOuxqP7/WKcB75pY=
x-amz-request-id: 3NZ21VM4CJB5PANH
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 26 Mar 2023 05:01:04 GMT
age: 1281
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 05:22:25 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 851b891e49332c30f51deef69914384f
6f07f7aa983efed1662b863a4539515f95de3d48
d977e120a6b5d0d18b760b852f591ab9f2dbc6216fd2114f6b47461da2b57e0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D977E120A6B5D0D18B760B852F591AB9F2DBC6216FD2114F6B47461DA2B57E0F"
Last-Modified: Sat, 25 Mar 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4276
Expires: Sun, 26 Mar 2023 06:33:41 GMT
Date: Sun, 26 Mar 2023 05:22:25 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 26 Mar 2023 05:14:35 GMT
age: 470
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
dlqsclub.com/
106.12.147.12301 Moved Permanently 0 B IP 106.12.147.12:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: dlqsclub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.8.1
Date: Sun, 26 Mar 2023 05:22:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.31
X-Redirect-By: WordPress
Location: http://www.dlqsclub.com/
push.services.mozilla.com/
34.117.65.55101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.117.65.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aHjuAPPMezrKFIQ/x5i0aQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uhi2XlWTbkHgUhuMo/B/DA5Nl1U=
Date: Sun, 26 Mar 2023 05:22:26 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3147
Expires: Sun, 26 Mar 2023 06:14:54 GMT
Date: Sun, 26 Mar 2023 05:22:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3147
Expires: Sun, 26 Mar 2023 06:14:54 GMT
Date: Sun, 26 Mar 2023 05:22:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ff4405f-78db-4a79-9e55-e4fc35844c68.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ff4405f-78db-4a79-9e55-e4fc35844c68.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffef80630953d486de654abbb5d40ccd
06323c322ac667e3388bba406222121607eb804a
b853a741069e96d8430d766bb1422e50488622729bd069e29b8839ddc5743822
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ff4405f-78db-4a79-9e55-e4fc35844c68.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6566
x-amzn-requestid: 0a9abca1-24c3-4adf-8509-f8ebcab1c24d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1smEZFIAMFyFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6983-6ce8a53e779d724a11af3531;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:07 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: ibxm5Q-obzgZHNavKjqxgcgY9ePeF9PTC8wPzjE8fERmyVxaxnahKQ==
via: 1.1 0a166b53605851fe961f5a2952e5a748.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:50:36 GMT
etag: "06323c322ac667e3388bba406222121607eb804a"
content-type: image/jpeg
age: 27111
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd27448b3-5d7d-4249-939a-22a55ff03bfc.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd27448b3-5d7d-4249-939a-22a55ff03bfc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4079fe41a14c57ac6160bdb654f6ef64
99d9cd4a1d423d776284f2d638763ebe33e247ad
218e38cf89853672bb8b24c1c53d58092a75827fb9f7aad02c8e4bbc02d44325
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd27448b3-5d7d-4249-939a-22a55ff03bfc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5916
x-amzn-requestid: 86502622-4d93-4767-a7ab-b963bfc9900b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1kUHgjoAMFmug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f694e-069ef5781ce60e9821010204;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:36:14 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: fSfyW9GhYz32f7oOv3UEB0XV8OFjbnnnxWGmiVW5r5hkxix8fHNTdA==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:51:13 GMT
age: 27074
etag: "99d9cd4a1d423d776284f2d638763ebe33e247ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ec08d4bd079a92161fc80f41281b5a9
bf61369962342cce85de8f48942b4b150fd2721e
8a8ed12c31d89d71c3cb88f0813ded83939529206461e917dcb0b8bc11abdda4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3589
x-amzn-requestid: 9c09af43-79e8-4734-b28b-4194e0bb1e4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1uyE2joAMF50g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6991-7607d33f6301182b591c56e8;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:21 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Olik0rOopNpu03_GQWvvGeuS0D579nAdtuk9RGWUQSopMavKHDn1cQ==
via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:53:15 GMT
age: 26952
etag: "bf61369962342cce85de8f48942b4b150fd2721e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c831201ad81f55c63c1b101ce854a810
0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5
c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5556
x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM69eHE3IAMF0Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: ZQcPeutl5BzzzysPzWEzrEY8WU-0F-0twvGPT7RAX-UjNOCk3NtmMQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 06:24:35 GMT
age: 82672
etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75161517-cef9-4f1d-98e1-296b5088de2a.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75161517-cef9-4f1d-98e1-296b5088de2a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ff8bb94dc368c89ab13dfcfe312e5cd
7819408faa7e232c57bf448d78cf00e7f98469f6
2a04de377d0d4c7cd4a720420806e3f7a872290fad006ef6a172b86d7c249378
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75161517-cef9-4f1d-98e1-296b5088de2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7882
x-amzn-requestid: cdb6c312-e4b1-41e4-a13e-723f8628961d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW3M0G_3oAMFpWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6beb-37ff37b35f2de72b6faf0bf9;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:47:23 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: o3RieqwEX_2b3M44VUtFps7E7w7KhoyCSq957URLDlZ4Q1ZaqNYX-g==
via: 1.1 ba490acb2ea716cd57876286ed686786.cloudfront.net (CloudFront), 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 22:08:31 GMT
age: 26036
etag: "7819408faa7e232c57bf448d78cf00e7f98469f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F080fe5e4-bfa3-4b7e-bc7b-ea9d3348e6c4.webp
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F080fe5e4-bfa3-4b7e-bc7b-ea9d3348e6c4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e924839a6364def37d8e9d20af3f5999
42e3c97cb72a824d50de5b49e92731a7678c4e73
64725edfecba86737c10dbbc9c70faec28405bb36c565e899889fdaa73979694
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F080fe5e4-bfa3-4b7e-bc7b-ea9d3348e6c4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6976
x-amzn-requestid: dd142563-f3de-4390-816b-192fc44c480d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1kWHjMIAMF9xA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f694e-5dee56692bbe2f35034c9178;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:36:14 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: ZVnX7AJMV_qcEeF6TG2tsNkiw3kUbCI6rskIb8IPuw-8VMg9raFUjA==
via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:51:25 GMT
age: 27062
etag: "42e3c97cb72a824d50de5b49e92731a7678c4e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.dlqsclub.com/
106.12.147.12200 OK 38 kB IP 106.12.147.12:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1820)
Hash d6a0e51a0357d18affc72d795f3e7a03
1514b4140a6901506902b46b9662fa36fef5d9c9
f6391564531ea0ea92f59d716d5ea110bf86e7e1c136c3817c30e3f5a551bcb0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: www.dlqsclub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.8.1
Date: Sun, 26 Mar 2023 05:22:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.31
Link: <http://www.dlqsclub.com/index.php?rest_route=/>; rel="https://api.w.org/", <http://www.dlqsclub.com/index.php?rest_route=/wp/v2/pages/7>; rel="alternate"; type="application/json", <http://www.dlqsclub.com/>; rel=shortlink
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 63ca8c4e17e0b692d1829cd62b9af3af
d0bbecbe0b93ea21026898dbd13edee5fc071cb2
1208545ecf01edb7bcef0b3c288d9edd34d2034c7404ba68a64c2ef251cb42f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 26 Mar 2023 05:22:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 63ca8c4e17e0b692d1829cd62b9af3af
d0bbecbe0b93ea21026898dbd13edee5fc071cb2
1208545ecf01edb7bcef0b3c288d9edd34d2034c7404ba68a64c2ef251cb42f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 26 Mar 2023 05:22:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.dlqsclub.com/wp-content/themes/hestia/assets/css/font-sizes.min.css?ver=3.0.19
106.12.147.12200 OK 3.9 kB URL HTTP/1.1 www.dlqsclub.com/wp-content/themes/hestia/assets/css/font-sizes.min.css?ver=3.0.19
IP 106.12.147.12:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (3896), with no line terminators
Hash d29fa45ff2ffc4a7e3645dc7045e5d78
c843c4df2ed2e788acfae2e7b1703705ba15ccf2
955c9994638a653c13afda75fcd1640664c3036243f8aa80bdd6fc606bbb61a7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/hestia/assets/css/font-sizes.min.css?ver=3.0.19 HTTP/1.1
Host: www.dlqsclub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dlqsclub.com/
HTTP/1.1 200 OK
Server: nginx/1.8.1
Date: Sun, 26 Mar 2023 05:22:27 GMT
Content-Type: text/css
Content-Length: 3896
Last-Modified: Tue, 28 Dec 2021 08:01:45 GMT
Connection: keep-alive
ETag: "61cac469-f38"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.dlqsclub.com/wp-content/plugins/themeisle-companion/obfx_modules/companion-legacy/assets/css/hestia/clients-bar.css?ver=5.8.2
106.12.147.12200 OK 502 B URL HTTP/1.1 www.dlqsclub.com/wp-content/plugins/themeisle-companion/obfx_modules/companion-legacy/assets/css/hestia/clients-bar.css?ver=5.8.2
IP 106.12.147.12:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash 24864cefc02e7605fdbbe78fc5f5c95d
e11283728fcfd796fde689fcd41084b438d4f530
b782324c2df4e15e22a11024a5f3ec1155c28ea30d28f25793eec70ef6d4f8ab
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/themeisle-companion/obfx_modules/companion-legacy/assets/css/hestia/clients-bar.css?ver=5.8.2 HTTP/1.1
Host: www.dlqsclub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dlqsclub.com/
HTTP/1.1 200 OK
Server: nginx/1.8.1
Date: Sun, 26 Mar 2023 05:22:28 GMT
Content-Type: text/css
Content-Length: 502
Last-Modified: Tue, 28 Dec 2021 08:01:45 GMT
Connection: keep-alive
ETag: "61cac469-1f6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.dlqsclub.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.2
106.12.147.12200 OK 18 kB URL HTTP/1.1 www.dlqsclub.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.2
IP 106.12.147.12:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (15224)
Hash 116c86c56f8db0bb63f15ceda50fdc98
75e308982ecf7cd43644b8b426e6aa1a0b0fbe26
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.8.2 HTTP/1.1
Host: www.dlqsclub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dlqsclub.com/
HTTP/1.1 200 OK
Server: nginx/1.8.1
Date: Sun, 26 Mar 2023 05:22:27 GMT
Content-Type: application/javascript
Content-Length: 18181
Last-Modified: Tue, 28 Dec 2021 08:01:45 GMT
Connection: keep-alive
ETag: "61cac469-4705"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.dlqsclub.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
106.12.147.12200 OK 11 kB URL HTTP/1.1 www.dlqsclub.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 106.12.147.12:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.dlqsclub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dlqsclub.com/
HTTP/1.1 200 OK
Server: nginx/1.8.1
Date: Sun, 26 Mar 2023 05:22:28 GMT
Content-Type: application/javascript
Content-Length: 11224
Last-Modified: Tue, 28 Dec 2021 08:01:45 GMT
Connection: keep-alive
ETag: "61cac469-2bd8"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.dlqsclub.com/wp-includes/js/comment-reply.min.js?ver=5.8.2
106.12.147.12200 OK 3.0 kB URL HTTP/1.1 www.dlqsclub.com/wp-includes/js/comment-reply.min.js?ver=5.8.2
IP 106.12.147.12:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (2949)
Hash 3b59c3b33879d70b46063089ec505e03
4054dbf1c08e09d8514df72dbe137d02efae907a
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/comment-reply.min.js?ver=5.8.2 HTTP/1.1
Host: www.dlqsclub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dlqsclub.com/
HTTP/1.1 200 OK
Server: nginx/1.8.1
Date: Sun, 26 Mar 2023 05:22:28 GMT
Content-Type: application/javascript
Content-Length: 2984
Last-Modified: Tue, 28 Dec 2021 08:01:45 GMT
Connection: keep-alive
ETag: "61cac469-ba8"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.dlqsclub.com/wp-content/themes/hestia/assets/bootstrap/css/bootstrap.min.css?ver=1.0.2
106.12.147.12200 OK 73 kB URL HTTP/1.1 www.dlqsclub.com/wp-content/themes/hestia/assets/bootstrap/css/bootstrap.min.css?ver=1.0.2
IP 106.12.147.12:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (65536), with no line terminators
Hash d2d210f78c7e945820ae2cac1886116d
5646e582c9d411e1d8d6fd082df32a1e6f3a8c30
4f1e2ab1e239967c7acfcf1e9329e7bd1bae7482954c108b0c7ba042c65380a4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/hestia/assets/bootstrap/css/bootstrap.min.css?ver=1.0.2 HTTP/1.1
Host: www.dlqsclub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dlqsclub.com/
HTTP/1.1 200 OK
Server: nginx/1.8.1
Date: Sun, 26 Mar 2023 05:22:28 GMT
Content-Type: text/css
Content-Length: 73000
Last-Modified: Tue, 28 Dec 2021 08:01:45 GMT
Connection: keep-alive
ETag: "61cac469-11d28"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.dlqsclub.com/wp-content/themes/hestia/assets/bootstrap/js/bootstrap.min.js?ver=1.0.2
106.12.147.12200 OK 23 kB URL HTTP/1.1 www.dlqsclub.com/wp-content/themes/hestia/assets/bootstrap/js/bootstrap.min.js?ver=1.0.2
IP 106.12.147.12:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (23366), with no line terminators
Hash cc49457be0df67660759914256953ffe
0eed9a962327ba0c96b7f663a45af3234ecb1c61
4ebecd8afd2424508ba7ee31ec8cf590613f0f316548badaf2c11d3be79b2d89
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/hestia/assets/bootstrap/js/bootstrap.min.js?ver=1.0.2 HTTP/1.1
Host: www.dlqsclub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dlqsclub.com/
HTTP/1.1 200 OK
Server: nginx/1.8.1
Date: Sun, 26 Mar 2023 05:22:28 GMT
Content-Type: application/javascript
Content-Length: 23366
Last-Modified: Tue, 28 Dec 2021 08:01:45 GMT
Connection: keep-alive
ETag: "61cac469-5b46"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.dlqsclub.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
106.12.147.12200 OK 21 kB URL HTTP/1.1 www.dlqsclub.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
IP 106.12.147.12:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (7973)
Hash 49fa677b9cd7ddf221dc06537b35e10f
7485f3f99c3c1a57197f2b099f3f8d68b8609d06
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.12.1 HTTP/1.1
Host: www.dlqsclub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dlqsclub.com/
HTTP/1.1 200 OK
Server: nginx/1.8.1
Date: Sun, 26 Mar 2023 05:22:28 GMT
Content-Type: application/javascript
Content-Length: 20787
Last-Modified: Tue, 28 Dec 2021 08:01:45 GMT
Connection: keep-alive
ETag: "61cac469-5133"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.dlqsclub.com/wp-includes/js/wp-embed.min.js?ver=5.8.2
106.12.147.12200 OK 1.4 kB URL HTTP/1.1 www.dlqsclub.com/wp-includes/js/wp-embed.min.js?ver=5.8.2
IP 106.12.147.12:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (1391)
Hash 905225d5711b559d3092387d5ffbedbd
6f6c39075263bafb9e8c10f1b34a1a0f7ee03c9d
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-embed.min.js?ver=5.8.2 HTTP/1.1
Host: www.dlqsclub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dlqsclub.com/
HTTP/1.1 200 OK
Server: nginx/1.8.1
Date: Sun, 26 Mar 2023 05:22:29 GMT
Content-Type: application/javascript
Content-Length: 1426
Last-Modified: Tue, 28 Dec 2021 08:01:45 GMT
Connection: keep-alive
ETag: "61cac469-592"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.dlqsclub.com/wp-content/themes/hestia/assets/js/script.min.js?ver=3.0.19
106.12.147.12200 OK 21 kB URL HTTP/1.1 www.dlqsclub.com/wp-content/themes/hestia/assets/js/script.min.js?ver=3.0.19
IP 106.12.147.12:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (21140), with no line terminators
Hash 9da15155ef916f7609527c79237560b0
11901a50a3f2acc8702f7078ca4e1c577638cdec
c6ebcda16152bea0301203152170aef660be83fd04b4d652583a77f0eea43886
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/hestia/assets/js/script.min.js?ver=3.0.19 HTTP/1.1
Host: www.dlqsclub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dlqsclub.com/
HTTP/1.1 200 OK
Server: nginx/1.8.1
Date: Sun, 26 Mar 2023 05:22:29 GMT
Content-Type: application/javascript
Content-Length: 21142
Last-Modified: Tue, 28 Dec 2021 08:01:45 GMT
Connection: keep-alive
ETag: "61cac469-5296"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.dlqsclub.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2
106.12.147.12200 OK 81 kB URL HTTP/1.1 www.dlqsclub.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2
IP 106.12.147.12:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (33376)
Hash 43c4bc05b5e3b0a6684a7c3a52e63590
ed6d95d525a710a82e8b8583e9ba7bce3b2a4722
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.8.2 HTTP/1.1
Host: www.dlqsclub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dlqsclub.com/
HTTP/1.1 200 OK
Server: nginx/1.8.1
Date: Sun, 26 Mar 2023 05:22:27 GMT
Content-Type: text/css
Content-Length: 80574
Last-Modified: Tue, 28 Dec 2021 08:01:45 GMT
Connection: keep-alive
ETag: "61cac469-13abe"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.dlqsclub.com/wp-content/themes/hestia/style.min.css?ver=3.0.19
106.12.147.12200 OK 144 kB URL HTTP/1.1 www.dlqsclub.com/wp-content/themes/hestia/style.min.css?ver=3.0.19
IP 106.12.147.12:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (65536), with no line terminators
Size 144 kB (143852 bytes)
Hash d43620e2f89c44765dd226b5ecbd003f
77e151ce95dbacb840cacba554c38546c634a2c8
2e3075ec597d075c623e63b780e5724aad812e6da91b80f7c9d161b3b56a8f95
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/hestia/style.min.css?ver=3.0.19 HTTP/1.1
Host: www.dlqsclub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dlqsclub.com/
HTTP/1.1 200 OK
Server: nginx/1.8.1
Date: Sun, 26 Mar 2023 05:22:27 GMT
Content-Type: text/css
Content-Length: 143852
Last-Modified: Tue, 28 Dec 2021 08:01:45 GMT
Connection: keep-alive
ETag: "61cac469-231ec"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.dlqsclub.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
106.12.147.12200 OK 90 kB URL HTTP/1.1 www.dlqsclub.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 106.12.147.12:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.dlqsclub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dlqsclub.com/
HTTP/1.1 200 OK
Server: nginx/1.8.1
Date: Sun, 26 Mar 2023 05:22:27 GMT
Content-Type: application/javascript
Content-Length: 89521
Last-Modified: Tue, 28 Dec 2021 08:01:45 GMT
Connection: keep-alive
ETag: "61cac469-15db1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b644abd1d83faa6f0327486dae33b18d
cb745aa55db6976159ef31ff8835e2b26fd32109
784e1b0a41a50629890a6fd6f58beb9f3a6eb5ba56aa35c671e5217d839aeeac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 26 Mar 2023 05:22:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b644abd1d83faa6f0327486dae33b18d
cb745aa55db6976159ef31ff8835e2b26fd32109
784e1b0a41a50629890a6fd6f58beb9f3a6eb5ba56aa35c671e5217d839aeeac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 26 Mar 2023 05:22:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
216.58.207.227200 OK 33 kB URL HTTP/2 fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 32860, version 1.0\012- data
Hash d010a9f2d5c7a0374b3b84706a43d2ec
c1fe465db08785c3f115555d39db23838960cb66
9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536
GET /s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.dlqsclub.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:48 GMT
expires: Sat, 23 Mar 2024 10:26:48 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 19:12:50 GMT
content-type: font/woff2
age: 154541
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b644abd1d83faa6f0327486dae33b18d
cb745aa55db6976159ef31ff8835e2b26fd32109
784e1b0a41a50629890a6fd6f58beb9f3a6eb5ba56aa35c671e5217d839aeeac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 26 Mar 2023 05:22:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.dlqsclub.com/wp-content/themes/hestia/assets/font-awesome/css/all.min.css?ver=1.0.2
106.12.147.12200 OK 56 kB URL HTTP/1.1 www.dlqsclub.com/wp-content/themes/hestia/assets/font-awesome/css/all.min.css?ver=1.0.2
IP 106.12.147.12:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (56331)
Hash 25a0ac5d7d8e48930fe0b6772b7254a8
6f4095f66e56d39ef0adefbe85a1dcfc13bd133b
a94a13d4e9df8dc2bc696a168930cd511f83498136bba3bb0b968d7556f0b807
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/hestia/assets/font-awesome/css/all.min.css?ver=1.0.2 HTTP/1.1
Host: www.dlqsclub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dlqsclub.com/
HTTP/1.1 200 OK
Server: nginx/1.8.1
Date: Sun, 26 Mar 2023 05:22:28 GMT
Content-Type: text/css
Content-Length: 56517
Last-Modified: Tue, 28 Dec 2021 08:01:45 GMT
Connection: keep-alive
ETag: "61cac469-dcc5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.dlqsclub.com/wp-content/uploads/2022/01/mmexport1641336625998.jpg
106.12.147.12200 OK 69 kB URL HTTP/1.1 www.dlqsclub.com/wp-content/uploads/2022/01/mmexport1641336625998.jpg
IP 106.12.147.12:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x333, components 3\012- data
Hash de5c720dc750c2229b2e3232596a6f05
5ae76b068b44bd8729dc0301550b65337c147d9d
cfb793f3efcf04e06f88c96dfc333ff08de52192f8aa342a953139d61bf932c5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/01/mmexport1641336625998.jpg HTTP/1.1
Host: www.dlqsclub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dlqsclub.com/
HTTP/1.1 200 OK
Server: nginx/1.8.1
Date: Sun, 26 Mar 2023 05:22:31 GMT
Content-Type: image/jpeg
Content-Length: 69124
Last-Modified: Wed, 05 Jan 2022 06:22:06 GMT
Connection: keep-alive
ETag: "61d5390e-10e04"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.dlqsclub.com/wp-content/themes/hestia/assets/font-awesome/webfonts/fa-solid-900.woff2
106.12.147.12200 OK 75 kB URL HTTP/1.1 www.dlqsclub.com/wp-content/themes/hestia/assets/font-awesome/webfonts/fa-solid-900.woff2
IP 106.12.147.12:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type Web Open Font Format (Version 2), TrueType, length 75392, version 330.15728\012- data
Hash 60ce8cf4dd9fe177abdfeda21e20798e
d378644ff0f7549fa6f217a08dfd2566a770638e
e348d772480f8c0e5fa546b3c531a38700ae16b5dad5defb5e67ade7f6d332e8
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/hestia/assets/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.dlqsclub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.dlqsclub.com/wp-content/themes/hestia/assets/font-awesome/css/all.min.css?ver=1.0.2
HTTP/1.1 200 OK
Server: nginx/1.8.1
Date: Sun, 26 Mar 2023 05:22:31 GMT
Content-Type: application/octet-stream
Content-Length: 75392
Last-Modified: Tue, 28 Dec 2021 08:01:45 GMT
Connection: keep-alive
ETag: "61cac469-12680"
Accept-Ranges: bytes
www.dlqsclub.com/favicon.ico
106.12.147.12404 Not Found 168 B URL HTTP/1.1 www.dlqsclub.com/favicon.ico
IP 106.12.147.12:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 936524317a13f7da01ff4676bdb271e2
12c56efbd63637bbc40832b24b45e76bd2910072
8feebc27aa326861bdd5197496f28ed3f90d6ea5ce710243b4f954b97d614198
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: www.dlqsclub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dlqsclub.com/
HTTP/1.1 404 Not Found
Server: nginx/1.8.1
Date: Sun, 26 Mar 2023 05:22:32 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
www.dlqsclub.com/wp-content/uploads/2022/01/WX20220105-142457@2x-scaled.jpg
106.12.147.12200 OK 0 B URL HTTP/1.1 www.dlqsclub.com/wp-content/uploads/2022/01/WX20220105-142457@2x-scaled.jpg
IP 106.12.147.12:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
GET /wp-content/uploads/2022/01/WX20220105-142457@2x-scaled.jpg HTTP/1.1
Host: www.dlqsclub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dlqsclub.com/
HTTP/1.1 200 OK
Server: nginx/1.8.1
Date: Sun, 26 Mar 2023 05:22:31 GMT
Content-Type: image/jpeg
Content-Length: 946837
Last-Modified: Wed, 05 Jan 2022 06:26:27 GMT
Connection: keep-alive
ETag: "61d53a13-e7295"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
fonts.googleapis.com/css?family=Roboto+Slab%3A400%2C700&subset=latin%2Clatin-ext&ver=3.0.19
172.217.21.170200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto+Slab%3A400%2C700&subset=latin%2Clatin-ext&ver=3.0.19
IP 172.217.21.170:0
GET /css?family=Roboto+Slab%3A400%2C700&subset=latin%2Clatin-ext&ver=3.0.19 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dlqsclub.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 26 Mar 2023 05:22:27 GMT
date: Sun, 26 Mar 2023 05:22:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2