| GET qegyhig.com/deq.com/login.php |  104.21.16.1 | 301 Moved Permanently | 88 kB |
URL User Request GET qegyhig.com/deq.com/login.php IP104.21.16.1:80
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /deq.com/login.php HTTP/1.1
Host: qegyhig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sat, 03 May 2025 05:58:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://qegyhig.com/deq.com/login.php
cf-cache-status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=57Gfzy0uDGFPy2sr2QW0cD3AGbvd%2FXY16gSYqgpwHxhL1wlMsTgFwJ75loFRq8FJyNzwmO3GV%2FUE6NTjSXIo7o6uahnthk0W73MfTQICRzKJIlXpVZw1eTF8ez1Q7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 939d864388c2569b-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=444&min_rtt=444&rtt_var=222&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=413&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| GET qegyhig.com/deq.com/login.php | 104.21.16.1 | 404 Not Found | 88 kB |
URL User Request GET qegyhig.com/deq.com/login.php IP104.21.16.1:443
CertificateIssuerGoogle Trust Services Subjectqegyhig.com FingerprintD1:E8:19:88:B9:8A:4E:85:D4:67:0E:DD:E9:2B:C2:19:65:A0:0A:89 ValidityFri, 07 Mar 2025 09:07:46 GMT - Thu, 05 Jun 2025 10:06:15 GMT
File typeHTML document, ASCII text, with very long lines (41959), with CRLF, LF line terminators Hashd6304e6078f7f08eb3da340904e701ff 21ff67a333aa9c0cb82901c66ee6795a1949d5d2 3df74e72ec06af423bbd1ccc5ca8d55962ada77f9f89787f9d8ce433180112bf
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /deq.com/login.php HTTP/1.1
Host: qegyhig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 03 May 2025 05:58:04 GMT
content-type: text/html; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XFONGKilv1RJwlgZC0pTGHX4LEGsX04dcZxFIeKoPC8o8AeovpA4%2BF2qfBIrQ90SKeLAD2lxioanzde59ui0RVK%2B8Qv0D8oHtirQVnmBNeeqtdWOKiJGGBwFSKLk8g%3D%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0, no-store, private
link: <https://qegyhig.com/wp-json/>; rel="https://api.w.org/"
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 939d86450f77712b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3135&min_rtt=662&rtt_var=1271&sent=136&recv=242&lost=0&retrans=0&sent_bytes=10500&recv_bytes=13396&delivery_rate=2399&cwnd=12000&unsent_bytes=0&cid=079e6c28dea140cf&ts=878&x=16"
|
|
| GET qegyhig.com/wp-content/themes/astra/assets/css/minified/main.min.css?ver=4.3.1 | 104.21.16.1 | 200 OK | 42 kB |
URL GET qegyhig.com/wp-content/themes/astra/assets/css/minified/main.min.css?ver=4.3.1 IP104.21.16.1:443
Requested byhttps://qegyhig.com/deq.com/login.php CertificateIssuerGoogle Trust Services Subjectqegyhig.com FingerprintD1:E8:19:88:B9:8A:4E:85:D4:67:0E:DD:E9:2B:C2:19:65:A0:0A:89 ValidityFri, 07 Mar 2025 09:07:46 GMT - Thu, 05 Jun 2025 10:06:15 GMT
File typeASCII text, with very long lines (39343) Hasha0b3a11fd4ebcad236cff2bc51e9b434 32450d8097e971f4b59044e979289903beffc85d 4c0561c2c4810cbb09911bc45252c68724f181aa5bd16455493e31d2bfeba8b3
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/astra/assets/css/minified/main.min.css?ver=4.3.1 HTTP/1.1
Host: qegyhig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qegyhig.com/deq.com/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 03 May 2025 05:58:04 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yhcA3FrlLnvo3K%2FKeFu4KzagXOlcJiilAi5tP6qWoBC0i3syug12tOQjAGZJdujxYHB6aWEf30iysKUw1vUVbr0%2FzaSNX%2BNk74iwq5zbjbO03M3sBoKbaOXm1A1tkA%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 27 Sep 2023 17:55:09 GMT
vary: Accept-Encoding
etag: W/"65146c7d-a235"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
age: 808985
cf-cache-status: HIT
cf-ray: 939d8648a82f712b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2794&min_rtt=662&rtt_var=1294&sent=158&recv=248&lost=0&retrans=0&sent_bytes=29115&recv_bytes=14706&delivery_rate=4184081&cwnd=12000&unsent_bytes=0&cid=079e6c28dea140cf&ts=1018&x=16"
|
|
| GET qegyhig.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 | 104.21.16.1 | 200 OK | 88 kB |
URL GET qegyhig.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP104.21.16.1:443
Requested byhttps://qegyhig.com/deq.com/login.php CertificateIssuerGoogle Trust Services Subjectqegyhig.com FingerprintD1:E8:19:88:B9:8A:4E:85:D4:67:0E:DD:E9:2B:C2:19:65:A0:0A:89 ValidityFri, 07 Mar 2025 09:07:46 GMT - Thu, 05 Jun 2025 10:06:15 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: qegyhig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qegyhig.com/deq.com/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 03 May 2025 05:58:04 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oyan62iCEbrTuFfDSLkUjDmdD6e%2Bima%2B%2FYEUBwH3EYcGtPv74GB2Hz9yiItQqxEboBAniKT7ER0oIdSYrITYeMoKEu2exZDlsAz22l8poNp%2FMdO6sFHnTkI4ryKyoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 08 Nov 2023 00:39:49 GMT
vary: Accept-Encoding
etag: W/"654ad8d5-15601"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
age: 808985
cf-cache-status: HIT
cf-ray: 939d8648a831712b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2607&min_rtt=662&rtt_var=1345&sent=182&recv=249&lost=0&retrans=0&sent_bytes=54492&recv_bytes=14750&delivery_rate=569834&cwnd=20400&unsent_bytes=0&cid=079e6c28dea140cf&ts=1020&x=16"
|
|
| GET qegyhig.com/wp-includes/js/wp-emoji-release.min.js?ver=6.8.1 | 104.21.16.1 | 200 OK | 19 kB |
URL GET qegyhig.com/wp-includes/js/wp-emoji-release.min.js?ver=6.8.1 IP104.21.16.1:443
Requested byhttps://qegyhig.com/deq.com/login.php CertificateIssuerGoogle Trust Services Subjectqegyhig.com FingerprintD1:E8:19:88:B9:8A:4E:85:D4:67:0E:DD:E9:2B:C2:19:65:A0:0A:89 ValidityFri, 07 Mar 2025 09:07:46 GMT - Thu, 05 Jun 2025 10:06:15 GMT
File typeJavaScript source, ASCII text, with very long lines (16290) Hash1dafa7fe14b33c26fef9b0e5ba0c8e72 62f67cdac55d89c43570bf0c338f4edf548b14e1 50cc1a0490008ec62ca8b581fa9cdcfb2eda2d36a08ccbeb1f004da599e9cc61
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.8.1 HTTP/1.1
Host: qegyhig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qegyhig.com/deq.com/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 03 May 2025 05:58:05 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qb%2BpBAtj3stZPeAaj3EQ6hKiB3SPwKQEBvpewbs9AyzgUr9eF36C1Z8OWvqKCaztQIHUzILat4%2BVgLnL5pPjh5oqqJPWgQ%2FAB4MJJ2EfgdkBZ5LVpI2%2BJbKk4FnP6A%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 16 Apr 2025 00:39:12 GMT
vary: Accept-Encoding
etag: W/"67fefc30-4b40"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
cf-cache-status: HIT
age: 191799
cf-ray: 939d8649685f712b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2036&min_rtt=662&rtt_var=1071&sent=217&recv=255&lost=0&retrans=0&sent_bytes=92112&recv_bytes=15253&delivery_rate=3942214&cwnd=37200&unsent_bytes=0&cid=079e6c28dea140cf&ts=1138&x=16"
|
|
| GET qegyhig.com/wp-content/uploads/2023/09/cropped-02.-Idola-logo-alt-1-32x32.png | 104.21.16.1 | 200 OK | 2.5 kB |
URL GET qegyhig.com/wp-content/uploads/2023/09/cropped-02.-Idola-logo-alt-1-32x32.png IP104.21.16.1:443
Requested byhttps://qegyhig.com/deq.com/login.php CertificateIssuerGoogle Trust Services Subjectqegyhig.com FingerprintD1:E8:19:88:B9:8A:4E:85:D4:67:0E:DD:E9:2B:C2:19:65:A0:0A:89 ValidityFri, 07 Mar 2025 09:07:46 GMT - Thu, 05 Jun 2025 10:06:15 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hash24d6169e292ca283dff013bbe28770d7 d214ee03d00a84249d579b0edef9e4ac28d44ef5 b9ae8237792e06c013ccab1fd3ba00a41f4e93ce708e1b55a2a47bdf7a4d7422
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2023/09/cropped-02.-Idola-logo-alt-1-32x32.png HTTP/1.1
Host: qegyhig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qegyhig.com/deq.com/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 03 May 2025 05:58:05 GMT
content-type: image/png
content-length: 2514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9lV5KNCMagFIdoFDsBGAg8SRdFC3mtb%2B%2Bx6dSKfbJfqtzrpYiHiaqpefq8iuqxErwXapCd4qVeN4%2F0gl5WJJyLwq3%2FH5ZS4G7oo4zDF22KeehkjiPaRGG4JBnP6NOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 27 Sep 2023 18:12:55 GMT
etag: "651470a7-9d2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
age: 808985
cf-cache-status: HIT
cf-ray: 939d86498869712b-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1917&min_rtt=662&rtt_var=784&sent=259&recv=258&lost=0&retrans=0&sent_bytes=139710&recv_bytes=15955&delivery_rate=1524170&cwnd=74400&unsent_bytes=0&cid=079e6c28dea140cf&ts=1168&x=16"
|
|
| GET qegyhig.com/wp-content/uploads/2023/09/cropped-02.-Idola-logo-alt-1-192x192.png | 104.21.16.1 | 200 OK | 40 kB |
URL GET qegyhig.com/wp-content/uploads/2023/09/cropped-02.-Idola-logo-alt-1-192x192.png IP104.21.16.1:443
Requested byhttps://qegyhig.com/deq.com/login.php CertificateIssuerGoogle Trust Services Subjectqegyhig.com FingerprintD1:E8:19:88:B9:8A:4E:85:D4:67:0E:DD:E9:2B:C2:19:65:A0:0A:89 ValidityFri, 07 Mar 2025 09:07:46 GMT - Thu, 05 Jun 2025 10:06:15 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hashd1f1811ac2c5b3160ce819832a1fe628 fee51fc1b3cef119ba46580eac6229332c79d767 c920945e4501a9a4ac5a7001abb17d84114ec9b6515a1afd16977d58518c1627
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2023/09/cropped-02.-Idola-logo-alt-1-192x192.png HTTP/1.1
Host: qegyhig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qegyhig.com/deq.com/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 03 May 2025 05:58:05 GMT
content-type: image/png
content-length: 39922
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5APUSYeNMIA%2F29LVzR36xMXcIh4RvwbWhy%2FOxHZoVUMdXf%2FfgIPf1abcrfD%2F02u9WoQ0p%2FTtPUz2mbKvUowmiBOA2BCIo2b4jdGdLYJe1eDWxXy4%2ByoRStzN8cXs3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 27 Sep 2023 18:12:55 GMT
etag: "651470a7-9bf2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 3829606
accept-ranges: bytes
cf-ray: 939d86498868712b-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1924&min_rtt=662&rtt_var=1027&sent=223&recv=257&lost=0&retrans=0&sent_bytes=98108&recv_bytes=15909&delivery_rate=327166&cwnd=37200&unsent_bytes=0&cid=079e6c28dea140cf&ts=1165&x=16"
|
|
| GET qegyhig.com/deq.com/login.php | 104.21.16.1 | 404 Not Found | 88 kB |
URL User Request GET qegyhig.com/deq.com/login.php IP104.21.16.1:443
CertificateIssuerGoogle Trust Services Subjectqegyhig.com FingerprintD1:E8:19:88:B9:8A:4E:85:D4:67:0E:DD:E9:2B:C2:19:65:A0:0A:89 ValidityFri, 07 Mar 2025 09:07:46 GMT - Thu, 05 Jun 2025 10:06:15 GMT
File typeHTML document, ASCII text, with very long lines (41959), with CRLF, LF line terminators Hashd6304e6078f7f08eb3da340904e701ff 21ff67a333aa9c0cb82901c66ee6795a1949d5d2 3df74e72ec06af423bbd1ccc5ca8d55962ada77f9f89787f9d8ce433180112bf
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /deq.com/login.php HTTP/1.1
Host: qegyhig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Sat, 03 May 2025 05:58:03 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
vary: Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0, no-store, private
link: <https://qegyhig.com/wp-json/>; rel="https://api.w.org/"
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 939d863f188b1c16-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| GET qegyhig.com/wp-includes/css/dist/block-library/style.min.css?ver=6.8.1 | 104.21.16.1 | 200 OK | 116 kB |
URL GET qegyhig.com/wp-includes/css/dist/block-library/style.min.css?ver=6.8.1 IP104.21.16.1:443
Requested byhttps://qegyhig.com/deq.com/login.php CertificateIssuerGoogle Trust Services Subjectqegyhig.com FingerprintD1:E8:19:88:B9:8A:4E:85:D4:67:0E:DD:E9:2B:C2:19:65:A0:0A:89 ValidityFri, 07 Mar 2025 09:07:46 GMT - Thu, 05 Jun 2025 10:06:15 GMT
File typeASCII text, with very long lines (55654) Size116 kB (116363 bytes) Hashdfe67cbbac3da53fdbbaed71c91db428 8c82643ef63a8389c1b800b7c5d0af9d684b8b24 597ddfdee7171750c16ec5aafd392cf992e9c53386d6bb6061d48e30334f09e9
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.8.1 HTTP/1.1
Host: qegyhig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qegyhig.com/deq.com/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 03 May 2025 05:58:04 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KwHZlJBDkZpiTgjV%2FO1C%2BVsCE2LIPVq2ctudgoxQw1TJl7hckq6gXAoZm5IHpgeZ5yuJccv3Bf6Bw4drEkaP4rMbGkh%2FoDQUmNBircsfMEgXcmlWah5VsNCEu4LU%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 16 Apr 2025 00:39:12 GMT
vary: Accept-Encoding
etag: W/"67fefc30-1c68b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
cf-cache-status: HIT
age: 191798
cf-ray: 939d8648a830712b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2794&min_rtt=662&rtt_var=1294&sent=167&recv=248&lost=0&retrans=0&sent_bytes=38110&recv_bytes=14706&delivery_rate=4184081&cwnd=12000&unsent_bytes=0&cid=079e6c28dea140cf&ts=1019&x=16"
|
|
| GET qegyhig.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 | 104.21.16.1 | 200 OK | 14 kB |
URL GET qegyhig.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP104.21.16.1:443
Requested byhttps://qegyhig.com/deq.com/login.php CertificateIssuerGoogle Trust Services Subjectqegyhig.com FingerprintD1:E8:19:88:B9:8A:4E:85:D4:67:0E:DD:E9:2B:C2:19:65:A0:0A:89 ValidityFri, 07 Mar 2025 09:07:46 GMT - Thu, 05 Jun 2025 10:06:15 GMT
File typeJavaScript source, ASCII text, with very long lines (13479) Hash9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: qegyhig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qegyhig.com/deq.com/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 03 May 2025 05:58:04 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BaNGyu3F1RAFZd0Ky9L6GeER8NskLhacJklfqEFfBXwyXJgahjigqvVbk5otOsrZwGPJi2pb%2B4NbFeuB4yhryiTNX2rtQSTNWqwX7EkghYdDW5MlhNhGV7VELaAURA%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sun, 24 Sep 2023 12:38:54 GMT
vary: Accept-Encoding
etag: W/"65102dde-3509"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
age: 732142
cf-cache-status: HIT
cf-ray: 939d8648b832712b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2164&min_rtt=662&rtt_var=1085&sent=210&recv=253&lost=0&retrans=0&sent_bytes=86378&recv_bytes=14927&delivery_rate=18155481&cwnd=37200&unsent_bytes=0&cid=079e6c28dea140cf&ts=1025&x=16"
|
|