Report - help.validate-exchange.live/

Report Overview

Visited public
2024-12-20 10:48:25
Tags
Submit Tags
URL
help.validate-exchange.live/
Finishing URL
help.validate-exchange.live/
IP / ASN
198.12.92.243
#36352 AS-COLOCROSSING
Title
Pi Network – Pi Blockchain, Community & Developer Platform | Pi Network

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

116

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
help.validate-exchange.live	unknown	unknown	No data	No data	28 kB	945 kB	198.12.92.243
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2024-12-18	2.1 kB	116 kB	216.58.207.227
validatepimainnet.com	unknown	unknown	No data	No data	1.5 kB	435 B	34.76.205.124
userstatics.com	unknown	2020-11-05	2020-11-05	2024-12-15	463 B	1.2 kB	172.67.208.186
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2024-12-18	1.5 kB	103 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validatepimainnet.com	Sinkholed
2024-12-20	medium	validatepimainnet.com	Sinkholed
2024-12-20	medium	validatepimainnet.com	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed
2024-12-20	medium	validate-exchange.live	Sinkholed

ThreatFox

No alerts detected

JavaScript (27)

	URL	From	Size	First Seen	Last Seen
	help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/jquery.fancybox.min_ver%3d3.3.8.js	ScriptElement	68 kB	2023-03-07	2025-07-12
Pretty URL help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/jquery.fancybox.min_ver%3d3.3.8.js IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09 Last Seen2025-07-12 23:16 Times Seen221 Hash 5b422064da37c5b42277f6e44186d9e1 5c611ea459c4909912564053b512d060a675fe65 d66b5c50c5c49bc4d3053364e1c519a64b05244734e04a2062c5ff1542790e90 Loading...

	help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/superfish_ver%3d1.5.8.js	ScriptElement	5.7 kB	2023-03-07	2025-07-17
Pretty URL help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/superfish_ver%3d1.5.8.js IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09 Last Seen2025-07-17 12:10 Times Seen777 Hash beca72584b7b6df68f09cd56acd813cc c3788c2e7bcfbdb9067fb5579e9cf323609a2187 e40c49d2d7cfc035902c7b8471e9736b9a05b2adc59ed919567063676d3b793e Loading...

	help.validate-exchange.live/wp-includes/js/jquery/jquery.min_ver%3d3.7.1.js	ScriptElement	88 kB	2023-12-21	2025-07-12
Pretty URL help.validate-exchange.live/wp-includes/js/jquery/jquery.min_ver%3d3.7.1.js IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-21 16:48 Last Seen2025-07-12 23:16 Times Seen27 Hash 53059698df97e216d4d9c2b4dbd151d0 a36a2b5aca8f70437270f830b69c2da3bc9adb1d 657363771122d7410ecf43059eb81d1fb780bf632a1b98282ca4c5309ae117ab Loading...

	help.validate-exchange.live/	ScriptElement	3.3 kB	2024-12-20	2024-12-20
Pretty URL help.validate-exchange.live/ IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-20 10:48 Last Seen2024-12-20 10:48 Times Seen1 Hash 1e7286ac519a7203e8b38322beabde73 579fbe6b268a38d884178abd62aa83d66c5f05a8 d391574bfc28dba5aa8b38d5e1a76227676f452d87122db7573c3ca1cce79722 Loading...

	help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/transit.min_ver%3d0.9.9.js	ScriptElement	7.4 kB	2023-03-07	2025-07-18
Pretty URL help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/transit.min_ver%3d0.9.9.js IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09 Last Seen2025-07-18 19:37 Times Seen1187 Hash 8e9392ec75b6ef18ba671a0a4432d1b1 7e7a63444fb918382d51bd2f7bd3757c0434ff10 fdcb39eec676f0d52a9647156d6e1c5e0668ebdbb1060cb8ff89d5b4ab4695e8 Loading...

	help.validate-exchange.live/wp-content/plugins/elementor/assets/js/webpack.runtime.min_ver%3d3.14.0.js	ScriptElement	5.0 kB	2023-06-19	2025-07-12
Pretty URL help.validate-exchange.live/wp-content/plugins/elementor/assets/js/webpack.runtime.min_ver%3d3.14.0.js IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-19 12:23 Last Seen2025-07-12 23:16 Times Seen184 Hash 14724c25454df5796b5f6452d5ba022d 8d2f0e719f743812ec5e549620d4b94cd29927d0 1349c213766a5f6da0fb2866ac869b3d0a931cbdae3ddcedb800c2f3e55f2ba3 Loading...

	userstatics.com/get/script.js?referrer=https://help.validate-exchange.live/	ScriptElement	133 B	2023-11-04	2025-07-19
Pretty URL userstatics.com/get/script.js?referrer=https://help.validate-exchange.live/ IP 172.67.208.186 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-04 00:48 Last Seen2025-07-19 04:43 Times Seen4304 Hash fea7fbf2c619fd4b7716fcaa64070c6c f192732937981a26f526b7c1293a2ae13bc59a22 df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26 Loading...

	help.validate-exchange.live/	ScriptElement	92 B	2023-03-07	2025-07-18
Pretty URL help.validate-exchange.live/ IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11 Last Seen2025-07-18 03:38 Times Seen1654 Hash ebced974460ad8b1f168f7bd6601ce3f 9fdd01445067b323c1e5e3efef02d2e889ffe2f2 a38cd852ed2bd05d8578772d5628fe44b62810ad4881a5aa1a359d84b76e7980 Loading...

	help.validate-exchange.live/wp-content/themes/salient/js/build/init_ver%3d15.0.js	ScriptElement	359 kB	2023-03-10	2025-07-12
Pretty URL help.validate-exchange.live/wp-content/themes/salient/js/build/init_ver%3d15.0.js IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 19:50 Last Seen2025-07-12 23:16 Times Seen12 Hash bcf61d2ccf7fe7f791174d06ce175220 5112cc2bfa718c0b461f56441ae05642b9ee3d39 306065aa8a78641de1291bc83f181534178cdf44e470dfa3068daa4a5c90a2a8 Loading...

	help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/vivus.min_ver%3d6.0.1.js	ScriptElement	12 kB	2023-03-08	2025-07-16
Pretty URL help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/vivus.min_ver%3d6.0.1.js IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:47 Last Seen2025-07-16 00:15 Times Seen99 Hash 525df8133dc03ce6b7fb7cd017fe0ee0 bbc596b7e054b02df1c52d67d903f5202d3b4146 18949282236c58479862223954873f216b247953aaa1fafd5f270cdd304c05e4 Loading...

	help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min_ver%3d3.14.0.js	ScriptElement	15 kB	2023-03-07	2025-07-19
Pretty URL help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min_ver%3d3.14.0.js IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-19 03:47 Times Seen6339 Hash 7a5dea0a705cc2f4cd87dbaaa6666bc6 678bc6f750f13adb29bbc158eb0d9cd813b736fa 97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264 Loading...

	help.validate-exchange.live/	ScriptElement	573 B	2023-03-07	2025-07-16
Pretty URL help.validate-exchange.live/ IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:09 Last Seen2025-07-16 11:20 Times Seen483 Hash 7591bbcfec0c586fa39357e993acd4bd 67404773f4888faa133298e084980fc9a0ec29cb ed7678146fa6f912f2b401c2ed5ce85bfd41dbc8b25b612aeb7013610cf36c30 Loading...

	help.validate-exchange.live/wp-content/themes/salient/js/build/priority_ver%3d15.0.js	ScriptElement	1.9 kB	2023-03-07	2025-07-17
Pretty URL help.validate-exchange.live/wp-content/themes/salient/js/build/priority_ver%3d15.0.js IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09 Last Seen2025-07-17 07:10 Times Seen561 Hash abe6b3b54fb492863decb8525994cc02 d99473157436c3d671ceb8bcf1c55de9ddfefcf6 a9c8cbcf0ed23e3ec2f71acc45d2c4836a1dd995cce5630964063c7a44b40283 Loading...

	help.validate-exchange.live/wp-content/plugins/elementor/assets/js/frontend-modules.min_ver%3d3.14.0.js	ScriptElement	53 kB	2023-06-19	2025-07-12
Pretty URL help.validate-exchange.live/wp-content/plugins/elementor/assets/js/frontend-modules.min_ver%3d3.14.0.js IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-19 12:23 Last Seen2025-07-12 23:16 Times Seen183 Hash e49f7a310db213a5be5a74ac532bb8a1 788db0159859ed1f8286219354d30b9de8b2ec17 55bf10a1645567d3b7ed40204525c8dc89a32c5851adecce569f5fd5ed97b88b Loading...

	help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min_ver%3d4.0.2.js	ScriptElement	12 kB	2023-03-07	2025-07-19
Pretty URL help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min_ver%3d4.0.2.js IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-19 05:43 Times Seen28375 Hash 3819c3569da71daec283a75483735f7e ecd40a5cc6f0b76200c454ca880210dc301cfab8 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0 Loading...

	help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/jquery.easing.min_ver%3d1.3.js	ScriptElement	2.4 kB	2023-03-07	2025-07-18
Pretty URL help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/jquery.easing.min_ver%3d1.3.js IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09 Last Seen2025-07-18 19:37 Times Seen1110 Hash 56ba0cdb72b1b00226a21fe08251054a 82bef20f71eb674c7d1d63242c80afbc1e6d8274 15a71d32b340bf3641581ac5b4f37887b9cb3981477d5886ec5849749c8a36e7 Loading...

	help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/hoverintent.min_ver%3d1.9.js	ScriptElement	2.2 kB	2023-03-07	2025-07-18
Pretty URL help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/hoverintent.min_ver%3d1.9.js IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09 Last Seen2025-07-18 19:37 Times Seen1137 Hash 507093401cd1d74603963e9a93012460 40920e71e0dc7b172c80ac5905f9a9c42aa8acf0 86a156b80c4342d46aa6bfdf42944e34cd85f5935e38c20bd58445006ca12a96 Loading...

	help.validate-exchange.live/wp-content/plugins/elementor/assets/js/frontend.min_ver%3d3.14.0.js	ScriptElement	41 kB	2023-06-19	2025-07-12
Pretty URL help.validate-exchange.live/wp-content/plugins/elementor/assets/js/frontend.min_ver%3d3.14.0.js IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-19 12:23 Last Seen2025-07-12 23:16 Times Seen180 Hash 417d2ef04e51285c0d8e31789084a504 dae0d3edbec383b4e0145177c7ecfb7e2ed83d90 7a3a19faa84ab238ac542e09efa9a6e3575b46805b9a43343b3cb445e08b1ecc Loading...

	help.validate-exchange.live/wp-includes/js/jquery/ui/core.min_ver%3d1.13.2.js	ScriptElement	21 kB	2023-04-01	2025-07-19
Pretty URL help.validate-exchange.live/wp-includes/js/jquery/ui/core.min_ver%3d1.13.2.js IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:26 Last Seen2025-07-19 05:42 Times Seen28772 Hash c4e68a0f3463c0bd3c39eab38815e881 0ce58644e9f3c5063a11453ff287c5ec096465a7 ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f Loading...

	help.validate-exchange.live/	ScriptElement	825 B	2024-12-20	2024-12-20
Pretty URL help.validate-exchange.live/ IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-20 10:48 Last Seen2024-12-20 10:48 Times Seen1 Hash 9f24be8fb699843d5ca5d784f51bfb8b 2cc5a86d2fa0601f47aef1cad1aa1b8635646fc8 caf5399e4d1a6931648625b7419fb6614ebb4962cd02b66a4110885070a3a8bd Loading...

	help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/jquery.mousewheel.min_ver%3d3.1.13.js	ScriptElement	2.7 kB	2023-03-07	2025-07-18
Pretty URL help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/jquery.mousewheel.min_ver%3d3.1.13.js IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09 Last Seen2025-07-18 19:37 Times Seen1111 Hash 2a651f118ed794f9bdc86ef7eb86859a 044daf3a8f2789d7b80948dcf640bb72775f9df0 c962e74a0cd768609b29c247028bd61c3229a50bb3abe908feeaa98962eb0971 Loading...

	help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/waypoints_ver%3d4.0.2.js	ScriptElement	9.0 kB	2023-03-07	2025-07-18
Pretty URL help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/waypoints_ver%3d4.0.2.js IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09 Last Seen2025-07-18 19:37 Times Seen949 Hash 900bad1dbd9b131a99f31703a66340f3 ca580144be55dabae951a984529a5250d279b129 3c9eb9bb1076bbb11745885964334df870bf7eb621daa5e7475a9a5cf4b2e424 Loading...

	help.validate-exchange.live/wp-includes/js/jquery/jquery-migrate.min_ver%3d3.4.1.js	ScriptElement	14 kB	2023-05-09	2025-07-19
Pretty URL help.validate-exchange.live/wp-includes/js/jquery/jquery-migrate.min_ver%3d3.4.1.js IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21 Last Seen2025-07-19 06:05 Times Seen154959 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

	help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/imagesLoaded.min_ver%3d4.1.4.js	ScriptElement	5.6 kB	2023-03-07	2025-07-19
Pretty URL help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/imagesLoaded.min_ver%3d4.1.4.js IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-19 01:09 Times Seen4160 Hash e2c1a80b99251b7b94726b41312fb160 6d3e11174e22668e69df236e5c4542168f7cbfec 96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44 Loading...

	help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/anime.min_ver%3d4.5.1.js	ScriptElement	18 kB	2023-03-07	2025-07-18
Pretty URL help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/anime.min_ver%3d4.5.1.js IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09 Last Seen2025-07-18 19:37 Times Seen1826 Hash 572d66e85091711b6ee76609573a8364 332031949d78a49e8a18611556253660574e47db 5cbda29ea5096ac9404c59c77493a2f467d0eb4a27f16c750b61fc0d888dd716 Loading...

	help.validate-exchange.live/	ScriptElement	2.4 kB	2024-12-20	2024-12-20
Pretty URL help.validate-exchange.live/ IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-20 10:48 Last Seen2024-12-20 10:48 Times Seen1 Hash 7a635a22e6a45639ed63cb0f2a3eb33d 5e0c3d28d8e0a350a1d1e577b746b534cbb1fa4c df09dd6800647586dd1dd83b82e8ce24bad7d14b85a6db39db2fcb26d11d0caf Loading...

	help.validate-exchange.live/wp-content/plugins/salient-core/js/third-party/touchswipe.min_ver%3d1.0.js	ScriptElement	9.4 kB	2023-03-07	2025-07-18
Pretty URL help.validate-exchange.live/wp-content/plugins/salient-core/js/third-party/touchswipe.min_ver%3d1.0.js IP 198.12.92.243 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09 Last Seen2025-07-18 19:37 Times Seen1129 Hash 20f13f992fd02ead68fb17893467a8b5 8b37d46d93eb907cf0f8f95c3220eda45387389e cb225cbe89436bb47d3b4486cd9cee63db751cdaf60409f496253ca8be549dae Loading...

HTTP Transactions (65)

URL IP Response Size

GET help.validate-exchange.live/

198.12.92.243

200 OK

13 kB

URL User Request GET HTTP/2
help.validate-exchange.live/
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (9462)
Size
13 kB (13159 bytes)
Hash
e16ee6f95ba7994cdaed966cd4497ca2
f8ca49da66d1393b23ee7ca7a32c09382879352d
ee0f4fb6b07b2d591164365c5d3aaf65e484624324f64f1cf0f2ad7e18b30257

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:57 GMT
content-type: text/html
last-modified: Wed, 06 Mar 2024 11:53:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13159
date: Fri, 20 Dec 2024 10:47:57 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

GET help.validate-exchange.live/wp-includes/css/dist/block-library/style.min_ver%3dbb270fba1988038f5680f75b7475565e.css

198.12.92.243

200 OK

14 kB

URL GET HTTP/3
help.validate-exchange.live/wp-includes/css/dist/block-library/style.min_ver%3dbb270fba1988038f5680f75b7475565e.css
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
ASCII text, with very long lines (57084)
Size
14 kB (13607 bytes)
Hash
99ab466e0866c823ae5db517d59cebd1
5595a586cbd42b31377681b9d35293278d75d336
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min_ver%3dbb270fba1988038f5680f75b7475565e.css HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/css
last-modified: Wed, 06 Mar 2024 11:53:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13607
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET help.validate-exchange.live/wp-content/themes/salient/css/build/style_ver%3d15.0.css

198.12.92.243

200 OK

28 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/themes/salient/css/build/style_ver%3d15.0.css
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
28 kB (28338 bytes)
Hash
e48ff837573dedb97f08b5050c027803
40cad4ca184abd4c55bda8e7d657082de924173d
ddd628efdb917f0f84cfc703cf8f05a1b9e94ad93b12301c48ee6d3685a39daf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/salient/css/build/style_ver%3d15.0.css HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/css
last-modified: Wed, 06 Mar 2024 11:53:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 28338
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/themes/salient/css/build/grid-system-legacy_ver%3d15.0.css

198.12.92.243

200 OK

3.6 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/themes/salient/css/build/grid-system-legacy_ver%3d15.0.css
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
ASCII text, with very long lines (40158), with no line terminators
Size
3.6 kB (3558 bytes)
Hash
17fe57db6f332043e44559cc79e1e5cf
6cc858544c732e25154714e5846bc65cde28201b
d8e2176416f1bc2581875da9b8c97317c05352e9c0968ba6c23099484585b6bd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/salient/css/build/grid-system-legacy_ver%3d15.0.css HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/css
last-modified: Wed, 06 Mar 2024 11:53:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3558
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/themes/salient/css/build/responsive_ver%3d15.0.css

198.12.92.243

200 OK

6.9 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/themes/salient/css/build/responsive_ver%3d15.0.css
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
ASCII text, with very long lines (39474), with no line terminators
Size
6.9 kB (6931 bytes)
Hash
b798bd5bd028d3032655afad3ba2e1eb
b5aedfc44bfe8217a996687c00d4ea9672b6fd46
2902b27f8ead8cb1e0ea0426993ca56b5f966e47f6a2abc73635489589b968cd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/salient/css/build/responsive_ver%3d15.0.css HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/css
last-modified: Wed, 06 Mar 2024 11:53:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6931
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min_ver%3d4.7.0.css

198.12.92.243

200 OK

6.7 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min_ver%3d4.7.0.css
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
ASCII text, with very long lines (30846)
Size
6.7 kB (6664 bytes)
Hash
ca33d135226e3393aca04155c3449c8b
e93e97c831285c8e744302507a122df12857910e
1faccd38d81041c34a570143715385be36001c46699e1fad213cbc4a7343cfc7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min_ver%3d4.7.0.css HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/css
last-modified: Wed, 06 Mar 2024 11:53:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6664
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/uploads/salient/menu-dynamic_ver%3d33875.css

198.12.92.243

200 OK

1.7 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/uploads/salient/menu-dynamic_ver%3d33875.css
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
ASCII text, with very long lines (14496), with no line terminators
Size
1.7 kB (1668 bytes)
Hash
b7adde6c816d83f1657b64df200b5e51
3b7a6313b768a242490f832d73344f5b55f57940
5d1249113c4b58d8b506062fcf8b6ebc987a573fb58ccf600b5bea2c75d8de1a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/salient/menu-dynamic_ver%3d33875.css HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/css
last-modified: Wed, 06 Mar 2024 11:53:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1668
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/themes/salient/css/build/skin-material_ver%3d15.0.css

198.12.92.243

200 OK

8.5 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/themes/salient/css/build/skin-material_ver%3d15.0.css
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
ASCII text, with very long lines (55374), with no line terminators
Size
8.5 kB (8500 bytes)
Hash
c6aa8e14e7be50ff8465584042c6795e
ff34d2f7139a8885b84a57dcbace2b0b6e460c84
aaa862185468bf1d112fec374e466929c0ef7fa9f6332f10630d1f8ba295708f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/salient/css/build/skin-material_ver%3d15.0.css HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/css
last-modified: Wed, 06 Mar 2024 11:53:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8500
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min_ver%3d5.20.0.css

198.12.92.243

200 OK

0 B

URL GET HTTP/3
help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min_ver%3d5.20.0.css
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min_ver%3d5.20.0.css HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/css
last-modified: Wed, 06 Mar 2024 11:53:14 GMT
accept-ranges: bytes
content-length: 0
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/plugins/elementor/assets/css/frontend-lite.min_ver%3d3.14.0.css

198.12.92.243

200 OK

12 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/plugins/elementor/assets/css/frontend-lite.min_ver%3d3.14.0.css
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
ASCII text, with very long lines (65496)
Size
12 kB (11976 bytes)
Hash
53e3e3f368e9a0a95b68e80bb2d585cd
9a4eb75ff294979e03c8edaa7f7b63a1c0cbf1a9
57c493067f18ddd4a3ea93771d8d2ddda4485733cbcf751ae1141b02e68e6b65

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend-lite.min_ver%3d3.14.0.css HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/css
last-modified: Wed, 06 Mar 2024 11:53:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11976
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min_ver%3d8.4.5.css

198.12.92.243

200 OK

4.2 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min_ver%3d8.4.5.css
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
ASCII text, with very long lines (16214)
Size
4.2 kB (4248 bytes)
Hash
a2431bc290cf34e330e11ec4cfce1247
32a53342901fef5f4f4dbb26a555e730f84437a4
c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min_ver%3d8.4.5.css HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/css
last-modified: Wed, 06 Mar 2024 11:53:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4248
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/uploads/elementor/css/post-6697_ver%3d1699237592.css

198.12.92.243

200 OK

372 B

URL GET HTTP/3
help.validate-exchange.live/wp-content/uploads/elementor/css/post-6697_ver%3d1699237592.css
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
ASCII text, with very long lines (1267), with no line terminators
Size
372 B (372 bytes)
Hash
a85235e26eeb8bdfc1228c033e034634
1b68c590a64e0ef7c39a0f37ab9be95e7a7c899d
cdc3f273b6dad5ac683c76d5076d44abf0c3e7a9316f4c0ffefa26f1307c04b9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-6697_ver%3d1699237592.css HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/css
last-modified: Wed, 06 Mar 2024 11:53:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 372
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/uploads/elementor/css/global_ver%3d1699237592.css

198.12.92.243

200 OK

1.7 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/uploads/elementor/css/global_ver%3d1699237592.css
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
ASCII text, with very long lines (5977), with CRLF line terminators
Size
1.7 kB (1666 bytes)
Hash
5fc57393bfc694ee087f6644cdd6605a
d6fa7afff0aa361b7dfafe00b5c309df5d394782
a21d37f36f9768f15af3797459a2dd7fe5f57146732accdc85062e48621f7e31

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/global_ver%3d1699237592.css HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/css
last-modified: Wed, 06 Mar 2024 11:53:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1666
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/uploads/elementor/css/post-6730_ver%3d1699237592.css

198.12.92.243

200 OK

2.1 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/uploads/elementor/css/post-6730_ver%3d1699237592.css
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
ASCII text, with very long lines (21212), with no line terminators
Size
2.1 kB (2136 bytes)
Hash
5f7fc6200370d1b48f0aea8031c04a7e
d620c2022d816ec6cf89e1d705e5e6913ceb5b9b
ea3bcf62b4abf1afe85b1bf63a1074d2b95eec86797bdad236f6b7bc86b0b54c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-6730_ver%3d1699237592.css HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/css
last-modified: Wed, 06 Mar 2024 11:53:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2136
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min_ver%3d3.14.0.css

198.12.92.243

200 OK

12 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min_ver%3d3.14.0.css
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
ASCII text, with very long lines (59155)
Size
12 kB (12378 bytes)
Hash
fcb673cd463918484b4a159ed787b761
3f1858d46ec02d4c5b98fdf972c72ebda9b9e904
590538115567b1ce488042c757649aed6e24bb0fcd56f455d622ed4a22217dbd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min_ver%3d3.14.0.css HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/css
last-modified: Wed, 06 Mar 2024 11:53:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12378
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min_ver%3d3.14.0.css

198.12.92.243

200 OK

4.0 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min_ver%3d3.14.0.css
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
ASCII text, with very long lines (26516)
Size
4.0 kB (3987 bytes)
Hash
c55205bce667f5d812354fd1353e7389
f22de0af271eba636a022c873c94fbcd81b4c89a
c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min_ver%3d3.14.0.css HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/css
last-modified: Wed, 06 Mar 2024 11:53:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3987
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/themes/salient/css/salient-dynamic-styles_ver%3d55955.css

198.12.92.243

200 OK

24 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/themes/salient/css/salient-dynamic-styles_ver%3d55955.css
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
24 kB (23867 bytes)
Hash
b053e5904c3d1d1f090938eb87b48983
1a391746f00e72e014805e5ab632f50f3c44e1d9
cbaeb60a540a1879fe31aa06f2a1f2a201301e614f4e904e4625b2ad010a800e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/salient/css/salient-dynamic-styles_ver%3d55955.css HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/css
last-modified: Wed, 06 Mar 2024 11:53:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 23867
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min_ver%3d5.15.3.css

198.12.92.243

200 OK

12 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min_ver%3d5.15.3.css
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
ASCII text, with very long lines (57726)
Size
12 kB (12133 bytes)
Hash
eeb705d0bdccfd645d3bbd46dd1fbab3
066def290f42ed8c00860e573cc880bd46e9ced4
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min_ver%3d5.15.3.css HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/css
last-modified: Wed, 06 Mar 2024 11:53:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12133
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min_ver%3d5.15.3.css

198.12.92.243

200 OK

284 B

URL GET HTTP/3
help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min_ver%3d5.15.3.css
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
ASCII text, with very long lines (482)
Size
284 B (284 bytes)
Hash
a86f48a6e0c4af9fbdfcd57bebc0c6ec
19476f84d5d9f23926e5e49db5c5ddf0bdd97684
2cb9d1f97707801d620357a305742bfb74db5dcc8e44d7e8835de5928deb2bc2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min_ver%3d5.15.3.css HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/css
last-modified: Wed, 06 Mar 2024 11:53:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 284
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-includes/js/jquery/jquery.min_ver%3d3.7.1.js

198.12.92.243

200 OK

30 kB

URL GET HTTP/3
help.validate-exchange.live/wp-includes/js/jquery/jquery.min_ver%3d3.7.1.js
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
30 kB (30014 bytes)
Hash
53059698df97e216d4d9c2b4dbd151d0
a36a2b5aca8f70437270f830b69c2da3bc9adb1d
657363771122d7410ecf43059eb81d1fb780bf632a1b98282ca4c5309ae117ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min_ver%3d3.7.1.js HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/javascript
last-modified: Wed, 06 Mar 2024 11:53:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30014
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-includes/js/jquery/jquery-migrate.min_ver%3d3.4.1.js

198.12.92.243

200 OK

4.7 kB

URL GET HTTP/3
help.validate-exchange.live/wp-includes/js/jquery/jquery-migrate.min_ver%3d3.4.1.js
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
JavaScript source, ASCII text, with very long lines (13479)
Size
4.7 kB (4678 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min_ver%3d3.4.1.js HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/javascript
last-modified: Wed, 06 Mar 2024 11:53:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4678
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min_ver%3d3.14.0.js

198.12.92.243

200 OK

4.0 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min_ver%3d3.14.0.js
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
JavaScript source, ASCII text, with very long lines (14869)
Size
4.0 kB (4035 bytes)
Hash
7a5dea0a705cc2f4cd87dbaaa6666bc6
678bc6f750f13adb29bbc158eb0d9cd813b736fa
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min_ver%3d3.14.0.js HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/javascript
last-modified: Wed, 06 Mar 2024 11:53:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4035
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/uploads/2023/06/Pi-Network.webp

198.12.92.243

200 OK

21 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/uploads/2023/06/Pi-Network.webp
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
RIFF (little-endian) data, Web/P image
Size
21 kB (21070 bytes)
Hash
b490ea3dce29bd944b4fa895520bf3d8
455e5acd2c97daf7a0a4ea482af53843c5603ff4
a3ea5395feb6feb45486e05c2fcff4e7353931cc77c76d05c2fe14ab879d85f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/06/Pi-Network.webp HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 27 Dec 2024 10:47:58 GMT
content-type: image/webp
last-modified: Wed, 06 Mar 2024 11:53:13 GMT
accept-ranges: bytes
content-length: 21070
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/uploads/2023/06/pi_video-6.webp

198.12.92.243

200 OK

33 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/uploads/2023/06/pi_video-6.webp
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
RIFF (little-endian) data, Web/P image
Size
33 kB (33320 bytes)
Hash
14d69715942aaa36a140b5497998d09c
7b1ed3e43f4b2d4b52369b8b73e3e4a2bc182c63
f0cce3209adc2af85f7d557331e696be57ac1a45a1d9730a0f24c19e4c53b525

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/06/pi_video-6.webp HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 27 Dec 2024 10:47:58 GMT
content-type: image/webp
last-modified: Wed, 06 Mar 2024 11:53:13 GMT
accept-ranges: bytes
content-length: 33320
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/plugins/elementor/assets/css/widget-icon-box.min.css

198.12.92.243

200 OK

651 B

URL GET HTTP/3
help.validate-exchange.live/wp-content/plugins/elementor/assets/css/widget-icon-box.min.css
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
ASCII text, with very long lines (10061)
Size
651 B (651 bytes)
Hash
ca4e43dea3c02390f278a9a5ef31e7b5
df7bbfaf5b2d66f54723885da264e8f2640bc34c
36b6de0571e383aa5dba7a450786f6ecf032a8e28799b0412ec138dbe997aadf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/widget-icon-box.min.css HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/css
last-modified: Wed, 06 Mar 2024 11:53:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 651
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/uploads/2023/06/Pi-Blockchain-Community-Developer-Platform-Pi-Network.png

198.12.92.243

200 OK

153 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/uploads/2023/06/Pi-Blockchain-Community-Developer-Platform-Pi-Network.png
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
PNG image data, 435 x 396, 8-bit/color RGBA, non-interlaced
Size
153 kB (153282 bytes)
Hash
4b1db9762eeb0e8491c38eafffdd2728
1e55dd978f9fe166fd83a88cabce6f22a95d55bf
5a5611f052a5b5a7f8f8600860493d19b4373fdc9d31cf3877d29c2a36e6fb4b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/06/Pi-Blockchain-Community-Developer-Platform-Pi-Network.png HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=31536000
expires: Sat, 20 Dec 2025 10:47:58 GMT
content-type: image/png
last-modified: Wed, 06 Mar 2024 11:53:13 GMT
accept-ranges: bytes
content-length: 153282
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/themes/salient/css/build/style-non-critical_ver%3d15.0.css

198.12.92.243

200 OK

4.6 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/themes/salient/css/build/style-non-critical_ver%3d15.0.css
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
ASCII text, with very long lines (24778), with no line terminators
Size
4.6 kB (4588 bytes)
Hash
0e1c1557a6c99caa01a3efe9d5a589b4
f888527b741251cb4ba1f4436f265510b60d316e
46ef0fcbaf594ee81c04ee892757c23c3234d363132ac1a67e1c6c0ed0af4bb4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/salient/css/build/style-non-critical_ver%3d15.0.css HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/css
last-modified: Wed, 06 Mar 2024 11:53:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4588
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/themes/salient/css/build/plugins/jquery.fancybox_ver%3d3.3.1.css

198.12.92.243

200 OK

3.1 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/themes/salient/css/build/plugins/jquery.fancybox_ver%3d3.3.1.css
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
ASCII text, with very long lines (13897), with no line terminators
Size
3.1 kB (3143 bytes)
Hash
838f39a33c50d58ef26968be68db0516
d81ef7f9f580a60a8ba6cdcde3988eb49824ee85
9bfd65a4d3d6dc823abdcf6a9b8f18c45c9cae0728d17688875f222747b5c775

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/salient/css/build/plugins/jquery.fancybox_ver%3d3.3.1.css HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/css
last-modified: Wed, 06 Mar 2024 11:53:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3143
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/uploads/2023/06/34-14-11-1024-%C3%97-1024-px-1-1-699x1024-1-205x300.webp

198.12.92.243

200 OK

10 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/uploads/2023/06/34-14-11-1024-%C3%97-1024-px-1-1-699x1024-1-205x300.webp
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
RIFF (little-endian) data, Web/P image
Size
10 kB (10548 bytes)
Hash
0f903cb1e95fb0f89e59d121af902990
ed38756bc4eae532569c3fceac645555dfcbf6ce
66f1d0e2566dbee109864ea4bd4406b10e71e6c4a75e69c5a56a89350b57aa75

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/06/34-14-11-1024-%C3%97-1024-px-1-1-699x1024-1-205x300.webp HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 27 Dec 2024 10:47:58 GMT
content-type: image/webp
last-modified: Wed, 06 Mar 2024 11:53:13 GMT
accept-ranges: bytes
content-length: 10548
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/themes/salient/css/build/off-canvas/core_ver%3d15.0.css

198.12.92.243

200 OK

3.2 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/themes/salient/css/build/off-canvas/core_ver%3d15.0.css
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
ASCII text, with very long lines (22606), with no line terminators
Size
3.2 kB (3174 bytes)
Hash
8231e592ee0102c4be43c2eea94473e1
d05f2c50865b3b50b41d47d7246586c9fd717969
c320e09149c933460df7fba4784834ad7ffcece79fa6f0787a63bca782d51bb7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/salient/css/build/off-canvas/core_ver%3d15.0.css HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/css
last-modified: Wed, 06 Mar 2024 11:53:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3174
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/themes/salient/css/build/off-canvas/fullscreen-legacy_ver%3d15.0.css

198.12.92.243

200 OK

1.4 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/themes/salient/css/build/off-canvas/fullscreen-legacy_ver%3d15.0.css
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
ASCII text, with very long lines (9248), with no line terminators
Size
1.4 kB (1431 bytes)
Hash
02fe564e86e98c3c83d7f50c7af9f5bc
6a21249db3070b6c729d3bad7f58813424dc4177
7e80cef9f5f538e386757fd448c26a185c5596526d7630c1786b86334549bd5b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/salient/css/build/off-canvas/fullscreen-legacy_ver%3d15.0.css HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/css
last-modified: Wed, 06 Mar 2024 11:53:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1431
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/animations/animations.min_ver%3d3.14.0.css

198.12.92.243

200 OK

2.4 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/animations/animations.min_ver%3d3.14.0.css
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
ASCII text, with very long lines (10019)
Size
2.4 kB (2442 bytes)
Hash
4601ba55044413706c2022cb6c1c3d05
5103ec2fbb389568ebf5cfe4fd721f3df2ff7aec
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/animations/animations.min_ver%3d3.14.0.css HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/css
last-modified: Wed, 06 Mar 2024 11:53:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2442
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/jquery.easing.min_ver%3d1.3.js

198.12.92.243

200 OK

777 B

URL GET HTTP/3
help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/jquery.easing.min_ver%3d1.3.js
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
JavaScript source, ASCII text, with very long lines (2320)
Size
777 B (777 bytes)
Hash
56ba0cdb72b1b00226a21fe08251054a
82bef20f71eb674c7d1d63242c80afbc1e6d8274
15a71d32b340bf3641581ac5b4f37887b9cb3981477d5886ec5849749c8a36e7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/salient/js/build/third-party/jquery.easing.min_ver%3d1.3.js HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/javascript
last-modified: Wed, 06 Mar 2024 11:53:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 777
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/jquery.mousewheel.min_ver%3d3.1.13.js

198.12.92.243

200 OK

1.1 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/jquery.mousewheel.min_ver%3d3.1.13.js
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
JavaScript source, ASCII text, with very long lines (2620)
Size
1.1 kB (1088 bytes)
Hash
2a651f118ed794f9bdc86ef7eb86859a
044daf3a8f2789d7b80948dcf640bb72775f9df0
c962e74a0cd768609b29c247028bd61c3229a50bb3abe908feeaa98962eb0971

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/salient/js/build/third-party/jquery.mousewheel.min_ver%3d3.1.13.js HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/javascript
last-modified: Wed, 06 Mar 2024 11:53:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1088
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/themes/salient/js/build/priority_ver%3d15.0.js

198.12.92.243

200 OK

683 B

URL GET HTTP/3
help.validate-exchange.live/wp-content/themes/salient/js/build/priority_ver%3d15.0.js
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
JavaScript source, ASCII text, with very long lines (1880), with no line terminators
Size
683 B (683 bytes)
Hash
abe6b3b54fb492863decb8525994cc02
d99473157436c3d671ceb8bcf1c55de9ddfefcf6
a9c8cbcf0ed23e3ec2f71acc45d2c4836a1dd995cce5630964063c7a44b40283

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/salient/js/build/priority_ver%3d15.0.js HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/javascript
last-modified: Wed, 06 Mar 2024 11:53:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 683
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/transit.min_ver%3d0.9.9.js

198.12.92.243

200 OK

2.6 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/transit.min_ver%3d0.9.9.js
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
JavaScript source, ASCII text, with very long lines (7281)
Size
2.6 kB (2572 bytes)
Hash
8e9392ec75b6ef18ba671a0a4432d1b1
7e7a63444fb918382d51bd2f7bd3757c0434ff10
fdcb39eec676f0d52a9647156d6e1c5e0668ebdbb1060cb8ff89d5b4ab4695e8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/salient/js/build/third-party/transit.min_ver%3d0.9.9.js HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/javascript
last-modified: Wed, 06 Mar 2024 11:53:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2572
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/waypoints_ver%3d4.0.2.js

198.12.92.243

200 OK

2.5 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/waypoints_ver%3d4.0.2.js
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
JavaScript source, ASCII text, with very long lines (8999), with no line terminators
Size
2.5 kB (2520 bytes)
Hash
900bad1dbd9b131a99f31703a66340f3
ca580144be55dabae951a984529a5250d279b129
3c9eb9bb1076bbb11745885964334df870bf7eb621daa5e7475a9a5cf4b2e424

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/salient/js/build/third-party/waypoints_ver%3d4.0.2.js HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/javascript
last-modified: Wed, 06 Mar 2024 11:53:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2520
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/imagesLoaded.min_ver%3d4.1.4.js

198.12.92.243

200 OK

1.7 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/imagesLoaded.min_ver%3d4.1.4.js
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
JavaScript source, ASCII text, with very long lines (5477)
Size
1.7 kB (1712 bytes)
Hash
e2c1a80b99251b7b94726b41312fb160
6d3e11174e22668e69df236e5c4542168f7cbfec
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/salient/js/build/third-party/imagesLoaded.min_ver%3d4.1.4.js HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/javascript
last-modified: Wed, 06 Mar 2024 11:53:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1712
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/hoverintent.min_ver%3d1.9.js

198.12.92.243

200 OK

892 B

URL GET HTTP/3
help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/hoverintent.min_ver%3d1.9.js
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
JavaScript source, ASCII text, with very long lines (1933)
Size
892 B (892 bytes)
Hash
507093401cd1d74603963e9a93012460
40920e71e0dc7b172c80ac5905f9a9c42aa8acf0
86a156b80c4342d46aa6bfdf42944e34cd85f5935e38c20bd58445006ca12a96

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/salient/js/build/third-party/hoverintent.min_ver%3d1.9.js HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/javascript
last-modified: Wed, 06 Mar 2024 11:53:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 892
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/jquery.fancybox.min_ver%3d3.3.8.js

198.12.92.243

200 OK

21 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/jquery.fancybox.min_ver%3d3.3.8.js
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
JavaScript source, ASCII text, with very long lines (31984)
Size
21 kB (20997 bytes)
Hash
5b422064da37c5b42277f6e44186d9e1
5c611ea459c4909912564053b512d060a675fe65
d66b5c50c5c49bc4d3053364e1c519a64b05244734e04a2062c5ff1542790e90

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/salient/js/build/third-party/jquery.fancybox.min_ver%3d3.3.8.js HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/javascript
last-modified: Wed, 06 Mar 2024 11:53:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 20997
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/anime.min_ver%3d4.5.1.js

198.12.92.243

200 OK

7.0 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/anime.min_ver%3d4.5.1.js
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
JavaScript source, ASCII text, with very long lines (17638)
Size
7.0 kB (6960 bytes)
Hash
572d66e85091711b6ee76609573a8364
332031949d78a49e8a18611556253660574e47db
5cbda29ea5096ac9404c59c77493a2f467d0eb4a27f16c750b61fc0d888dd716

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/salient/js/build/third-party/anime.min_ver%3d4.5.1.js HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/javascript
last-modified: Wed, 06 Mar 2024 11:53:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6960
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/superfish_ver%3d1.5.8.js

198.12.92.243

200 OK

2.0 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/superfish_ver%3d1.5.8.js
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
JavaScript source, ASCII text, with very long lines (5692), with no line terminators
Size
2.0 kB (1967 bytes)
Hash
beca72584b7b6df68f09cd56acd813cc
c3788c2e7bcfbdb9067fb5579e9cf323609a2187
e40c49d2d7cfc035902c7b8471e9736b9a05b2adc59ed919567063676d3b793e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/salient/js/build/third-party/superfish_ver%3d1.5.8.js HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/javascript
last-modified: Wed, 06 Mar 2024 11:53:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1967
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/themes/salient/js/build/init_ver%3d15.0.js

198.12.92.243

200 OK

75 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/themes/salient/js/build/init_ver%3d15.0.js
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
75 kB (75285 bytes)
Hash
bcf61d2ccf7fe7f791174d06ce175220
5112cc2bfa718c0b461f56441ae05642b9ee3d39
306065aa8a78641de1291bc83f181534178cdf44e470dfa3068daa4a5c90a2a8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/salient/js/build/init_ver%3d15.0.js HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/javascript
last-modified: Wed, 06 Mar 2024 11:53:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 75285
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/plugins/salient-core/js/third-party/touchswipe.min_ver%3d1.0.js

198.12.92.243

200 OK

3.1 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/plugins/salient-core/js/third-party/touchswipe.min_ver%3d1.0.js
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
JavaScript source, ASCII text, with very long lines (9357)
Size
3.1 kB (3148 bytes)
Hash
20f13f992fd02ead68fb17893467a8b5
8b37d46d93eb907cf0f8f95c3220eda45387389e
cb225cbe89436bb47d3b4486cd9cee63db751cdaf60409f496253ca8be549dae

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/salient-core/js/third-party/touchswipe.min_ver%3d1.0.js HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/javascript
last-modified: Wed, 06 Mar 2024 11:53:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3148
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/vivus.min_ver%3d6.0.1.js

198.12.92.243

200 OK

3.7 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/themes/salient/js/build/third-party/vivus.min_ver%3d6.0.1.js
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
JavaScript source, ASCII text, with very long lines (11602)
Size
3.7 kB (3683 bytes)
Hash
525df8133dc03ce6b7fb7cd017fe0ee0
bbc596b7e054b02df1c52d67d903f5202d3b4146
18949282236c58479862223954873f216b247953aaa1fafd5f270cdd304c05e4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/salient/js/build/third-party/vivus.min_ver%3d6.0.1.js HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/javascript
last-modified: Wed, 06 Mar 2024 11:53:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3683
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/plugins/elementor/assets/js/webpack.runtime.min_ver%3d3.14.0.js

198.12.92.243

200 OK

2.0 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/plugins/elementor/assets/js/webpack.runtime.min_ver%3d3.14.0.js
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
JavaScript source, ASCII text, with very long lines (4918)
Size
2.0 kB (2046 bytes)
Hash
14724c25454df5796b5f6452d5ba022d
8d2f0e719f743812ec5e549620d4b94cd29927d0
1349c213766a5f6da0fb2866ac869b3d0a931cbdae3ddcedb800c2f3e55f2ba3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min_ver%3d3.14.0.js HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/javascript
last-modified: Wed, 06 Mar 2024 11:53:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2046
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/plugins/elementor/assets/js/frontend-modules.min_ver%3d3.14.0.js

198.12.92.243

200 OK

15 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/plugins/elementor/assets/js/frontend-modules.min_ver%3d3.14.0.js
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (52748)
Size
15 kB (15162 bytes)
Hash
e49f7a310db213a5be5a74ac532bb8a1
788db0159859ed1f8286219354d30b9de8b2ec17
55bf10a1645567d3b7ed40204525c8dc89a32c5851adecce569f5fd5ed97b88b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend-modules.min_ver%3d3.14.0.js HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/javascript
last-modified: Wed, 06 Mar 2024 11:53:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15162
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min_ver%3d4.0.2.js

198.12.92.243

200 OK

2.9 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min_ver%3d4.0.2.js
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
JavaScript source, ASCII text, with very long lines (12198), with no line terminators
Size
2.9 kB (2867 bytes)
Hash
3819c3569da71daec283a75483735f7e
ecd40a5cc6f0b76200c454ca880210dc301cfab8
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min_ver%3d4.0.2.js HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/javascript
last-modified: Wed, 06 Mar 2024 11:53:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2867
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-includes/js/jquery/ui/core.min_ver%3d1.13.2.js

198.12.92.243

200 OK

6.8 kB

URL GET HTTP/3
help.validate-exchange.live/wp-includes/js/jquery/ui/core.min_ver%3d1.13.2.js
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (8189)
Size
6.8 kB (6801 bytes)
Hash
c4e68a0f3463c0bd3c39eab38815e881
0ce58644e9f3c5063a11453ff287c5ec096465a7
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min_ver%3d1.13.2.js HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/javascript
last-modified: Wed, 06 Mar 2024 11:53:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6801
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/plugins/elementor/assets/js/frontend.min_ver%3d3.14.0.js

198.12.92.243

200 OK

12 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/plugins/elementor/assets/js/frontend.min_ver%3d3.14.0.js
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
JavaScript source, ASCII text, with very long lines (40748)
Size
12 kB (11898 bytes)
Hash
417d2ef04e51285c0d8e31789084a504
dae0d3edbec383b4e0145177c7ecfb7e2ed83d90
7a3a19faa84ab238ac542e09efa9a6e3575b46805b9a43343b3cb445e08b1ecc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend.min_ver%3d3.14.0.js HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Sun, 19 Jan 2025 10:47:58 GMT
content-type: text/javascript
last-modified: Wed, 06 Mar 2024 11:53:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11898
date: Fri, 20 Dec 2024 10:47:58 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/uploads/2023/06/pi-background.png

198.12.92.243

200 OK

158 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/uploads/2023/06/pi-background.png
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
PNG image data, 1640 x 924, 8-bit/color RGBA, non-interlaced
Size
158 kB (157983 bytes)
Hash
d51ff92c6d5834423bceb2e328a478b4
4e5e8034be4d2c92b5d47c09dd6075565d5e4140
1adfe388b357e79e1f7467a89c7c6286f33839c0bf4718303b4c928a1f2c3d4d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/06/pi-background.png HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/wp-content/uploads/elementor/css/post-6730_ver%3d1699237592.css
Cookie: PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=31536000
expires: Sat, 20 Dec 2025 10:47:59 GMT
content-type: image/png
last-modified: Wed, 06 Mar 2024 11:53:13 GMT
accept-ranges: bytes
content-length: 157983
date: Fri, 20 Dec 2024 10:47:59 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://help.validate-exchange.live/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18536, version 1.0
Size
18 kB (18536 bytes)
Hash
8eff0b8045fd1959e117f85654ae7770
227fee13ceb7c410b5c0bb8000258b6643cb6255
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

HTTP Headers

GET /s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://help.validate-exchange.live
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18536
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Dec 2024 19:08:18 GMT
expires: Sat, 13 Dec 2025 19:08:18 GMT
cache-control: public, max-age=31536000
age: 574781
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://help.validate-exchange.live/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18588, version 1.0
Size
19 kB (18588 bytes)
Hash
115c2d84727b41da5e9b4394887a8c40
44f495a7f32620e51acca2e78f7e0615cb305781
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

HTTP Headers

GET /s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://help.validate-exchange.live
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18588
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Dec 2024 19:36:55 GMT
expires: Sat, 13 Dec 2025 19:36:55 GMT
cache-control: public, max-age=31536000
age: 573064
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

38 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://help.validate-exchange.live/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 37828, version 1.0
Size
38 kB (37828 bytes)
Hash
50b140b1e97d859d6d0603414f4298ee
500e4872ee1ba9cf89f1ba626d64987b0f9ab5c9
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

HTTP Headers

GET /s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://help.validate-exchange.live
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37828
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Dec 2024 22:43:22 GMT
expires: Sat, 13 Dec 2025 22:43:22 GMT
cache-control: public, max-age=31536000
age: 561877
last-modified: Wed, 06 Nov 2024 17:30:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

38 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://help.validate-exchange.live/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 37828, version 1.0
Size
38 kB (37828 bytes)
Hash
50b140b1e97d859d6d0603414f4298ee
500e4872ee1ba9cf89f1ba626d64987b0f9ab5c9
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

HTTP Headers

GET /s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://help.validate-exchange.live
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37828
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Dec 2024 22:43:22 GMT
expires: Sat, 13 Dec 2025 22:43:22 GMT
cache-control: public, max-age=31536000
age: 561877
last-modified: Wed, 06 Nov 2024 17:30:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET validatepimainnet.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js

34.76.205.124

404 Not Found

0 B

URL GET HTTP/2
validatepimainnet.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP
34.76.205.124:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjectvalidatepimainnet.com
Fingerprint0E:8F:62:C5:DE:F9:9D:43:91:D5:7D:49:A8:2F:5C:A1:4C:FA:9D:A1
ValiditySat, 14 Dec 2024 17:37:38 GMT - Fri, 14 Mar 2025 17:37:37 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: validatepimainnet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
alt-svc: h3=":443"; ma=2592000
server: Caddy
content-length: 0
date: Fri, 20 Dec 2024 10:47:59 GMT
X-Firefox-Spdy: h2

GET validatepimainnet.com/wp-content/plugins/elementor/assets/js/video.d86bfd0676264945e968.bundle.min.js

34.76.205.124

404 Not Found

0 B

URL GET HTTP/2
validatepimainnet.com/wp-content/plugins/elementor/assets/js/video.d86bfd0676264945e968.bundle.min.js
IP
34.76.205.124:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjectvalidatepimainnet.com
Fingerprint0E:8F:62:C5:DE:F9:9D:43:91:D5:7D:49:A8:2F:5C:A1:4C:FA:9D:A1
ValiditySat, 14 Dec 2024 17:37:38 GMT - Fri, 14 Mar 2025 17:37:37 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/video.d86bfd0676264945e968.bundle.min.js HTTP/1.1
Host: validatepimainnet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
alt-svc: h3=":443"; ma=2592000
server: Caddy
content-length: 0
date: Fri, 20 Dec 2024 10:47:59 GMT
X-Firefox-Spdy: h2

GET validatepimainnet.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js

34.76.205.124

404 Not Found

0 B

URL GET HTTP/2
validatepimainnet.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP
34.76.205.124:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjectvalidatepimainnet.com
Fingerprint0E:8F:62:C5:DE:F9:9D:43:91:D5:7D:49:A8:2F:5C:A1:4C:FA:9D:A1
ValiditySat, 14 Dec 2024 17:37:38 GMT - Fri, 14 Mar 2025 17:37:37 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: validatepimainnet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
alt-svc: h3=":443"; ma=2592000
server: Caddy
content-length: 0
date: Fri, 20 Dec 2024 10:47:59 GMT
X-Firefox-Spdy: h2

GET help.validate-exchange.live/wp-content/themes/salient/css/fonts/icomoon_v%3d1.3.woff

198.12.92.243

200 OK

21 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/themes/salient/css/fonts/icomoon_v%3d1.3.woff
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
Web Open Font Format, TrueType, length 21132, version 1.0
Size
21 kB (21132 bytes)
Hash
a6e8ac33c6ef9d3273f1a2e7742575d8
f658531381d0a1499015bf91ebc78065a70e14f2
76ad1aa3269754174ec80a4a0c9874814da636cf00d5e38ea8fef6b983ab84d5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/salient/css/fonts/icomoon_v%3d1.3.woff HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/wp-content/themes/salient/css/build/style_ver%3d15.0.css
Cookie: PHPREFS=full
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 27 Dec 2024 10:47:59 GMT
content-type: font/woff
last-modified: Wed, 06 Mar 2024 11:53:13 GMT
accept-ranges: bytes
content-length: 21132
date: Fri, 20 Dec 2024 10:47:59 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2

198.12.92.243

200 OK

78 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261
Size
78 kB (78196 bytes)
Hash
e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min_ver%3d5.15.3.css
Cookie: PHPREFS=full
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 27 Dec 2024 10:47:59 GMT
content-type: font/woff2
last-modified: Wed, 06 Mar 2024 11:53:14 GMT
accept-ranges: bytes
content-length: 78196
date: Fri, 20 Dec 2024 10:47:59 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2

198.12.92.243

200 OK

77 kB

URL GET HTTP/3
help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261
Size
77 kB (76764 bytes)
Hash
f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min_ver%3d3.14.0.css
Cookie: PHPREFS=full
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 27 Dec 2024 10:47:59 GMT
content-type: font/woff2
last-modified: Wed, 06 Mar 2024 11:53:14 GMT
accept-ranges: bytes
content-length: 76764
date: Fri, 20 Dec 2024 10:47:59 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET help.validate-exchange.live/favicon.ico

198.12.92.243

404 Not Found

1.3 kB

URL GET HTTP/3
help.validate-exchange.live/favicon.ico
IP
198.12.92.243:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://help.validate-exchange.live/
Certificate
IssuerLet's Encrypt
Subjecthelp.validate-exchange.live
FingerprintE6:C8:B4:A7:31:A8:6A:CD:99:50:E3:36:A3:70:8F:B3:56:75:13:AE
ValidityWed, 30 Oct 2024 04:24:25 GMT - Tue, 28 Jan 2025 04:24:24 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
1.3 kB (1251 bytes)
Hash
8150f458ed6fb9b1db4e5cfa57a1a281
6e5726854d28687b560d7fdcb5c782c425c7dfb9
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: help.validate-exchange.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Cookie: PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1251
date: Fri, 20 Dec 2024 10:48:00 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET userstatics.com/get/script.js?referrer=https://help.validate-exchange.live/

172.67.208.186

200 OK

133 B

URL GET HTTP/2
userstatics.com/get/script.js?referrer=https://help.validate-exchange.live/
IP
172.67.208.186:443
ASN
#13335 CLOUDFLARENET

Requested by
https://help.validate-exchange.live/
Certificate
IssuerGoogle Trust Services
Subjectuserstatics.com
FingerprintBA:8B:40:8A:B3:BD:54:28:C4:05:8D:9A:41:0E:9E:29:82:F5:9E:34
ValidityTue, 19 Nov 2024 18:04:02 GMT - Mon, 17 Feb 2025 18:04:01 GMT

File type
ASCII text, with no line terminators
Size
133 B (133 bytes)
Hash
2255e276ef8c938e459a10dc048d2310
4f5ba737ef53601f4cb9beb82135096c8386c44b
ddfd6c75ca9f7f3fc1a72c0cba800d99d538110c9aaa5215c54ccf2d11e87620

HTTP Headers

GET /get/script.js?referrer=https://help.validate-exchange.live/ HTTP/1.1
Host: userstatics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Dec 2024 10:48:00 GMT
content-type: text/javascript; charset=utf-8
x-powered-by: PHP/8.2.1
access-control-allow-origin: https://help.validate-exchange.live
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a2sNZg7mdtkVwSNDJ6CWpY0jsiCQXleeKZwUBuYYqe8UFcejSPHfqJcwjpZZwLYktbzMBX5Jcp9CFRidxQGzE%2FkWL1N0Ye%2F3WXzrDoTF%2FntXg8ms%2FSLZOAt%2FHeiumcQnblM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f4f0eb7caa1b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6857&min_rtt=645&rtt_var=11672&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3212&recv_bytes=1100&delivery_rate=6611872&cwnd=254&unsent_bytes=0&cid=e50d5aa0899d75a3&ts=130&x=0"
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.4.1

142.250.74.106

200 OK

85 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.4.1
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://help.validate-exchange.live/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint30:E5:7E:29:A5:A1:81:DB:C8:A8:49:80:67:40:12:AB:30:C0:34:8D
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
ASCII text
Size
85 kB (85319 bytes)
Hash
f17eaa019cb87927a4e037c92bf58e85
e8e128d6226d62c7147ac6d0f1011ce5efd030dd
a950b9b3f1d0e3c9d61a3e4a296d93ccc07c66084d5ead00e235b1b7aee47fdc

HTTP Headers

GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.4.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 20 Dec 2024 10:47:58 GMT
date: Fri, 20 Dec 2024 10:47:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CMontserrat%3A700%2C600%2C400%7CCabin%3A700%2C600%2C500%2C400italic%2C400&subset=latin&ver=1687106348

142.250.74.106

200 OK

16 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CMontserrat%3A700%2C600%2C400%7CCabin%3A700%2C600%2C500%2C400italic%2C400&subset=latin&ver=1687106348
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://help.validate-exchange.live/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint30:E5:7E:29:A5:A1:81:DB:C8:A8:49:80:67:40:12:AB:30:C0:34:8D
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
ASCII text
Size
16 kB (16172 bytes)
Hash
66002270a0e278d41d98781ff222d86d
963f9e77ff80815a6c09b42ae8f129d281723462
4867ab6313f1748890c950a7a6d89dbc25eb5038480dc726665263825ece480e

HTTP Headers

GET /css?family=Roboto%3A400%2C500%7CMontserrat%3A700%2C600%2C400%7CCabin%3A700%2C600%2C500%2C400italic%2C400&subset=latin&ver=1687106348 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help.validate-exchange.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 20 Dec 2024 10:47:58 GMT
date: Fri, 20 Dec 2024 10:47:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (27)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML