Overview

URL armo.sk/system/logs/87h754.exe
IP37.9.175.22
ASNAS51013 Websupport s.r.o.
Location Slovakia
Report completed2019-05-24 14:03:38 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-05-24 2 armo.sk/system/logs/87h754.exe Malware
2019-05-24 2 armo.sk/system/logs/87h754.exe Malware
2019-05-24 2 armo.sk/wp-includes/js/wp-emoji-release.min.js?ver=5.1.1 Malware
2019-05-24 2 armo.sk/wp-content/plugins/woocommerce-lightbox/assets/css/main.css?ver=1.0 Malware
2019-05-24 2 armo.sk/wp-content/plugins/woocommerce/assets/css/blocks/style.css?ver=3.6.3 Malware
2019-05-24 2 armo.sk/wp-content/plugins/woocommerce-lightbox/assets/css/jquery.fancybox. (...) Malware
2019-05-24 2 armo.sk/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ve (...) Malware
2019-05-24 2 armo.sk/wp-content/themes/betheme/css/layout.css?ver=13.2 Malware
2019-05-24 2 armo.sk/wp-content/themes/betheme/css/shortcodes.css?ver=13.2 Malware
2019-05-24 2 armo.sk/wp-content/themes/betheme/assets/animations/animations.min.css?ver=13.2 Malware
2019-05-24 2 armo.sk/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=13.2 Malware
2019-05-24 2 armo.sk/wp-content/themes/betheme/style.css?ver=13.2 Malware
2019-05-24 2 armo.sk/wp-content/themes/betheme/css/base.css?ver=13.2 Malware
2019-05-24 2 armo.sk/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.cs (...) Malware
2019-05-24 2 armo.sk/wp-content/themes/betheme/css/responsive.css?ver=13.2 Malware
2019-05-24 2 armo.sk/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 Malware
2019-05-24 2 armo.sk/wp-includes/js/jquery/jquery.js?ver=1.12.4 Malware
2019-05-24 2 armo.sk/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 Malware
2019-05-24 2 armo.sk/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.mi (...) Malware
2019-05-24 2 armo.sk/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.3 Malware
2019-05-24 2 armo.sk/wp-content/themes/betheme/fonts/mfn-icons.woff?3416171 Malware
2019-05-24 2 armo.sk/wp-content/themes/betheme/js/parallax/translate3d.js?ver=13.2 Malware
2019-05-24 2 armo.sk/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=13.2 Malware
2019-05-24 2 armo.sk/wp-content/themes/betheme/assets/animations/animations.min.js?ver=13.2 Malware
2019-05-24 2 armo.sk/wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4 Malware
2019-05-24 2 armo.sk/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4 Malware
2019-05-24 2 armo.sk/wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4 Malware
2019-05-24 2 armo.sk/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 37.9.175.22

Date UQ / IDS / BL URL IP
2019-06-09 01:28:06 +0200
0 - 0 - 102 realistickeportrety.sk/wp-admin/js/Scan/Jdbum (...) 37.9.175.22
2019-05-29 14:59:35 +0200
0 - 2 - 2 realistickeportrety.sk/wp-content/parts_servi (...) 37.9.175.22
2019-05-26 20:02:33 +0200
0 - 0 - 100 realistickeportrety.sk/Inv/87547218524040/sca (...) 37.9.175.22
2019-05-24 12:23:21 +0200
0 - 0 - 17 armo.sk/system/logs/87h754.exe 37.9.175.22
2019-05-15 12:32:23 +0200
0 - 1 - 26 armo.sk/system/logs/87h754.exe 37.9.175.22
2019-05-12 16:51:53 +0200
0 - 0 - 100 realistickeportrety.sk/Inv/87547218524040/sca (...) 37.9.175.22
2019-03-21 22:10:31 +0100
0 - 0 - 4 ekooluxpersonals.com/ 37.9.175.22
2019-03-02 11:55:59 +0100
0 - 0 - 111 realistickeportrety.sk/at_t/1fzshinhym_vtqazn (...) 37.9.175.22
2019-03-02 10:04:08 +0100
0 - 0 - 110 www.realistickeportrety.sk/at_t/1fzshinhym_vt (...) 37.9.175.22
2019-02-18 07:59:25 +0100
0 - 0 - 3 klbecko.sk/interierove-dvere-namieru/41-posuv (...) 37.9.175.22

Last 10 reports on ASN: AS51013 Websupport s.r.o.

Date UQ / IDS / BL URL IP
2019-06-16 07:40:43 +0200
0 - 0 - 0 jysro.com 37.9.175.13
2019-06-14 20:53:08 +0200
0 - 0 - 0 jysro.com 37.9.175.13
2019-06-10 20:52:48 +0200
1 - 1 - 1 delicate-flower.com/speak/aboutsite.html 37.9.175.6
2019-06-10 18:13:56 +0200
0 - 0 - 2 footballhacker.com/wp-includes/js/jquery 37.9.175.4
2019-06-10 18:03:24 +0200
0 - 1 - 2 beflaire.eazy.sk/wp-includes/jgmh-hwm1v-xhcar.view 37.9.175.13
2019-06-10 18:03:12 +0200
0 - 0 - 1 beflaire.eazy.sk/ 37.9.175.13
2019-06-10 16:51:01 +0200
0 - 0 - 5 mp3hudba.sk/stahuj-29689-richie_l_richiel_amb (...) 37.9.175.14
2019-06-10 16:50:55 +0200
0 - 0 - 5 mp3hudba.sk/stahuj-13126-sonic_youth_diamond_ (...) 37.9.175.14
2019-06-10 16:43:04 +0200
0 - 0 - 5 mp3hudba.sk/stahuj-29963-wixels_satisfaction_ (...) 37.9.175.14
2019-06-10 16:40:08 +0200
0 - 0 - 5 mp3hudba.sk/stahuj-19610-basshunter_evil_beat.html 37.9.175.14

Last 6 reports on domain: armo.sk

Date UQ / IDS / BL URL IP
2019-05-24 12:23:21 +0200
0 - 0 - 17 armo.sk/system/logs/87h754.exe 37.9.175.22
2019-05-15 12:32:23 +0200
0 - 1 - 26 armo.sk/system/logs/87h754.exe 37.9.175.22
2019-02-08 23:48:43 +0100
0 - 0 - 34 armo.sk/ 37.9.175.22
2019-02-05 06:15:26 +0100
0 - 0 - 19 armo.sk/ 37.9.175.22
2018-12-06 16:54:46 +0100
0 - 0 - 19 armo.sk/system/logs/87h754.exe 37.9.175.22
2018-10-01 17:04:55 +0200
0 - 1 - 19 armo.sk/system/logs/87h754.exe 37.9.175.22


JavaScript

Executed Scripts (16)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (65)


Request Response
                                        
                                            GET /system/logs/87h754.exe HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         37.9.175.22
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:05 GMT
Content-Length: 0
Connection: keep-alive
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-transform, no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://armo.sk/system/logs/87h754.exe
Referrer-Policy: no-referrer-when-downgrade


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         151.139.128.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 May 2019 12:03:05 GMT
Accept-Ranges: bytes
Last-Modified: Sat, 18 May 2019 01:37:33 GMT
Server: Apache
Etag: 9DEC020BE4AC284F0130603FDAB2D6D005B32BC6
Cache-Control: max-age=412616,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp3
X-HW: 1558699385.cds024.sk1.h2,1558699385.cds057.sk1.c
Connection: keep-alive
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    9df2bfd956d7d57065cbf4e24155d171
Sha1:   9dec020be4ac284f0130603fdab2d6d005b32bc6
Sha256: 208e87687c896a5fbfa880268681030f651253894eaa94a00ae25b5513cc00a7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         151.139.128.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 May 2019 12:03:05 GMT
Accept-Ranges: bytes
Last-Modified: Mon, 20 May 2019 00:14:19 GMT
Server: Apache
Etag: C97EBD447FD751BB0E959C4114034B73A4902DC7
Cache-Control: max-age=377613,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp1
X-HW: 1558699385.cds024.sk1.h2,1558699385.cds041.sk1.c
Connection: keep-alive
Content-Length: 727


--- Additional Info ---
Magic:  data
Size:   727
Md5:    c2f8a45a7fbdae1a6f71bf0e2daa342d
Sha1:   c97ebd447fd751bb0e959c4114034b73a4902dc7
Sha256: 58b755fcfdc058a78ddbb161fb9f12878d80f87d7470114a7c21a115529bd59f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         151.139.128.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 May 2019 12:03:05 GMT
Accept-Ranges: bytes
Last-Modified: Mon, 20 May 2019 00:14:19 GMT
Server: Apache
Etag: B28036B955E4CA1762081A1AF0E42A1E36D5D020
Cache-Control: max-age=377613,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp2
X-HW: 1558699385.cds018.sk1.h2,1558699385.cds047.sk1.c
Connection: keep-alive
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    203c7eaa4ebfe22a4089fa52c66fe2b2
Sha1:   b28036b955e4ca1762081a1af0e42a1e36d5d020
Sha256: a5aa96572ab1c08864ad9bec09e13b6df5e52f6625d2c60442b766d53ede1806
                                        
                                            GET /system/logs/87h754.exe HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         37.9.175.22
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-transform, no-cache, must-revalidate, max-age=0
Link: <https://armo.sk/wp-json/>; rel="https://api.w.org/"
Referrer-Policy: no-referrer-when-downgrade
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   13428
Md5:    3382e4591453b60a7133c5ad0ecb7d00
Sha1:   78a4a8fddedf4b28d14dfbcbfe9fe06aaee5d0c8
Sha256: c394a942664f4ebb4e0213542360a0e8dd9bd3c49cd8f0ce45cb7b7b6e3ab607

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 May 2019 12:03:07 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   471
Md5:    6f4befe78a1e656e3df2ac36f46ec3b8
Sha1:   444289f50e97e2ef339e52163c6294d8b818b49b
Sha256: 13029145eda83cb9e2ef36e5eccfd1e73e51433397ddd9c9a61aeb80e5519aa1
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 May 2019 12:03:07 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    5be872b3fe0bb6f31385f91f811e9586
Sha1:   1192231bcb9ee73e9f619d433cdb66dddd9ae7f7
Sha256: db0ad6191770bff9043482b68acf62a4e25d4390a03274cfbe413675dd8c9cf5
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         172.217.20.46
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Fri, 24 May 2019 10:40:49 GMT
Expires: Fri, 24 May 2019 12:40:49 GMT
Last-Modified: Thu, 02 May 2019 01:33:03 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 17779
Cache-Control: public, max-age=7200
Age: 4938
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   17779
Md5:    348fbdd6c0fd83acfd390fa9cc127596
Sha1:   252099e50f60c46d3a16264edc93007ef333a660
Sha256: 5874a897424027f25efdc7142d4d8a4341d9a9f6362ac79bead10db6356dae2b
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 May 2019 12:03:08 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   471
Md5:    a136b469190594c4ca55b9f8f436e9e9
Sha1:   b0044e7bec7bf11cb13cb3d9fe2293bfcb45fe53
Sha256: 8607414796d3b4a941cad995662addce52979c4ee485b2c162fa68190d65ef3d
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=5.1.1 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:07 GMT
Content-Length: 4388
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Tue, 26 Feb 2019 18:39:22 GMT
Etag: "2f02-582d060318c00-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Sat, 23 May 2020 12:03:07 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4388
Md5:    9485790a43704a2b24f7937f9bb60dd4
Sha1:   a8d3b551c2fd8fb6e02f80d4d7d8a5d240667202
Sha256: 2f5a5c36b845b3e8c4583884b8e487f6f62c2347df7d1960c4cb463d12df788d

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /r/collect?v=1&_v=j75&a=1144181053&t=pageview&_s=1&dl=https%3A%2F%2Farmo.sk%2Fsystem%2Flogs%2F87h754.exe&ul=en-us&de=UTF-8&dt=Str%C3%A1nka%20nebola%20n%C3%A1jden%C3%A1%20-%20ARMO-SK%20s.r.o.%20-%20%C5%A0IJACIE%20STROJE&sd=24-bit&sr=1176x885&vp=1176x754&je=1&fl=10.0%20r45&_u=IEBAAEQ~&jid=229338303&gjid=1014704993&cid=209535511.1558699388&tid=UA-8433874-1&_gid=169186408.1558699388&_r=1&z=639815706 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         172.217.20.46
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8433874-1&cid=209535511.1558699388&jid=229338303&_gid=169186408.1558699388&gjid=1014704993&_v=j75&z=639815706
Access-Control-Allow-Origin: *
Date: Fri, 24 May 2019 12:03:08 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Server: Golfe2
Content-Length: 415
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  HTML document text
Size:   415
Md5:    b26b7f11fed2aa263a4c4dd93b96078c
Sha1:   bc8e40c73340010073b4da6bd060704034fe4794
Sha256: 6bee2ecacb2350c21239462db9a2f4e68c6cf4cd5dd3fc4925b329bb0b3a786e
                                        
                                            GET /css?family=Alegreya+Sans&ver=5.1.1 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         216.58.207.234
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Fri, 24 May 2019 12:03:08 GMT
Date: Fri, 24 May 2019 12:03:08 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   210
Md5:    2d0591cb9d5698199707af5eacab1824
Sha1:   1bdf5f799a4506606076b4313bee7cf510c68126
Sha256: ee4c9db2b04085017d97b468b0c8f5b0c08a6dddbfaa8bc94341f8e783aac680
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=5.1.1 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:08 GMT
Content-Length: 4258
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Tue, 26 Feb 2019 18:39:22 GMT
Etag: "629a-582d060310f01-gzip"
Cache-Control: max-age=31536000
Expires: Sat, 23 May 2020 07:37:00 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4258
Md5:    5e71e1a3c3df9c07f16076e1372016b8
Sha1:   6d054f2291f0999a1fc673bec8fdadf0cbbd9458
Sha256: fc12dab9d762325806c12d1fb3c6c4f839ae3be5dba4554acc338b6a275f219b
                                        
                                            GET /wp-content/plugins/woocommerce-lightbox/assets/css/main.css?ver=1.0 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:08 GMT
Content-Length: 2022
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Fri, 17 May 2019 15:34:12 GMT
Etag: "2a2c-589171d4c9586-gzip"
Cache-Control: max-age=31536000
Expires: Fri, 22 May 2020 02:18:13 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2022
Md5:    0bc4ae68beffec2ce0dc6731da411dfc
Sha1:   0004c473c02b047b762e4f1c6201265f9bb0855f
Sha256: f3124d6d84bec6e8e1572c307aa86767157a79f69aa27e5992c5f8996b4c7f36

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/woocommerce-lightbox/assets/css/magnific-popup.css?ver=1.0 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:08 GMT
Content-Length: 1950
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Fri, 17 May 2019 15:34:12 GMT
Etag: "1e6d-589171d4c9586-gzip"
Cache-Control: max-age=31536000
Expires: Fri, 22 May 2020 20:33:32 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1950
Md5:    940d74755e5536d09c7fa9eb66372652
Sha1:   d1d8b8238f080fdedd4015c7da81675c62a802c6
Sha256: 69a629f67d38a1a75391be1ba82c5756821d6bf7aa135e800ec88c679d716621
                                        
                                            GET /wp-content/plugins/woocommerce/assets/css/blocks/style.css?ver=3.6.3 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:08 GMT
Content-Length: 933
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Mon, 20 May 2019 13:26:01 GMT
Etag: "18da-58951ac6afa47-gzip"
Cache-Control: max-age=31536000
Expires: Sat, 23 May 2020 07:37:27 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   933
Md5:    276cc536b64fe959b5001e8b9c50f65e
Sha1:   1881895bc3c2faa3e0f0c324cb403a77a6840659
Sha256: 8ff7bfd301d0d66f404762b57511af662c1e8c9d4b7dfc2103d6dd36c6c97110

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.3 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:08 GMT
Content-Length: 651
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Mon, 20 May 2019 13:06:22 GMT
Etag: "695-5895166267ea9-gzip"
Cache-Control: max-age=31536000
Expires: Sat, 23 May 2020 07:37:27 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   651
Md5:    f026e73e8b072cc3ae1491702b9c491a
Sha1:   5cf262adbd7a8a0d067230081688c0f8fe6c36f8
Sha256: c2340e9fff602440a6a9daadf0e90fc5eb265bd6fbd495d77d7891a303575b29
                                        
                                            GET /wp-content/plugins/woocommerce-lightbox/assets/css/jquery.fancybox.min.css?ver=5.1.1 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:08 GMT
Content-Length: 2439
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Fri, 17 May 2019 15:34:12 GMT
Etag: "28b8-589171d4c9586-gzip"
Cache-Control: max-age=31536000
Expires: Sat, 23 May 2020 07:37:27 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2439
Md5:    a4f4eacd10681e19454d9301379254e1
Sha1:   78efe167c0496743a5b0784e0b37216cbe1cfbe3
Sha256: 5f6f46f0a164d944a6c29554aea97027e8056c996ca0bd154c30b1bfef6fe929

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.6.3 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:08 GMT
Content-Length: 2157
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Mon, 20 May 2019 13:26:01 GMT
Etag: "409e-58951ac6b09e7-gzip"
Cache-Control: max-age=31536000
Expires: Sat, 23 May 2020 07:37:27 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2157
Md5:    7e972f6c1b2623731f8a00bac6c27b89
Sha1:   c74dbad6d727697f8a479e8928da654273abdc4b
Sha256: 56a3d5d9f218531f5135906f5c15990ae8a70bd8d09abe40588bab417504ee8e

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.6.3 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:08 GMT
Content-Length: 8810
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Mon, 20 May 2019 13:26:01 GMT
Etag: "f47a-58951ac6b38c7-gzip"
Cache-Control: max-age=31536000
Expires: Thu, 21 May 2020 16:14:23 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   8810
Md5:    1d0ad2bc538ac2d54d55271789f30dbd
Sha1:   74036a920ec37374f2df64cec639114158234992
Sha256: 0568c28420c6ce20babaf0bc1a3cb7b4d50c2fc75e6a72c40aa71f892702c9dd
                                        
                                            GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=3.6.3 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:08 GMT
Content-Length: 1055
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Mon, 20 May 2019 13:26:01 GMT
Etag: "1a66-58951ac6b1987-gzip"
Cache-Control: max-age=31536000
Expires: Thu, 21 May 2020 19:42:46 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1055
Md5:    bac3c679da4930209be92b338cb74b7f
Sha1:   1a18633b3aecdcb7146475a1f6a90c58058f9e9b
Sha256: b5b63cee0120e4cf9a183bab0905af9d4fa8712d4afef4d0b7d7c0f914ae26b3
                                        
                                            GET /wp-content/themes/betheme/css/layout.css?ver=13.2 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:08 GMT
Content-Length: 18177
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Thu, 07 Jul 2016 10:42:49 GMT
Etag: "1a106-5370958eb9cac-gzip"
Cache-Control: max-age=31536000
Expires: Sat, 23 May 2020 07:36:55 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   18177
Md5:    67b5c3c1fdff72aceff266da786754bc
Sha1:   703d4ed6f1920b8b8d4ebea1f87ef7537cf4d0a5
Sha256: 43cdb976cc659674472bff6f4c7e3965a34a966d5fb6d80cf8a738e288246c8f

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wp-store-locator/css/styles.min.css?ver=2.2.23 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:08 GMT
Content-Length: 3368
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Mon, 20 May 2019 13:25:29 GMT
Etag: "3a83-58951aa7f66d3-gzip"
Cache-Control: max-age=31536000
Expires: Sat, 23 May 2020 07:37:27 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3368
Md5:    6e976e38293c78f3fecbe2040d309762
Sha1:   772be42cb3f7a76c8fd3501ee447a5ceeed28a0d
Sha256: 5fffc887bffdbe8eba0c2aa723e85adabeb34207939ea8cc3722eb21d39bb795
                                        
                                            GET /wp-content/themes/betheme/css/shortcodes.css?ver=13.2 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:08 GMT
Content-Length: 20160
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Thu, 07 Jul 2016 10:42:50 GMT
Etag: "1ea8c-5370958f17429-gzip"
Cache-Control: max-age=31536000
Expires: Sat, 23 May 2020 07:37:27 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   20160
Md5:    27e8665537d9a750cfa4a83734e5dcc3
Sha1:   cec6c76a1848db8ce23ad2101721229bae0331ca
Sha256: 0c58700b68d0e745b90e7f9e2623dd7ad7810eb92d8e4ed586a9fe0a7d79ac04

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/betheme/assets/animations/animations.min.css?ver=13.2 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:08 GMT
Content-Length: 5418
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Thu, 07 Jul 2016 10:50:19 GMT
Etag: "e48c-5370973c3c217-gzip"
Cache-Control: max-age=31536000
Expires: Sat, 23 May 2020 07:37:27 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5418
Md5:    047b182d86f7800f775fc5e0e6c85d1f
Sha1:   cf5f3e02837f526e2a907987d7cdefee8d078ab4
Sha256: 50722c5b1c407a8443b02aff3a56c6e6f4c3326e12824548afcf644ce89fbc26

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=13.2 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:08 GMT
Content-Length: 3473
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Thu, 07 Jul 2016 10:50:20 GMT
Etag: "4c9b-5370973cf33cd-gzip"
Cache-Control: max-age=31536000
Expires: Sat, 23 May 2020 07:37:27 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3473
Md5:    e8960a61898158480981ea4efab8fcb3
Sha1:   f762c30e07d48b299ba2098b8c556f96515f9137
Sha256: ffc68a85b2957da61e569280deac40cb852ef83f9c75527b92a2d4df39f75015

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/betheme/assets/prettyPhoto/prettyPhoto.css?ver=13.2 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:08 GMT
Content-Length: 2724
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Thu, 07 Jul 2016 10:50:20 GMT
Etag: "47d4-5370973cd8776-gzip"
Cache-Control: max-age=31536000
Expires: Sat, 23 May 2020 07:37:27 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2724
Md5:    09773704c9224b9466fa2bb3d62ad9a5
Sha1:   81c998311e8e3ead5880e869d21f7536b18c43d9
Sha256: 8e2b5d9f26f7da6f53565b208f4acf21268d9eaabc65e26aa81449253cf63084
                                        
                                            GET /wp-content/themes/betheme/style.css?ver=13.2 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:08 GMT
Content-Length: 197
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Thu, 07 Jul 2016 10:40:40 GMT
Etag: "11a-53709513314aa-gzip"
Cache-Control: max-age=31536000
Expires: Sat, 23 May 2020 07:37:27 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   197
Md5:    0f2a4667577aa3a8a6e5d2aaab128604
Sha1:   94728fa7dd1e273b9529c33be6848ea00e014e5c
Sha256: 0d20c5925123d502f784b5031835024571f3d89bb9531b364bc5e8fb1a2afb0a

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/betheme/css/base.css?ver=13.2 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:08 GMT
Content-Length: 10356
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Thu, 07 Jul 2016 10:42:49 GMT
Etag: "bfa8-5370958eb5cdc-gzip"
Cache-Control: max-age=31536000
Expires: Sat, 23 May 2020 07:37:27 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   10356
Md5:    ebbed0f59becf811d384fbcc2369a9c6
Sha1:   fcec09b025aa08394f79717abe67af57548d570d
Sha256: 8fa7504e1bd1bdc6eecc8bcce1f4bedf3274dbcd10f63161381734aef5e87052

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=13.2 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:08 GMT
Content-Length: 2146
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Thu, 07 Jul 2016 10:52:47 GMT
Etag: "27a1-537097c88aa88-gzip"
Cache-Control: max-age=31536000
Expires: Sat, 23 May 2020 07:37:27 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2146
Md5:    57af2bb1e4db675d0af96ff80b2c4c1c
Sha1:   cef33b72fbcece63f3f42741d94758642e153aaf
Sha256: e28401aa4628d1ce9785ae46ae920f25d0cd8d3e50874c5bffc11d403fe807d0

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/betheme/css/responsive.css?ver=13.2 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:08 GMT
Content-Length: 10195
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Thu, 07 Jul 2016 10:42:49 GMT
Etag: "e431-5370958ee98fb-gzip"
Cache-Control: max-age=31536000
Expires: Sat, 23 May 2020 07:37:27 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   10195
Md5:    9b5f186763b6ed936fc138918ff2560b
Sha1:   a8d36186836600690b819ea8f744eb90db0b48af
Sha256: 221d3cdafda92ccb6cdcb9b2775594fbb77bb00da74cba57ecb9d041898099a6

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/betheme/css/woocommerce.css?ver=13.2 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:08 GMT
Content-Length: 5925
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Thu, 07 Jul 2016 10:42:50 GMT
Etag: "8771-5370958f1cd1d-gzip"
Cache-Control: max-age=31536000
Expires: Sat, 23 May 2020 07:37:27 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5925
Md5:    39cee2f1cc8601890518bb86185c8766
Sha1:   c0647fca02b6c452130fedbe20353789863c38f7
Sha256: c7617618d87b2caea8e890e1c3b324686384687ece0eeffa939545a38e19c81c
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 May 2019 12:03:08 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   471
Md5:    6a390342c55f0747a4ba9b5cdd0f7cd7
Sha1:   25eb74fb1683a8b59b86bc5de8ff70cf06a77fac
Sha256: 21be17a6c67d582b5d012806b8ff30309d0f456fd98b8e64ab3d834c6a4def0c
                                        
                                            GET /wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.9.2 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:08 GMT
Content-Length: 335
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Tue, 12 Feb 2019 16:56:26 GMT
Etag: "5cf-581b54e49a78a-gzip"
Cache-Control: max-age=31536000
Expires: Fri, 22 May 2020 09:14:29 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   335
Md5:    c95478c77513b8220c7e92d48296fdea
Sha1:   2bc1df3797b77022d9ed7ab2e5c91d8b35e7a933
Sha256: 81449fb658de0ff4f702fb7129861dd9333bc6f3d4e3b79d1e4e1beba52d1d5f
                                        
                                            GET /wp-content/plugins/woocommerce-lightbox/assets/js/jquery.magnific-popup.min.js?ver=1.0 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:08 GMT
Content-Length: 7687
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Fri, 17 May 2019 15:34:12 GMT
Etag: "5297-589171d4c9586-gzip"
Cache-Control: max-age=31536000
Expires: Sat, 23 May 2020 07:37:27 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   7687
Md5:    65c47d1ebb4407f2de1e06c1c5a78611
Sha1:   09550b46c5c3687fcc661a781188ca325c6e37f6
Sha256: ef98dc596358a97005d604dd239f2e2aa94f7869b35ba1d29c7eb3aca775319b
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:08 GMT
Content-Length: 4014
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Thu, 07 Jul 2016 10:58:59 GMT
Etag: "2748-5370992c05c8e-gzip"
Cache-Control: max-age=31536000
Expires: Sat, 23 May 2020 05:42:40 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4014
Md5:    a6c81e2f02bd04160d2de88c4e8f3559
Sha1:   e3f3c91427d785820ca97dabe738f01faf041f36
Sha256: b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:08 GMT
Content-Length: 33766
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Tue, 26 Feb 2019 18:39:22 GMT
Etag: "17b9f-582d06031bae0-gzip"
Cache-Control: max-age=31536000
Expires: Sat, 23 May 2020 07:37:27 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   33766
Md5:    ed4b26f09b9c4f4452a7edf9ba6acf98
Sha1:   7dd55dd1775c06dced30d252a273d021b5ab1b35
Sha256: 161d50f181043aea3b29b895db9629a21f56b224a6ea966fbd3e6fbb26ecfb39

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8433874-1&cid=209535511.1558699388&jid=229338303&_gid=169186408.1558699388&gjid=1014704993&_v=j75&z=639815706 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         64.233.165.155
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8433874-1&cid=209535511.1558699388&jid=229338303&_v=j75&z=639815706
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Date: Fri, 24 May 2019 12:03:17 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Server: Golfe2
Content-Length: 363
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  HTML document text
Size:   363
Md5:    0cd93738236d079e17b38c83f41aeb58
Sha1:   db7157d48bfc6e8a4ff7e5777a8c4036d78de7b8
Sha256: 796ff74583619156b334ae7440dd2619e1840dcff40250af3ed6ebf6c1b48bb0
                                        
                                            GET /wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe
Cookie: _ga=GA1.2.209535511.1558699388; _gid=GA1.2.169186408.1558699388; _gat=1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2018/08/logo-ARMO-SK-velky-kruh.jpg HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:08 GMT
Content-Length: 721069
Connection: keep-alive
Last-Modified: Wed, 22 Aug 2018 15:44:18 GMT
Etag: "b00ad-5740803f977a5"
Cache-Control: max-age=31536000
Expires: Sat, 23 May 2020 00:50:17 GMT
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.6.3 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe
Cookie: _ga=GA1.2.209535511.1558699388; _gid=GA1.2.169186408.1558699388; _gat=1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe
Cookie: _ga=GA1.2.209535511.1558699388; _gid=GA1.2.169186408.1558699388; _gat=1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /gtm.js?id=GTM-W3XMHM HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.3 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe
Cookie: _ga=GA1.2.209535511.1558699388; _gid=GA1.2.169186408.1558699388; _gat=1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /58187c25c7829d0cd36f19ee/default HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /wp-content/themes/betheme/fonts/mfn-icons.woff?3416171 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/wp-content/themes/betheme/css/base.css?ver=13.2
Cookie: _ga=GA1.2.209535511.1558699388; _gid=GA1.2.169186408.1558699388; _gat=1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /pagead/conversion.js HTTP/1.1 
Host: www.googleadservices.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /wp-includes/js/wp-embed.min.js?ver=5.1.1 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe
Cookie: _ga=GA1.2.209535511.1558699388; _gid=GA1.2.169186408.1558699388; _gat=1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /wp-content/themes/betheme/js/scripts.js?ver=13.2 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe
Cookie: _ga=GA1.2.209535511.1558699388; _gid=GA1.2.169186408.1558699388; _gat=1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /wp-content/themes/betheme/js/parallax/translate3d.js?ver=13.2 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe
Cookie: _ga=GA1.2.209535511.1558699388; _gid=GA1.2.169186408.1558699388; _gat=1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=13.2 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe
Cookie: _ga=GA1.2.209535511.1558699388; _gid=GA1.2.169186408.1558699388; _gat=1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/betheme/assets/animations/animations.min.js?ver=13.2 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe
Cookie: _ga=GA1.2.209535511.1558699388; _gid=GA1.2.169186408.1558699388; _gat=1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/betheme/js/menu.js?ver=13.2 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe
Cookie: _ga=GA1.2.209535511.1558699388; _gid=GA1.2.169186408.1558699388; _gat=1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /wp-content/themes/betheme/js/plugins.js?ver=13.2 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe
Cookie: _ga=GA1.2.209535511.1558699388; _gid=GA1.2.169186408.1558699388; _gat=1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe
Cookie: _ga=GA1.2.209535511.1558699388; _gid=GA1.2.169186408.1558699388; _gat=1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe
Cookie: _ga=GA1.2.209535511.1558699388; _gid=GA1.2.169186408.1558699388; _gat=1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe
Cookie: _ga=GA1.2.209535511.1558699388; _gid=GA1.2.169186408.1558699388; _gat=1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /s/alegreyasans/v9/5aUz9_-1phKLFgshYDvh6Vwt7Vptuw.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Alegreya+Sans&ver=5.1.1
Origin: https://armo.sk

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe
Cookie: _ga=GA1.2.209535511.1558699388; _gid=GA1.2.169186408.1558699388; _gat=1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 May 2019 12:03:29 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   471
Md5:    8fc4de8885b81f6527a2130beddb903d
Sha1:   e1f7f1641d7d385d019eb74345156e769d1e32b2
Sha256: 8a0aba2ddc4ca2053972b7204a98caa73267eb19fa64134dfdec508a70734b53
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 May 2019 12:03:32 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   471
Md5:    4df703dc9c83186d3007432a60174926
Sha1:   ef8378af33cae98279027a5cc48f1114e210bc36
Sha256: e18b664a969fb26d35cf2bc723631cda3d8d85bda5f844b9ff745020a123a467
                                        
                                            GET /wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 HTTP/1.1 
Host: armo.sk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe
Cookie: _ga=GA1.2.209535511.1558699388; _gid=GA1.2.169186408.1558699388; _gat=1

                                         
                                         37.9.175.22
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: openresty
Date: Fri, 24 May 2019 12:03:32 GMT
Content-Length: 2599
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Wed, 31 Aug 2016 13:17:19 GMT
Etag: "1afc-53b5deab41d14-gzip"
Cache-Control: max-age=31536000
Expires: Sat, 23 May 2020 12:03:32 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2599
Md5:    24ee35ca0d4dd9a145c9410488b1c437
Sha1:   982c556c82123a94f78e806a5e468c94c711193e
Sha256: ca41e151a9594fb5ee401818ac96cc6db69b353e2940478f22ab48ce78a5d3c9

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         151.139.128.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 May 2019 12:03:32 GMT
Accept-Ranges: bytes
Last-Modified: Tue, 21 May 2019 08:11:37 GMT
Server: Apache
Etag: 89F302AC57F647651A762D7C5625A262F51AD49C
Cache-Control: max-age=603411,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp10
X-HW: 1558699412.cds015.sk1.h2,1558699412.cds026.sk1.c
Connection: keep-alive
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    248359fa37e55f42f13fdfed16cf1c70
Sha1:   89f302ac57f647651a762d7c5625a262f51ad49c
Sha256: bfe96e71f529af37182a5a2569311e35a4603be6eb5b6cbbb26f26629b0bca9e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         151.139.128.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 May 2019 12:03:32 GMT
Accept-Ranges: bytes
Last-Modified: Mon, 20 May 2019 00:14:19 GMT
Server: Apache
Etag: 1A274E440D66F0A5088627B4A0789DCF6C8D83B4
Cache-Control: max-age=377613,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp1
X-HW: 1558699412.cds015.sk1.h2,1558699412.cds043.sk1.c
Connection: keep-alive
Content-Length: 727


--- Additional Info ---
Magic:  data
Size:   727
Md5:    ce6e4e9158df6b8f24a9f9ec15f7813f
Sha1:   1a274e440d66f0a5088627b4a0789dcf6c8d83b4
Sha256: 1d3465a62fff0b9ef605cf5bc0ed63b202efdd537db47e24bba0df82f2ea4ccb
                                        
                                            GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8433874-1&cid=209535511.1558699388&jid=229338303&_v=j75&z=639815706 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://armo.sk/system/logs/87h754.exe

                                         
                                         216.58.207.228
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Fri, 24 May 2019 12:03:32 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Location: https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8433874-1&cid=209535511.1558699388&jid=229338303&_v=j75&z=639815706&slf_rd=1&random=2013135008
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---